Menu
▾
▴
Re: [Assp-user] Spam getting through
|
From: GrayHat <gr...@gm...> - 2007-11-27 14:32:36
|
some infos, picked one of the spam mails passing through and checked it against the analyzer, here's what it said <==================================================> Feature Matching: • BombRaw RE: ' replica ' • is in RBLCache: inserted at 07-11-27/14:13 by combined.njabl.org • has a Griplist value of : (adds ) Classification Influences: • positive, • negative, • subjective, • neutral ------------------------------------------------------------------------ -------- Bayesian Analysis: Bad Words Bad Prob Good Words Good Prob Totals: ------------------------------------------------------------------------ -------- Spam Probability: probability: 0.5000 <==================================================> but still the mail passed, tried another one... <==================================================> Feature Matching: • Valid Format of HELO: 'node-29-129.adsl.tula.net' • Invalid Format of HELO: 'node-29-129.adsl.tula.net' • IP 127.0.0.1 is in whiteListed IPs (127.0) • IP 127.0.0.1 is in Accept All Mail (127.0.0.1) • IP 127.0.0.1 is in ISP/Secondary MX Servers (127.0.0.1) • 127.0.0 has a Griplist value of : (adds ) Classification Influences: • positive, • negative, • subjective, • neutral ------------------------------------------------------------------------ -------- Bayesian Analysis: Bad Words Bad Prob Good Words Good Prob a.zenobi apra.it 0.9989 rcpt a.zenobi 0.9989 ssub x-assp-received-spf 0.9737 atxt boldifytext 0.9737 the most 0.9737 boldifytext atxt 0.9737 x-assp-received-spf cache 0.9737 atxt and 0.9630 to start 0.9630 and atxt 0.9630 in the 0.9009 com atxt 0.8838 http href 0.8594 href http 0.8594 do you 0.8445 for the 0.7759 by the 0.2776 apra.it rcpt 0.2938 href com 0.6696 in mime 0.3960 mime format 0.3960 message in 0.3960 Totals: 0.9989 0.9989 0.9989 0.9989 0.9737 0.9737 0.9737 0.9737 0.9737 0.9737 0.9737 0.9737 0.9630 0.9630 0.9630 0.9009 0.8838 0.8594 0.8594 0.8445 0.7759 0.7759 0.2776 0.2776 0.2938 0.2938 0.6696 0.6696 0.3960 0.3960 0.3960 ------------------------------------------------------------------------ -------- Spam Probability: probability: 1.0000 <==================================================> and this one too passed the filters... I'm at loss, rolling back to "official" version until someone won't be able to tell me what's going on (and .. folks God knows I tried hard, grepping and checking to find what's driving nuts ASSP) |