Alex Miller wrote:
>>> я думаю, что лучше его и не включать :)
>>>>>> вот у asm'а на abbyy самообучение наверняка включено. и обучает он
>>> bayes'а регулярно.
>> Самообучение включено?? Однако.. Чего только не узнаешь.
да это я предположил. спамассассином я ж у тебя там не рулю
>>> но во вторник к нему привалила туча спама, которому его bayes
>>> начислил 0 баллов и дал вероятность 50%, а мой - начислил 5.4 балла
>>> при вероятности от 99 до 100%
>>>> А почему так у асма случилось?
>> Да вот педрилы какие-то влили практически с одного хоста мне ~260
> спамовых писем. А sa -- протупил.
>> Return-path: <antenn на kis.ru>
> Delivery-date: Tue, 08 Mar 2005 02:54:04 +0200
> Received: from imf02aec.mail.bellsouth.net ([205.152.59.50])
> by border.abbyy.ua with esmtp id 1D8Sz3-0008rd-Fn
> for partners на abbyy.com.ua; Tue, 08 Mar 2005 02:54:04 +0200
> Received: from EIG ([65.83.140.225]) by imf23aec.mail.bellsouth.net
> (InterMail vM.5.01.06.11 201-253-122-130-111-20040605) with SMTP
> id <20050307223739.LRUK2105.imf23aec.mail.bellsouth.net на EIG>;
> Mon, 7 Mar 2005 17:37:39 -0500
> Message-ID: <004b01c523ca$ddecfb9d$b6f9632d на ycucdiykgivr>
> Reply-To:
> "=?windows-1251?B?VGVsZXZpc2lvbiAmIFNhdGVsbGl0ZSBTeXN0ZW0ncw==?="
> <antenn на kis.ru>
> From: "=?windows-1251?B?VGVsZXZpc2lvbiAmIFNhdGVsbGl0ZSBTeXN0ZW0ncw==?="
> <antenn на kis.ru>
> To: =?windows-1251?B?ZXZnZW5peQ==?= <vika на kharkov.ua>
> Subject:
> =?windows-1251?B?0tDAzdHPztDSzc7FIM7BxdHPxdfFzcjFIMvOw8jR0sjKyC4g0crLwMTRysDfIMvOw8jR0sjKwC4g0c7C0MXMxc3NzsUg08/QwMLLxc3IxSDRysvAxM7MLg==?=
>> Date: Mon, 7 Mar 2005 17:43:22 -0500
> Organization:
> =?windows-1251?B?VGVsZXZpc2lvbiAmIFNhdGVsbGl0ZSBTeXN0ZW0ncw==?=
> MIME-Version: 1.0
> Content-Type: text/html;
> charset="windows-1251"
> Content-Transfer-Encoding: 7bit
> X-Priority: 3
> X-MSMail-Priority: Normal
> X-Mailer: Microsoft Outlook Express 6.00.2800.1081
> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1081
> X-AV-Status: ClamAV on border.abbyy.ua at 2005-03-08 02:54:01: clean
> X-AV-Status: DrWeb on border.abbyy.ua at 2005-03-08 02:54:01: clean
> X-Spam-Score: 5.2 (+++++)
> X-Spam-Report: Content analysis details: (5.2 points, 6.0 required)
> pts rule name description
> ---- ----------------------
> --------------------------------------------------
> 0.0 BAYES_0_500 BODY: Bayesian spam probability is 50%
> [score: 0.5000]
> 0.1 HTML_50_60 BODY: Message is 50% to 60% HTML
> 0.0 HTML_MESSAGE BODY: HTML included in message
> 0.0 BAYES_50 BODY: Bayesian spam probability is 40 to 60%
> [score: 0.5000]
> 0.1 HTML_FONT_BIG BODY: HTML tag for a big font size
> 0.1 RAZOR2_CF_RANGE_51_100 BODY: Razor2 gives confidence level above 50%
> [cf: 100]
> 0.0 HTML_NONELEMENT_00_10 BODY: 0% to 10% of HTML elements are
> non-standard
> 0.2 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
> 0.0 HTML_TITLE_EMPTY BODY: HTML title contains no text
> 0.5 MAILTO_SUBJ_REMOVE RAW: mailto URI includes removal text
> 1.5 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
> 0.1 FORGED_OUTLOOK_TAGS Outlook can't send HTML in this format
> 0.6 FORGED_OUTLOOK_HTML Outlook can't send HTML message only
