[Mimedefang] Can I Use Spamassassin Score Instead of MIMEDefang Score?
Kelson Vibber
kelson at speed.net
Wed Sep 10 17:35:01 EDT 2003
At 01:13 PM 9/10/2003, Jason Granat wrote:
>The thing that I now think may be the problem is the issue you brought up
>about running multiple milters. I am running one instance of
>spamass-milter which is what I originally used for SA. Should I not be
>using this? Is there another milter to use?
I think I can guess the problem. If you modify the message at all (say, by
converting the original to an attachment in a warning, or by adding a
warning), then you are going to get different results from each run of
SA. Whichever milter is called first will run SA on the original message,
and whichever runs next will run it on the modified one. The headers you
attached support this theory:
>X-Spam-Warning: SpamAssassin says this is SPAM
>X-Spam-Score: 6.3 (******)
>DATE_IN_FUTURE_03_06,HTML_70_80,HTML_FONT_BIG,HTML_FONT_COLOR_GRAY,HTML_FONT_COLOR_UNSAFE,HTML_IMAGE_ONLY_02,HTML_MESSAGE,MIME_HTML_ONLY,MISSING_MIMEOLE,MISSING_OUTLOOK_NAME
>X-Scanned-By: MIMEDefang 2.36
>X-Spam-Status: No, hits=4.3 required=5.0
> tests=DATE_IN_FUTURE_03_06,HTML_20_30,HTML_FONT_BIG,
> HTML_FONT_COLOR_GRAY,HTML_FONT_COLOR_UNSAFE,
> HTML_IMAGE_ONLY_10,HTML_MESSAGE,MISSING_MIMEOLE,
> MISSING_OUTLOOK_NAME
> version=2.55
>X-Spam-Level: ****
>X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp)
The first set of scores (which looks like MD) hits HTML_70_80,
HTML_IMAGE_ONLY_02, and MIME_HTML_ONLY. The second set (which looks like
spamass-milter) hits HTML_20_30, HTML_IMAGE_ONLY_10, and does not hit
MIME_HTML_ONLY. It sounds to me like one milter is adding a second MIME
part (possibly a warning about the message being spam?). The change in how
much of the body is HTML code may be due to Anomy Sanitizer, or attaching a
boilerplate, or converting to another kind of attachment.
Note that in this sample, it looks like it scores higher when called
through MD than when called through spamass-milter. (IIRC, X-Scanned-By is
the last header MD adds, so the first two lines are from MD).
If you turn off anything that modifies the message itself (not counting
adding X-Spam-etc. headers), you may see closer results. If you still want
virus protection, HTML sanitizing and so on during testing, make sure
spamass-milter runs first and turn off any options that modify the message
other than adding headers.
Kelson Vibber
SpeedGate Communications <www.speed.net>
More information about the MIMEDefang
mailing list