https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6844
--- Comment #7 from Kris Deugau <[email protected]> --- (In reply to comment #5) > (In reply to comment #4) > > We'll check FSL_UA / FSL_XM_419 > > > > AXB_XMAILER_MIMEOLE_OL_024C2 is autogenerated > > > > These rules are basically dead safe to even use them to reject mail at smtp > > level. > > > > "user is an ISP customer" is not a reason to compromise spam detection & > > lower a score just because a user intentionally runs totally > > outdated/insecure software. > > I'll disagree. Rules are written for real-world experience and SA is not a > security product enforcing patches and software upgrades. If the rule hits > on ham in real-world experience, it should be scored lower. > > What's the S/O on all three of these rules like? 0 26.3995 0.0011 1.000 0.97 1.00 FSL_XM_419 0 26.4033 0.0011 1.000 0.97 1.59 FSL_UA 0 26.3462 0.0011 1.000 0.97 2.01 AXB_XMAILER_MIMEOLE_OL_024C2 So they aren't hitting very much ham, but there's still some out there. However, I was more concerned about the overlap; SA's duplicate rule detection can't pick up on cases like this. The FP is basically a side effect of the overlap. Looking at the SA log locally, I expect a lot of those 26% of spam hits from the mass-check info also hit Spamhaus DNSBL rules; we block with Spamhaus at the MTA so the full ruleset only gets run on a small percentage of mail. Locally, they hit ~2.5% of mail. -- You are receiving this mail because: You are the assignee for the bug.
