> I don't know about any of you, but I have gotten that stupid microsoft > "install this security patch" about 20 times this past weekend. > Spamassassin seems to be catching some of them on its own, but even with > razor I'm getting them. I got curious and decided to start investigating. > I turned on the debugging (level 14) and this is what it produced for the > last one that it let through.
Quite frankly, tagging this kind of email isn't the job of SA or Razor. These are viruses and it's a job that's best done by a virus scanner.
Sure, SA and razor may wind up catching them, but that's more of an added bonus than a strict design requirement. SA and razor are systems for targeting and eliminating spam messages. They may exist in large numbers, and may be unwanted, but these messages are clearly not spam, so if razor misses one, it's not really a problem with razor in any real way.
As for SA, the sadev's makes it VERY clear that they take a strictly "I don't care" position about where worms end up, and it's strictly forbidden to include worm messages in submissions to the official corpus because it can weaken the effectiveness of the general ruleset against real spam. There are some hobbyist add-on rules for these floating around, search the satalk list archives to find a few of them.
The razor community seems to encourage virus submission, and that's a good thing since in razor's situation it can't weaken it, but it's not really razor's mission in life to identify viruses so don't depend on it to do so.
------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. SourceForge.net hosts over 70,000 Open Source Projects. See the people who have HELPED US provide better services: Click here: http://sourceforge.net/supporters.php _______________________________________________ Razor-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/razor-users
