John Rudd wrote:
Botnet's score of 5 is meant to say "this message should be quarantined
or flagged for review". It's not saying "this message is _definitely_
spam".
In my opinion, this is not quite according to the concept of
SpamAssassin. SA has a bunch of rules that give qualified hints about
the spamminess of a message. One hint alone is never enough, it always
takes some of them until a threshold (5) is crossed and above that the
message is considered spam. The more hints, the higher the spamminess.
This works so good that I trust the hints if the score is above 10.
These messages end up in a very seldomly accessed "sure spam" folder
that is auto-purged. Messages from 5 to 10 gets moved to a "probably
spam" folder that I inspect once a week perhaps. But I always consider
these messages as spam with a solitary false positive that slips there.
The philosophy behind SA suggests this approach, in my opinion.
Botnet doesn't fit this philosophy - its score is way too high and the
false positive probability is also too high to justify that a message is
condemned as spam on one single rule. In my opinion, its default
configuration should be according to SA defaults, so its score should be
something between 1.5 and 3. If the message is spam, other rules most
certainly also hit and push it above 5. If the message is ham, no harm
is done and it is not denounced as spam.
No offense meant - only my point of view.
