On 17-Jul-2009, at 06:24, Neil Schwartzman wrote:
On 16/07/09 11:39 AM, "LuKreme" <krem...@kreme.com> wrote:
* -4.3 HABEAS_ACCREDITED_SOI RBL: Habeas Accredited Opt-In
or Better
* [66.59.8.161 listed in sa-accredit.habeas.com]
If you search for HABEAS_ACCREDITED you will find that a LOT of
admins
either drop these scores to very low numbers, or actually set them
slightly positive.
I'm not certain as to how a search such as you suggest would reveal
any
indication of this. Please explain.
Did you try the search and read the emails for, oh, I don't know,
let’s just say this year?
In my mailspool they are a spam indicator and I
have them scored as such:
score HABEAS_ACCREDITED_COI 1.0
score HABEAS_ACCREDITED_SOI 1.5
I fully understand if you do/did not want to use our whitelist (keep
reading, we've made a few changes), however, we have historically
blocked
lookups from people with this type of scoring when we became aware
of such
things. I think it is silly to be punitive, and more than a little
naïve.
It's very simple, Habeas headers are a fairly strong indicator of spam
in my mail spool. I search all the mail for habeas headers and it
shows up about 90% in spam and 10% in ham. I score it thus. To be
perfectly fair, I SHOULD score SOI at about 3.0 based on my mailspool.
I have regularly posted here as to the work that we do, how we do
it, and
the challenges of migrating the poorly-kept legacy Habeas Safe
whitelist to
our systems.
That doesn't change the fact that your headers show up overwhelmingly
in unwanted mail. That is my only metric. I wouldn't care if you were
the anti-spam avatar himself come down from on high; my scoring is
based on my mailspool.
[Promo adspeak removed]
So, bottom line:
Bottom line is as I said, habeas headers are a strong spam indicator
and will be scored as such until (and if) that ever changes. The
scores applied are not high enough to push the rare legitimate email
over a threshold, but are high enough to prevent my having to deal
with any of the borderline cases that might not get tagged otherwise.
Zero-out our scoring? That is and will always be your right.
I wold only zero out your scoring is the ham/spam balance was fairly
close to 1:1 and not 1:10 as it is.
Making it a positive spam sign?? Well, if you run a home system with
no
users, I suppose no damage done. If you are running SA in front of
actual
users at a business installation, I'd think it very brave to incur
known
false positives,
What false positives? I've not had anyone ever complain about a miss-
tagged habeas-containing message.
--
These are the thoughts that kept me out of the really good schools. --
George Carlin
