Does spamassassin cache database lower the amount of spamassassin timeouts?

Matt Kettler mkettler at
Wed Mar 8 18:41:43 GMT 2006

Taso Chatziantoniou wrote:

> Also one other question ..
> Does anyone know of a good site or forum that we can submit sample spams
> to help us figure out a way to block them. We keep getting these stock
> html image only files with bayes poisining on the bottom that we cannot
> seem to find a pattern to to block.

Generally the best place for that would be on the spamassassin-users mailing list.

If possible, extract the offending message as a raw mime.822 file (ie: full
email with all headers and mime segments) and attach it to your posting.

That said, in general a lot of the image-based spams are best dealt with by
these methods:

Razor - razor's e4 engine does it's hashing on a per-mime-segment basis, so it
can realize the image is spam even if the body text keeps changing.

URIBLs - if the HTML has any link back to the website.

DNSBLs - a lot of these are sent via infected hosts listed in XBL.

Bayes training - some folks try to avoid training spam containing poison..
Don't. Train it all, let the statistics handle it.  As long as you're training a
reasonable amount of nonspam, SA's chi-squared combinining is VERY resistant to
training this kind of spam causing FPs. On the other hand, not training it is a
sure-fire way to give the spams a good chance slip by as a FN.

If there's a particular kind of image-only spam involved, some of the SARE
rulesets can be helpful. I personally like the following SARE rulesets and use
them on my production systems:

More information about the MailScanner mailing list