6629 – Add a configuration option to limit the maximum score of any rule

Bug 6629 - Add a configuration option to limit the maximum score of any rule

Summary: Add a configuration option to limit the maximum score of any rule

Status:	RESOLVED WONTFIX

Alias:	None

Product:	Spamassassin
Classification:	Unclassified
Component:	Rules (show other bugs)
Version:	SVN Trunk (Latest Devel Version)
Hardware:	PC Windows 7

Importance:	P2 normal
Target Milestone:	Undefined
Assignee:	SpamAssassin Developer Mailing List

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2011-07-01 19:16 UTC by Kevin A. McGrail
Modified:	2019-06-18 17:24 UTC (History)
CC List:	3 users (show)

Attachment	Type	Modified	Status	Actions	Submitter/CLA Status
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Kevin A. McGrail 2011-07-01 19:16:49 UTC

As discussed by Lawrence Williams: 

"Could we do something like put a upper cap on the score any rule can have (outside of BAYES_XX of course)? On a server with required score set to 5, 3.1 is simply too much.

Perhaps 2.5 with no net or bayes, 2.0 with net, and 1.5 with bayes or net + bayes"

This will likely need to exclude certain rules and should have a way of modifying exemptions:

Things such as USER_IN_WHITELIST, BAYES and AWL come to mind immediately.

Otherwise, configuration options such as those above are desired:

maximum_rule_score 2.5
maximum_rule_score_exemptions XYZ Rule (with a default as discussed above)

Comment 1 D. Stussy 2011-07-02 00:18:29 UTC

Is there a reason why you can't raise your threshold (i.e. minimum spam) score?

Comment 2 Lawrence 2011-07-02 20:31:27 UTC

Because that would be a bandaid solution to the real problem: rules with scores of 3+ being put into the SA rules and hitting ham way too hard.

I think Kevin misunderstood what I was trying to say. I was not referring to configuration options, but rather a policy for SA rules to abide by. Maybe the rules generator could do an automatic check and warn of any violations too.

Thoughts?

Comment 3 D. Stussy 2011-07-03 04:26:46 UTC

You may be the only person viewing those mails as "ham."  I find that the scores are set quite well for what I see, although occasionally I do have a spam (like a real Nigerian-419) come in and hit tilt.  The highest score I've ever seen was about 62 (on their 0-10 with 5.0 being the threshold).  Fortunately, I use a different threshold.  I've not seen a "ham" classified as a spam in the past year.

Except for the GTUBE test, all rules are definently less than 5.0, and I suspect that most (80%) less than 3.0 (although I haven't actually surveyed them).

I don't see the need for the software to maintain a cap.  That can be handled by the rules generators which us average users of the software need not see nor have.  What may help is to find out the current policy and ranges, if one exists.

Comment 4 D. Stussy 2011-07-16 01:19:12 UTC

Aside:  I hit a new top spammy score (without blacklist) of incoming spam at my personal mail server:  69.311.  The message was indeed spam.

The highest contributing rule score was 3.2, and the next were 2.8, 2.6, and multiple 2.5's.  71 different rules fired, and all had positive scores.


As an additional aside comment, maybe there should be a web page for the spammiest [non-test] spam seen, along with its spam report?  ;-)

Comment 5 Henrik Krohns 2019-06-18 17:24:59 UTC

I don't see any use for option like "maximum_rule_score", it would overly complicate things. It's up to masscheck to provide reasonable scores for official rules, and user is free to set any scores needed (without gotchas like "ohh i forgot there was some random maximum limit and i have to put this rule there now..).

What could be useful it having sa-update option to limit or multiple scores. That's in another bug.