How to get clarity on AWL?

Fri, 23 May 2008 07:42:51 -0700 

A lot of my mail is tagged with AWL, and I am often baffled.  Here are
what I think are the relevent headers from a perplexing example:

  Return-Path: <[EMAIL PROTECTED]>
  X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on fnord.ir.bbn.com
  X-Spam-Status: Yes, score=6.8 required=1.0 tests=AWL,BAYES_95,DEAR_WINNER,
          HTML_MESSAGE,SUBJ_ALL_CAPS autolearn=spam version=3.2.4
  X-Spam-Report: 
          *  2.1 SUBJ_ALL_CAPS Subject is all capitals
          *  3.2 DEAR_WINNER BODY: DEAR_WINNER
          *  0.0 HTML_MESSAGE BODY: HTML included in message
          *  3.0 BAYES_95 BODY: Bayesian spam probability is 95 to 99%
          *      [score: 0.9582]
          * -1.5 AWL AWL: From: address is in the auto white-list
  From: "AUSTRALIAN LOTTERY INTL" <[EMAIL PROTECTED]>

Reading http://wiki.apache.org/spamassassin/AwlWrongWay, I realize I am
confused - this sender has a positive average, and this message was more
spammy, and thus given credit for somewhat-less-spammy previous mail.

I think that I should be able to infer that because this message was 8.3
before AWL, and AWL was -1.5, that the average is 5.3.  But if the message said

          * -1.5 AWL AWL: From: address is in the auto white-list at 5.3 for 12 
messages

it would make things easier to follow.  Plus, the AutoWhitelist wiki
entry says that the key is also IP address that the mail "originated
at", and it would be nice to print that out, since it's non-obvious what
that means (last hop before trusted relay, or relying on maybe-forged
received lines?).

Somewhat separately, the spamassasin program has options to manipulate
whitelist, blacklist:

     -W, --add-to-whitelist            Add addresses in mail to persistent 
address whitelist
     --add-to-blacklist                Add addresses in mail to persistent 
address blacklist
     -R, --remove-from-whitelist       Remove all addresses found in mail from
                                       persistent address list
     --add-addr-to-whitelist=addr      Add addr to persistent address whitelist
     --add-addr-to-blacklist=addr      Add addr to persistent address blacklist
     --remove-addr-from-whitelist=addr Remove addr from persistent address list

but I don't see any to print out the lists and scores for inspection,
and I'm unclear on the AWL vs persistent white/black lists.  I think it would 
make sense to have

    --print-whitelist
    --print-blacklist
    --print-autowhitelist

or perhaps only one is needed, and also

    --lookup-in-whitelists=addr

to print the white/black/auto status of an address.

Reply via email to