Botnet's score of 5 is meant to say "this message should be quarantined or flagged for review". It's not saying "this message is _definitely_ spam".
Lots of people lower its score to something like 2-3 if they feel it's too aggressive. I keep it at a 5, and have VERY FEW false positives. When I encounter those, I:
1) send email to the postmaster/abuse/hostmaster of the sending mail domain an d sending server (via whois on the IP address), and tell them that they have a DNS problem
2) whitelist the sending IP address And then move on. Cliff Stanford wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I'm still a bit vague on how the SpamAssassin rules fit together but I've noticed that, since upgrading to the latest version, I'm getting a lot of false positives. The common cause seems to be Botnet.cf. Where a server has no reverse DNS, BOTNET_NORDNS scores it as 0.01 but BOTNET adds 5.0 to that. In addition, RDNS_NONE is adding 0.1 so every mail that lacks reverse dns is getting a minimum of 5.1. Is this intended behaviour? Regards, Cliff. - -- Cliff Stanford Might Limited +44 845 0045 666 (Office) Suite 67, Dorset House +44 7973 616 666 (Mobile) Duke Street, Chelmsford, CM1 1TB -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGil+XfNTx9pWyKfwRAmC8AJ45pI4cAdwZb1z+PcYOBDO0nMbiIgCfY0Ac NCcY+rXss72dEeylJAbmLdA= =i67i -----END PGP SIGNATURE-----
