in my checkout:
rules/72_active.cf:##{ DK_POLICY_SIGNALL
rules/72_active.cf:score DK_POLICY_SIGNALL 0.001
rules/72_active.cf:##} DK_POLICY_SIGNALL
rules/72_active.cf:##{ DK_POLICY_SIGNSOME
rules/72_active.cf:score DK_POLICY_SIGNSOME 0.001
rules/72_active.cf:##} DK_POLICY_SIGNSOME
rules/72_active.cf:##{ DK_POLICY_TESTING
rules/72_active.cf:score DK_POLICY_TESTING 0.001
rules/72_active.cf:##} DK_POLICY_TESTING
rules/72_active.cf:##{ DK_SIGNED
rules/72_active.cf:score DK_SIGNED 0.001
rules/72_active.cf:##} DK_SIGNED
rules/72_active.cf:##{ DK_VERIFIED
rules/72_active.cf:score DK_VERIFIED -0.001
rules/72_active.cf:##} DK_VERIFIED
could you do a further grep of your 'rules' dir to figure out
why those lines aren't being used?
--j.
Mark Martinec writes:
> Every now an then I see a spam getting trough thanks to
> one or two DK_POLICY_* tests triggered, and each one of them
> contributing -1 score points. (this is with SA trunk,
> but I don't think this has changed recently).
>
> Seems like all the following tests:
> DK_POLICY_SIGNALL, DK_POLICY_SIGNSOME, DK_POLICY_TESTING,
> DK_SIGNED, DK_VERIFIED
> have a default score of -1 due to 'tflags nice'.
>
> In my opinion a score value -1 is too strong for most if not all
> of them, especially the DK_POLICY_* ones. Seems like spammers
> are aware of it, or they just are lucky too often. It is generally
> true that negative score points are to be avoided, as they can be
> abused. In case of DK, just having a policy for a domain shouldn't
> mean much. The only rule that has some merit is DK_VERIFIED.
> I see every now and then a similar finding posted to the mailing list.
>
> For the 3.1.2 I suggest that all of DK_* rules expect DK_SIGNED
> receive an explicit default score closer to zero.
>
> Mark
