Scott,
I don't think the results that you found are are that bad actually.
Just because something is over your hold weight doesn't mean adding
more points isn't valuable. I split my held messages into a range of
10-24 and another that is 25+. I've managed to get about 97% to 98% of
the spam
Looking at yesterday's numbers:
About 2200 mails after I added the new MailPolice tests.
I had 363 matches on the MailPolice-REVDNS. 362 spam, 1 not spam. The bad news is that
all 362 were already over my hold weight.
I had 281 matches on the MailPolice-HELO. 281 spam.
All 281 MailPolice-HELO's
Here's a working config for MailPolice's dynamic test (PPP/DSL/cable)
that test's both the reverse DNS entry and the HELO entry (zombie
spamware often uses the reverse DNS entry for the HELO).
MAILPOLICE-DYNA-REVDNSdnsbl
%REVDNS%.dynamic.rhs.mailpolice.com127.0.0.200
MAILPOLI