You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Justin Mason <jm...@jmason.org> on 2005/06/20 21:30:29 UTC
Re: possible wish list item
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Matt Kettler writes:
> Craig Jackson wrote:
> > Regarding the report that is made part of the header, instead of a
> > summary of the email (which makes downloading tiresomely long even on a
> > high speed connection), I would like to see only the text that tripped
> > each particular test. Users often want to know what exactly in the email
> > caused it to be tagged as spam. It would be nice if I could show them in
> > the header at the workstation, rather than run a test from my
> > workstation and print it out. If this can already be done, let me know
> > and I'll figure out how to do it.
>
> Currently, that's pretty much impossible to do in spamassassin, and it would be
> difficult to do without increasing memory usage.
>
> Right now, SA just maintains a simple hit list when it scans a message. It
> doesn't extract the text which matched at all, much less save it where it can be
> referenced later.
>
> Quoting the part of the email that caused the rule to trip is particularly
> difficult for eval tests, as their code could look at anything or everything.
>
> It's also a little tricky for meta tests which wind up triggering as a cascade
> of other rules trip off. (ie: DRUGS_MANYKINDS).
>
> I'd also question who would find such a feature more useful, end users or spammers.
>
> Certainly it has some valid uses for end users and non-spammers, but it's
> considerably more useful to a spammer. For end users it answers the "why did
> this happen" questions, for spammers it provides useful spam-tuning feedback
> that makes their spam more effective at evading detection by SA.
actually, we do already support it ;) if you run SpamAssassin 3.1.0 with
- -D, it'll log what parts of the message hit for some of the rules (just
the simple regexp rules, not eval tests).
- --j.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Exmh CVS
iD8DBQFCtxlVMJF5cimLx9ARAuUPAJkBtnZG+REM8mVUISHMumdxKmNLlACfbt77
2MhOg5NLA4GBLS9HEaQsxTo=
=y3Gn
-----END PGP SIGNATURE-----
Re: possible wish list item
Posted by cjackson <cj...@localsurface.com>.
Justin Mason wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>
>Matt Kettler writes:
>
>
>>Craig Jackson wrote:
>>
>>
>>>Regarding the report that is made part of the header, instead of a
>>>summary of the email (which makes downloading tiresomely long even on a
>>>high speed connection), I would like to see only the text that tripped
>>>each particular test. Users often want to know what exactly in the email
>>>caused it to be tagged as spam. It would be nice if I could show them in
>>>the header at the workstation, rather than run a test from my
>>>workstation and print it out. If this can already be done, let me know
>>>and I'll figure out how to do it.
>>>
>>>
>>Currently, that's pretty much impossible to do in spamassassin, and it would be
>>difficult to do without increasing memory usage.
>>
>>Right now, SA just maintains a simple hit list when it scans a message. It
>>doesn't extract the text which matched at all, much less save it where it can be
>>referenced later.
>>
>>Quoting the part of the email that caused the rule to trip is particularly
>>difficult for eval tests, as their code could look at anything or everything.
>>
>>It's also a little tricky for meta tests which wind up triggering as a cascade
>>of other rules trip off. (ie: DRUGS_MANYKINDS).
>>
>>I'd also question who would find such a feature more useful, end users or spammers.
>>
>>Certainly it has some valid uses for end users and non-spammers, but it's
>>considerably more useful to a spammer. For end users it answers the "why did
>>this happen" questions, for spammers it provides useful spam-tuning feedback
>>that makes their spam more effective at evading detection by SA.
>>
>>
>
>actually, we do already support it ;) if you run SpamAssassin 3.1.0 with
>- -D, it'll log what parts of the message hit for some of the rules (just
>the simple regexp rules, not eval tests).
>
>- --j.
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.2.5 (GNU/Linux)
>Comment: Exmh CVS
>
>iD8DBQFCtxlVMJF5cimLx9ARAuUPAJkBtnZG+REM8mVUISHMumdxKmNLlACfbt77
>2MhOg5NLA4GBLS9HEaQsxTo=
>=y3Gn
>-----END PGP SIGNATURE-----
>
>
>
Thanks very much. I am held accountable for mail that is held up on the
gateway. We have plans to move it on to the primary mail host later, but
until then I get get the occasional irate user demanding an explanation.
Craig