On Wed, 2010-06-30 at 04:14 -0700, Daniel Lemke wrote:
> [...] I already trained bayes with hundreds
> of mails, but it still doesn't recognize this ndr as spam.
It is a bounce, backscatter. It is not spam. It should not be treated as
such, and a lot of (spam) tests won't trigger on them.
> > For others, there's VBounce plugin that detects delivery notices (and
> > similar messages like autoresponders) and tag them for other processing.
> >
> > You need to configure whitelist_bounce_relays for this plugin to work.
>
> That sounds quite nice, but the documentation says the plugin looks for the
> specified mta relay in the Received: header of the mail. If found, it is not
> marked as an invalid bounce. This may be a problem because most bounces do
Have you tried it? Configure the plugin and send a test message that
will produce a valid NDR.
Yes, VBounce is the way to go. Have a look at the vbounce cf file for
some hints how to treat hits. Use the rule hit to separate these from
your legit mail and spam. Don't try to raise the score.
> have header information that looks like this (where
> Merkur.intranet.jam-software.com is our mta):
>
> Received: from mailgw.ase.az (89.147.200.68) by
> Merkur.intranet.jam-software.com (192.168.123.87) with Microsoft SMTP
Yeah, well -- every incoming mail is likely to go through your MX, isn't
it? ;) One should figure a specialized backscatter plugin knows about
that, don't you think? Come on, just try it.
--
char *t="\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
