We use a custom filtering process based on the Spam Assassin engine that is similar to a school teacher grading an English paper. Basically, we have a large set of rules, phrases and spam traits that are all given a 'weighted score' of points, anywhere from .1 to 205.0. The filtering system completely combs through the E-Mail and runs it though all of our filters giving credit points for some things, and taking away points on others. After it completes analyzing the mail, it adds up the TOTAL and compares this with the DEFAULT SCORE, of 6.0 (unless modified by user). Example Scoring:
rooster.SATEXAS.com X-Spam-Level: ********************** X-Spam-Status: Yes, score=22.3 required=6.0 tests=BAYES_99,HTML_90_100, HTML_IMAGE_ONLY_04,HTML_MESSAGE,HTML_MIME_NO_HTML_TAG, HTML_SHORT_LENGTH,IMAGE6,MIME_HTML_ONLY,RCVD_BY_IP, RCVD_HELO_IP_MISMATCH,RCVD_IN_DSBL,RCVD_IN_SORBS_DUL,RCVD_IN_XBL, RCVD_NUMERIC_HELO autolearn=spam version=3.0.4-SATEXAS_3.15 X-Spam-Report: * 0.1 RCVD_BY_IP Received by mail server with no name * 2.2 RCVD_NUMERIC_HELO Received: contains an IP address used for HELO * 3.0 RCVD_HELO_IP_MISMATCH Received: HELO and IP do not match, but should * 0.4 HTML_SHORT_LENGTH BODY: HTML is extremely short * 1.3 HTML_MESSAGE BODY: HTML included in message * 3.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100% * 0.2 MIME_HTML_ONLY BODY: Message only has text/html MIME parts * 1.0 HTML_90_100 BODY: Message is 90% to 100% HTML * 3.0 HTML_IMAGE_ONLY_04 BODY: HTML: images with 0-400 bytes of words * 1.8 IMAGE6 RAW: Image In Post * 2.0 RCVD_IN_SORBS_DUL RBL: SORBS: sent directly from dynamic IP address * 0.7 RCVD_IN_DSBL RBL: Received via a relay in list.dsbl.org * 3.1 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL * 0.1 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag In the above scoring, you can see the E-Mail has been determined to be SPAM with a score of 22.3, which is above the required 6.0 threshold in determining whether an E-Mail is spam or not.
|
