Where can I find what has been automatically added to SA's
whitelist/blacklist?
I know I'm not manually putting anything in there, so I'm guessing that
it's bayes or something else building them?
I ask because my really high-scoring spam is getting so many points because
of USER_IN_BLACKLIST=100points, but when I went to investigate (out of
curiosity) I find they also have an AWL negative score, which confuses
me. Why would a message have both?
X-Spam-Report:
* 0.7 SUBJ_FOR_ONLY Subject contains "For Only"
* 0.4 FVGT_b_NOLONGERRECV BODY: FVGT - talks about no longer receiving
* 2.0 EvilNumber_A_7XX_1 BODY: Message contains phone number or
address pulled from spam
* 0.3 HTML_WEB_BUGS BODY: Image tag intended to identify you
* 0.0 BAYES_50 BODY: Bayesian spam probability is 50 to 56%
* [score: 0.5152]
* 1.2 MIME_HTML_MOSTLY BODY: Multipart message mostly text/html MIME
* 0.1 HTML_MESSAGE BODY: HTML included in message
* 0.1 HTML_LINK_CLICK_HERE BODY: HTML link text says "click here"
* 1.1 HTML_IMAGE_ONLY_04 BODY: HTML: images with 200-400 bytes of words
* 2.0 WLS_URI_3521 URI: URI contains imgehost.com
* 3.0 BigEvilList_95 URI: Generated BigEvilList_95
* 2.0 WLS_URI_6798 URI: URI contains youdidto.com
* 100 USER_IN_BLACKLIST From: address is in the user's black-list
* 0.0 CLICK_BELOW Asks you to click below
* -18 AWL AWL: Auto-whitelist adjustment
I'm training bayes, but don't have any manual white or blacklists I
maintain myself. So SA's got to be making them itself. But how? :)
TIA
-JR
whitelist/blacklist?
I know I'm not manually putting anything in there, so I'm guessing that
it's bayes or something else building them?
I ask because my really high-scoring spam is getting so many points because
of USER_IN_BLACKLIST=100points, but when I went to investigate (out of
curiosity) I find they also have an AWL negative score, which confuses
me. Why would a message have both?
X-Spam-Report:
* 0.7 SUBJ_FOR_ONLY Subject contains "For Only"
* 0.4 FVGT_b_NOLONGERRECV BODY: FVGT - talks about no longer receiving
* 2.0 EvilNumber_A_7XX_1 BODY: Message contains phone number or
address pulled from spam
* 0.3 HTML_WEB_BUGS BODY: Image tag intended to identify you
* 0.0 BAYES_50 BODY: Bayesian spam probability is 50 to 56%
* [score: 0.5152]
* 1.2 MIME_HTML_MOSTLY BODY: Multipart message mostly text/html MIME
* 0.1 HTML_MESSAGE BODY: HTML included in message
* 0.1 HTML_LINK_CLICK_HERE BODY: HTML link text says "click here"
* 1.1 HTML_IMAGE_ONLY_04 BODY: HTML: images with 200-400 bytes of words
* 2.0 WLS_URI_3521 URI: URI contains imgehost.com
* 3.0 BigEvilList_95 URI: Generated BigEvilList_95
* 2.0 WLS_URI_6798 URI: URI contains youdidto.com
* 100 USER_IN_BLACKLIST From: address is in the user's black-list
* 0.0 CLICK_BELOW Asks you to click below
* -18 AWL AWL: Auto-whitelist adjustment
I'm training bayes, but don't have any manual white or blacklists I
maintain myself. So SA's got to be making them itself. But how? :)
TIA
-JR