| # active ruleset list, automatically generated from http://ruleqa.spamassassin.org/ |
| # with results from: day 1: bb-doc bb-fredt bb-guenther_fraud bb-jhardin bb-jhardin_fraud bb-jm bb-kmcgrail bb-trec_enron bb-zmi bernie-it_batt bernie-mix danmcdonald dos kgolding wt-en1 wt-en2 wt-en3 wt-en4 wt-en5 wt-jp1 wt-jp2; day 2: bb-doc bb-fredt bb-guenther_fraud bb-jhardin bb-jhardin_fraud bb-jm bb-kmcgrail bb-trec_enron bb-zmi bernie-it_batt bernie-mix danmcdonald kgolding wt-en1 wt-en2 wt-en3 wt-en4 wt-en5 wt-jp1 wt-jp2; day 3: bb-doc bb-fredt bb-guenther_fraud bb-jhardin bb-jhardin_fraud bb-jm bb-kmcgrail bb-trec_enron bb-zmi bernie-it_batt bernie-mix danmcdonald jm kgolding wt-en1 wt-en2 wt-en3 wt-en4 wt-en5 wt-jp1 wt-jp2 |
| |
| # tflags publish |
| ADVANCE_FEE_2_NEW_FORM |
| |
| # tflags publish |
| ADVANCE_FEE_2_NEW_MONEY |
| |
| # tflags publish |
| ADVANCE_FEE_3_NEW |
| |
| # tflags publish |
| ADVANCE_FEE_3_NEW_FORM |
| |
| # tflags publish |
| ADVANCE_FEE_3_NEW_MONEY |
| |
| # tflags publish |
| ADVANCE_FEE_4_NEW |
| |
| # tflags publish |
| ADVANCE_FEE_5_NEW |
| |
| # tflags userconf |
| ALL_TRUSTED |
| |
| # good enough |
| AXB_HELO_HOME_UN |
| |
| # good enough |
| BASE64_LENGTH_78_79 |
| |
| # tflags learn |
| BAYES_00 |
| |
| # tflags learn |
| BAYES_05 |
| |
| # tflags learn |
| BAYES_20 |
| |
| # tflags learn |
| BAYES_40 |
| |
| # tflags learn |
| BAYES_50 |
| |
| # tflags learn |
| BAYES_60 |
| |
| # tflags learn |
| BAYES_80 |
| |
| # tflags learn |
| BAYES_95 |
| |
| # tflags learn |
| BAYES_99 |
| |
| # tflags userconf |
| CHARSET_FARAWAY |
| |
| # tflags userconf |
| CHARSET_FARAWAY_HEADER |
| |
| # tflags userconf |
| CORRUPT_FROM_LINE_IN_HDRS |
| |
| # good enough |
| DATE_IN_FUTURE_96_Q |
| |
| # good enough |
| DATE_IN_FUTURE_Q_PLUS |
| |
| # good enough |
| DEAR_BENEFICIARY |
| |
| # good enough |
| DEAR_EMAIL |
| |
| # tflags net |
| DIGEST_MULTIPLE |
| |
| # tflags net |
| DKIM_ADSP_ALL |
| |
| # tflags net |
| DKIM_ADSP_CUSTOM_HIGH |
| |
| # tflags net |
| DKIM_ADSP_CUSTOM_LOW |
| |
| # tflags net |
| DKIM_ADSP_CUSTOM_MED |
| |
| # tflags net |
| DKIM_ADSP_DISCARD |
| |
| # tflags net |
| DKIM_ADSP_NXDOMAIN |
| |
| # tflags net |
| DKIM_SIGNED |
| |
| # tflags net |
| DKIM_VALID |
| |
| # tflags net |
| DKIM_VALID_AU |
| |
| # tflags net |
| DNS_FROM_AHBL_RHSBL |
| |
| # tflags net |
| DNS_FROM_RFC_BOGUSMX |
| |
| # tflags net |
| DNS_FROM_RFC_DSN |
| |
| # tflags publish |
| DOS_ANAL_SPAM_MAILER |
| |
| # good enough |
| DOS_OE_TO_MX |
| |
| # good enough |
| DOS_OE_TO_MX_IMAGE |
| |
| # good enough |
| DOS_RCVD_IP_TWICE_C |
| |
| # good enough |
| DRUGS_STOCK_MIMEOLE |
| |
| # good enough |
