SPF_Fail score too low?

Chris Yuzik itdept at fractalweb.com
Thu Apr 5 22:18:13 IST 2007


Matt Kettler wrote:
> Sorry for the late reply.
>   
No worries.
> Real-world testing shows that the SPF_FAIL test is still quite prone to false
> positives, and is more false-positive prone than the SOFTFAIL rule.
>
> In the SpamAssassin 3.1.x mass-checks, SPF_FAIL had 95.5% of its matches being
> spam, and 4.5% being nonspam. Softfail on the other hand was 99.2% spam and 0.8%
> nonspam.
>
> Personally, I interpret this as:
>
> The foolhardy and ambitious admin will recklessly dive right in and create a
> record which hard-fails. The more diligent admin will audit very carefully, but
> realize he might have made mistakes and set a soft-fail record.
>
> This results in SPF_FAIL presenting more FPs than SOFTFAIL.
>
> Never expect rules to behave the way they "should" when they're the result of
> human decisions. Humans add a whole layer of randomness and nonsense all their own.
>   
Isn't that the truth!

So what scoring would you recommend for each of these?

Chris



More information about the MailScanner mailing list