anomy-list

[offtopic] Spamassassin configuration

From: Peter Mueller (140452@xyz.molar.is)
Date: Wed 25 May 2005 - 19:21:16 GMT


Hello all,

What is everyone using for spamasssassin rules? It used to be that my setup
caught 90%+ emails with no false positives. These days the number is much
less, maybe 75%. This is despite my rules getting tougher, too. On the
positive side I still get 0 false positives, excepting a few html newsgroups
I have already whitelisted.

I know this is a little off-topic, but I thought maybe we could collaborate
and get a nice rule base together. Here is my spamassassin setup:

required_hits 5.0
use_bayes 1
skip_rbl_checks 1
use_razor2 1
use_dcc 0
# Network-based services timeout # default (seconds)
dcc_timeout 10 # 10
razor_timeout 10 # 10
#pyzor_timeout 10 # 10
rbl_timeout 15 # 15

ok_languages en
ok_locales all

include /etc/mail/spamassassin/chickenpox.cf
include /etc/mail/spamassassin/weeds.cf
include /etc/mail/spamassassin/evilnumbers.cf
include /etc/mail/spamassassin/70_sare_specific.cf
include /etc/mail/spamassassin/70_sare_random.cf
include /etc/mail/spamassassin/70_sare_header0.cf
include /etc/mail/spamassassin/70_sare_genlsubj0.cf
include /etc/mail/spamassassin/70_sare_adult.cf
include /etc/mail/spamassassin/70_sare_html0.cf
include /etc/mail/spamassassin/72_sare_redirect_post3.0.0.cf
include /etc/mail/spamassassin/bogus-virus-warnings.cf
# sober.Q / german spam rules
include /etc/mail/spamassassin/german_sober_Q.cf

# SPF rules
ifplugin Mail::SpamAssassin::Plugin::SPF
score SPF_HELO_PASS -1.000

My extra configurations are updated daily with this Makefile:
# $Id$

WGET = wget -nv -N

default: jennifer SARE other
        @echo

# http://www.emtinc.net/spamhammers.htm
jennifer:
        $(WGET) http://www.emtinc.net/includes/weeds.cf
        $(WGET) http://www.emtinc.net/includes/chickenpox.cf

# SARE
SARE:
        $(WGET) http://www.rulesemporium.com/rules/evilnumbers.cf
        $(WGET) http://www.rulesemporium.com/rules/70_sare_specific.cf
        $(WGET) http://www.rulesemporium.com/rules/70_sare_random.cf
        $(WGET)
http://www.rulesemporium.com/rules/72_sare_redirect_post3.0.0.cf
        $(WGET) http://www.rulesemporium.com/rules/70_sare_header0.cf
        $(WGET) http://www.rulesemporium.com/rules/70_sare_genlsubj0.cf
        $(WGET) http://www.rulesemporium.com/rules/70_sare_adult.cf
        $(WGET) http://www.rulesemporium.com/rules/70_sare_html0.cf
        $(WGET) http://www.rulesemporium.com/rules/70_sare_adult.cf

other:
        $(WGET) http://mywebpages.comcast.net/mkettler/sa/antidrug.cf
        $(WGET) http://www.timj.co.uk/linux/bogus-virus-warnings.cf
        #$(WGET)
http://www.merchantsoverseas.com/wwwroot/gorilla/99_FVGT_Tripwire.cf

You can get the german_sober_Q.cf rule @
http://world.anarchy.com/~peter/german_sober_Q.cf

My servers have 4gb of memory, so I don't worry too much about RAM. If you
do, here is the footprint for each spamd with this configuration:
8090 root 16 0 69432 67M 2756 S 0.0 1.6 0:46 0 spamd

Any ideas?

Peter Mueller
Operations Engineer
(408)235-1700 x125

Find travel deals from dozens of sites - with one search
Try SideStep - The traveler's search engine
www.sidestep.com



hosted by molar.is