Package: spamassassin Version: 3.0.4-2 Severity: normal hi
I would like to tell a story that happened to me.
Sometimes it may happen that a spam message is misclassified as ham
(one possible culprit is the bug 290927 ).
If autolearn is active, then this message is autolearnt: this poisons
the Bayes system, and then Bayes tagging of messages is screwed, and a lot
of spam passes through, and more autolearning occours, etc etc,
in a cascading effect.
When this happens the only solution is to erase the bayes data
and start training again.
This is happening now to me (for the second time),
as shown by the attached message (that was obfuscated using rot13 (*)):
as you see, that message was autolearnt; you can also see that it was
tagged BAYES_50, even though there are at least two keywords that are
clearly spam (and this means that the bayes system is poisoned).
For the above reason, I propose to add in /etc/spamassassin/local.cf
"bayes_auto_learn 0"
Another possibility is to add
bayes_auto_learn_threshold_nonspam -3.4
good reasons to have -3.4 :
- I did look through my inbox, and -3.4 seems a good threshold,
some messages do pass this limit
- -3.4 will protect from the bug 290927
- the default is 0.1 and this is waaay too optimistic:
misclassifications do happen, and the cascading effect start
a.
(*) to view the attachment, save it and use
rot13 < /tmp/Women.eml.rot13 | less
or load it into emacs and Esc x rot13-other-window
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.12-1-k7
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages spamassassin depends on:
ii debconf 1.4.30.13 Debian configuration management sy
ii libdigest-sha1-perl 2.10-1 NIST SHA-1 message digest algorith
ii libhtml-parser-perl 3.45-2 A collection of modules that parse
ii perl [libstorable-perl] 5.8.4-8 Larry Wall's Practical Extraction
ii spamc 3.0.4-2 Client for SpamAssassin spam filte
-- debconf information excluded
--
Andrea Mennucc
"Ukn ow,Ifina llyfixe dmysp acebar.ohwh atthef"
Erghea-Cngu: <[EMAIL PROTECTED]>
K-Ivehf-Fpnaarq: ol ptcni
Erprvirq: ol faf.vg (PbzzhavTngr Ceb CVCR 4.1.8)
jvgu CVCR vq 38460356; Sev, 14 Bpg 2005 05:26:28 +0200
Erprvirq: sebz cpc05059367cpf.eblybx01.zv.pbzpnfg.arg ([68.61.70.176] irevsvrq)
ol faf.vg (PbzzhavTngr Ceb FZGC 4.1.8)
jvgu FZGC vq 38459933 sbe [EMAIL PROTECTED]; Sev, 14 Bpg 2005 05:24:45 +0200
Erprvirq: sebz nwnk (nwnk [1])
ol .nwnk.abp.aghn.te (7.12.9c1/3.12.9) jvgu RFZGC vq uNGYnvOF903508;
Sev, 14 Bpg 2005 07:12:14 +0300
Qngr: Sev, 14 Bpg 2005 00:20:14 -0400
Va-Ercyl-Gb: <[EMAIL PROTECTED]>
Zrffntr-VQ: <[EMAIL PROTECTED]>
Ersreraprf: <[EMAIL PROTECTED]>
Sebz: "Oevna Flxrf" <[EMAIL PROTECTED]>
Gb: [EMAIL PROTECTED]
Fhowrpg: Jbzra rireljurer jvyy ybir lbh! wzwzyyi
K-Fcnz-Purpxre-Irefvba: FcnzNffnffva 3.0.4 (2005-06-05) ba znvy.faf.vg
K-Fcnz-Fgnghf: Ab, fpber=-1.2 erdhverq=5.0 grfgf=NYY_GEHFGRQ,ONLRF_50,
EPIQ_VA_AWNOY_QHY,EPIQ_VA_FBEOF_QHY nhgbyrnea=unz irefvba=3.0.4
K-Fcnz-Yriry:
K-GSS-PTCFN-Irefvba: 1.4
K-GSS-PTCFN-Svygre: Fpnaarq
Frafngvbany eribyhgvba va zrqvpvar!
Raynetr lbhe cravf hc gb 10 pz be hc gb 4 vapurf!
Vg'f ureony fbyhgvba jung unfa'g fvqr rssrpg, ohg unf 100% thnenagrrq erfhygf!
Qba'g ybbfr lbhe punapr naq ohg xabj jvugbhg qbhogf, lbh jvyy or vzcerffrq jvgu
erfhygf!
Pyvfx urer: uggc://rhebcrpnyngvanzrevpn.pbz
signature.asc
Description: Digital signature
