-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Mike,
Monday, September 22, 2003, 5:47:27 PM, you wrote: MK> For me spam is sex, drugs/pharmacies, nigerian bank proposals, etc Agreed. And if your test had mentioned P...rn, V...gra, pen...ses or brea...ts, nigerian banks and millions of dollars, that would likely have been a good test, since it would have hit more than one spam. The main reason I believe your test email didn't hit is because it was too simple -- it hit one or two rules, and no others. Spammers need to convince people to do something, and to do so they generally use a lot more text, and a lot more variation in their text. They therefore it a lot more rules. It's for this reason that there's a class of spam which causes real problems for SA 2.55 or older -- a spam which contains nothing but a single graphic, and the spam text is all displayed within that graphic (and nothing that can be read by SA without building in OCR capabilities). I'm hoping 2.6 and 2.7 will make some advances in identifying that spam... MK> For myself...I will make it so a single line of "PEN?S ENLARGEMENT" MK> is enough to trigger as spam. For me this is the level of detection I MK> want...I don't need 5 hits...just one. Nobody in corporate america MK> (or any of my friends sending me personal emails or traffic from MK> newsgroups) will EVER be sending me something like this...and if they MK> do (sorry mom...quit forwarding me your crap/jokes/etc.!) it deserves MK> to be deleted. If that's the best way to handle that type of spam for your user group, then do it! Remember, however, that SA also needs to be viable for the medical center which gets reasonable questions about that topic from their clients. I've taken a fair number of default scores and bumped them up myself, notably (my threshold is 9): > score FAKED_UNDISC_RECIPS 6.00 > score FORGED_RCVD_TRAIL 7.00 > score FROM_OFFERS 5.00 > score HGH 9.44 (yes, over my threshold!) > score MICROSOFT_EXECUTABLE 15.00 > score NIGERIAN_BODY 9.10 > score PENIS_ENLARGE 5.00 > score PENIS_ENLARGE2 5.00 > score RATWARE_EGROUPS 9.43 > score REVERSE_AGING 6.21 > score WITH_LC_SMTP 6.25 Over time I modified over 100 scores, but these are the biggies. Bob Menschel -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 iQA/AwUBP2+ospebK8E4qh1HEQLCdACg3qK8h+afaAjS0dHIoSkhTLXbivYAoK7o C/8nCk8ZO4fBS26gbrQ9spY0 =EuGa -----END PGP SIGNATURE----- ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
