You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Matthias Haegele <mh...@linuxrocks.dyndns.org> on 2007/09/24 11:47:12 UTC
Re: Every e-mail is now getting a new score, creating a lot of false
postive.
cpayne schrieb:
> Guys,
>
> I am not sure when this started but now every e-mail that comes on to my
> box has this score...
>
> 2.0 MISSING_SUBJECT Missing Subject: header
> -0.0 NO_RECEIVED Informational: message has no Received headers
> 0.1 TO_CC_NONE No To: or Cc: header
>
> I use amavisd, spamassassin, and postfix. What rule set this? Why would
> every email be getting this.
Perhaps you could show a complete message?
Maybe config errors (removed headers ...)?
Without further details it is hard to guess ...
Which versions you use ...
> Chuck
--
Grüsse/Greetings
MH
Dont send mail to: ubecatcher@linuxrocks.dyndns.org
--
Re: Every e-mail is now getting a new score, creating a lot of false
postive.
Posted by cpayne <cp...@magigames.net>.
Matthias Haegele wrote:
> cpayne schrieb:
>> Matthias Haegele wrote:
>>> cpayne schrieb:
>>>> Guys,
>>>>
>>>> I am not sure when this started but now every e-mail that comes on
>>>> to my box has this score...
>>>>
>>>> 2.0 MISSING_SUBJECT Missing Subject: header
>>>> -0.0 NO_RECEIVED Informational: message has no Received
>>>> headers
>>>> 0.1 TO_CC_NONE No To: or Cc: header
>>>>
>>>> I use amavisd, spamassassin, and postfix. What rule set this? Why
>>>> would every email be getting this.
>>>
>>> Perhaps you could show a complete message?
>>> Maybe config errors (removed headers ...)?
>>>
>>> Without further details it is hard to guess ...
>>> Which versions you use ...
>>>
>>>> Chuck
>>>
>>>
>> Ok, this message is spam, but I think this what you are looking for,
>> if not please let me know. But those lines are showing up in every
>> email.
>
> Perhaps the complete message would help more ...
> (Your MUA should have a button or opportunity to show "Source Code"
> with Thunderbird its CTRL-U, here)
>
> [Anatrim spam]
>
>> Content analysis details: (6.9 points, 1.5 required)
>>
>> pts rule name description
>> ---- ----------------------
>> --------------------------------------------------
>> 1.1 HTML_20_30 BODY: Message is 20% to 30% HTML
>> 0.2 HTML_SHOUTING3 BODY: HTML has very strong "shouting" markup
>> 0.0 HTML_MESSAGE BODY: HTML included in message
>> 3.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100%
>> [score: 0.9974]
>
> btw:
> 0.99 for Bayes_99 seems really low for me, but that depends on your
> policy ...
>
>> 2.0 MISSING_SUBJECT Missing Subject: header
>> -0.0 NO_RECEIVED Informational: message has no Received
>> headers
>> 0.1 TO_CC_NONE No To: or Cc: header
>
> [...
> From - Wed Sep 26 17:27:45 2007
> X-Account-Key: account5
> X-UIDL: nJo"!IL("!F>p"![nF"!
