I have been getting a lot of very obvious spam getting through ASSP (v2.3.4.130 currently, but also happened with older versions) lately. Please see the sample header below. You will see that there is (more than one) "Bayesian Probability: 1.00000" line, in which case I would expect to see an "X-ASSP-Spam: YES" line. Instead, there is the strange "X-Assp-Spam-Level: ********" line. What is happening here, and why?
>> Start of sample header << Microsoft Mail Internet Headers Version 2.0 X-RecipientList: [email protected] thread-index: Ac5QMTIkqPUiz7IhSGeHjv92gZ7DmQ== Received: from assp.domain.com ([192.168.10.2]) by mail.domain.com with Microsoft SMTPSVC(6.0.3790.4675); Tue, 14 May 2013 00:25:39 +0100 Received: from kszfls.net ([49.72.232.12] helo=kszfls.net) by assp.domain.com with SMTP (2.3.4); 14 May 2013 00:25:37 +0100 Message-ID: <[email protected]> From: =?utf-8?B?5r+u6Ziz5pm26YeR?= <[email protected]> To: <[email protected]> Subject: info.???952961???,????????? Date: Tue, 14 May 2013 07:25:26 +0800 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_0462_01560D2E.159DC1E0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.5512 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4913 Content-Transfer-Encoding: 7bit X-Assp-ID: assp.domain.com id-87538-11932 X-Assp-Session: 36DC516C (mail 1) X-Assp-Original-Subject: =?utf-8?B?aW5mby7kvaDopoHnmoQ5NTI5NjHlj7fmlofku7bvvIznnIvnnIs=?==?utf-8? B?5piv5LiN5piv5L2g6KaB55qE77yf?= X-Assp-Version: 2.3.4(13130) on assp.domain.com X-Assp-Message-Score: 3 (49.72.232 in griplist (0.90)) X-Assp-Received-SPF: none ip=49.72.232.12 [email protected]=kszfls.net X-Original-Authentication-Results: assp.domain.com; spf=none X-Assp-Message-Score: 10 (PTR missing) X-Assp-IP-Score: 10 (PTR missing) X-Assp-Message-Score: 25 (Bayesian Probability: 1.00000) X-Assp-IP-Score: 25 (Bayesian Probability: 1.00000) X-Assp-Spam-Prob: 1.00000 X-Assp-Spam-Level: ******** Content-Class: urn:content-classes:message Return-Path: <[email protected]> Importance: normal Priority: normal X-OriginalArrivalTime: 13 May 2013 23:25:46.0504 (UTC) FILETIME=[32222080:01CE5031] >> End of sample header << ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test
