You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by sc...@gmx.at on 2007/06/06 20:59:22 UTC

Question Rule

Dear Users
I didnt found it on google or FAQ
Today i get  mails marked as spam cause of this 2 rules
CTYPE_001C_A and FH_HAS_XID
It was a normal t-online user e-mail.
Can you tell me what is danger on this headers / rules (if found)?
thx 
regards
richard

Re: Question Rule

Posted by Matt Kettler <mk...@verizon.net>.

sc2@gmx.at wrote:
> Dear Users
> I didnt found it on google or FAQ
> Today i get  mails marked as spam cause of this 2 rules
> CTYPE_001C_A and FH_HAS_XID
> It was a normal t-online user e-mail.
> Can you tell me what is danger on this headers / rules (if found)?
Danger? SpamAssassin doesn't detect dangers, merely patterns that match
what spammers have been known to do.

CTYPE_001C_A is looking for a particular mime boundary commonly seen in
spam, but rarely in nonspam. (99.7% of emails in the corpus that matched
were spam)

However FH_HAS_XID is more troubling, it's got a strong score, and a
poor S/O. (78.6% spam). That's pretty poor poor performance for a spam
rule with a score of  aproximately 2.4.

All it's looking for is any message with and X-Id: header.

I've opened a bug to get the devs to discuss modifying or dropping that one.