[prev in list] [next in list] [prev in thread] [next in thread]
List: spamassassin-users
Subject: Re: Bayesian filter error?
From: Joolee <info () joolee ! nl>
Date: 2014-10-29 10:51:09
Message-ID: CA+Q-w8W-JT8uQs0fuw0Bw57M5XmJ--_TQEj_6PZMOTiES--NEA () mail ! gmail ! com
[Download RAW message or body]
The Bayes system scores messages based on the occurence of tokens (pieces
of text) that appear in the E-mail. The signature you mention seems to
contain tokens that are very commonly used in spam. Best solution would be
to rewrite the signature to not contain those tokens. I don't know how you
can identify exactly which tokens are being matched but you indicate that
it probably is a domain name in the signature. If that domain name shows up
so much in Spam, I think you're looking at a symptom of a much bigger
problem.
On 29 October 2014 11:38, Marco Tironi / 8volante Srl <tironi@8volante.com>
wrote:
> Thanks for your fast reply. Now I understand the big mistake: Bayesian
> filter is server specific and not "public" so it's not globally manteined.
> Every server have its own indexes so there is no fast solution to solve it
> globally.
>
> I can allow that signrature for my server, but others server continue to
> mark them as spam.
>
> Marco
>
> -----Messaggio originale-----
> Da: Reindl Harald [mailto:h.reindl@thelounge.net]
> Inviato: mercoledì 29 ottobre 2014 11:25
> A: users@spamassassin.apache.org
> Oggetto: Re: Bayesian filter error?
>
>
> Am 29.10.2014 um 10:50 schrieb Marco Tironi / 8volante Srl:
> > Hi, I use a Spamassasin version 3.3.1 on Windows System and I have a
> > problem with Bayesian filter:
> >
> > -A legitimate users send an email to our server and they are delivered
> > normally
> >
> > -When that users insert it's domain in the email signature the email
> > is marked as spam with that header:
> >
> > oX-Spam-Status: Yes, hits=2.8 required=2.0
> > tests=BAYES_99,BAYES_999,HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS
> > autolearn=no version=3.3.1
> >
> > oX-Spam-Score: 2.8
> >
> > -After a few try I have noticed that if I remove the domain line form
> > the signature the email is delivery correctly
> >
> > -That users report that the problem is the same on many server (I
> > think that's because all use BAYES filter
> >
> > How can I inform the manteiners of Bayes Filter of this false positive?
>
> normally i would expect that behavior triggered by URI blacklists which did
> not hit in the tests - if it is really bayse than it means a lot of
> messages
> containing this domain are trained as spam and none as ham
>
> a bayse relies on proper training
>
> meaning you need at least the same amount ham samples for a really good
> working one as you have spam samples
>
> what says "sa-learn --dump magic"
>
>
>
[Attachment #3 (text/html)]
The Bayes system scores messages based on the occurence of tokens (pieces of text) \
that appear in the E-mail. The signature you mention seems to contain tokens that are \
very commonly used in spam. Best solution would be to rewrite the signature to not \
contain those tokens. I don't know how you can identify exactly which tokens are \
being matched but you indicate that it probably is a domain name in the signature. If \
that domain name shows up so much in Spam, I think you're looking at a symptom of \
a much bigger problem.<br clear="all"><div></div> <br><div class="gmail_quote">On 29 \
October 2014 11:38, Marco Tironi / 8volante Srl <span dir="ltr"><<a \
href="mailto:tironi@8volante.com" target="_blank">tironi@8volante.com</a>></span> \
wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px \
#ccc solid;padding-left:1ex">Thanks for your fast reply. Now I understand the big \
mistake: Bayesian<br> filter is server specific and not "public" so \
it's not globally manteined.<br> Every server have its own indexes so there is no \
fast solution to solve it<br> globally.<br>
<br>
I can allow that signrature for my server, but others server continue to<br>
mark them as spam.<br>
<br>
Marco<br>
<br>
-----Messaggio originale-----<br>
Da: Reindl Harald [mailto:<a \
href="mailto:h.reindl@thelounge.net">h.reindl@thelounge.net</a>]<br>
Inviato: mercoledì 29 ottobre 2014 11:25<br>
A: <a href="mailto:users@spamassassin.apache.org">users@spamassassin.apache.org</a><br>
Oggetto: Re: Bayesian filter error?<br>
<div class="HOEnZb"><div class="h5"><br>
<br>
Am 29.10.2014 um 10:50 schrieb Marco Tironi / 8volante Srl:<br>
> Hi, I use a Spamassasin version 3.3.1 on Windows System and I have a<br>
> problem with Bayesian filter:<br>
><br>
> -A legitimate users send an email to our server and they are delivered<br>
> normally<br>
><br>
> -When that users insert it's domain in the email signature the email<br>
> is marked as spam with that header:<br>
><br>
> oX-Spam-Status: Yes, hits=2.8 required=2.0<br>
> tests=BAYES_99,BAYES_999,HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS<br>
> autolearn=no version=3.3.1<br>
><br>
> oX-Spam-Score: 2.8<br>
><br>
> -After a few try I have noticed that if I remove the domain line form<br>
> the signature the email is delivery correctly<br>
><br>
> -That users report that the problem is the same on many server (I<br>
> think that's because all use BAYES filter<br>
><br>
> How can I inform the manteiners of Bayes Filter of this false positive?<br>
<br>
normally i would expect that behavior triggered by URI blacklists which did<br>
not hit in the tests - if it is really bayse than it means a lot of messages<br>
containing this domain are trained as spam and none as ham<br>
<br>
a bayse relies on proper training<br>
<br>
meaning you need at least the same amount ham samples for a really good<br>
working one as you have spam samples<br>
<br>
what says "sa-learn --dump magic"<br>
<br>
<br>
</div></div></blockquote></div><br>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic