On 2025-06-24 at 07:38:57 UTC-0400 (Tue, 24 Jun 2025 11:38:57 +0000) Lichtinger, Bernhard <bernhard.lichtin...@lrz.de> is rumored to have said:
> Hello, > > I get some false positives with the rule _SCC_HTML_ODDDIV8 from 72_active.cf > because there is no maxhits with this check. That is partly intentional. There was a typo in the rule name: it needs an extra underscore to prevent being scored on its own. I've fixed it in r1926688. I apologize for the FPs, they were entirely unintentional (but see below.) > Some regular mails of our users contain a lot of "<DIV> </DIV>" and > every hit adds some spam points to the mail because of > tflags _SCC_HTML_ODDDIV8 multiple publish There is an error there: the name is supposed to have 2 underscores and there is an additional metarule with a threshold. I missed that because I had a local rule masking it. Fixed now, should be in the rules channel ~Friday. > As a workaround I set my own tflags with maxhits=20 for this check, but > perhaps others have also problems with this rule. Maybe. The metarule requires 10 hits to trigger and that has been a pretty good tactic for me locally. We'll see how it does in RuleQA. Obviously, even with that fix anyone can override it locally. More broadly, this is only one of many rules that notices logically weird markup. I'm not going to argue about whether anyone NEEDS structures like "<DIV> </DIV>" because there is no argument over whether some well-meaning senders USE it. However, smart senders avoid dumb markup. -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo@toad.social and many *@billmail.scconsult.com addresses) Not Currently Available For Hire
signature.asc
Description: OpenPGP digital signature
