Large emails being tagged as spam - false positives

Alex Broens ms-list at
Fri Sep 29 08:24:12 IST 2006

On 9/29/2006 1:25 AM, Matt Kettler wrote:
> Gordon Colyn wrote:
>> Here is an example, a legitimate 6.9M email that is classified as spam;
>>       cached  not
>>      score=8.424
>>       8  required
>>       -3.00 BAYES_00 Bayesian spam probability is 0 to 1%
>>       0.14 FORGED_RCVD_HELO Received: contains a forged HELO
>>       0.00 HTML_MESSAGE HTML included in message
>>       1.82 MISSING_SUBJECT Missing Subject: header
>>       2.60 RCVD_IN_DSBL Received via a relay in
>>       1.95 RCVD_IN_NJABL_DUL NJABL: dialup sender did non-local SMTP
>>       0.72 RCVD_IN_NJABL_PROXY NJABL: sender is an open proxy
>>       2.05 RCVD_IN_SORBS_DUL SORBS: sent directly from dynamic IP address
>>       2.16 RCVD_IN_SORBS_SOCKS SORBS: sender is open SOCKS proxy server
> Question: Have you checked your trust path?
> If this message wasn't direct-delivered to your network from a home-user type
> machine, and was properly relayed through an ISP's mailserver, then you likely
> have a broken trust path.

just as a side note:

Had MailScanner not scanned this msg, due to its overall size, this FP 
(any possibly others) could have been easily avoided.

- Supports the SpamC logic of NOT sending msgs larger than X thru SA -

sorry.. had to let it out...


More information about the MailScanner mailing list