I wrote: >> My tests have been mildly successful on this note, with FROM_WWW >> already getting promoted out of testing: >> http://ruleqa.spamassassin.org/?rule=/FROM_W&srcpath=khop >> >> This indicates that we don't actually need to parse any further >> because there is no sizable mass of legitimate mail that does >> this (and hopefully by getting this rule out the door, people >> considering it might decide against it).
John Hardin wrote: > Concur. > > http://ruleqa.spamassassin.org/20100201-r905213-n/T_FROM_URI/detail?srcpath=jhardin To get them both on the same view: http://ruleqa.spamassassin.org/?rule=%2F^FROM_...%24 Let's clear up the differences between FROM_URI and FROM_WWW ... Maybe it's just because I'm testing on the command line, but FROM_URI appears to only fire if there's a character in front of the "www." portion. It also appears to fire on "other.www.u...@example.com <other.www.u...@example.com>" Presumably, my rule's lack of a TLD check is the main reason it hits more messages (ham and spam). We should decide upon one (with or without revisions) and push it out the door. We've seen a few threads here on the list and I've seen several inquiries on the IRC channel about this, so I suspect the masscheck corpora just aren't getting blasted by it as much as others. (Also, I wrote the rule independently after seeing the thing in my own spam bucket, which is how I was able to respond so quickly to the first thread here.)
