Doc for score explanations?

Matt Kettler mkettler at
Mon Oct 16 21:45:12 IST 2006

Rob Morin wrote:
> Hello all... more and more recently i have been asked by clients why
> emails are getting marked as SPM. I tell them well maybe because of this
> and that, that use to work ok, but now they want to know why exactly an
> email was marked as spam... here is an example....
> Oct 16 15:28:17 peter MailScanner[5660]: Message 1920269005F.5C45D from
> (dplatt at to is spam, SpamAssassin
> (score=12.46, required 4, BAYES_60 1.00, FB_4WORD_DOLLARe 0.85,
> FM_MULTI_ODD3 0.70, FM_MULTI_ODD4 0.70, FM_MULTI_ODD5 0.90,
> OBSCURED_EMAIL 2.10, UPPERCASE_50_75 0.37)
> So what do i tell the client?  There must be some docs or list to read
> against to figure out why its getting marked as spam....

It got marked as spam largely because of your add-on rulesets.

Most of those FB_* rules come from

And the rest come from

So perhaps a better question is, if you don't know already know exactly what
these rules do, why did you add them?

I'm quite well versed in SA, but I do not know what these sets do, other than
that Fred Tarasevicius wrote them.

I can tell you from looking at the rulefiles:

FB_SINGLE_1WORD appears to look for a shortish word (8 chars max) with a 1
roughly in the middle.

FB_SINGLE_0WORD is similar, but looks for a 0, allows $ signs in the second
half, and has a 7 character limit.

FB_4WORD_DOLLARe appears to look for a word (13 chars max) with a dollar-sign in
the middle, but excludes Micro$oft.

My guess is this ruleset would tear the hell out of any email with programmer's
source code in it, or anything containing lots of mixed alphanumeric "id"
strings. (ie: reports using a lot of abbreviations)

A default SA install would have ranked this with a score of 3.47 (BAYES_60 1.00,

> Did i confuse anyone?
> p.s. the original domain name has been change to conceal the innocent
> :)

More information about the MailScanner mailing list