[Mimedefang] Can I Use Spamassassin Score Instead of MIMEDefang Score?

Kelson Vibber kelson at speed.net
Wed Sep 10 17:35:01 EDT 2003 

At 01:13 PM 9/10/2003, Jason Granat wrote:
>The thing that I now think may be the problem is the issue you brought up 
>about running multiple milters.  I am running one instance of 
>spamass-milter which is what I originally used for SA. Should I not be 
>using this?  Is there another milter to use?

I think I can guess the problem.  If you modify the message at all (say, by 
converting the original to an attachment in a warning, or by adding a 
warning), then you are going to get different results from each run of 
SA.  Whichever milter is called first will run SA on the original message, 
and whichever runs next will run it on the modified one.  The headers you 
attached support this theory:

>X-Spam-Warning: SpamAssassin says this is SPAM
>X-Spam-Score: 6.3 (******) 
>DATE_IN_FUTURE_03_06,HTML_70_80,HTML_FONT_BIG,HTML_FONT_COLOR_GRAY,HTML_FONT_COLOR_UNSAFE,HTML_IMAGE_ONLY_02,HTML_MESSAGE,MIME_HTML_ONLY,MISSING_MIMEOLE,MISSING_OUTLOOK_NAME
>X-Scanned-By: MIMEDefang 2.36
>X-Spam-Status: No, hits=4.3 required=5.0
>     tests=DATE_IN_FUTURE_03_06,HTML_20_30,HTML_FONT_BIG,
>     HTML_FONT_COLOR_GRAY,HTML_FONT_COLOR_UNSAFE,
>     HTML_IMAGE_ONLY_10,HTML_MESSAGE,MISSING_MIMEOLE,
>     MISSING_OUTLOOK_NAME
>     version=2.55
>X-Spam-Level: ****
>X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp)

The first set of scores (which looks like MD) hits HTML_70_80, 
HTML_IMAGE_ONLY_02, and MIME_HTML_ONLY.  The second set (which looks like 
spamass-milter) hits HTML_20_30, HTML_IMAGE_ONLY_10, and does not hit 
MIME_HTML_ONLY.  It sounds to me like one milter is adding a second MIME 
part (possibly a warning about the message being spam?).  The change in how 
much of the body is HTML code may be due to Anomy Sanitizer, or attaching a 
boilerplate, or converting to another kind of attachment.

Note that in this sample, it looks like it scores higher when called 
through MD than when called through spamass-milter.  (IIRC, X-Scanned-By is 
the last header MD adds, so the first two lines are from MD).

If you turn off anything that modifies the message itself (not counting 
adding X-Spam-etc. headers), you may see closer results.  If you still want 
virus protection, HTML sanitizing and so on during testing, make sure 
spamass-milter runs first and turn off any options that modify the message 
other than adding headers.


Kelson Vibber
SpeedGate Communications <www.speed.net>

More information about the MIMEDefang mailing list