> X-Mozilla-Status: 0001
> X-Mozilla-Status2: 00000000
> X-Mozilla-Keys:
> Return-Path: <ne...@elabs1.com>
> X-Original-To: cepayne@magidesign.com
> Delivered-To: cepayne@magidesign.com
> Received: from localhost (unknown [127.0.0.1])
> by magi.magidesign.com (Postfix) with ESMTP id 02BE01A375
> for <ce...@magidesign.com>; Wed, 26 Sep 2007 15:46:08 +0000 (UTC)
> Received: from magi.magidesign.com ([127.0.0.1])
> by localhost (magi.magidesign.com [127.0.0.1]) (amavisd-new, port 10024)
> with ESMTP id 06076-04 for <ce...@magidesign.com>;
> Wed, 26 Sep 2007 11:46:07 -0400 (EDT)
> Received: by magi.magidesign.com (Postfix, from userid 65534)
> id 10B8C1A372; Wed, 26 Sep 2007 11:46:07 -0400 (EDT)
> X-Spam-Checker-Version: SpamAssassin 3.1.8 (2007-02-13) on magi.magidesign.com
> X-Spam-Level:
> X-Spam-Status: No, score=(-97.2), required=1.5, tests=BAYES_20,HTML_MESSAGE,
> HTML_TAG_BALANCE_BODY,MISSING_SUBJECT,Magi_Body_Chuck,NO_RECEIVED,TO_CC_NONE,
> USER_IN_WHITELIST, autolearn=no, bayes score = 0.1625, version=3.1.8 date
> scan = Wed, 26 Sep 2007 11:46:06 -0400
> X-Spam-remote: hostinfo = localhost @ 127.0.0.1
> Received-SPF: pass (elabs1.com: 208.66.204.194 is authorized to use 'newsletter@elabs1.com' in 'mfrom' identity (mechanism 'ip4:208.66.204.0/22' matched)) receiver=magi.magidesign.com; identity=mfrom; envelope-from="newsletter@elabs1.com"; helo=mail32.elabs1.com; client-ip=208.66.204.194
> Received: from mail32.elabs1.com (mail32.elabs1.com [208.66.204.194])
> by magi.magidesign.com (Postfix) with ESMTP id 652B21A336
> for <ce...@magidesign.com>; Wed, 26 Sep 2007 11:46:01 -0400 (EDT)
> To: <ce...@magidesign.com>
> Subject: New Applications for your handheld
> Date: Wed, 26 Sep 2007 08:31:29 -0700
> X-Delivery: Level 3
> Reply-To: reply-27@palmpowered.com
> Content-description: 9c5b4215e4cepayne@magidesign.com!1b!9e0!3!rynof1.pbz!
> X-Complaints-To: abuse@elabs1.com
> Message-Id: <20...@elabs1.com>
> MIME-Version: 1.0
> Content-Type: multipart/alternative;
> boundary="=_f026f74b7f9ebf7665c9a4740b9aec99"
> From: "ACCESS Systems Americas, Inc." <re...@palmpowered.com>
> X-Virus-Scanned: by amavisd-new-2.3.3 (20050822) (SuSE 10.0) at magidesign.com
>
Here you go. Thanks.
> X-UIDL: nJo"!IL("!F>p"![nF"!
>
Re: Every e-mail is now getting a new score, creating a lot of false
postive.
Posted by Matthias Haegele <mh...@linuxrocks.dyndns.org>.
Daryl C. W. O'Shea schrieb:
> Matthias Haegele wrote:
>> cpayne schrieb:
>
>>> 3.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100%
>>> [score: 0.9974]
>>
>> btw:
>> 0.99 for Bayes_99 seems really low for me, but that depends on your
>> policy ...
>
> 99.74% seems reasonable for BAYES_99 to me.
Oops i exchanged the "Score of 3.5" with the Probability of 0.9974 ->
99,74xx%.
Many thanks for your correction ;-).
> Daryl
--
Grüsse/Greetings
MH
Dont send mail to: ubecatcher@linuxrocks.dyndns.org
--
Re: Every e-mail is now getting a new score, creating a lot of false
postive.
Posted by "Daryl C. W. O'Shea" <sp...@dostech.ca>.
Matthias Haegele wrote:
> cpayne schrieb:
>> 3.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100%
>> [score: 0.9974]
>
> btw:
> 0.99 for Bayes_99 seems really low for me, but that depends on your
> policy ...
99.74% seems reasonable for BAYES_99 to me.
Daryl
Re: Every e-mail is now getting a new score, creating a lot of false
postive.
