Am 04.03.2016 um 09:29 schrieb Matus UHLAR - fantomas:
it would at best end in the rule get such a low score that it is the same as disable it entirely - so the only correct thing to do is stop the foolish deep-header parsing why? because *then* it would no longer hit any relevant amount of ham and QA corpus over time could score it higher in a safe wayIf that were supported by the corpus it would already have happenedhow do you suppose the corpus to replace ones own thinking about the *conditions* rules hit?I've no idea what the sentence means.On 03.03.16 20:21, Reindl Harald wrote:the deep-header rules have to go away or rewritten to *not* do deep-header tests - was that really so hard to parse?If they really were so useless, they would get zero score. They did not.
proven as pure nonsense after http://www.gossamer-threads.com/lists/spamassassin/users/197819?page=last with 4.0 points
the masstest says *only* that a rule hitted in a amount of spammails but depending on the sources of the samples that can mean all or nothing
*FRANKLY* spammers could even start to compromise the QA corpus with headers typically used in ham to trigger such false positives - just because if they are sucessful a lot of sysadmins out there would need to raise reject-scores because of growing FP complaints
automated masstests can't replace your own brain
I why are you complaining (again), when you can simply zero the score, when you have no problem highly tuning other scores.
because this thread was about *another* deep header test and wrong defaults are still wrong defaults for others
Maybe you could better find out other common characteristics of messages hitting those scores and post results here so we see what to exclude
maybe you could hust leave me in peace?
signature.asc
Description: OpenPGP digital signature
