Make SPAM ASSASSIN work for you...

**Bigjohn** · May 3rd, 2004, 8:39 AM

I figured I'd pop in here and provide a little 'Spam Assassin' micro tutorial.

Spam assassin is a very powerful tool, and if you use it to the fullest, you'll find that it can eliminate a very significant number of the spam emails, even the ones that are currently running around out there with tons of <worthless tags> and garbage text.

In fact, this morning I woke up and there were ZERO spams in my inbox.

This is a multi step / multi day process, however. If you're interested, read on.

(also, I don't take all the credit for this. A guy from my old host wrote the script that you'll see at the bottom of this message. Props to he who is known as 'freeranger')

STEP ONE:

click the spam assassin icon
click enable spam assassin

When the screen refreshes, you should see the bold black and red text:

Code:

Spam Assassin is currently: enabled

DO NOT enable 'spambox'.

Click 'configure spam assassin' now.

STEP TWO: Configuring Spam Assassin basic
The screen for configuring spam assassin looks complicated, but it's not.

At this time we'll only worry about 'whitelist' and a few other options.

The whitelist is a list of email domains or accounts that you always want to get mail from. I don't recommend putting entire domains in if you have certain addresses that you know and want. This helps prevent address-spoofing spam.

First, let's have spam asssassin flag messages that it thinks are spam for us.
Find the box that says rewrite-subject.
delete any value in that box, and enter the number 1.

Second, find the box that says subject_tag.
This is where you enter the 'flag' message that will be put at the beginning of any suspected spams subject line. Enter (without the quotes) "**Possible-Spam**" here.

Third, find the box marked required_hits.
Here you enter the minimum score that a message must have to trigger the flagging you just set up above. Mine is set to 4.5, but initially - to prevent a bunch of false positives, I would set it to 5 or 6.

Fourth, find the whitelist_from box. You'll see 4 boxes to enter whitelist_from addresses. You're not limited to four, by the way. Enter up to four here, then scroll down to the bottom of the screen and hit SAVE. Cpanel will now add 4 more blank lines for whitelist_from addresses. Continue here until all of your necessary whitelist names are her. NOTE you don't need to whitelist everyone. This is helpful however to whitelist people who are in AOL, Hotmail, or Yahoo - or any other domain that is often seen as SPAM. My personal whitelist is only 12 entries.

Don't forget to hit SAVE at the bottom of the Spam Assassin configuration page, or all your work is lost. When you save, it refreshes the page - so you can then click the 'home' icon to return to Cpanel.

Congratulations You've just completed basic spam-assassin configuration.

From this moment on, email that comes to your domain will be examined by Spam Assassin. If Spam Assassin determines, through various rules tests, that it thinks you have a spam - (each test adds 'points) and it reaches the point threshold that you've set, the email subjects will be flagged "**POSSIBLE-SPAM**buy c;all'is today = know doctorz needed"

To be continued.

**patrickb** · May 3rd, 2004, 7:58 PM

I'm stickying this. good info Bigjohn!

**Bigjohn** · May 3rd, 2004, 8:00 PM

just wait. Tomorrow part2.

**Bigjohn** · May 4th, 2004, 8:40 AM

Part 2a - toss the trash

Alright. You've followed the instructions so far, and you've got Spam Assassin flagging your email.

I mentioned earlier that you can also have messages that have a certain SPAM score (or higher) automatically tossed into the great bit-bucket. We'll learn how to do this now.

First, have a look inside a flagged spam message:

Code:

Content preview:  chemotherapy communion furrier hinterland switzer
  snapshot stronghold kenneth cavern choose carboloy stood crane armament
  cathedra laze kaleidoscope sanatorium armillaria textural memorandum
  juggle URI:http://www.hotgle.info/
  URI:http://www.hotgle.info/images/oobb.gif [...] 

Content analysis details:   (7.8 points, 4.5 required)

 pts rule name              description
---- ---------------------- --------------------------------------------------
 5.4 BAYES_99               BODY: Bayesian spam probability is 99 to 100%
                            [score: 0.9999]
 0.2 HTML_MESSAGE           BODY: HTML included in message
 1.5 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
                [Blocked - see <http://www.spamcop.net/bl.shtml?68.95.20.248>]
 0.7 RCVD_IN_DSBL           RBL: Received via a relay in list.dsbl.org
                            [<http://dsbl.org/listing?ip=68.95.20.248>]

The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam.  If you wish to view
it, it may be safer to save it to a file and open it with an editor.

Notice - this message scored 7.8 points, which is above my flagging threshold of 4.5. The breakdown of which Spam Assassin rules played in the scoring of this message is also shown in messages that score above your threshold.

Note also that this one had a BAYES score. That's what we're working toward. Getting spam assassin to learn the spammers tricks and toss them! Without the BAYES score this message would have scored only 2.4 points and would have been delivered to my inbox. But more on that later.

If you look at the message header you'll see:

Code:

Subject: Notice_from_mailserver--Possible_SPAM Your eBay auct1on payment 
Date: Tue, 04 May 2004 14:48:35 +0200
Message-Id: <DAE095E7499CEBD@12move.nl>
X-Spam-Flag: YES
X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on pass5.dizinc.com
X-Spam-Level: *******
X-Spam-Status: Yes, hits=7.8 required=4.5 tests=BAYES_99,HTML_MESSAGE,
	RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_DSBL autolearn=no version=2.63

(though I do wish that Surpass would set up the RDNS to resolve to my domain, it shows Pass5.dizinc.com here...)

Note the line: X-Spam-Level: *******.
We're going to use that to our advantage. The number of stars is the value of WHOLE POINTS that the message scored. There are 7 here. We want to create a rule that will automatically TOSS any message that scores 8 points or higher.

To do this, we'll move back to Cpanel and click on the MAIL icon.
In the list of options, choose E-mail filtering

If you have previously input filters, they'll show here, and below them you'll see:

Code:

[ Add Filter ] | [ Go Back ]

Select Add Filter

The Add filter dialog is pretty simple. The Filter drop down defaults to subject. Change this to "Any Header".

The next box over is where you enter your test criteria. You can cut and paste the line below:

Code:

X-Spam-Level: ********

If you want a higher threshold, add a star. If you want a lower one (not recommended at the beginning - some email's that I get from PCWeek score as high as 7.9!) subtract a star.

Leave the Destination as 'discard'.

Now click ACTIVATE.

There. You've done it. If you followed the examples literally, you'll now flag all messages that score over 4.5 points, and automatically trash messages scoring over 8 points.

Next lesson - How to train Spam Assassin to learn spammers new tricks...

**Bigjohn** · May 23rd, 2004, 2:15 PM

Part 3 - Teach Spam Assassin the spammers new tricks

We'll assume that you've followed all the steps through now. You should have noticed a drop in spam due to the 'autodelete' of high scoring messages. But a significant number of messages have still been coming through....

Quote:

harem-keeper kempfs jzeroca

Largest Selection Of Online Medications!

They got Vi.co.din, X.

nax, and V.aliu.m..and other popular products..

Enjoy deep discount meds here.

J K http://be.info.offersbank.com/abc/ok/

Quiit service is ava1-iable at website..

It was a very foggy day in London. The fog was so thick that it was
impossible to see more than a foot or so. buses, cars and taxis were not
able to run and were standing by the side of the road. People were trying to
find their way about on foot but were losing their way in the fog. Mr. Smith
had a very important meeting at the House of Commons and had to get there
but no one could take him. He tried to walk there but found he was quite
lost. Suddenly he bumped into a stranger. The stranger asked if he could
help him. Mr. Smith said he wanted to get to the

Spammers stuff random words, paragraphs, quotes, etc. into the body of the message - or use 'hidden text' in HTML formatted messages (font size 1px, etc.) to get around normal Spam Assassin (and other spam checkers) rules.

Thankfully, Spam Assasin can learn from these messages and start trapping them too...

In your control panel, open your file manager. You'll see a folder .spamassassin.
Click on the FOLDER icon for spam assassin. That will open the folder.

Click on the file user_prefs, and in the right column select EDIT FILE.

Now, add the following lines:

Code:

# Enable the Bayes system
use_bayes               1
# Enable or disable network checks
skip_rbl_checks         0
use_razor2              1
use_dcc                 1
use_pyzor               1

The above lines enable checks against known/reported spammer id's, and the top one enables the bayes 'logic analysis' system.
Now click SAVE on the bottom of the screen.

Now to teach SPAM ASSASSIN...

In the file manager, navigate up to the user_root directory (click up one level). If you see the folder public_html in the list window you're in the right place.

Click create new folder
make a folder named "script" (without the quotes, of course...)

After making the folder, navigate into it and select Create New File
enter the file name 'learnspam', and select type "shell script".

Copy the following code into the file edit window:

Code:

#!/bin/sh
echo "Learning SPAM"
for FILE in `find $HOME -name SPAM -print`
do
echo "Processing $FILE"
sa-learn --spam --mbox $FILE
done

echo "Learning HAM"
for FILE in `find $HOME -name HAM -print`
do
echo "Processing $FILE"
sa-learn --ham  --mbox $FILE
rm $FILE
touch $FILE
done
echo "Done"

continued in next message

**Bigjohn** · May 23rd, 2004, 2:27 PM

Half Way There....

Now you have a script that will teach Spam Assassin to recognize spam. But the Spam Assassin program won't activate the BAYES rules until it has learned at least 150-200 SPAM and 'ham' (non spam) messages.

The best way to compile that many messages is to have each user 'pre check' their email with HORDE before downloading messages to their computer.

To do this you must disable 'auto-checking' from your mail program (outlook express, etc). Then, open webmail for your account. Open the inbox, then select Folders. Create 2 new folders - SPAM and HAM. You must use those folder names exactly, because that is what the script is searching for.

Now, when you find a message that IS spam in your inbox, MOVE it to the SPAM folder.

And copy a bunch of your 'good' mail messages to the HAM folder. Copy is the best thing here, because the script will purge that folder after each run.

Of course, with HORDE you can look at the contents of these folders. They should have a similar number of messages in them when you start the process. As it runs, however, the spam folder will continue to contain older spam messages. The reason for this is that in the event Cpanel upgrades Spam Assassin, or your bayes-database gets corrupted for any other reason, you want to have a library of about 500 spam messages to 'relearn'. You should go through the SPAM folder every month or so and delete the oldest messages once you have 500 in the folder.

Personally, I try to have 40 HAM's in the folder each time the script runs on my domain - 3 times per week.

You can accumulate MORE spam by modifying the "autodelete" rule from the last section.

If you remove that rule and instead tell the mail filter to forward ALL MESSAGES scoring over 10 to a separate EMAIL address (mine is 'mailtrap'), then logging into the mail trap account every couple of days and moving 'his' messages to 'his' spam folder will help SA learn REAL spam...

If you get a message that is a FALSE POSITIVE - meaning it scored as spam but was not ment to be, make sure you copy that into the HAM folder.

Setting the Cron Job
Click the CRON JOB icon in Cpanel.

Click STANDARD mode. You'll see a screen like this:

Enter your mail address in the 'mail to' box

Set up your CRON job to run every couple of days at a certain time. I set mine up for NOON because a significant portion of SPAM seems to arrive between 11pm and 10 am... and I want to get it while it's fresh... So, if you set yours up to run 3 times a week (hold the CTRL key to select multiple days) your screen will look like this:

Press 'save crontab' button. NOTE - see the path? that is the 'userID' for cpanel that is wiped out there... so replace it with whatever yours is... this is the path to the learning script.

You're done.

If you've followed these instructions and mimicked my installation exactly, you'll have an email from the 'cron daemon' 3 times per week, telling you how many messages it processed:

Code:

Learning SPAM
Processing /home/youraccount/mail/domain-name/john/SPAM
Learned from 13 message(s) (110 message(s) examined).
Processing /home/youraccount/mail/domain-name/mailtrap/SPAM
Learned from 62 message(s) (138 message(s) examined).
Learning HAM
Processing /home/youraccount/mail/domain-name/john/HAM
Learned from 17 message(s) (20 message(s) examined).
Done

And as Bayes kicks in, you'll start seeing stuff like this in the message header...

Code:

Content analysis details:   (6.4 points, 4.5 required)

 pts rule name              description
---- ---------------------- --------------------------------------------------
 1.5 RCVD_NUMERIC_HELO      Received: contains a numeric HELO
 0.2 HTML_MESSAGE           BODY: HTML included in message
 1.7 BAYES_80               BODY: Bayesian spam probability is 80 to 90%
                            [score: 0.8364]
 3.0 FORGED_RCVD_HELO       Received: contains a forged HELO

Notice - without the BAYES score this message would not even have been flagged! We're succeeding in marking up MORE SPAM!

Thanks for listening... I hope you all enjoyed your lesson in 'how to make Spam Assassin work for you'.

**AJPayne** · May 23rd, 2004, 4:47 PM

should change your name to... I was gonna say 'junkyard' but didnt... (ssshh!! I didnt say it!)

**Bigjohn** · May 23rd, 2004, 5:15 PM

:shock:

**AJPayne** · May 23rd, 2004, 5:31 PM

it wasnt meant to offend you actually... junkyard=spamassassin... but wanted to find another word for it. So basically if you need to get rid of of junk mail, we would PM you, and you would take care of it with your brilliant tutorials

Sorry if you took it the wrong way :S (didnt mean it)

May 3rd, 2004, 8:39 AM	#1 (permalink)
Bigjohn minor deity Super #1 Joined in Apr 2004 Lives in Georgia Hosted on XEON 7,365 posts Gave thanks: 25 Thanked 94 times	Make SPAM ASSASSIN work for you... I figured I'd pop in here and provide a little 'Spam Assassin' micro tutorial. Spam assassin is a very powerful tool, and if you use it to the fullest, you'll find that it can eliminate a very significant number of the spam emails, even the ones that are currently running around out there with tons of <worthless tags> and garbage text. In fact, this morning I woke up and there were ZERO spams in my inbox. This is a multi step / multi day process, however. If you're interested, read on. (also, I don't take all the credit for this. A guy from my old host wrote the script that you'll see at the bottom of this message. Props to he who is known as 'freeranger') STEP ONE: click the spam assassin icon click enable spam assassin When the screen refreshes, you should see the bold black and red text: Code: Spam Assassin is currently: enabled DO NOT enable 'spambox'. Click 'configure spam assassin' now. STEP TWO: Configuring Spam Assassin basic The screen for configuring spam assassin looks complicated, but it's not. At this time we'll only worry about 'whitelist' and a few other options. The whitelist is a list of email domains or accounts that you always want to get mail from. I don't recommend putting entire domains in if you have certain addresses that you know and want. This helps prevent address-spoofing spam. First, let's have spam asssassin flag messages that it thinks are spam for us. Find the box that says rewrite-subject. delete any value in that box, and enter the number 1. Second, find the box that says subject_tag. This is where you enter the 'flag' message that will be put at the beginning of any suspected spams subject line. Enter (without the quotes) "Possible-Spam" here. Third, find the box marked required_hits. Here you enter the minimum score that a message must have to trigger the flagging you just set up above. Mine is set to 4.5, but initially - to prevent a bunch of false positives, I would set it to 5 or 6. Fourth, find the whitelist_from box. You'll see 4 boxes to enter whitelist_from addresses. You're not limited to four, by the way. Enter up to four here, then scroll down to the bottom of the screen and hit SAVE. Cpanel will now add 4 more blank lines for whitelist_from addresses. Continue here until all of your necessary whitelist names are her. NOTE you don't need to whitelist everyone. This is helpful however to whitelist people who are in AOL, Hotmail, or Yahoo - or any other domain that is often seen as SPAM. My personal whitelist is only 12 entries. Don't forget to hit SAVE at the bottom of the Spam Assassin configuration page, or all your work is lost. When you save, it refreshes the page - so you can then click the 'home' icon to return to Cpanel. Congratulations You've just completed basic spam-assassin configuration. From this moment on, email that comes to your domain will be examined by Spam Assassin. If Spam Assassin determines, through various rules tests, that it thinks you have a spam - (each test adds 'points) and it reaches the point threshold that you've set, the email subjects will be flagged "POSSIBLE-SPAMbuy c;all'is today = know doctorz needed" To be continued. __________________ Proud to be a Surmunity Mod! XEON PASS60 PASS61 Make a fundamental difference! My Sites: Curious about Brewing Beer? Join the community! >>>>> Some Change is GOOD! Keep your paycheck! Support the Fair Tax Get into an Art museum Victorian London It's your brain -*ON WEB* - mybrainhost.com (under development) What SHOULD Government do? Much Less than it Does!

May 3rd, 2004, 7:58 PM	#2 (permalink)
patrickb the one who was Super #1 Joined in Jul 2003 Lives in Memphis 1,967 posts Gave thanks: 0 Thanked 3 times	I'm stickying this. good info Bigjohn! __________________ Patrick Warnings: The program(s) might crash unexpectedly or behave otherwise strangely. (But of course, so do many commercial programs on Windows.) --www.gimp.org

May 3rd, 2004, 8:00 PM	#3 (permalink)
Bigjohn minor deity Super #1 Joined in Apr 2004 Lives in Georgia Hosted on XEON 7,365 posts Gave thanks: 25 Thanked 94 times	just wait. Tomorrow part2. __________________ Proud to be a Surmunity Mod! XEON PASS60 PASS61 Make a fundamental difference! My Sites: Curious about Brewing Beer? Join the community! >>>>> Some Change is GOOD! Keep your paycheck! Support the Fair Tax Get into an Art museum Victorian London It's your brain -*ON WEB* - mybrainhost.com (under development) What SHOULD Government do? Much Less than it Does!

May 4th, 2004, 8:40 AM	#4 (permalink)
Bigjohn minor deity Super #1 Joined in Apr 2004 Lives in Georgia Hosted on XEON 7,365 posts Gave thanks: 25 Thanked 94 times	Part 2a - toss the trash Alright. You've followed the instructions so far, and you've got Spam Assassin flagging your email. I mentioned earlier that you can also have messages that have a certain SPAM score (or higher) automatically tossed into the great bit-bucket. We'll learn how to do this now. First, have a look inside a flagged spam message: Code: Content preview: chemotherapy communion furrier hinterland switzer snapshot stronghold kenneth cavern choose carboloy stood crane armament cathedra laze kaleidoscope sanatorium armillaria textural memorandum juggle URI:http://www.hotgle.info/ URI:http://www.hotgle.info/images/oobb.gif [...] Content analysis details: (7.8 points, 4.5 required) pts rule name description ---- ---------------------- -------------------------------------------------- 5.4 BAYES_99 BODY: Bayesian spam probability is 99 to 100% [score: 0.9999] 0.2 HTML_MESSAGE BODY: HTML included in message 1.5 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net [Blocked - see <http://www.spamcop.net/bl.shtml?68.95.20.248>] 0.7 RCVD_IN_DSBL RBL: Received via a relay in list.dsbl.org [<http://dsbl.org/listing?ip=68.95.20.248>] The original message was not completely plain text, and may be unsafe to open with some email clients; in particular, it may contain a virus, or confirm that your address can receive spam. If you wish to view it, it may be safer to save it to a file and open it with an editor. Notice - this message scored 7.8 points, which is above my flagging threshold of 4.5. The breakdown of which Spam Assassin rules played in the scoring of this message is also shown in messages that score above your threshold. Note also that this one had a BAYES score. That's what we're working toward. Getting spam assassin to learn the spammers tricks and toss them! Without the BAYES score this message would have scored only 2.4 points and would have been delivered to my inbox. But more on that later. If you look at the message header you'll see: Code: Subject: Notice_from_mailserver--Possible_SPAM Your eBay auct1on payment Date: Tue, 04 May 2004 14:48:35 +0200 Message-Id: <DAE095E7499CEBD@12move.nl> X-Spam-Flag: YES X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on pass5.dizinc.com X-Spam-Level: ***** X-Spam-Status: Yes, hits=7.8 required=4.5 tests=BAYES_99,HTML_MESSAGE, RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_DSBL autolearn=no version=2.63 (though I do wish that Surpass would set up the RDNS to resolve to my domain, it shows Pass5.dizinc.com here...) Note the line: X-Spam-Level: ***. We're going to use that to our advantage. The number of stars is the value of WHOLE POINTS that the message scored. There are 7 here. We want to create a rule that will automatically TOSS any message that scores 8 points or higher. To do this, we'll move back to Cpanel and click on the MAIL icon. In the list of options, choose E-mail filtering If you have previously input filters, they'll show here, and below them you'll see: Code: [ Add Filter ] \| [ Go Back ] Select Add Filter The Add filter dialog is pretty simple. The Filter drop down defaults to subject. Change this to "Any Header". The next box over is where you enter your test criteria. You can cut and paste the line below: Code: X-Spam-Level: **** If you want a higher threshold, add a star. If you want a lower one (not recommended at the beginning - some email's that I get from PCWeek score as high as 7.9!) subtract a star. Leave the Destination** as 'discard'. Now click ACTIVATE. There. You've done it. If you followed the examples literally, you'll now flag all messages that score over 4.5 points, and automatically trash messages scoring over 8 points. Next lesson - How to train Spam Assassin to learn spammers new tricks... __________________ Proud to be a Surmunity Mod! XEON PASS60 PASS61 Make a fundamental difference! My Sites: Curious about Brewing Beer? Join the community! >>>>> Some Change is GOOD! Keep your paycheck! Support the Fair Tax Get into an Art museum Victorian London It's your brain -*ON WEB* - mybrainhost.com (under development) What SHOULD Government do? Much Less than it Does!

May 23rd, 2004, 2:27 PM	#6 (permalink)
Bigjohn minor deity Super #1 Joined in Apr 2004 Lives in Georgia Hosted on XEON 7,365 posts Gave thanks: 25 Thanked 94 times	Half Way There.... Now you have a script that will teach Spam Assassin to recognize spam. But the Spam Assassin program won't activate the BAYES rules until it has learned at least 150-200 SPAM and 'ham' (non spam) messages. The best way to compile that many messages is to have each user 'pre check' their email with HORDE before downloading messages to their computer. To do this you must disable 'auto-checking' from your mail program (outlook express, etc). Then, open webmail for your account. Open the inbox, then select Folders. Create 2 new folders - SPAM and HAM. You must use those folder names exactly, because that is what the script is searching for. Now, when you find a message that IS spam in your inbox, MOVE it to the SPAM folder. And copy a bunch of your 'good' mail messages to the HAM folder. Copy is the best thing here, because the script will purge that folder after each run. Of course, with HORDE you can look at the contents of these folders. They should have a similar number of messages in them when you start the process. As it runs, however, the spam folder will continue to contain older spam messages. The reason for this is that in the event Cpanel upgrades Spam Assassin, or your bayes-database gets corrupted for any other reason, you want to have a library of about 500 spam messages to 'relearn'. You should go through the SPAM folder every month or so and delete the oldest messages once you have 500 in the folder. Personally, I try to have 40 HAM's in the folder each time the script runs on my domain - 3 times per week. You can accumulate MORE spam by modifying the "autodelete" rule from the last section. If you remove that rule and instead tell the mail filter to forward ALL MESSAGES scoring over 10 to a separate EMAIL address (mine is 'mailtrap'), then logging into the mail trap account every couple of days and moving 'his' messages to 'his' spam folder will help SA learn REAL spam... If you get a message that is a FALSE POSITIVE - meaning it scored as spam but was not ment to be, make sure you copy that into the HAM folder. Setting the Cron Job Click the CRON JOB icon in Cpanel. Click STANDARD mode. You'll see a screen like this: Enter your mail address in the 'mail to' box Set up your CRON job to run every couple of days at a certain time. I set mine up for NOON because a significant portion of SPAM seems to arrive between 11pm and 10 am... and I want to get it while it's fresh... So, if you set yours up to run 3 times a week (hold the CTRL key to select multiple days) your screen will look like this: Press 'save crontab' button. NOTE - see the path? that is the 'userID' for cpanel that is wiped out there... so replace it with whatever yours is... this is the path to the