On Thu, 2010-09-16 at 03:26 -0700, Franc Walter(?) wrote:
> > SA goes farther than your simple idea. Have a look at how Bayes works, and
> > all the available SA plugins.
>
> I trained SA since months with all those chronometer-zeitmesser-spam and
> only 5% is now set to spam.
> I want to get rid of it immediately.
OK, back down for a minute. This appears to be yet another case of a
user asking about a specific $thingy, which he believes would do the
trick. It might, but it is not the cure to the underlying problem. We
don't even know the problem, yet. This we need to find.
Why do I claim that? Well, the spam mentioned sounds pretty familiar.
But SA 3.2.x should not have a problem catching them.
Bayes. So you trained Bayes with them. For months. Still not much of a
difference. Well. Do you train *both*, spam *and* ham? Any chance these
have been trained incorrectly before? What Bayes score do they actually
get? The X-Spam-Status header would be sufficient to see.
The few lines of 'sa-learn --dump magic' would be good, too. Oh, and you
are training Bayes as the same user SA checks the mail for, right?
DNSBLs. And URI DNSBLs. These spams should hit quite a lot of them. They
certainly do for me. DNS works? None of these disabled in SA conf? What
DNS server are you using? If it is "my ISP's DNS" or "my home router
box", this is almost guaranteed to be your problem -- or part of it.
ISP's DNS server usually generate way too much traffic and do not get
responses by the major DNSBLs. In that case, you need a local caching
(non-forwarding) DNS resolver on your box.
And no, while a blacklist of some words *can* help, it is *not* the
solution to your problem.
--
char *t="\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
