Am 03.07.2015 um 15:17 schrieb Alex:
not necessarily, they all have different sources...
not all sources see the same traffic...

Then that's a shame that all those people have seen it, and not a
single one has reported it to any blacklists

blacklists are not the ultimate answer - snowshoe spam is distributed from so many sources and hacked freemail accounts and you really don't have all freemailers hard blocked

that's the purpose of a contentfilter

the point fo using ixhash, razor *and* pyzor is that all of them have false positives and so you don't want them score too high *but* if 2 or 3 of them hit the total score is high enough

there is also "DIGEST_MULTIPLE" if razor *and* pyzor hits, sadly ixhash2 is not taken into account for that

current month here:
DIGEST_MULTIPLE:   35
RAZOR:             187
PYZOR:             225
IXHASH:            94
______________________________________

current scoring on our side

# remote hash services
use_pyzor                       1
pyzor_path                      /usr/bin/pyzor
score PYZOR_CHECK               0.5
score RAZOR2_CHECK              0.5
score RAZOR2_CF_RANGE_51_100    0.5
score RAZOR2_CF_RANGE_E4_51_100 1.5
score RAZOR2_CF_RANGE_E8_51_100 2.0
score GENERIC_IXHASH            1.5
score NIXSPAM_IXHASH            1.5
score SEM_IXHASH                1.5
describe GENERIC_IXHASH         http://wiki.apache.org/spamassassin/iXhash
describe NIXSPAM_IXHASH         http://wiki.apache.org/spamassassin/iXhash
describe SEM_IXHASH             http://wiki.apache.org/spamassassin/iXhash
score DIGEST_MULTIPLE           2.0

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to