-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Chris,
Friday, July 25, 2003, 7:09:32 AM, you wrote: CS> Well I've done another update on the rules site. Some great rules CS> submitted again. Lots I want to incorporate myself. Agreed. I've captured a few that I've added to my user_prefs. Thanks for indicating who submitted each of the rules -- I've added (source) in my personal copy. CS> I have received a few rules that score points for bounced emails. CS> What is everyone's take on this? CS> Yes bounces can be generated by spam, but for the most part I believe CS> them to be legit. I think it may be dangerous to start scoring CS> bounces. IMHO. I've done my best to identify those bounces which seem to be spam because of the types of bounces. I have not created a rule on the common "no user" situation. I do use bounce rules for three specific types of bounces, and before implementing them I ran them against my personal corpus and verified I have not received any ham which matched those rules. CS> Secondly we never clarified if it was ok to discuss rules here in CS> mass. I can't help it. Seeing all these rules has got me wanting to CS> discuss them, and the posts regarding them will no doubt increase. So CS> shall we continue to use SAtalk? I think we should. Maybe just put CS> [RD] in the subject for rule discussion? [RD] keying suits me just fine. If we should get out of control and need to break off a separate list, I'm willing to offer the mailman facilities at menschel.net, but I hope we'll be able to continue using this list. Friday, July 25, 2003, 11:55:26 AM, Justin Mason wrote: JM> 1. categorise the rules, add descriptions, and tag with the names JM> of who submitted them and (obfuscated) email addresses of that JM> person, so that they can be contacted if we choose to pick 'em up. Agreed. (I added "{RM]" to the end of the description of each rule I submitted last night.) JM> 2. use good names, and use a rule name prefix like "WIKI_" so those JM> rules don't get confused with the default ruleset. There's been some minor discussion on rule naming on the list, and there's some guidelines in the basic SA docs and Matt's HOWTO, but I'd like to see more discussion on how we might be able to standardize these. My personal practice has been to prefix my local rules with L_, follow that by the type of rule (t = to, f = from, s = subject, hr = received, hc = content-type, hx = x-mailer or exists, b = body, bp = body (phone number rule), be = body (email address rule), rb = rawbody, u = URI), and then to follow that with a meaningful or mnemonic name. eg: * L_u_uspronation is a URI rule trapping uspronation.com * L_t_bobbf is a ToCC rule to an old bigfoot.com email address of mine which only receives spam these days * L_f_Allsomething is a From rule where the address begins with "All", blank, something etc. JM> 3. ensure the rules can be scraped easily by automated scripts, JM> e.g. use a common format for the rule lines, and/or surround them JM> with tags, and/or produce "export" pages that contains just the JM> rules, without non-config text. My vote would be for export-only plain text pages with no formatting and no non-rule text. My preferred method of copying rules would be to download the export file, open it in a text editor, surf through the web pages and see which rules are of interest, and then copy/paste from the plain ascii file. JM> 4. figure out some way to do QA! An easy way to do this is to JM> script up something that runs nightly, extracting the rules into a JM> config file (see point 3), running spamassassin --lint on that file JM> to avoid syntax errors, then does a mass-check and hit-frequencies JM> report on the good rules. 4) then dumps that report into another web page where we could see just how good the rules were. That would be beautiful! JM> 5. put up some simple guidelines -- e.g. "avoid single-word rules" JM> etc. I think Matt K's "rule writing HOWTO" is the best set of JM> suggestions here. Actually, I find single-word rules very useful. In addition to my rules for [EMAIL PROTECTED] w0rds, I have rules for casino, tax, names of spam products (eg: DVD-pro or Climatique), Ebay, generic, secrecy, confidential, and wrinkles. They generally have minimal scores (wrinkles, for instance, has 0.3, though Climatique by itself scores at my spam threshold), but enough low scores will push an otherwise FN over my required hits level. Bob Menschel -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 iQA/AwUBPyHs4ZebK8E4qh1HEQLnjACg7WvkYaGxsb4eQ4Z4pwyK6yZBy5YAoOHh JuB7CcJmt3CS9vki05ydCXyO =/DbX -----END PGP SIGNATURE----- ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk