You can probably figure out the type of scam targeted here, but let’s go through it line-by-line. So what does a SpamAssassin rule look like? Let’s look at an example that uses the KAM rules, a widely used custom rule set:
Rather, you should aim for the lowest possible score. Therefore, when you test your emails against the SpamAssassin filter, simply being under the 5.0 threshold may not be enough. That’s why your email might make it into the inbox of one recipient, but land in the spam folder of another-they might be using an email service with more restrictive anti-spam settings. It’s common to tweak the threshold to reach a good balance between low numbers of false positives (genuine email wrongly classified as spam) and false negatives (spam email that tricks the filter into thinking it’s genuine). By default that threshold is set to 5.0 in the SpamAssassin configuration, though it can be adjusted by the user. If an email passes a certain threshold, it’s regarded as spam. Therefore, when passing your transactional emails through the SpamAssassin filter, you should aim for a lower rather than a higher score. Perhaps counterintuitively, a higher score signifies a higher probability that an email is spam. It then returns an aggregated SpamAssassin score. The SpamAssassin filter runs its tests on each incoming email and adds up the values for the rules that are triggered. The SpamAssassin scoreĮach SpamAssassin rule is associated with a value that can be either negative or positive. Many email providers rely on SpamAssassin scores to classify incoming email as spam or the opposite, ‘ham’. Users can add and adapt rules, or simply resort to SpamAssassin’s spam classifier and train it with their own data. These include scanning an email’s body and header, and checking a sender’s IP against several different block and allow lists. The filter employs a range of different tests. It was initially released in 2001 with the aim of providing a robust and customisable filter for detecting ‘email spam’, the Monty Python-inspired term for the practice of sending out unsolicited emails en masse.
#SPAMASSASSIN RULE SOFTWARE#
SpamAssassin (officially, ‘Apache SpamAssassin’) is an open-source project developed and operated by the Apache Software Foundation. Inspecting and improving your SpamAssassin results will help you write better emails that your recipients will be happy to receive. In this article, we’ll look at how a SpamAssassin score is calculated and what you can do it improve it. The filter assigns scores to emails to separate the genuine from the unwanted. It uses comprehensive spam-fighting methods to keep inboxes clear of unwanted email. For some reason, the "header" rule only seems to trigger the filter if the conditions in the "body" rule are also met - but not vice-versa, the "body" rule triggers even if the conditions in the "header" rule aren't met.SpamAssassin (SA) is a well-established email filtering system designed to live up to its name. When I sent test messages to accounts on that server from GMail & Hotmail accounts that included words in the "body" rule, the filter was triggered - and when I sent messages from the same GMail and Hotmail accounts without any of the words in the "body" rule, they didn't trigger the filter.īut when I send a test message from a non-GMail/Hotmail account, containing one of the words from the "body" rule, that also triggers the filter. Obviously the goal is to catch messages that match BOTH the "header" and "body" rules - and at first it appeared to be working.
Header GMAIL_HOTMAIL_SEO_SPAM From =~ GMAIL_HOTMAIL_SEO_SPAM /seo|india/iĭescribe GMAIL_HOTMAIL_SEO_SPAM Web dev and SEO spam from GMail & Hotmail I've added the following to my /etc/mail/spamassassin/local.cf file: # GMAIL & HOTMAIL SEO SPAM I've trained SA against thousands of examples of those spam messages, but SA usually scores below the spam threshold because they pass all of the other tests (SPF, RBL checks, etc), even if the bayesian filter catches them. I'm attempting to setup a custom SpamAssassin filter to deal with the huge amount of SEO & web dev spam we get from GMail & Hotmail accounts - ideally, server-wide, since there are multiple mail hosted on that server.
0 kommentar(er)
