Jeremy Fowler wrote: > Here is my /etc/rulesdujour/config, its a modified version of the > file from Gentoo Portage. > > As you can see, I use them all. I've had very little, if any, false > positives at my location. It doesn't really matter how high the spam > scores, just keep an eye out for false positives. > > > TRUSTED_RULESETS_SAFE=" ANTIDRUG \ > BOGUSVIRUS \ > RANDOMVAL \ > SARE_ADULT \ > SARE_BAYES_POISON_NXM \ > SARE_BML \ > SARE_EVILNUMBERS0 \ > SARE_FRAUD \ > SARE_GENLSUBJ \ > SARE_GENLSUBJ0 \ > SARE_GENLSUBJ_ENG \ > SARE_HEADER \ > SARE_HEADER0 \ > SARE_HEADER_ENG \ > SARE_HIGHRISK \ > SARE_HTML \ > SARE_HTML0 \ > SARE_HTML_ENG \ > SARE_OBFU \ > SARE_OBFU0 \ > SARE_OEM \ > SARE_RANDOM \ > SARE_RATWARE \ > SARE_REDIRECT_POST300 \ > SARE_SPAMCOP_TOP200 \ > SARE_SPECIFIC \ > SARE_SPOOF \ > SARE_STOCKS \ > SARE_UNSUB \ > SARE_URI \ > SARE_URI0 \ > SARE_URI_ENG \ > SARE_WHITELIST \ > SARE_WHITELIST_RCVD \ > SARE_WHITELIST_SPF \ > TRIPWIRE "
You are duplicating rules. If you use SARE_URI, you should not use SARE_URI0, SARE_URI1, etc. Also, SARE_URI should not be in your "SAFE" list since it contains ALL of the URI rules. The same goes for SARE_GENLSUBJ, SARE_HEADER, SARE_HTML, and SARE_OBFU. -- Bowie