Posted by Matthias Haegele <mh...@linuxrocks.dyndns.org>.
cpayne schrieb:
> Matthias Haegele wrote:
>> cpayne schrieb:
>>> Guys,
>>>
>>> I am not sure when this started but now every e-mail that comes on to
>>> my box has this score...
>>>
>>> 2.0 MISSING_SUBJECT Missing Subject: header
>>> -0.0 NO_RECEIVED Informational: message has no Received
>>> headers
>>> 0.1 TO_CC_NONE No To: or Cc: header
>>>
>>> I use amavisd, spamassassin, and postfix. What rule set this? Why
>>> would every email be getting this.
>>
>> Perhaps you could show a complete message?
>> Maybe config errors (removed headers ...)?
>>
>> Without further details it is hard to guess ...
>> Which versions you use ...
>>
>>> Chuck
>>
>>
> Ok, this message is spam, but I think this what you are looking for, if
> not please let me know. But those lines are showing up in every email.
Perhaps the complete message would help more ...
(Your MUA should have a button or opportunity to show "Source Code" with
Thunderbird its CTRL-U, here)
[Anatrim spam]
> Content analysis details: (6.9 points, 1.5 required)
>
> pts rule name description
> ---- ----------------------
> --------------------------------------------------
> 1.1 HTML_20_30 BODY: Message is 20% to 30% HTML
> 0.2 HTML_SHOUTING3 BODY: HTML has very strong "shouting" markup
> 0.0 HTML_MESSAGE BODY: HTML included in message
> 3.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100%
> [score: 0.9974]
btw:
0.99 for Bayes_99 seems really low for me, but that depends on your
policy ...
> 2.0 MISSING_SUBJECT Missing Subject: header
> -0.0 NO_RECEIVED Informational: message has no Received headers
> 0.1 TO_CC_NONE No To: or Cc: header
[...]
--
Grüsse/Greetings
MH
Dont send mail to: ubecatcher@linuxrocks.dyndns.org
--
Re: Every e-mail is now getting a new score, creating a lot of false
postive.
Posted by cpayne <cp...@magigames.net>.
Matthias Haegele wrote:
> cpayne schrieb:
>> Guys,
>>
>> I am not sure when this started but now every e-mail that comes on to
>> my box has this score...
>>
>> 2.0 MISSING_SUBJECT Missing Subject: header
>> -0.0 NO_RECEIVED Informational: message has no Received
>> headers
>> 0.1 TO_CC_NONE No To: or Cc: header
>>
>> I use amavisd, spamassassin, and postfix. What rule set this? Why
>> would every email be getting this.
>
> Perhaps you could show a complete message?
> Maybe config errors (removed headers ...)?
>
> Without further details it is hard to guess ...
> Which versions you use ...
>
>> Chuck
>
>
Ok, this message is spam, but I think this what you are looking for, if
not please let me know. But those lines are showing up in every email.
Spam detection software, running on the system "magi.magidesign.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
postmaster for details.
Content preview: Do not waste your opportunity! - Anatrim - The latest and
most delighting product for over-weight people is made available now - As
you could see on Oprah Can you hold in your memory all the situations when
you appeal to yourself to do anything to get rid of this frightful pounds
of fat? Fortunately, now no major offering is required. Thanks to Anatrim,
the ground-breaking, you can achieve healthier lifestyle and become really
slimmer. [...]
Content analysis details: (6.9 points, 1.5 required)
pts rule name description
---- ---------------------- --------------------------------------------------
1.1 HTML_20_30 BODY: Message is 20% to 30% HTML
0.2 HTML_SHOUTING3 BODY: HTML has very strong "shouting" markup
0.0 HTML_MESSAGE BODY: HTML included in message
3.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100%
[score: 0.9974]
2.0 MISSING_SUBJECT Missing Subject: header
-0.0 NO_RECEIVED Informational: message has no Received headers
0.1 TO_CC_NONE No To: or Cc: header
The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam. If you wish to view
it, it may be safer to save it to a file and open it with an editor.