[PD-ot] pd-list classified as spam (was Re: [PD] ..a bit off topics)
zmoelnig at iem.at
zmoelnig at iem.at
Fri Aug 25 10:12:02 CEST 2006
hi
moved this thread to pd-ot at iem.at, and changed the subject to something
meaningful...
Zitat von Marco Trevisani <marco at ccrma.stanford.edu>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> I tried to add as a "trusted_network" the ip for the iem.whatever.at
what "iem.whatsoever.at" ?
one thing to consider is, that the pd-list emails do originate from
puredata.info (193.170.191.182) and not from *.iem.at (usually
193.170.191.180)
> server which appears in all messages, but i found again another message
> from the PD in the spam directory (it might be that the two operations
> overlapped for a second, so i'll see later if it really worked).
>
> One thing the spamassasin seems not to like at all (which is a very
> fixable detail, by the sender of course),it is when the sender
> computer has a wrong time, usually in the future, compared with the *real*
> universal time (considering the obvious adjustment with different
> timezones) at the moment of sending it.
right; this needs to be fixed on the side of the original sender (i
just checked and puredata.info was late by 60secs; it is now synched
again)
>
> Anyway here there is the header and the reason that made spamassasin
> unhappy...
> [below this message another one with some different explanation]
>
Received: from puredata.info (inf182.kug.ac.at [193.170.191.182])
> by cm-mail.stanford.edu (8.11.6/8.11.6) with ESMTP id
> k7NDu2O29554;
> Wed, 23 Aug 2006 06:56:02 -0700
> Received: from iem.kug.ac.at ([193.170.191.180] helo=mail.iem.at)
> by puredata.info with esmtp (Exim 4.50) id 1GFtAJ-0002AA-Cz
> for pd-list at puredata.info; Wed, 23 Aug 2006 15:53:12 +0200
ah i see: iem.anything.at might be iem.kug.ac.at (and/or inf182.kug.ac.at)
> Content analysis details: (6.6 points, 3.0 required)
hmm, 3 required points for spam seem a bit tight for me.
(if you have the possibility i'd suggest to use methods like
greylisting to reduce the initial amount of spam; then you can use a
higher threshold to filter the rest)
>
> pts rule name description
> - ---- ----------------------
> - --------------------------------------------------
> 1.4 SPF_SOFTFAIL SPF: sender does not match SPF record
> (softfail)
> [SPF failed: ]
> 2.4 SPF_HELO_SOFTFAIL SPF: HELO does not match SPF record
> (softfail)
> [SPF failed: ]
i am pretty confident that this is wrong if these tests refer to
iem.at/puredata.info.
afaik, SPF must be implemented by a domain, if you (as a spam-analyser)
want to use it. neither iem.at nor puredata.info have any SPF records.
> 1.3 INFO_TLD URI: Contains an URL in the INFO top-level
> domain
well, this is true: puredata.info is an INFO-tld, and there is nothing
really wrong with it.
however, i just recently re-assigned pd.iem.at to puredata.info, so i
might be able to let emails from the list originate from an AT-tld in
the future.
> 0.0 HTML_MESSAGE BODY: HTML included in message
> 0.0 BAYES_50 BODY: Bayesian spam probability is 40 to
> 60%
train your ham-box.
here, spamassassin's bayesian network classifies most pd-list mails as
BAYES_00
mfg.asdr.
IOhannes
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-keys
Size: 1718 bytes
Desc: =?utf-8?b?w5ZmZmVudGxpY2hlciA=?=
=?utf-8?b?UEdQLVNjaGzDvHNzZWw=?=
Url : http://lists.puredata.info/pipermail/pd-ot/attachments/20060825/209b0535/attachment.key
More information about the PD-ot
mailing list