| DYN_RDNS_AND_INLINE_IMAGE |
| |
| # good enough |
| DYN_RDNS_SHORT_HELO_HTML |
| |
| # tflags userconf |
| ENV_AND_HDR_SPF_MATCH |
| |
| # good enough |
| FB_GVR |
| |
| # good enough |
| FB_QUALITY_REPLICA |
| |
| # good enough |
| FB_REPLICA_ROLEX |
| |
| # good enough |
| FH_FAKE_RCVD_LINE |
| |
| # good enough |
| FH_FAKE_RCVD_LINE_B |
| |
| # good enough |
| FH_FROM_GET_NAME |
| |
| # good enough |
| FH_HELO_ALMOST_IP |
| |
| # good enough |
| FH_HELO_EQ_D_D_D_D |
| |
| # good enough |
| FH_HOST_EQ_DYNAMICIP |
| |
| # tflags publish |
| FILL_THIS_FORM |
| |
| # good enough |
| FM_LOTTO_YOU_WON |
| |
| # good enough |
| FM_SUBJ_APPROVE |
| |
| # tflags publish |
| FORM_FRAUD_3 |
| |
| # tflags publish |
| FORM_FRAUD_5 |
| |
| # tflags userconf |
| FRAGMENTED_MESSAGE |
| |
| # tflags userconf |
| FROM_DOMAIN_NOVOWEL |
| |
| # tflags publish |
| FROM_IN_TO_AND_SUBJ |
| |
| # tflags userconf |
| FROM_LOCAL_NOVOWEL |
| |
| # good enough |
| FROM_MISSPACED |
| |
| # good enough |
| FROM_MISSP_DYNIP |
| |
| # good enough |
| FROM_MISSP_EH_MATCH |
| |
| # good enough |
| FROM_MISSP_FREEMAIL |
| |
| # good enough |
| FROM_MISSP_MSFT |
| |
| # good enough |
| FROM_MISSP_NO_TO |
| |
| # tflags net |
| FROM_MISSP_SPF_FAIL |
| |
| # good enough |
| FROM_MISSP_TO_UNDISC |
| |
| # good enough |
| FROM_MISSP_USER |
| |
| # good enough |
| FRT_APPROV |
| |
| # good enough |
| FRT_PHARMAC |
| |
| # good enough |
| FRT_PRICE |
| |
| # good enough |
| FRT_ROLEX |
| |
| # good enough |
| FR_WATCHES_HTTP |
| |
| # good enough |
| FSL_BOTSPAM_1 |
| |
| # good enough |
| FSL_BOTSPAM_2 |
| |
| # good enough |
| FSL_BOTSPAM_3 |
| |
| # good enough |
| FSL_CTYPE_WIN1251 |
| |
| # good enough |
| FSL_HELO_BARE_IP_1 |
| |
| # good enough |
| FSL_HELO_DEVICE |
| |
| # good enough |
| FSL_MID_419 |
| |
| # good enough |
| FSL_RU_URL |
| |
| # good enough |
| FSL_THIS_IS_ADV |
| |
| # good enough |
| FS_CAILIS |
| |
| # good enough |
| FS_REPLICAWATCH |
| |
| # good enough |
| FS_WILL_HELP |
| |
| # tflags userconf |
| GTUBE |
| |
| # good enough |
| GZ_PILL_SQUATTERS |
| |
| # tflags userconf |
| HASHCASH_20 |
| |
| # tflags userconf |
| HASHCASH_21 |
| |
| # tflags userconf |
| HASHCASH_22 |
| |
| # tflags userconf |
| HASHCASH_23 |
| |
| # tflags userconf |
| HASHCASH_24 |
| |
| # tflags userconf |
| HASHCASH_25 |
| |
| # tflags userconf |
| HASHCASH_2SPEND |
| |
| # tflags userconf |
| HASHCASH_HIGH |
| |
| # tflags userconf |
| HEAD_LONG |
| |
| # good enough |
| HELO_LH_HOME |
| |
| # good enough |
| HELO_NO_DOMAIN |
| |
| # good enough |
| HELO_OEM |
| |
| # good enough |
| HK_FAKENAME_MICROSOFT |
| |
| # good enough |
| HK_NAME_DRUGS |
| |
| # good enough |
| HK_SCAM_N2 |
| |
| # good enough |
| HK_SCAM_N8 |
| |
| # good enough |
| HK_SPAMMY_FILENAME |
| |
| # good enough |
| HTML_ATTACH |
| |
| # tflags userconf |
| HTML_CHARSET_FARAWAY |
| |
| # good enough |
| KAM_LOTTO1 |
| |
| # good enough |
| KAM_LOTTO2 |
| |
| # good enough |
| KB_DATE_CONTAINS_TAB |
| |
| # good enough |
| KB_FAKED_THE_BAT |
| |
| # good enough |
| KB_RATWARE_MSGID |
| |
| # good enough |
| KB_RATWARE_OUTLOOK_MID |
| |
| # tflags publish |
| LOTS_OF_MONEY |
| |
| # good enough |
| LOTTERY_PH_004470 |
| |
| # good enough |
| LOTTO_AGENT |
| |
| # tflags publish |
| MAILER_EQ_ORG |
| |
| # tflags userconf |
| MIME_CHARSET_FARAWAY |
| |
| # tflags userconf |
| MISSING_HB_SEP |
| |
| # good enough |
| MONEY_ATM_CARD |
| |
| # tflags publish |
| MONEY_FRAUD_3 |
| |
| # tflags publish |
| MONEY_FRAUD_5 |
| |
| # tflags publish |
| MONEY_FRAUD_8 |
| |
| # good enough |
| MONEY_FROM_MISSP |
| |
| # good enough |
| MONEY_LOTTERY |
| |
| # good enough |
| MSOE_MID_WRONG_CASE |
| |
| # tflags net |
| NO_DNS_FOR_FROM |
| |
| # tflags userconf |
| NO_RECEIVED |
| |
| # tflags userconf |
| NO_RELAYS |
| |
| # good enough |
| NSL_RCVD_FROM_USER |
| |
| # good enough |
| OBFU_ATTACH_MISSP |
| |
| # tflags publish |
| OBFU_JVSCR_ESC |
| |
| # tflags publish |
| OBFU_TEXT_ATTACH |
| |
| # tflags net |
| PYZOR_CHECK |
| |
| # tflags net |
| RAZOR2_CF_RANGE_51_100 |
| |
| # tflags net |
| RAZOR2_CF_RANGE_E4_51_100 |
| |
| # tflags net |
| RAZOR2_CF_RANGE_E8_51_100 |
| |
| # tflags net |
| RAZOR2_CHECK |
| |
| # tflags net |
| RCVD_IN_BL_SPAMCOP_NET |
| |
| # tflags net |
| RCVD_IN_CSS |
| |
| # tflags net |
| RCVD_IN_DNSWL_HI |
| |
| # tflags net |
| RCVD_IN_DNSWL_LOW |
| |
| # tflags net |
| RCVD_IN_DNSWL_MED |
| |
| # tflags net |
| RCVD_IN_DNSWL_NONE |
| |
| # tflags net |
| RCVD_IN_IADB_DK |
| |
| # tflags net |
| RCVD_IN_IADB_DOPTIN |
| |
| # tflags net |
| RCVD_IN_IADB_DOPTIN_GT50 |
| |
| # tflags net |
| RCVD_IN_IADB_DOPTIN_LT50 |
| |
| # tflags net |
| RCVD_IN_IADB_EDDB |
| |
| # tflags net |
| RCVD_IN_IADB_EPIA |
| |
| # tflags net |
| RCVD_IN_IADB_GOODMAIL |
| |
| # tflags net |
| RCVD_IN_IADB_LISTED |
| |
| # tflags net |
| RCVD_IN_IADB_LOOSE |
| |
| # tflags net |
| RCVD_IN_IADB_MI_CPEAR |
| |
| # tflags net |
| RCVD_IN_IADB_MI_CPR_30 |
| |
| # tflags net |
| RCVD_IN_IADB_MI_CPR_MAT |
| |
| # tflags net |
| RCVD_IN_IADB_ML_DOPTIN |
| |
| # tflags net |
| RCVD_IN_IADB_NOCONTROL |
| |
| # tflags net |
| RCVD_IN_IADB_OOO |
| |
| # tflags net |
| RCVD_IN_IADB_OPTIN |
| |
| # tflags net |
| RCVD_IN_IADB_OPTIN_GT50 |
| |
| # tflags net |
| RCVD_IN_IADB_OPTIN_LT50 |
| |
| # tflags net |
