How do I beat this spam?
--[ UxBoD ]--
uxbod at splatnix.net
Fri Jun 25 14:05:08 IST 2010
----- Original Message -----
> Le 23/06/2010 17:48, Peter Ong a écrit :
> > Here's the original message with headers:
> > http://pastebin.com/NpZnVU2T
>
> That scores pretty high here (see below). Admittedly most of the
> points
> are from Bayes and network checks, but even if the sender wasn't
> blacklisted at the time you received the mail there should have been
> enough fodder to score as spam.
>
> > Content analysis details: (15.2 points, 5.0 required)
> >
> > pts rule name description
> > ---- ----------------------
> > --------------------------------------------------
> > 1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,
> > https://senderscore.org/blacklistlookup/
> > [208.92.232.69 listed in
> > bl.score.senderscore.com]
> > 1.4 RCVD_IN_BRBL_LASTEXT RBL: RCVD_IN_BRBL_LASTEXT
> > [208.92.232.69 listed in
> > bb.barracudacentral.org]
> > 1.7 URIBL_BLACK Contains an URL listed in the URIBL blacklist
> > [URIs: netmagasap.com]
> > 3.5 BAYES_99 BODY: Bayes spam probability is 99 to 100%
> > [score: 1.0000]
> > 0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay
> > lines
> > 0.4 HTML_IMAGE_RATIO_02 BODY: HTML has a low ratio of text to image
> > area
> > 0.0 HTML_MESSAGE BODY: HTML included in message
> > 0.8 MPART_ALT_DIFF BODY: HTML and text parts are different
> > 0.5 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
> > 0.0 MIME_BASE64_TEXT RAW: Message text disguised using base64
> > encoding
> > 1.5 DCC_CHECK Listed in DCC (http://rhyolite.com/anti-spam/dcc/)
> > 0.9 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
> > 1.9 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence
> > level
> > above 50%
> > [cf: 100]
> > 0.5 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
> > [cf: 100]
> > 0.3 DIGEST_MULTIPLE Message hits more than one network digest check
> > 0.4 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML
> > tag
> > 0.0 MIME_HTML_ONLY_MULTI Multipart message only has text/html MIME
> > parts
> > 0.0 T_REMOTE_IMAGE Message contains an external image
>
> John.
>
Ya, I get a similar result to John:
Content analysis details: (27.6 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
3.0 RCVD_IN_BRBL RBL: Received via relay listed in Barracuda RBL
[208.92.232.69 listed in b.barracudacentral.org]
1.7 URIBL_BLACK Contains an URL listed in the URIBL blacklist
[URIs: netmagasap.com]
4.0 URIBL_IVMURI Contains a URL listed on ivmURI found at invaluement.com
[URIs: netmagasap.com]
1.5 RCVD_IN_JMF_BL RBL: Sender listed in JMF-BLACK
[208.92.232.69 listed in hostkarma.junkemailfilter.com]
1.4 RCVD_IN_BRBL_LASTEXT RBL: RCVD_IN_BRBL_LASTEXT
[208.92.232.69 listed in bb.barracudacentral.org]
5.0 RCVD_IN_IVMSIP RBL: listed on ivmSIP found at invaluement.com
[208.92.232.69 listed in sip.invaluement.com]
0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay lines
0.4 HTML_IMAGE_RATIO_02 BODY: HTML has a low ratio of text to image area
0.0 HTML_MESSAGE BODY: HTML included in message
0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60%
[score: 0.4997]
0.8 MPART_ALT_DIFF BODY: HTML and text parts are different
0.7 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
1.7 MIME_BASE64_TEXT RAW: Message text disguised using base64 encoding
1.1 DCC_CHECK Listed in DCC (http://rhyolite.com/anti-spam/dcc/)
0.9 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
1.9 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level
above 50%
[cf: 100]
0.5 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
[cf: 100]
1.4 PYZOR_CHECK Listed in Pyzor (http://pyzor.sf.net/)
0.3 DIGEST_MULTIPLE Message hits more than one network digest check
0.4 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag
0.0 MIME_HTML_ONLY_MULTI Multipart message only has text/html MIME parts
0.0 T_REMOTE_IMAGE Message contains an external image
--
Thanks, Phil
More information about the MailScanner
mailing list