Where can i find explanation of a SpamAssasin scores like SPOOFED_FREEMAIL?

16851556

6/28/24, 8:08 AM

I can define custom scores for SpamAssasin, default one seems to be zero and it makes me wonder if i should raise it, but before doing so, where can i find detailed information on how these particular scores works in order to evaluate right score value to use?

I was searching a few sites like https://cwiki.apache.org/confluence/display/spamassassin/ for phrase "SPOOFED_FREEMAIL", to discover detail about this particular score, but nothing found.

  0.0 FREEMAIL_FROM          Sender email is commonly abused enduser mail
                             provider
                             [yolinee[at]163.com]
  0.0 KAM_DMARC_STATUS       Test Rule for DKIM or SPF Failure with Strict
                             Alignment
  0.0 SPOOFED_FREEMAIL_NO_RDNS From SPOOFED_FREEMAIL and no rDNS
  0.0 SPOOFED_FREEMAIL       No description available.

I am interested to learn details about above scores mainly FREEMAIL ones, but where to search, where exactly is the place where i can find most detailed description about mentioned scores?

Here is very basic information: A) https://github.com/SpamExperts/OrangeAssassin-build/tree/master/debian/python3/usr/share/orangeassassin B) https://apache.googlesource.com/spamassassin/+/refs/tags/sa-update_3.4.0_20110317085118/rules

I have found only "FREEMAIL" kind of file which says "List contains commonly abused end user mail providers".

1 + 1

spam

spamassassin

anx

6/28/24, 9:25 AM

Look into wherever spamassassin is installed, configured (/etc/spamassassin) or is storing current rule collections (/var/lib/something). The actual definition of most rules is so close to human-readable, I would not be surprised if there was no additional commentary or documentation for many of them.

Score:1

Server

anx

6/28/24, 9:39 AM

Just review the definitions directly, where they are actually stored on your system. Probably:

/usr/share/spamassassin/20_freemail.cf
/usr/share/spamassassin/20_freemail_domains.cf

# and possible later versions at
/var/lib/spamassassin/{version}/{repository}/20_freemail.cf
/var/lib/spamassassin/{version}/{repository}/20_freemail_domains.cf

Such handcrafted lists rarely need hand tuning, though. You might rather want to retrieve sensible non-zero (but still small) defaults for these simply by fetching a (still somewhat maintained) updated rule set.

Its just an old, manually compiled list of domains known to have offered free mailboxes in the past. Nothing special and by nature always incomplete. Used for other useful signals in fighting spam, but generally not significantly on its own. A message claiming to be from one such known provider does not mean much in either direction: legitimate mail or trash. Check the other rules incorporating these, though. Sending from a freemail domain while also setting reply-to to something no private or business entity would reasonably do is a strong spam signal, that is why Spamassassin is right to keep the list around.

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Where can i find explanation of a SpamAssasin scores like SPOOFED_FREEMAIL?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.