On Sun, 21 Mar 2021 11:34:09 -0400 Greg Troxel wrote: > Steve Dondley <s...@dondley.com> writes: > > > I'm learning a bit about spamassassin rules and taking a peek at how > > my inbound mail is scored. I noticed that PF_NONE scores zero points > > by default. I'm wondering if there is a good reason for not giving > > it a score and whether I should set that to something much higher > > like 1.0. > > > > I'm curious to know what more experienced people have this set > > to. Thanks. > > The meta point is that scores are normally set by examining a large > corpus of ham and spam. You are implicitly adopting a theory that > SPF_NONE is correlated with spamminess, but you have not validated > that theory.
The score of SPF_NONE is not set automatically and it was only turned-on as an informational rule a couple of years ago. The score distribution, in rule QA suggests it would stand a higher score. However, the KAM rules contain: header __KAM_SPF_NONE eval:check_for_spf_none() meta KAM_LAZY_DOMAIN_SECURITY (!__DKIM_EXISTS && __KAM_SPF_NONE) score KAM_LAZY_DOMAIN_SECURITY 1.0 This is better than scoring SPF_NONE directly as the check for a DKIM signature will mitigate SPF_NONE hits that are caused by networking problems.
