| Main Archive Page > Month Archives > spamassassin-users archives |
Re: Understanding AXB_X_AOL_SEZ_S
From: Alex <mysqlstudent_at_nospam>Date: Thu Mar 15 2012 - 20:32:46 GMT
To: Michael Scheidell <michael.scheidell@secnap.com>
Hi,
>> I've noticed that a number of hams have been tagged with
>> AXB_X_AOL_SEZ_S, creating false positives. Is this looking for a
>> simple pattern in the body that would cause so many fp's for me?
>>
> cluestick:
> find where your updated rules live.
> (locate MIRRORED.BY)
>
> grep AXB_X_AOL_SEZ_S *
Yes, I shouldn't have assumed that it was obvious I already did that.
However, it seems to be just too simplistic of a pattern to apply 3
pts:
72_active.cf:##{ AXB_X_AOL_SEZ_S
72_active.cf:header AXB_X_AOL_SEZ_S
x-aol-global-disposition =~ /^S$/
72_active.cf:describe AXB_X_AOL_SEZ_S AOL said this is S
72_active.cf:##} AXB_X_AOL_SEZ_S
72_scores.cf:score AXB_X_AOL_SEZ_S 2.799 2.999 2.799 2.999
I've found nearly every AOL mail has that header, no?
That's basically a poison pill rule...
Thanks,
Alex