Jeremy Morton <ad...@game-point.net> said: > As you can see I've effectively disabled the BAYES_00 rule as it's giving > false credit to a ton of backscatter crud messages, but is there really a > way to block these kinds of backscatter? Is my Bayesian filtering screwed > up? What score does your SA install give for this message?
Content analysis details: (15.4 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 MISSING_MID Missing Message-Id: header
1.9 DATE_IN_PAST_06_12 Date: is 6 to 12 hours before Received: date
2.5 MISSING_HB_SEP Missing blank line between message header and body
0.0 BOTNET_SERVERWORDS Hostname contains server-like substrings
[botnet_serverwords,ip=200.82.82.89,rdns=mail.telam.com.ar]
0.0 BOTNET_SOHO Relay might be a SOHO mail server
[botnet_soho,ip=200.82.82.89,maildomain=telam.com.ar,helo=mail.telam.com.ar]
3.5 RCVD_IN_UCE RBL: RCVD_IN_UCE
[200.82.82.89 listed in dnsbl-1.uceprotect.net]
3.5 RCVD_IN_BARRACUDA RBL: RCVD_IN_BARRACUDA
[200.82.82.89 listed in b.barracudacentral.org]
4.0 RCVD_IN_UCE3 RBL: RCVD_IN_UCE3
[200.82.82.89 listed in dnsbl-3.uceprotect.net]
--
Mark Loeser
email - halcy0n AT gentoo DOT org
email - mark AT halcy0n DOT com
web - http://www.halcy0n.com
pgp5RwcP1vGrb.pgp
Description: PGP signature