learning script. You're done. If you've followed these instructions and mimicked my installation exactly, you'll have an email from the 'cron daemon' 3 times per week, telling you how many messages it processed: Code: Learning SPAM Processing /home/youraccount/mail/domain-name/john/SPAM Learned from 13 message(s) (110 message(s) examined). Processing /home/youraccount/mail/domain-name/mailtrap/SPAM Learned from 62 message(s) (138 message(s) examined). Learning HAM Processing /home/youraccount/mail/domain-name/john/HAM Learned from 17 message(s) (20 message(s) examined). Done And as Bayes kicks in, you'll start seeing stuff like this in the message header... Code: Content analysis details: (6.4 points, 4.5 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.5 RCVD_NUMERIC_HELO Received: contains a numeric HELO 0.2 HTML_MESSAGE BODY: HTML included in message 1.7 BAYES_80 BODY: Bayesian spam probability is 80 to 90% [score: 0.8364] 3.0 FORGED_RCVD_HELO Received: contains a forged HELO Notice - without the BAYES score this message would not even have been flagged! We're succeeding in marking up MORE SPAM! Thanks for listening... I hope you all enjoyed your lesson in 'how to make Spam Assassin work for you'. __________________ Proud to be a Surmunity Mod! XEON PASS60 PASS61 Make a fundamental difference! My Sites: Curious about Brewing Beer? Join the community! >>>>> Some Change is GOOD! Keep your paycheck! Support the Fair Tax Get into an Art museum Victorian London It's your brain -*ON WEB* - mybrainhost.com (under development) What SHOULD Government do? Much Less than it Does!

May 23rd, 2004, 4:47 PM	#7 (permalink)
AJPayne I own you! Excelling Contributor Joined in Apr 2004 563 posts Gave thanks: 0 Thanked 3 times	should change your name to... I was gonna say 'junkyard' but didnt... (ssshh!! I didnt say it!)

May 23rd, 2004, 5:15 PM	#8 (permalink)
Bigjohn minor deity Super #1 Joined in Apr 2004 Lives in Georgia Hosted on XEON 7,365 posts Gave thanks: 25 Thanked 94 times	:shock: __________________ Proud to be a Surmunity Mod! XEON PASS60 PASS61 Make a fundamental difference! My Sites: Curious about Brewing Beer? Join the community! >>>>> Some Change is GOOD! Keep your paycheck! Support the Fair Tax Get into an Art museum Victorian London It's your brain -*ON WEB* - mybrainhost.com (under development) What SHOULD Government do? Much Less than it Does!

May 23rd, 2004, 5:31 PM	#9 (permalink)
AJPayne I own you! Excelling Contributor Joined in Apr 2004 563 posts Gave thanks: 0 Thanked 3 times	it wasnt meant to offend you actually... junkyard=spamassassin... but wanted to find another word for it. So basically if you need to get rid of of junk mail, we would PM you, and you would take care of it with your brilliant tutorials Sorry if you took it the wrong way :S (didnt mean it)

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Rate This Thread
Rate This Thread: