http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4104
------- Additional Comments From [EMAIL PROTECTED] 2007-10-03 05:17 ------- Totally forgot about this! here are the results: http://ruleqa.spamassassin.org/20070224-r511240-n/%2FURIBL#new this is exactly the same code as URIBL_BLACK: 0.00000 44.7322 0.0801 0.998 0.95 0.00 T_URIBL_RHS_URIBL_BLACK ditto for GREY: 0.00000 0.1759 0.0841 0.677 0.58 0.00 T_URIBL_RHS_URIBL_GREY these all have too-poor hit-rates: 0.00000 0.9225 0.4043 0.695 0.64 0.00 T_URIBL_RHS_NOSTDMAIL 0.00000 1.0300 0.5404 0.656 0.62 0.00 T_URIBL_RHS_DSN 0.00000 1.1540 0.7365 0.610 0.60 0.00 T_URIBL_RHS_WHOIS 0.00000 1.9154 1.1888 0.617 0.59 0.00 T_URIBL_RHS_NOCOMPLAINTS 0.00000 0.4774 0.4523 0.513 0.56 0.00 T_URIBL_RHS_BOGUSMX 0.00000 2.1290 2.0774 0.506 0.55 0.00 T_URIBL_RHS_POST 0.00000 6.7159 6.1202 0.523 0.54 0.00 T_URIBL_RHS_TLD_WHOIS 0.00000 2.9068 3.2542 0.472 0.53 0.00 T_URIBL_RHS_ABUSE Also we don't seem to have results for the SPEWS URIBL rules, but I'm afraid we're unlikely to add them regardless, since it appears SPEWS is no longer active (and was philosophically incompatible with our policies anyway). However, these look promising: 0.00000 7.1859 0.0280 0.996 0.91 0.00 T_URIBL_RHS_AHBL A 99.6% accuracy with 0.028% false positives. It overlaps with other rules as follows: overlap spam: 100% of WHOIS_GKGPROXY hits also hit T_URIBL_RHS_AHBL; 0% of T_URIBL_RHS_AHBL hits also hit WHOIS_GKGPROXY overlap spam: 100% of WHOIS_SECINFOSERV hits also hit T_URIBL_RHS_AHBL; 0% of T_URIBL_RHS_AHBL hits also hit WHOIS_SECINFOSERV overlap spam: 81% of WHOIS_UNLISTED hits also hit T_URIBL_RHS_AHBL; 0% of T_URIBL_RHS_AHBL hits also hit WHOIS_UNLISTED overlap spam: 80% of WHOIS_REGISTERFLY hits also hit T_URIBL_RHS_AHBL; 5% of T_URIBL_RHS_AHBL hits also hit WHOIS_REGISTERFLY overlap spam: 77% of WHOIS_SECUREWHOIS hits also hit T_URIBL_RHS_AHBL; 2% of T_URIBL_RHS_AHBL hits also hit WHOIS_SECUREWHOIS overlap spam: 60% of T_URIBL_XS_SURBL hits also hit T_URIBL_RHS_AHBL; 0% of T_URIBL_RHS_AHBL hits also hit T_URIBL_XS_SURBL overlap spam: 55% of WHOIS_PRIVPROT hits also hit T_URIBL_RHS_AHBL; 3% of T_URIBL_RHS_AHBL hits also hit WHOIS_PRIVPROT overlap spam: 50% of WHOIS_1AND1PR hits also hit T_URIBL_RHS_AHBL; 0% of T_URIBL_RHS_AHBL hits also hit WHOIS_1AND1PR overlap spam: 38% of SPF_HELO_FAIL hits also hit T_URIBL_RHS_AHBL; 1% of T_URIBL_RHS_AHBL hits also hit SPF_HELO_FAIL overlap spam: 36% of WHOIS_PRIVACYPOST hits also hit T_URIBL_RHS_AHBL; 0% of T_URIBL_RHS_AHBL hits also hit WHOIS_PRIVACYPOST overlap spam: 34% of DNS_FROM_AHBL_RHSBL hits also hit T_URIBL_RHS_AHBL; 3% of T_URIBL_RHS_AHBL hits also hit DNS_FROM_AHBL_RHSBL overlap spam: 26% of RCVD_IN_SBL hits also hit T_URIBL_RHS_AHBL; 5% of T_URIBL_RHS_AHBL hits also hit RCVD_IN_SBL overlap spam: 23% of URIBL_WS_SURBL hits also hit T_URIBL_RHS_AHBL; 97% of T_URIBL_RHS_AHBL hits also hit URIBL_WS_SURBL overlap spam: 21% of RCVD_IN_SORBS_MISC hits also hit T_URIBL_RHS_AHBL; 0% of T_URIBL_RHS_AHBL hits also hit RCVD_IN_SORBS_MISC overlap spam: 20% of RCVD_IN_WHOIS_INVALID hits also hit T_URIBL_RHS_AHBL; 0% of T_URIBL_RHS_AHBL hits also hit RCVD_IN_WHOIS_INVALID overlap ham: 100% of WHOIS_IDSHIELD hits also hit T_URIBL_RHS_AHBL; 0% of T_URIBL_RHS_AHBL hits also hit WHOIS_IDSHIELD overlap ham: 83% of URIBL_WS_SURBL hits also hit T_URIBL_RHS_AHBL; 10% of T_URIBL_RHS_AHBL hits also hit URIBL_WS_SURBL overlap ham: 81% of DNS_FROM_AHBL_RHSBL hits also hit T_URIBL_RHS_AHBL; 66% of T_URIBL_RHS_AHBL hits also hit DNS_FROM_AHBL_RHSBL overlap ham: 50% of URIBL_PH_SURBL hits also hit T_URIBL_RHS_AHBL; 0% of T_URIBL_RHS_AHBL hits also hit URIBL_PH_SURBL overlap ham: 42% of RAZOR2_CF_RANGE_E8_51_100 hits also hit T_URIBL_RHS_AHBL; 10% of T_URIBL_RHS_AHBL hits also hit RAZOR2_CF_RANGE_E8_51_100 overlap ham: 42% of URIBL_JP_SURBL hits also hit T_URIBL_RHS_AHBL; 1% of T_URIBL_RHS_AHBL hits also hit URIBL_JP_SURBL Those are pretty good figures. I think this is a good candidate for a new lookup. Added as bug 5667. Also: 0.00000 0.1240 0.0000 1.000 0.58 0.00 T_URIBL_XS_SURBL Definitely good. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
