Jari Fredriksson wrote: > TOP HAM RULES FIRED > ---------------------------------------------------------------------- > RANK RULE NAME COUNT %OFMAIL %OFSPAM %OFHAM > ---------------------------------------------------------------------- > 5 RCVD_IN_HOSTKARMA_W 132 24.37 19.48 29.40 > 6 KHOP_RCVD_UNTRUST 106 21.51 19.48 23.61 > 9 RCVD_IN_HOSTKARMA_WL 77 18.33 19.48 17.15 > 11 KHOP_HELO_FCRDNS 59 7.24 1.52 13.14 > 12 KHOP_NO_FULL_NAME 41 4.50 0.00 9.13 > 14 RCVD_IN_BRBL_RELAY 26 47.20 87.45 5.79 > 18 KHOP_RCVD_TRUST 14 1.54 0.00 3.12 > 19 KHOP_PGP_SIGNED 14 1.54 0.00 3.12
> I just started using Katz's wiki rules and it brought HOSTKARMA with it. > > I have not yet seen any blacklists of HOSTKARMA, but the whitelists are > there. Is this really a whitelist? You may notice 5 & 9 are similar. #5 is just a pure HOSTKARMA_WL test that khop-bl scores at -0.1 while #9 is a modified test wrapping it in a meta that ensures it isn't also hitting DNSWL_HI or DNSWL_MED before subtracting additional points. As noted in previous emails of mine to the list, KHOP_RCVD_UNTRUST adds a point to any DNSWL/HOSTKARMA_W hit that doesn't pass SPF or DKIM while KHOP_RCVD_TRUST is the opposite. KHOP_HELO_FCRDNS hits ham far more often that I expected when I first wrote it; it triggers when the relay's HELO doesn't match the relay IP's rDNS. I just rescored it from 0.6 to 0.3. KHOP_NO_FULL_NAME might be mis-firing. It's supposed to detect a properly formatted name, in the form (sans quotes): "A K" or "Adam K" or "A Katz" ... maybe somebody can find a flaw in my regex or an example FP or FN? Here it is, please be careful decoding the wrapping: # This matches foreign characters by process of elimination. # From: must start w/ ~upper, ~letters, space/punctuation, then ~upper header __FROM_FULL_NAME From:name =~ /^[^a-z[:punct:][:cntrl:]\d\s][^[:punct:][:cntrl:]\d\s]*[[:punct:]\s]+[^a-z[:punct:][:cntrl:]\d\s]/ meta KHOP_NO_FULL_NAME !(__FROM_ENCODED_QP||__FROM_NEEDS_MIME||__FROM_FULL_NAME) describe KHOP_NO_FULL_NAME Sender does not have both First and Last names score KHOP_NO_FULL_NAME 0.259 # keep low!
