[EMAIL PROTECTED] wrote: > [EMAIL PROTECTED] wrote on 01/03/2004 11:52:41 AM:
Who wrote that? I think you need to double check your quoting machinery! > > Subject: Bug 08378 was submitted by Bob Proulx > > Subject: Bob is out Friday/Monday > > Subject: TWiki - Registration for BobProulx > > Subject: Bob's Task List -- December 2003 > > Maybe it is just a case of bad examples, but most of these, as well as all > the ones below are internal email, not email from the Internet, and so > should never be scanned. The Twiki one came from the Internet. Go register with a twiki wiki somewhere and see for yourself. > Especially for the second examples I believe that subjects that use > your username rather than actual name are almost guaranteed to be > spam if they come from the Internet. You assume it is somehow easy to tell if the message came from the Internet or from the company intranet. That is easy to think that it is easy. But with the current spamassassin-2.61 I don't know of any way to make that determination automatically. With 'trusted_networks' it is certainly possible, however. But corporate mail topography can be obtuse at times too. Remember you can't use logic to understand it, although archeology is useful. But wait, you said make that determination even before getting into SA, such as in procmail or whatever. That is actually even more difficult since it takes quite a bit of detective work. I could run it through a perl script to parse the headers and try to make that determination. But that sounds like a rebuild of SA. > > Subject: Bug 08378 was submitted by rwp > > Subject: autorpm xpm error on cvl-sbcm (rwp doesn't exist) > > Subject: ACTION REQUIRED: Time to Change Your Domain Account Password > > (COL-SPRINGS\RWP) > > Subject: PCO file: endofmsg_term_fix by: rwp I have it easier there, true, since my login name is different and unlikely to be seen by legit mail. But for those of us who chose poorly and our login and real names are subsets of the other do have issues. Typically if spam has these types of subjects they also have other spam signs in the body of the message. So far tagging these accurately has not been a problem for SA. I only posted these examples because I had them handy. And for these real examples quickly found there are undoubtedly many other real examples out in the wild. Bob
pgp00000.pgp
Description: PGP signature
