Joe Quinn wrote: > To start, there are several very real things wrong with your example > message. In my opinion, that message was correctly classified.
Maybe, maybe not - without the actual message there's no more information. I've seen all too much legitimate mail hit some very strange combinations of rules... If the OP's mail server doesn't add rDNS for the connecting IP, or doesn't add it in a way that SA recognizes, that would trigger RDNS_NONE, and cause FORGED_YAHOO_RCVD. > Do you have any better-representative samples that you can paste in > full? (http://pastebin.com/) > > Have you tried using "-D bayes" to see what tokens are being learned > incorrectly? Your score for BAYES_50 seems high for a message that gets > a neutral result from Bayes. Looks like the OP doesn't have network tests enabled; those scores match the current stock ones for set 2 (Bayes enabled, DNS tests disabled). Enabling DNS tests would bring that back to 0.8 default (and RDNS_NONE to 0.8, and FORGED_YAHOO_RCVD to 1.6). -kgd
