https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6390
--- Comment #5 from Adam Katz <[email protected]> 2010-03-30 22:44:27 UTC --- Here is how the rules are currently scored on my khop-sc-neighbors channel. This ensures that the rules do next to nothing when run with net checks, but come back up (and then some) for net checks that lack DNSEval support (which is to say, the DNSBLs). score KHOP_SC_CIDR8 0.1 0.01 0.1 0.01 score KHOP_SC_TOP_CIDR8 0.9 0.1 0.9 0.1 score KHOP_SC_CIDR16 1.6 0.5 1.6 0.5 score KHOP_SC_TOP_CIDR16 2.0 0.5 2.0 0.5 score KHOP_SC_CIDR24 2.5 0.6 2.5 0.6 score KHOP_SC_TOP_CIDR24 2.7 0.6 2.7 0.6 score KHOP_SC_TOP200 4 0 4 0 # unnecessary if DNSBLs work # Bump these up to compensate for expected but absent overlap (94+% noted) if (! plugin(Mail::SpamAssassin::Plugin::DNSEval) ) score KHOP_SC_CIDR8 (0) (0.1) (0) (0.2) # BRBL(98%) score KHOP_SC_TOP_CIDR8 (0) (0.9) (0) (0.9) # BRBL(98%) score KHOP_SC_CIDR16 (0) (1.5) (0) (1.5) # BRBL(99%), PBL(98%) score KHOP_SC_TOP_CIDR16 (0) (1.7) (0) (1.7) # BRBL(99%), PBL(94%) score KHOP_SC_CIDR24 (0) (1.9) (0) (1.9) # SC(99) BRBL(96) ANBREP(96) score KHOP_SC_TOP_CIDR24 (0) (2.1) (0) (2.1) # MSPIKE(99) SC(98) ... # BRBL(97) PSBL(97) HOSTKARMA(97) score KHOP_SC_TOP200 (0) (4.4) (0) (4.4) # SC(99) PSBL(99) ... # HOSTKARMA(99) SEMBLACK(99) BRBL(98) ANBREP(94) endif It's nice to see what the GA has to say about these rules, but I would never take the resulting scores if DNSBLs are accessible. At the moment, BRBL=1.644/1.449, PSBL=2.7, SC=SPAMCOP=1.246/1.347, and PBL=3.558/3.335. This overlap puts almost all (>96%) of the KHOP_SC_TOP200 hits at 5.590/5.349 *before* the 3.944 is added by the GA's score for this rule, and 9.534/9.440 total. Though it does have a 1.000 S/O and these /are/ the worst offenders, I think this rule is best left absent from DNSEval-enabled net checks. A CIDR8 is often out of the relevant network administrator's control. For this reason, we CANNOT score CIDR8 rules high. I've got the lesser at near-nothing and the top at 0.9. CIDR8s aside, my scoring is wholly more conservative than the GA. (In reply to comment #2) > This is pretty much a duplicate of bug 6114. Still open, mind you, so it > almost feels like these rules shouldn't have been published yet. I just closed that bug since it was mostly about getting the rules into a sandbox for testing and I now have access to do that and a script that syncs nightly. -- Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
