SurgeMail Archive: Re: [SurgeMail List] Amazing amount of spam scores 0 points

Subject:	Re: [SurgeMail List] Amazing amount of spam scores 0 points
From:	surgemail-support
Date:	24-Jun-2014
The problem is for this combination of 'spam like features' your training samples have '8' non spam messages, and '0' spam messages. So essentially, you've trained it that in most cases, these features mean the message is not spam :-) Assuming the training has not been deliberately mixed up. Then the problem is actually that the detection criteria are too general and training isn't going to improve results it's just going to change the errors from false one way to false the other way as it keeps trying to learn two meanings for 'one' thing. You may get more sane results using: g_sf_ignore_users "true" Which will tell it to take less note of what users think is and isn't spam ;-) (this often helps as users sometimes train 'atypical' rather than 'random' samples which breaks the statistical significance of results) ChrisP. Huh, The quarantine page says "0", but the header has a score of "1." It doesn't matter. One is way too low. Here is another one I got today. Received-SPF: pass (Last token {ip4:89.43.11.72} (res=PASS)) client-ip=89.43.11.72; envelope-from=<CarlosLeonard@esg-kuwait.yoncoo.com>; x-ip-name=esg-kuwait.yoncoo.com; Received: from esg-kuwait.yoncoo.com (unverified [89.43.11.72]) by ericvey.com (SurgeMail 6.6a) with ESMTP id 14268-1312327 for <junker@ericvey.com>; Tue, 24 Jun 2014 14:39:48 -0400 Return-Path: <CarlosLeonard@esg-kuwait.yoncoo.com> X-Verify-SMTP: Host 89.43.11.72 sending to us was not listening MIME-Version: 1.0 Content-Transfer-Encoding: 7bit To: <junker@ericvey.com> Reply-to: <Carlos.Leonard.reply@yoncoo.com> Subject: Hi, we would like to thank you ($1,000-Card) Message-ID: <Carlos.20140624015257.28948.58996.junker@ericvey.com> Date: Tue, 24 Jun 2014 11:39:17 -0700 From: Sears Dept.-Store <Carlos@esg-kuwait.yoncoo.com> X-Original-MessageID: <bfb3f280b4369095133f3d893eb946fa> X-Originating-IP: 89.43.11.72 X-Country: code=RO country="Romania" ip=89.43.11.72 X-Rcpt-To: <junker@ericvey.com> X-Vpipe: Scanner said ok (av_avast) X-SpamDetect: : 0.0 sd=0.0 Exact nspam=0 nok=1 0.00 $0.94(SpamUrl) $0.85(X-Verify-SMTP present) $0.80(X-Phrase:isspam) $0.70(X-myrbl:unknown) $0.68(SPF Negate) $0.40(X-NotAscii:utf) $0.42(X-LangGuess:English) $0.56(X-SpamUrl:_EXISTS_) $0.56(SpamUrl) $0.45(isclickimage1) X-NotAscii: charset=utf-8 X-SpamUrl: sears.com X-LangGuess: English X-Probe: +OK nothing bad found X-Phrase: IsSpam score=1.00 X-MyRbl: Color=Unknown ip=89.43.11.72 X-IP-stats: No info recorded yet ip=89.43.11.72 ------ Original Message ------ From: "Eric Vey" <junker@ericvey.com> To: surgemail-list@netwinsite.com Sent: 6/24/2014 4:19:00 PM Subject: [SurgeMail List] Amazing amount of spam scores 0 points Hello, Last week I changed a couple of accounts (including this one since this list is published and indexed by google) to quarantine anything that had a smite score of 0 or above. A few legitimate messages from other lists were caught, but many more were spam messages that got a score of 0. I have been religiously marking spam in the quarantine page and forwarding spam that still got through to isspam at my domain. Here are the headers of one I got today. Received-SPF: pass (Last token {mx} (res=PASS)) client-ip=148.251.72.78; envelope-from=<WhosWho-junker=ericvey.com@gcatri.com>; x-ip-name=vps.gcatri.com; Received: from vps.gcatri.com (unverified [148.251.72.78]) by ericvey.com (SurgeMail 6.6a) with ESMTP id 14290-1312327 for <junker@ericvey.com>; Tue, 24 Jun 2014 15:48:53 -0400 Return-Path: <WhosWho-junker=ericvey.com@gcatri.com> X-Verify-SMTP: Host 148.251.72.78 sending to us was not listening DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=dkim; d=gcatri.com; h=Mime-Version:Content-Type:Message-Id:Date:From:To:Subject; i=WhosWho@gcatri.com; bh=p0EHgg3YNLZjMDWxc9elw5EvcK0=; b=EcELmJqBQyWaDbhqS10m0oIqXZjyQvMSDCqlJYS9KhKmaxZ0FIv3n11VUOM+GmwsiYowVqmqn9pi +Uagvc01u9hZ84baskUaUH+hLETR9knSuVU0RUBMkfJYmu4sE8Qddbppond6pXNc/bMlKLAfK/9e JDB7DrOSnlOO7krvFnM= Received: by vps.gcatri.com id hl7ats0001gp for <junker@ericvey.com>; Tue, 24 Jun 2014 19:47:34 +0000 (envelope-from <WhosWho-junker=ericvey.com@gcatri.com>) Mime-Version: 1.0 Message-Id: <29935be4871fdf37a0211382485d9c02.8d4a0f37918d02b6@gcatri.com> Date: Tue, 24 Jun 2014 19:47:34 +0000 From: Whos Who <WhosWho@gcatri.com> To: junker@ericvey.com Subject: =?utf-8?B?Q29uZ3JhdHVsYXRpb25zISBZb3UncmUgYSAyMDE0IENhbmRpZGF0ZSBmb3IgV2hvJ3MgV2hvISBDb25maXJtIE5vdy4=?= X-Originating-IP: 148.251.72.78 X-Country: code=DE country="Germany" ip=148.251.72.78 X-Rcpt-To: <junker@ericvey.com> X-Vpipe: Scanner said ok (av_avast) X-SpamDetect: : 0.0 sd=0.0 Close nspam=0 nok=8 0.00 $0.96(X-LangGuess:Wrong) 0.94(SpamUrl) $0.85(X-Verify-SMTP present) 0.81(unknown_lang) 0.80(X-Phrase:isspam) $0.21(genuine) 0.70(X-myrbl:unknown) 0.68(SPF Negate) 0.40(X-NotAscii:utf) 0.56(X-SpamUrl:_EXISTS_) 0.56(SpamUrl) X-NotAscii: charset=utf-8 X-SpamUrl: gcatri.com X-LangGuess: Unknown, Wrong X-Probe: +OK nothing bad found X-Phrase: IsSpam score=1.00 Authentication-Results: ericvey.com header.from=WhosWho-junker=ericvey.com@gcatri.com; dkim=pass (good signature) X-MyRbl: Color=Unknown ip=148.251.72.78 X-IP-stats: No info recorded yet ip=148.251.72.78

Last Message | Next Message


Search website: