> Jeremy Morton <ad...@game-point.net> said: > > As you can see I've effectively disabled the BAYES_00 rule as it's giving > > false credit to a ton of backscatter crud messages, but is there really a > > way to block these kinds of backscatter? Is my Bayesian filtering screwed > > up? What score does your SA install give for this message?
On 15.05.09 13:45, Mark Loeser wrote: > Content analysis details: (15.4 points, 5.0 required) > > pts rule name description > ---- ---------------------- -------------------------------------------------- > 0.0 MISSING_MID Missing Message-Id: header > 1.9 DATE_IN_PAST_06_12 Date: is 6 to 12 hours before Received: date > 2.5 MISSING_HB_SEP Missing blank line between message header and body only first three are in stock SA which gives them 4.4 points. And someone apparently played with cores since: score DATE_IN_PAST_06_12 2.504 1.854 1.499 1.069 DATE_IN_PAST_06_12 gives 2.5 only if bayes and network tests are disabled, but other network tests were used: > 0.0 BOTNET_SERVERWORDS Hostname contains server-like substrings > [botnet_serverwords,ip=200.82.82.89,rdns=mail.telam.com.ar] > 0.0 BOTNET_SOHO Relay might be a SOHO mail server > [botnet_soho,ip=200.82.82.89,maildomain=telam.com.ar,helo=mail.telam.com.ar] > 3.5 RCVD_IN_UCE RBL: RCVD_IN_UCE > [200.82.82.89 listed in dnsbl-1.uceprotect.net] > 3.5 RCVD_IN_BARRACUDA RBL: RCVD_IN_BARRACUDA > [200.82.82.89 listed in b.barracudacentral.org] > 4.0 RCVD_IN_UCE3 RBL: RCVD_IN_UCE3 > [200.82.82.89 listed in dnsbl-3.uceprotect.net] -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. REALITY.SYS corrupted. Press any key to reboot Universe.
