Hi, >>> I have a particular user suddenly being hammered with porn spam that is >>> getting by SA, despite bayes training. >>> >>> I've put the whole thing up into a gziped mbox file: >>> http://www.westnet.com/~chris/SA/MissedSpam1.mbox.gz >> >> I meant to specify, it has 184 messages from the past week or so. >> > From spot checking it, most appear to be gibberish from compromised > accounts/websites. > > These are going to be tough to block though I see some patterns in there. > > You can add http://www.peregrinehw.com/downloads/SpamAssassin/contrib/KAM.cf > and I'll tweak to catch some at least.
These look very helpful. Are these rules going to make it into an sa-update? Can we wget this file periodically? There are also a few unresolved dependencies: rules: meta test KAM_BLANK01 has undefined dependency 'UNDISC_RECIPS' rules: meta test KAM_BLANK01 has undefined dependency 'FM_NO_FROM_OR_TO' rules: meta test KAM_BLANK01 has undefined dependency 'FM_NO_TO' rules: meta test KAM_BLANK02 has undefined dependency 'MSGID_FROM_MTA_ID rules: meta test KAM_RPTR_PASSED has undefined dependency 'IN_BCUDA_RBL' rules: meta test KAM_RPTR_PASSED has undefined dependency 'RCVD_IN_BCUDA_RELAY' Am I missing another rules file for these missing rules? Thanks, Alex
