[Assp-user] Bayesian check letting through spam?

Mon, 24 Mar 2014 10:28:45 -0700 

Hi everyone, 

I seem to have a problem lately with a lot of obvious spam getting through.  
Looking at my logs, I see messages that were passed through with a Bayes score 
of 0.

Mar-24-14 08:46:25 m1-75972-09010 [Worker_1] [TLS-out] 208.77.43.163 
<64866-24927223864-1366-bills=109valentine....@bounce.petrokenbok.eu> to: 
bi...@109valentine.com Bayesian Check  - Prob: 0.00000 =>
 ham

However, if use use the web interface to analyze the same message, I get a 
Bayes score of 1.00000 (see below). Is ASSP not analyzing incoming mail 
correctly?  Can someone suggest what might be going on here?

Thanks, 

- Jason


sender and reply addresses:
MAIL FROM: 64866-24927223864-1366-bills=109valentine....@bounce.petrokenbok.eu
Reply-To: stopsnoringwithzqu...@petrokenbok.eu 
From: zquietspecialof...@petrokenbok.eu 


recipient addresses:
RCPT TO: bi...@109valentine.com 
To: bi...@109valentine.com 
using enhanced Originated IP detection
•detected IP's on the mail routing way: 66.228.45.51(no PTR)
•detected source IP: 66.228.45.51

Feature Matching:

• 208.77.43.163 is in SPFCache: status=none with helo=smtp.petrokenbok.eu
• DKIM-check returned OK failed
• SPF-check returned OK for 208.77.43.163 -> 
64866-24927223864-1366-bills=109valentine....@bounce.petrokenbok.eu, 
smtp.petrokenbok.eu
 • SPF: none (cache) ip=208.77.43.163 
mailfrom=64866-24927223864-1366-bills=109valentine.com@bounce.petrokenbok.euhelo=smtp.petrokenbok.eu
• URIBL check: 'OK'
 • URIBL result: 'URIBLcache: neutral, petrokenbok.eu listed in multi.surbl.org'
   URIBL listed by: multi.surbl.org<-127.0.0.64; 
• Valid Format of HELO: 'smtp.petrokenbok.eu'
• IP in Helo check: 'OK'
• 208.77.43.163 is in PB Black: score:466, last event - URIBLneutral
• 66.228.45.51 is in RBLCache: inserted as ok at 2014-03-24 10:02:15
• 208.77.43.163 is in RBLCache: inserted as not ok at 2014-03-24 10:02:15 , 
listed by bl.spamcop.net{127.0.0.2}
• 208.77.43.163 is in RWLCache: status=not listed
• 208.77.43.163 is in CountryCache: status=not classified, data=US, DCS PACIFIC 
STAR, LLC, , , N, 21
• 208.77.43.0 has a Griplist value of 0.8


Unicode Analysis:

the following non symbolic unicode blocks (except InBasicLatin) were found:

Unicode Block : example
InLatin1Supplement      —     U+E2,U+80,U+94

the following symbolic unicode blocks were found:


the following unicode scripts were found except(Common + Latin):



Bayesian Analysis: - word stemming engine is used - language english detected

Bad Words       Bad Prob        Good Words      Good Prob
href href       0.9995           
linkedimag href 0.9991           
randnumber randnumber   0.9949           
                get better      0.0058
rcpt [addr]     0.9902           
[addr] sender   0.9902           
randnumber feet 0.9848           
plane crash     0.9848           
randnumber mile 0.9848           
a linkedimag    0.9737           
said sunday     0.9737           
hr linkedimag   0.9737           
afternoon the   0.9444           
saturday afternoon      0.9444           
fli bartlesville        0.9444           
returned colorado       0.9444           
counti spokeswoman      0.9444           
efforts the     0.9444           
ian gregor      0.9444           
shore randnumber        0.9444           
gunnison expect 0.9444           
relat notified  0.9444           
mile south      0.9444           
mile southwest  0.9444           
oklarandnumber montrose 0.9444           
sever week      0.9444           
facilities pend 0.9444           
just p.m        0.9444           
state park      0.9444           
southwestern colorado   0.9444           
spokeswoman marti       0.9444           
water right     0.9444           
effort start    0.9444           
southwest denver        0.9444           
crash reservoir 0.9444           
sunday afternoon        0.9444           
complet recoveri        0.9444           
montrose randnumber     0.9444           
author say      0.9444           
feder aviat     0.9444           
occup withheld  0.9444           
county recov    0.9444           
plane regist    0.9444           
fear dead       0.9444           
dive team       0.9444           
recoveri efforts        0.9444           
survived victim 0.9444           
arriv reservoir 0.9444           
resourc county  0.9444           
said one        0.9444           
peopl die       0.9444           
spokesman ian   0.9444           
the single-engin        0.9444           
feet water      0.9444           
the ident       0.9444           
one believ      0.9444           
close nearbi    0.9444           
crash ridgeway  0.9444           
peopl crash     0.9444           
say fear        0.9444           


Bayesian Spam Probability:

combined probability:   1.00000000 - got 217 - used 60 most significant results



------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/13534_NeoTech
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user

Reply via email to