> 2.0 CT_8BIT_CTE_7BIT 8-bit header Content-Type found with 7-bit
> header Content-Transfer-Encoding
> 0.0 AWL AWL: From: address is in the auto white-list
а вот баллы моего линуксячего SA (X-Spam-Checker-Version: SpamAssassin
2.63 (2004-01-11) on corvax.falbi.kiev.ua):
X-Spam-Status: Yes, hits=12.5 required=5.0 tests=BAYES_99,CT_8BIT_CTE_7BIT,
FORGED_OUTLOOK_TAGS,HTML_50_60,HTML_FONTCOLOR_BLUE,HTML_FONTCOLOR_RED,
HTML_FONT_BIG,HTML_MESSAGE,HTML_TITLE_EMPTY,MAILTO_SUBJ_REMOVE,
MIME_HTML_ONLY,RAZOR2_CF_RANGE_51_100,RAZOR2_CHECK autolearn=no
version=2.63
X-Spam-Report:
* 0.1 HTML_FONTCOLOR_BLUE BODY: HTML font color is blue
* 0.1 HTML_MESSAGE BODY: HTML included in message
* 0.3 HTML_FONT_BIG BODY: HTML has a big font
* 1.1 RAZOR2_CF_RANGE_51_100 BODY: Razor2 gives confidence
between 51 and 100
* [cf: 100]
* 5.4 BAYES_99 BODY: Bayesian spam probability is 99 to 100%
* [score: 1.0000]
* 0.3 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
* 0.1 HTML_50_60 BODY: Message is 50% to 60% HTML
* 0.1 HTML_TITLE_EMPTY BODY: HTML title contains no text
* 0.1 HTML_FONTCOLOR_RED BODY: HTML font color is red
* 0.9 MAILTO_SUBJ_REMOVE BODY: mailto URI includes removal text
* 1.0 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
* 1.0 FORGED_OUTLOOK_TAGS Outlook can't send HTML in this format
* 2.0 CT_8BIT_CTE_7BIT 8-bit header Content-Type found with
7-bit header Content-Transfer-Encoding
а вот оценка моего фревого SA (X-Spam-Checker-Version: SpamAssassin
3.0.2 (2004-11-16) on bsd.falbi.kiev.ua):
X-Spam-Status: Yes, score=12.1 required=5.0 tests=BAYES_99,CT_8BIT_CTE_7BIT,
FORGED_OUTLOOK_HTML,FORGED_OUTLOOK_TAGS,HTML_50_60,HTML_FONT_BIG,
HTML_MESSAGE,HTML_NONELEMENT_00_10,HTML_TITLE_EMPTY,
MAILTO_SUBJ_REMOVE,MIME_HTML_ONLY,RAZOR2_CF_RANGE_51_100,RAZOR2_CHECK,
URIBL_WS_SURBL autolearn=no version=3.0.2
X-Spam-Report:
* 0.1 HTML_50_60 BODY: Message is 50% to 60% HTML
* 0.0 HTML_MESSAGE BODY: HTML included in message
* 0.1 HTML_FONT_BIG BODY: HTML tag for a big font size
* 0.1 RAZOR2_CF_RANGE_51_100 BODY: Razor2 gives confidence
level above 50%
* [cf: 100]
* 0.0 HTML_NONELEMENT_00_10 BODY: 0% to 10% of HTML elements
are non-standard
* 5.4 BAYES_99 BODY: Bayesian spam probability is 99 to 100%
* [score: 1.0000]
* 0.2 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
* 0.0 HTML_TITLE_EMPTY BODY: HTML title contains no text
* 0.5 MAILTO_SUBJ_REMOVE RAW: mailto URI includes removal text
* 1.5 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
* 1.5 URIBL_WS_SURBL Contains an URL listed in the WS SURBL
blocklist
* [URIs: seminar-ua.com]
* 0.1 FORGED_OUTLOOK_TAGS Outlook can't send HTML in this format
* 0.6 FORGED_OUTLOOK_HTML Outlook can't send HTML message only
* 2.0 CT_8BIT_CTE_7BIT 8-bit header Content-Type found with
7-bit header Content-Transfer-Encoding
почувствуйте разницу :)
p. s. а еще - чаще надо выполнять
rsync -avz --delete rsync://bsd.falbi.kiev.ua/spamassassin/rules.local/ ./
:)
--
Best wishes Victor Ustugov mailto:victor на corvax.kiev.ua
public GnuPG/PGP key: http://victor.corvax.kiev.ua/corvax.asc
ICQ: 77186900, 32418694 CRV2-RIPE, CRV-UANIC