This is a discussion on Re: Botnet over aggressive? - SpamAssassin ; Botnet's score of 5 is meant to say "this message should be quarantined or flagged for review". It's not saying "this message is _definitely_ spam". Lots of people lower its score to something like 2-3 if they feel it's too ...
Botnet's score of 5 is meant to say "this message should be quarantined
or flagged for review". It's not saying "this message is _definitely_
Lots of people lower its score to something like 2-3 if they feel it's
too aggressive. I keep it at a 5, and have VERY FEW false positives.
When I encounter those, I:
1) send email to the postmaster/abuse/hostmaster of the sending mail
domain an d sending server (via whois on the IP address), and tell them
that they have a DNS problem
2) whitelist the sending IP address
And then move on.
Cliff Stanford wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> I'm still a bit vague on how the SpamAssassin rules fit together but
> I've noticed that, since upgrading to the latest version, I'm getting a
> lot of false positives.
> The common cause seems to be Botnet.cf. Where a server has no reverse
> DNS, BOTNET_NORDNS scores it as 0.01 but BOTNET adds 5.0 to that. In
> addition, RDNS_NONE is adding 0.1 so every mail that lacks reverse dns
> is getting a minimum of 5.1.
> Is this intended behaviour?
> - --
> Cliff Stanford
> Might Limited +44 845 0045 666 (Office)
> Suite 67, Dorset House +44 7973 616 666 (Mobile)
> Duke Street, Chelmsford, CM1 1TB
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.5 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> iD8DBQFGil+XfNTx9pWyKfwRAmC8AJ45pI4cAdwZb1z+PcYOBD O0nMbiIgCfY0Ac
> -----END PGP SIGNATURE-----