Spam Bashing

We finally have our spam filtering back in place at kulish.com. We’ve set it to a semi-aggressive filter where pretty much every incoming email is marked with a spam score.

We’re using the postfix+amavis+clamd+spamassassin setup.

While we’ve been doing without it for a few months (using client side stuff until I found time), I still don’t remember it working this well on the last server install.

Here’s a wopper of an email, just after the installation and testing were completed. The receiving parties and server names have been sanitized to protect the marginally innocent (**PROTECTED**).

From ***PRO@TECTED***.com Tue Feb 14 23:02:47 2006
Return-Path:
Delivered-To: spam-quarantine
X-Envelope-From:
X-Envelope-To: **PROTECTED**
X-Quarantine-Id:
Received: from lh (unknown [61.130.156.43])
by **PROTECTED** (Postfix) with SMTP id D90164B92A;
Tue, 14 Feb 2006 23:02:35 -0600 (CST)
Received: from 61.130.156.43 (HELO localhost.localdomain) (61.130.156.43)
by 61.130.156.43 with SMTP; Wed, 15 Feb 2006 07:06:05 +0200
Message-Id:

One thought on “Spam Bashing”

  1. High Score

    X-Spam-Flag: YES
    X-Spam-Score: 64.684
    X-Spam-Level: ****************************************************************
    X-Spam-Status: Yes, score=64.684 tag=-999 tag2=2.5 kill=10
    tests=[BAYES_99=3.5, DATE_IN_FUTURE_96_XX=2.403,
    DNS_FROM_RFC_ABUSE=0.2, DNS_FROM_RFC_POST=1.708,
    DNS_FROM_RFC_WHOIS=1.447, FORGED_MUA_OUTLOOK=4.056,
    FORGED_OUTLOOK_HTML=2.713, FORGED_YAHOO_RCVD=1.849,
    FROM_ILLEGAL_CHARS=4.1, HEAD_ILLEGAL_CHARS=1.606,
    HTML_COMMENT_SAVED_URL=0.273, HTML_IMAGE_ONLY_20=1.157,
    HTML_MESSAGE=0.001, HTML_TITLE_EMPTY=0.214, MIME_BOUND_DD_DIGITS=4.5,
    MIME_HTML_ONLY=0.001, MIME_HTML_ONLY_MULTI=0, MISSING_MIMEOLE=1.612,
    MSGID_SPAM_CAPS=4.4, RAZOR2_CF_RANGE_51_100=0.5,
    RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5,
    RAZOR2_CHECK=0.5, RCVD_DOUBLE_IP_SPAM=3.69, RCVD_HELO_IP_MISMATCH=4,
    RCVD_IN_BL_SPAMCOP_NET=1.558, RCVD_IN_NJABL_PROXY=0.721,
    RCVD_NUMERIC_HELO=1.5, REPTO_QUOTE_YAHOO=2.124,
    SUBJ_ILLEGAL_CHARS=4.279, UNPARSEABLE_RELAY=0.001,
    URIBL_SC_SURBL=4.498, URIBL_WS_SURBL=2.14, X_PRIORITY_HIGH=0.433]

Comments are closed.