Changes between Version 5 and Version 6 of RecommendedRuleSets


Ignore:
Timestamp:
Aug 17, 2006, 3:20:39 AM (13 years ago)
Author:
rjl
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • RecommendedRuleSets

    v5 v6  
    11= Recommended Rulesets for !RulesDuJour =
    22
    3 Various messages on the mailing list have discussed this.
     3For SpamAssassin versions 2.50 to 2.64:
    44
    5  * http://www.renaissoft.com/pipermail/maia-users/2006-January/005549.html
    6  * http://www.renaissoft.com/pipermail/maia-users/2006-July/006916.html
    7  * http://www.renaissoft.com/pipermail/maia-users/2006-January/005498.html
     5TRUSTED_RULESETS="SARE_REDIRECT SARE_EVILNUMBERS0 SARE_BAYES_POISON_NXM
     6SARE_HTML SARE_HEADER SARE_SPECIFIC SARE_ADULT SARE_BML SARE_FRAUD
     7SARE_SPOOF SARE_RANDOM SARE_OEM SARE_GENLSUBJ SARE_UNSUB SARE_URI0
     8SARE_OBFU0";
     9
     10For SpamAssassin versions 3.0 and later:
     11
     12TRUSTED_RULESETS="SARE_REDIRECT_POST300 SARE_EVILNUMBERS0
     13SARE_BAYES_POISON_NXM SARE_HTML SARE_HEADER SARE_SPECIFIC SARE_ADULT
     14SARE_BML SARE_FRAUD SARE_SPOOF SARE_RANDOM SARE_OEM SARE_GENLSUBJ
     15SARE_UNSUB SARE_URI0 SARE_OBFU0";
     16
     17In general, note that some of the SARE rules are available in varying
     18levels of risk, where lower numbers are more conservative and higher
     19numbers are more likely to produce false positives.  For example, the
     20SARE_GENLSUBJ rules are available in five levels (SARE_GENLSUBJ0,
     21SARE_GENLSUBJ1, SARE_GENLSUBJ2, SARE_GENLSUBJ3, and SARE_GENLSUBJ4).
     22Specifying just "SARE_GENLSUBJ" gets levels 0-3, but not 4.  If you want
     23to be more conservative, just get SARE_GENLSUBJ0; if you decide that's
     24not aggressive enough, add SARE_GENLSUBJ1, and so on until you find the
     25level that works best for your needs.
     26
     27'''Don't use the BLACKLIST or BLACKLIST_URI rulesets'''--they take up a huge amount of memory, and they're practically obsolete now that the SA blacklist has been moved to a SURBL lookup.  The only circumstance I can think of for using ruleset-based (i.e. static) blacklists/whitelists is when you're not doing any network tests at all--no DNSBL lookups, no SPF, no !DomainKeys, no Razor/Pyzor/DCC/!SpamCop.  Doing it that way saves you from network delays (latency), but of course deprives you of many very useful sources of information.  A static whitelist/blacklist file can be useful in that scenario, provided you keep it up to date.
     28
     29
    830
    931----