| RCVD_IN_IADB_OPTOUTONLY |
| |
| # tflags net |
| RCVD_IN_IADB_RDNS |
| |
| # tflags net |
| RCVD_IN_IADB_SENDERID |
| |
| # tflags net |
| RCVD_IN_IADB_SPF |
| |
| # tflags net |
| RCVD_IN_IADB_UNVERIFIED_1 |
| |
| # tflags net |
| RCVD_IN_IADB_UNVERIFIED_2 |
| |
| # tflags net |
| RCVD_IN_IADB_UT_CPEAR |
| |
| # tflags net |
| RCVD_IN_IADB_UT_CPR_30 |
| |
| # tflags net |
| RCVD_IN_IADB_UT_CPR_MAT |
| |
| # tflags net |
| RCVD_IN_IADB_VOUCHED |
| |
| # tflags net |
| RCVD_IN_MAPS_DUL |
| |
| # tflags net |
| RCVD_IN_MAPS_NML |
| |
| # tflags net |
| RCVD_IN_MAPS_OPS |
| |
| # tflags net |
| RCVD_IN_MAPS_RBL |
| |
| # tflags net |
| RCVD_IN_MAPS_RSS |
| |
| # tflags net |
| RCVD_IN_NJABL_CGI |
| |
| # tflags net |
| RCVD_IN_NJABL_MULTI |
| |
| # tflags net |
| RCVD_IN_NJABL_PROXY |
| |
| # tflags net |
| RCVD_IN_NJABL_RELAY |
| |
| # tflags net |
| RCVD_IN_NJABL_SPAM |
| |
| # tflags net |
| RCVD_IN_PBL |
| |
| # tflags net |
| RCVD_IN_PSBL |
| |
| # tflags net |
| RCVD_IN_RP_CERTIFIED |
| |
| # tflags net |
| RCVD_IN_RP_RNBL |
| |
| # tflags net |
| RCVD_IN_RP_SAFE |
| |
| # tflags net |
| RCVD_IN_SBL |
| |
| # tflags net |
| RCVD_IN_SORBS_BLOCK |
| |
| # tflags net |
| RCVD_IN_SORBS_DUL |
| |
| # tflags net |
| RCVD_IN_SORBS_HTTP |
| |
| # tflags net |
| RCVD_IN_SORBS_MISC |
| |
| # tflags net |
| RCVD_IN_SORBS_SMTP |
| |
| # tflags net |
| RCVD_IN_SORBS_SOCKS |
| |
| # tflags net |
| RCVD_IN_SORBS_WEB |
| |
| # tflags net |
| RCVD_IN_SORBS_ZOMBIE |
| |
| # tflags net |
| RCVD_IN_XBL |
| |
| # good enough |
| RISK_FREE |
| |
| # good enough |
| S25R_6 |
| |
| # good enough |
| SANE_04e8bf28eb445199a7f11b943c44d209 |
| |
| # good enough |
| SANE_4ef8302546bf270a19baf98508afacc4 |
| |
| # good enough |
| SANE_7429530a7398f43f1f1b795f9420714e |
| |
| # good enough |
| SANE_9f754392a8c622a3eb2ef735b6b00c3b |
| |
| # good enough |
| SANE_d0d2b0f6373bf91253d66dd74c594b87 |
| |
| # good enough |
| SINGLE_HEADER_2K |
| |
| # good enough |
| SPAMMY_XMAILER |
| |
| # tflags net |
| SPF_FAIL |
| |
| # tflags net |
| SPF_HELO_FAIL |
| |
| # tflags net |
| SPF_HELO_NEUTRAL |
| |
| # tflags userconf |
| SPF_HELO_PASS |
| |
| # tflags net |
| SPF_HELO_SOFTFAIL |
| |
| # tflags net |
| SPF_NEUTRAL |
| |
| # tflags userconf |
| SPF_PASS |
| |
| # tflags net |
| SPF_SOFTFAIL |
| |
| # good enough |
| STOCK_IMG_HDR_FROM |
| |
| # good enough |
| STOX_REPLY_TYPE_WITHOUT_QUOTES |
| |
| # tflags userconf |
| SUBJECT_IN_BLACKLIST |
| |
| # tflags userconf |
| SUBJECT_IN_WHITELIST |
| |
| # good enough |
| SUBJECT_NEEDS_ENCODING |
| |
| # good enough |
| TAB_IN_FROM |
| |
| # good enough |
| TINY_FLOAT |
| |
| # tflags publish |
| TO_EQ_FM_DIRECT_MX |
