On 2019-12-11 1:58 pm, Giovanni Bechis wrote:
On 12/11/19 3:17 PM, Bill Cole wrote:
On 11 Dec 2019, at 2:39, Giovanni Bechis wrote:
On 12/11/19 6:21 AM, KADAM, SIDDHESH wrote:
Hi PFA...
On 12/11/2019 12:36 AM, Giovanni Bechis wrote:
On 12/10/19 7:49 PM, Michael Storz wrote:
[...]
My copy hit
BODY_SINGLE_WORD=1.347, HTML_IMAGE_ONLY_04=1.172,
MPART_ALT_DIFF=0.79
not enough to mark it as spammy.
FuzzyOcr + bayes is killing this kind of emails for me:
FuzzyOcr is unmaintained and doesn't even have an authoritative
repository as far as I can tell. It is computationally very expensive,
to the degree that it isn't safe to just add it to an existing mail
system which does not have a lot of idle CPU and memory capacity.
it's true that it's unmaintained but I have it running on Perl 5.28
with some patches and it's still useful every now and then (if you
have some spare cpu cycles and you know what you are doing).
A new ocr plugin could be definetely a better choice.
Giovanni
fuzzyocr is available from the standard repos for Ubuntu 18.04. It's
v3.6.0-10, with a homepage listed as
https://web.archive.org/web/20130117050640/http://fuzzyocr.own-hero.net/
Interestingly I just got one of those bitcoin spams, but fuzzyocr didn't
pick up on it. This is the spam report for it :
==== ======================
==================================================
pts rule name description
---- ----------------------
--------------------------------------------------
2.0 BAYES_80 BODY: Bayes spam probability is 80 to 95%
[score: 0.8391]
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at
https://www.dnswl.org/, no
trust
[40.92.254.80 listed in list.dnswl.org]
0.0 FREEMAIL_FROM Sender email is commonly abused enduser
mail provider
(xbdamianta[at]outlook.com)
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 HTML_MESSAGE BODY: HTML included in message
0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
1.2 HTML_IMAGE_ONLY_04 BODY: HTML: images with 0-400 bytes of
words
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature
from author's
domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not
necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK
signature
0.0 MSGID_FROM_MTA_HEADER Message-Id was added by a relay
0.0 TVD_SPACE_RATIO No description available.
0.5 KAM_NUMSUBJECT Subject ends in numbers excluding current
years