http://bugzilla.spamassassin.org/show_bug.cgi?id=3021
------- Additional Comments From [EMAIL PROTECTED] 2004-02-22 12:42 ------- Subject: Re: Use whitelist_from_rcvd failure as forgery rule (replying by mail with Cc because bugzilla seems to be down at the moment) I don't have corpus results and can't get them easily until my primary computer gets back from repair. Daniel, you mention auto-whitelist in mass-check, but this is for whitelist-from and def-whitelist-from, not auto-whitelist. A corpus test could only find the def-whitelist-from cases, since there would not be a reasonable whitelist-from list. That's ok, because I think of this rule as being most relevant to catching forgeries of addresses that are popular enough to make it on to the def-whitelist-from list. Something else to keep in mind for testing is that this rule comes almost for free when we have a def-whitelist-from and all it does is add hit points to any case where someone tries to forge an address that is on the def-whitelist-from. Spammers are much less likely to forge addresses on your personal whitelist-from list, although if they happen to this will catch it, again, almost for free. You can get some idea of how many examples of this are in a corpus by searching for messages in the spam corpus that are from an address in the def-whitelist. But due to the seriousness of the forged paypal and amazon scam attempts, for example, I think a rule that hits them may be more useful than the absolute numbers of such messages would indicate. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
