You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2005/06/05 17:43:41 UTC
[Bug 4394] New: Bounce detection within Spamassassin default rulset
http://bugzilla.spamassassin.org/show_bug.cgi?id=4394
Summary: Bounce detection within Spamassassin default rulset
Product: Spamassassin
Version: unspecified
Platform: Other
OS/Version: other
Status: NEW
Severity: normal
Priority: P5
Component: Rules
AssignedTo: dev@spamassassin.apache.org
ReportedBy: mbr@freebsd.org
I have seen various ruleset which had all their bounce detection
ruleset defined, because spamassassin does not offer one. I think
SA should offer one so third party applications could use it.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4394] Bounce detection within Spamassassin default rulset
Posted by bu...@bugzilla.spamassassin.org.
http://bugzilla.spamassassin.org/show_bug.cgi?id=4394
mbr@freebsd.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|WONTFIX |
------- Additional Comments From mbr@freebsd.org 2005-07-10 09:30 -------
Hi Bob,
>
> If/when there's a set that has a high enough S/O and high enough spam hit ratio,
> then we can open a new bug entry for that submission.
>
> Meanwhile, I find that Tim Jackson's rules file at
> http://www.rulesemporium.com/rules/bogus-virus-warnings.cf works well here.
>
> Perhaps the two of you can work together on this project?
We already do that. If you had a close look at Tims Rules, you may have seen
that this ruleset here is also part of his antivirus rules.
It doesn't make any sense to do mass checks on a ruleset that
is only a subtest. That's why I've requested adding it as __SUBTEST,
which can then be used togeter with other rules.
And yes, these combinations should be tested. SpamAssassin doesn't make
useful combo tests at all - unfortunatly.
The primary target of this ruleset here are 'autoreplies', 'virus bounces',
'spam bounces'.
Martin
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4394] Bounce detection within Spamassassin default rulset
Posted by bu...@bugzilla.spamassassin.org.
http://bugzilla.spamassassin.org/show_bug.cgi?id=4394
------- Additional Comments From jm@jmason.org 2005-07-10 22:42 -------
yep, hold on with the mass-checks Bob -- this certainly won't make much sense as
an anti-spam test, and the bug is not necessarily about that ruleset anyway!
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4394] Bounce detection within Spamassassin default rulset
Posted by bu...@bugzilla.spamassassin.org.
http://bugzilla.spamassassin.org/show_bug.cgi?id=4394
------- Additional Comments From Bob@Menschel.net 2005-06-10 21:08 -------
Martin, I attempted to mass-check your rules, but your meta rules have __names.
__names are ignored during scoring and frequency calculations. This __naming
convention is used for rules that feed meta rules, not primary rules themselves.
In the future, please remember that rules that should count need to not be
__test rules.
I'll edit and rerun this weekend...
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4394] Bounce detection within Spamassassin default rulset
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4394
jm@jmason.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|REOPENED |RESOLVED
Resolution| |FIXED
Target Milestone|Undefined |3.2.0
------- Additional Comments From jm@jmason.org 2006-12-04 07:29 -------
btw a comprehensive set of anti-virus-bounce rules has just been checked into
svn trunk's core rules area, for release in 3.2.0. it's based partially on Tim
J's ruleset, but has been evolving over the past few months in my sandbox ;)
it blocks bounces very nicely.
the results appear in output as a small set of rules
(BOUNCE_MESSAGE,CRBOUNCE_MESSAGE,VBOUNCE_MESSAGE) for various types of bounces,
or a single rule which covers all of them: ANY_BOUNCE_MESSAGE. there's also an
exclusion command to specify "valid" bounce-generating relays that you do wish
to receive bounces from: whitelist_bounce_relays.
marking fixed...
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4394] Bounce detection within Spamassassin default rulset
Posted by bu...@bugzilla.spamassassin.org.
http://bugzilla.spamassassin.org/show_bug.cgi?id=4394
Bob@Menschel.net changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WONTFIX
------- Additional Comments From Bob@Menschel.net 2005-07-09 22:22 -------
Section 3 -- Frequencies Log
(First numeric frequencies, followed by percentage frequencies)
OVERALL% SPAM% HAM% S/O RANK SCORE NAME
296500 135240 161260 0.456 0.00 0.00 (all messages)
13959 8647 5312 0.660 0.00 1.00 NULL_SENDER
OVERALL% SPAM% HAM% S/O RANK SCORE NAME
296500 135240 161260 0.456 0.00 0.00 (all messages)
100.000 45.6121 54.3879 0.456 0.00 0.00 (all messages as %)
4.708 6.3938 3.2941 0.660 0.00 1.00 NULL_SENDER
With an S/O of only 0.660, hitting well over 5k ham in my corpus, this set of
rules needs a LOT of work before it can be incorporated into the distribution
rules sets. Closing as WONTFIX for now. If/when you have other variations worth
testing, send them my way, and I'll work with you to get stats you can use to
improve your rules.
If/when there's a set that has a high enough S/O and high enough spam hit ratio,
then we can open a new bug entry for that submission.
Meanwhile, I find that Tim Jackson's rules file at
http://www.rulesemporium.com/rules/bogus-virus-warnings.cf works well here.
Perhaps the two of you can work together on this project?
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4394] Bounce detection within Spamassassin default rulset
Posted by bu...@bugzilla.spamassassin.org.
http://bugzilla.spamassassin.org/show_bug.cgi?id=4394
------- Additional Comments From Bob@Menschel.net 2005-07-10 10:21 -------
Others can correct me if I'm wrong, but it's not a general practice within SA to
provide __subtests with no final tests. If I understand you correctly at this
point, you want to provide "standardized" __subtests so that 3rd party systems
like Barracuda, or custom rules files like Tim's, have something "standard" to use.
However, on the assumption that the majority of SA sites won't use those 3rd
party applications, by incorporating your __subtests, SA would be increasing the
workload on ALL systems for the benefit of a minority. I believe that goes
counter to this project's philosophy, which is to improve spam detection itself
and to consume as few resources as possible while doing a good job at it.
If you and Tim or others could submit a set of productive and effective rules
that identify spam/outscatter, which use these __subtests, that would be a
beneficial enhancement to the SA system. But without such positive results to be
incorporated into SA itself, I don't see the devs accepting the overhead of
these __subtests.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4394] Bounce detection within Spamassassin default rulset
Posted by bu...@bugzilla.spamassassin.org.
http://bugzilla.spamassassin.org/show_bug.cgi?id=4394
------- Additional Comments From mbr@freebsd.org 2005-06-05 08:44 -------
Created an attachment (id=2926)
--> (http://bugzilla.spamassassin.org/attachment.cgi?id=2926&action=view)
Bounce meta subtests
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.