i have SA 3.1.x branch head installed with FuzzyOCR 350rc1.
in --lint tests pass w/o error, and image-containing test messages
score as expected.
today, i received a spam msg with an attached gif.
it scored as spam, and was scored/delivered with report headers of,
X-Spam-Status: score=8.6/4.0 autolearn=no
X-Spam-Report:
* 0.5 RELAY_JP Relayed through Japan
* 1.1 EXTRA_MPART_TYPE Header has extraneous Content-type:...type=
entry
* 0.0 DK_POLICY_SIGNSOME Domain Keys: policy says domain signs some
mails
* 1.2 BAYES_40 BODY: Bayesian spam probability is 20 to 40%
* [score: 0.2209]
* 0.0 HTML_MESSAGE BODY: HTML included in message
* 1.2 SARE_GIF_ATTACH FULL: Email has a inline gif
* 0.9 MY_CID_AND_CLOSING SARE cid and closing
* 0.7 MY_CID_AND_STYLE SARE cid and style
* 1.2 MY_CID_ARIAL2_CLOSING SARE cid arial2 closing
* 1.1 MY_CID_ARIAL_STYLE SARE cid arial2 style
* 0.7 MY_CID_AND_ARIAL2 SARE CID and Arial2
note -- *NO* FuzzyOCR tests/score.
if i then submit this same suspect message w,
spamassassin -D -t -x < ./suspect_message
it returns,
Content analysis details: (34.1 points, 4.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.5 RELAY_JP Relayed through Japan
1.1 EXTRA_MPART_TYPE Header has extraneous Content-type:...type= entry
0.0 DK_POLICY_SIGNSOME Domain Keys: policy says domain signs some mails
1.4 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)
[SPF failed: Please see
http://www.openspf.org/why.html?sender=dvabzg%40hvdaawn.nl&ip=222.228.73.146&receiver=my.domcain.com]
1.8 TVD_FW_GRAPHIC_NAME_LONG BODY: TVD_FW_GRAPHIC_NAME_LONG
1.2 BAYES_40 BODY: Bayesian spam probability is 20 to 40%
[score: 0.2209]
2.8 TVD_FW_GRAPHIC_ID1 BODY: TVD_FW_GRAPHIC_ID1
0.0 HTML_MESSAGE BODY: HTML included in message
1.2 SARE_GIF_ATTACH FULL: Email has a inline gif
2.0 PART_CID_STOCK Has a spammy image attachment (by Content-ID)
2.0 PART_CID_STOCK_LESS Has a spammy image attachment (by Content-ID,
more specific)
0.9 MY_CID_AND_CLOSING SARE cid and closing
0.7 MY_CID_AND_STYLE SARE cid and style
1.2 MY_CID_ARIAL2_CLOSING SARE cid arial2 closing
1.1 MY_CID_ARIAL_STYLE SARE cid arial2 style
0.7 MY_CID_AND_ARIAL2 SARE CID and Arial2
16 FUZZY_OCR_KNOWN_HASH BODY: Image with known hash
Words found:
"meridia" in 1 lines
"target" in 1 lines
"symbol" in 1 lines
"price" in 2 lines
"company" in 1 lines
"trade" in 2 lines
"recommendation" in 1
lines
(13.5 word
occurrences found)
which now additionaly INCLUDES the Fuzzyocr tests/scores,
16 FUZZY_OCR_KNOWN_HASH BODY: Image with known hash
as well as,
1.4 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)
1.8 TVD_FW_GRAPHIC_NAME_LONG BODY: TVD_FW_GRAPHIC_NAME_LONG
2.8 TVD_FW_GRAPHIC_ID1 BODY: TVD_FW_GRAPHIC_ID1
given that,
grep focr_autodisable_score FuzzyOcr.cf
focr_autodisable_score 20
why in only one case does FuzzyOcr -- and these other tests -- score?
i've missed something obvious in either my SA or FuzzyOcr config(s), i
presume ... but what might it be?
thanks.
