> > I was somewhat surprised that this failed to score; > > > > http://pastebin.com/m4c75e3ac > > > > Log excerpt; > > Sat Sep 12 05:08:57 2009 [7319] info: spamd: result: . 0 - > > HTML_MESSAGE,UNPARSEABLE_RELAY > > scantime=0.3,size=5400,required_score=5.0,rhost=localhost,raddr=127.0.0.1,rport=55111,mid=<00fada512664885bffba277008395...@aim.com>,autolearn=disabled > > > > Did this miss - or just missfire?
On 12.09.09 16:05, Jari Fredriksson wrote: > Content analysis details: (17.0 points, 5.0 required) > > pts rule name description > ---- ---------------------- -------------------------------------------------- > 5.0 BAYES_99 BODY: Bayesian spam probability is 99 to 100% > [score: 0.9996] ... manually changed score > 1.2 TO_MALFORMED To: has a malformed address > 0.7 SPF_NEUTRAL SPF: sender does not match SPF record (neutral) > 4.0 BOTNET Relay might be a spambot or virusbot > [botnet0.8,ip=87.208.178.204,rdns=ip204-178-208-87.adsl2.static.versatel.nl,maildomain=aim.com,client,ipinhostname,clientwords] ... third-party ruleset (may misfire for ISPs) > 0.6 SPF_HELO_NEUTRAL SPF: HELO does not match SPF record (neutral) > 1.0 HTML_MESSAGE BODY: HTML included in message > 0.5 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/) > 1.5 RAZOR2_CF_RANGE_E4_51_100 Razor2 gives engine 4 confidence level > above 50% > [cf: 100] > 0.5 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50% > [cf: 100] > 2.2 DCC_CHECK Listed in DCC (http://rhyolite.com/anti-spam/dcc/) you may be late recipient, while he may be an early recipient. > 1.0 DIGEST_MULTIPLE Message hits more than one network digest check ... late recipient + either manually updated score, or not updated ruleset - DIGEST_MULTIPLE gives max 0.001 points for some time > 3.0 JM_SOUGHT_FRAUD_3 Body contains frequently-spammed text patterns ... late recipient + third party ruleset (Although I believe this is safe to use) > -4.1 AWL AWL: From: address is in the auto white-list ... ouch! Generally, this really could be a FN for early recipients, but I advise to check whether plugins like DCC and RAZOR2 are loaded and the SOUGHT ruleset is being used. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. 99 percent of lawyers give the rest a bad name.
