Chris wrote:
On Wednesday 26 November 2008 2:18 pm, Lists wrote:
Hi all,
The system here is getting heaps of variations of this night of pleasure
spam. Some is getting stopped by spamassassin but still quite a bit
getting through.
Here is an example of one that only scored low.
http://www.pastebin.ca/1267866
If anybody has time to run it through their system and tell me what t
hit on for them - or if someone knows a ruleset that I could implement
to better stop these it would be much appreciated.
Thanks
Kate
Here is how one I received scores on my stand-alone box:
Content analysis details: (23.6 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.9 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL
[79.52.75.164 listed in zen.spamhaus.org]
3.0 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL
5.0 BAYES_99 BODY: Bayesian spam probability is 99 to 100%
[score: 0.9998]
1.0 RELAYED_BY_DIALUP Sent directly from dynamic IP address
0.4 URI_HEX URI: URI hostname has long hexadecimal sequence
0.0 HTML_MESSAGE BODY: HTML included in message
2.2 DCC_CHECK listed in DCC (http://rhyolite.com/anti-spam/dcc/)
[cpollock 1117; Body=many Fuz1=many]
[Fuz2=many]
10 CLAMAV Clam AntiVirus detected a virus
0.1 RDNS_DYNAMIC Delivered to trusted network by host with
dynamic-looking rDNS
1.0 SAGREY Adds 1.0 to spam from first-time senders
Chris
Hi Chris,
Its interesting you have a CLAMAV entry - I am running clamav and it
didn't list here at all. How is your ClamAV implemented?
Thanks
Kate
