Peter Marshall wrote: > I have > > SpamAssassin version 3.0.2 Warning: SpamAssassin 3.0.2 is vulnerable to a remotely exploitable DoS attack. Unless you're using a distro port that has backported fixes, upgrade soon.
Regardless of DoSes, I'd suggest upgrading to 3.1.1, as that version has a working and supported version of sa-update. Also, it doesn't sound like you're using any SARE rules. You might consider trying a few of the sets from: http://www.rulesemporium.com/rules.htm I personally like the stocks, random, obfu and specific rulesets quite a bit. Many also like the oem set, but I have not found that necessary. > auto_learn_threshold_nonspam 1.5 Are you SURE you want your threshold so high? Do you manually correct any mis-learnings this causes? If not, your bayes accuracy could suffer. I personally find even the default of 0.1 insanely too high. I use -0.01, and have added a lot of rules with tiny negative scores to ensure only messages which at least match some criteria have a chance of being autolearned. However, with the default rules as they are, you pretty much can't go negative without adding rules. > I removed my whitelists .. they had user specific info in them. They > were basically for a bunch of hotmail address that were getting marked > as spam. Ok, just make sure you're not using whitelist_from [EMAIL PROTECTED] Spammers WILL get past you if you do this. In general use whitelist_from_rcvd instead of whitelist_from where-ever possible.
