<snip> > > Regarding sa-update, which channels are you using? I'm > currently running on saupdates.openproect.com. Any > suggestions on this subject?
I Use: updates.spamassassin.org 00_FVGT_File001.cf.sare.sa-update.dostech.net 99_FVGT_meta.cf.sare.sa-update.dostech.net 99_FVGT_Tripwire.cf.sare.sa-update.dostech.net 70_sare_adult.cf.sare.sa-update.dostech.net 70_sare_bayes_poison_nxm.cf.sare.sa-update.dostech.net 70_sare_evilnum0.cf.sare.sa-update.dostech.net 70_sare_evilnum1.cf.sare.sa-update.dostech.net 70_sare_evilnum2.cf.sare.sa-update.dostech.net 70_sare_genlsubj.cf.sare.sa-update.dostech.net 70_sare_header.cf.sare.sa-update.dostech.net 70_sare_highrisk.cf.sare.sa-update.dostech.net 70_sare_html.cf.sare.sa-update.dostech.net 70_sare_obfu0.cf.sare.sa-update.dostech.net 70_sare_oem.cf.sare.sa-update.dostech.net 70_sare_random.cf.sare.sa-update.dostech.net 70_sare_specific.cf.sare.sa-update.dostech.net 70_sare_spoof.cf.sare.sa-update.dostech.net 70_sare_stocks.cf.sare.sa-update.dostech.net 70_sare_unsub.cf.sare.sa-update.dostech.net 70_sare_uri.cf.sare.sa-update.dostech.net 70_sare_uri_eng.cf.sare.sa-update.dostech.net 70_sare_whitelist_rcvd.cf.sare.sa-update.dostech.net 70_sare_whitelist_spf.cf.sare.sa-update.dostech.net 72_sare_bml_post25x.cf.sare.sa-update.dostech.net 72_sare_redirect_post3.0.0.cf.sare.sa-update.dostech.net 99_sare_fraud_post25x.cf.sare.sa-update.dostech.net 70_zmi_german.cf.zmi.sa-update.dostech.net Some of these are rather aggressive, but we have very, very few false positives here. And when we do, we simply whitelist the sender so it doesn't happen again. Bret
