Spamassassin Correct ?
Michael Cohen
michael.cohen at netspeed.com.au
Wed Apr 4 22:38:59 CST 2007
On Wed, Apr 04, 2007 at 10:05:29PM +0930, Brian wrote:
> My question relates to the rules Spamassassin is using to detect spam. I am
> not too sure what these mean.....except maybe (1)
>
> eg
>
> 1.6 DEAR_SOMETHING BODY: Contains 'Dear (something)'
> 2.5 URI_NO_WWW_BIZ_CGI URI: CGI in .biz TLD other than third-level"www"
> 1.2 BIZ_TLD URI: Contains an URL in the BIZ top-level domain
> -0.8 AWL AWL: From: address is in the auto white-list
These rules are basically different tests that spamassasin is running which
produced a match on the mail and their relative scores. You can adjust the
scores of different tests to try and tune the engine a little bit. For example
the AWL rule can be given more negative score (which is subtracted from the
total) to make spammy looking emails from people in your white list appear less
spammy.
I think its a good idea to have a whitelist (auto or otherwise) and give them a
really large negative score to make sure that important emails do not get
classified as spam. For example I used to have a rule for .gov.au domains which
basically refused to mark them as spam - if our government mail servers can be
used for relaying we have bigger problems than just spam.
I think you might be able to tune procmail to filter out the messages with high
score only and leave the ones with borderline score for closer inspection. You
might achieve this through configuring spamassasin to mark them differently.
Michael
More information about the linuxsa
mailing list