| |
| # good enough |
| TO_EQ_FM_DOM_HTML_IMG |
| |
| # good enough |
| TO_EQ_FM_DOM_HTML_ONLY |
| |
| # tflags net |
| TO_EQ_FM_DOM_SPF_FAIL |
| |
| # tflags publish |
| TO_EQ_FM_HTML_DIRECT |
| |
| # tflags publish |
| TO_EQ_FM_HTML_ONLY |
| |
| # tflags net |
| TO_EQ_FM_SPF_FAIL |
| |
| # good enough |
| TO_IN_SUBJ |
| |
| # tflags publish |
| TO_NO_BRKTS_DIRECT |
| |
| # good enough |
| TO_NO_BRKTS_NORDNS_HTML |
| |
| # good enough |
| TO_NO_BRKTS_NOTLIST |
| |
| # good enough |
| TO_NO_BRKTS_PCNT |
| |
| # good enough |
| TT_MSGID_TRUNC |
| |
| # good enough |
| TVD_FINGER_02 |
| |
| # good enough |
| TVD_PCT_OFF |
| |
| # good enough |
| TVD_QUAL_MEDS |
| |
| # good enough |
| TVD_RCVD_SINGLE |
| |
| # tflags publish |
| MANY_SPAN_IN_TEXT |
| |
| # tflags publish |
| TO_NO_BRKTS_DYNIP |
| |
| # good enough |
| TO_NO_BRKTS_FROM_MSSP |
| |
| # tflags userconf |
| UNPARSEABLE_RELAY |
| |
| # tflags net |
| URIBL_AB_SURBL |
| |
| # tflags net |
| URIBL_BLACK |
| |
| # tflags net |
| URIBL_DBL_ERROR |
| |
| # tflags net |
| URIBL_DBL_SPAM |
| |
| # tflags net |
| URIBL_GREY |
| |
| # tflags net |
| URIBL_JP_SURBL |
| |
| # tflags net |
| URIBL_OB_SURBL |
| |
| # tflags net |
| URIBL_PH_SURBL |
| |
| # tflags net |
| URIBL_RED |
| |
| # tflags net |
| URIBL_RHS_DOB |
| |
| # tflags net |
| URIBL_SBL |
| |
| # tflags net |
| URIBL_SC_SURBL |
| |
| # tflags net |
| URIBL_WS_SURBL |
| |
| # tflags userconf |
| URI_NOVOWEL |
| |
| # tflags userconf |
| USER_IN_ALL_SPAM_TO |
| |
| # tflags userconf |
| USER_IN_BLACKLIST |
| |
| # tflags userconf |
| USER_IN_BLACKLIST_TO |
| |
| # tflags net |
| USER_IN_DEF_DKIM_WL |
| |
| # tflags userconf |
| USER_IN_DEF_SPF_WL |
| |
| # tflags userconf |
| USER_IN_DEF_WHITELIST |
| |
| # tflags net |
| USER_IN_DKIM_WHITELIST |
| |
| # tflags userconf |
| USER_IN_MORE_SPAM_TO |
| |
| # tflags userconf |
| USER_IN_SPF_WHITELIST |
| |
| # tflags userconf |
| USER_IN_WHITELIST |
| |
| # tflags userconf |
| USER_IN_WHITELIST_TO |
| |
| # good enough |
| VANITY |
| |
| # good enough |
| XMAILER_MIMEOLE_OL_1ECD5 |
| |
| # good enough |
| X_MAILER_CME_6543_MSN |
| |
| # good enough |
| YOUR_PERMISSION |
| |
| # tflags net |
| __DNS_FROM_RFC_ABUSE |
| |
| # tflags net |
| __DNS_FROM_RFC_POST |
| |
| # tflags net |
| __DNS_FROM_RFC_WHOIS |
| |
| # tflags net |
| __RCVD_IN_BRBL |
| |
| # tflags net |
| __RCVD_IN_DNSWL |
| |
| # tflags net |
| __RCVD_IN_IADB |
| |
| # tflags net |
| __RCVD_IN_NJABL |
| |
| # tflags net |
| __RCVD_IN_SORBS |
| |
| # tflags net |
| __RCVD_IN_ZEN |
| |
| # tflags net |
| __RESIGNER1 |
| |
| # tflags net |
| __RESIGNER2 |
| |
| # tflags net |
| __RFC_IGNORANT_ENVFROM |
