[EMAIL PROTECTED] wrote: > Dear Users > I didnt found it on google or FAQ > Today i get mails marked as spam cause of this 2 rules > CTYPE_001C_A and FH_HAS_XID > It was a normal t-online user e-mail. > Can you tell me what is danger on this headers / rules (if found)? Danger? SpamAssassin doesn't detect dangers, merely patterns that match what spammers have been known to do.
CTYPE_001C_A is looking for a particular mime boundary commonly seen in spam, but rarely in nonspam. (99.7% of emails in the corpus that matched were spam) However FH_HAS_XID is more troubling, it's got a strong score, and a poor S/O. (78.6% spam). That's pretty poor poor performance for a spam rule with a score of aproximately 2.4. All it's looking for is any message with and X-Id: header. I've opened a bug to get the devs to discuss modifying or dropping that one.
