# active ruleset list, automatically generated from http://ruleqa.spamassassin.org/ # with results from: day 1: bb-doc bb-fredt bb-guenther_fraud bb-jhardin bb-jhardin_fraud bb-jm bb-kmcgrail bb-trec_enron bb-zmi dos hege wt-en1 wt-en2 wt-en3 wt-jp1 wt-jp2; day 2: bb-doc bb-fredt bb-guenther_fraud bb-jhardin bb-jhardin_fraud bb-jm bb-kmcgrail bb-trec_enron bb-zmi dos hege wt-en1 wt-en2 wt-en3 wt-jp1 wt-jp2; day 3: bb-doc bb-fredt bb-guenther_fraud bb-jhardin bb-jhardin_fraud bb-jm bb-kmcgrail bb-trec_enron bb-zmi dos hege wt-en1 wt-en2 wt-en3 wt-jp1 wt-jp2 # tflags userconf ALL_TRUSTED # good enough AXB_HELO_LH_HOME # tflags learn BAYES_00 # tflags learn BAYES_05 # tflags learn BAYES_20 # tflags learn BAYES_40 # tflags learn BAYES_50 # tflags learn BAYES_60 # tflags learn BAYES_80 # tflags learn BAYES_95 # tflags learn BAYES_99 # good enough BUG6152_INVALID_DATE_TZ_ABSURD # tflags userconf CHARSET_FARAWAY # tflags userconf CHARSET_FARAWAY_HEADER # tflags userconf CORRUPT_FROM_LINE_IN_HDRS # good enough DEAR_BENEFICIARY # good enough DEAR_WINNER # tflags net DIGEST_MULTIPLE # tflags net DKIM_ADSP_ALL # tflags net DKIM_ADSP_CUSTOM_HIGH # tflags net DKIM_ADSP_CUSTOM_LOW # tflags net DKIM_ADSP_CUSTOM_MED # tflags net DKIM_ADSP_DISCARD # tflags net DKIM_ADSP_NXDOMAIN # tflags net DKIM_POLICY_SIGNALL # tflags net DKIM_POLICY_SIGNSOME # tflags net DKIM_POLICY_TESTING # tflags net DKIM_SIGNED # tflags net DKIM_VALID # tflags net DKIM_VALID_AU # tflags net DKIM_VERIFIED # tflags net DNS_FROM_AHBL_RHSBL # tflags net DNS_FROM_RFC_BOGUSMX # tflags net DNS_FROM_RFC_DSN # tflags publish DOS_ANAL_SPAM_MAILER # good enough DOS_HIGH_BAT_TO_MX # good enough DOS_OE_TO_MX # good enough DOS_OE_TO_MX_IMAGE # good enough DOS_OUTLOOK_TO_MX # good enough DOS_RCVD_IP_TWICE_C # good enough DRUGS_STOCK_MIMEOLE # good enough DYN_RDNS_SHORT_HELO_HTML # good enough DYN_RDNS_SHORT_HELO_IMAGE # tflags userconf ENV_AND_HDR_SPF_MATCH # good enough FB_CIALIS_LEO3 # good enough FB_EXTRA_INCHES # good enough FB_GVR # good enough FB_INCREASE_YOUR # good enough FB_LOSE_WEIGHT_CAP # good enough FB_MOST_QUALITY # good enough FB_QUALITY_REPLICA # good enough FB_REPLICA_ROLEX # good enough FB_SAVE_PERSC # good enough FB_SOFTTABS # good enough FB_TIRED_OF_YOUR # good enough FB_ULTRA_ALLURE # good enough FB_WITHOUT_PRESC # good enough FB_YOUR_WEIGHT # good enough FH_FAKE_RCVD_LINE # good enough FH_FAKE_RCVD_LINE_B # good enough FH_HELO_ALMOST_IP # good enough FH_HELO_EQ_CHARTER # good enough FH_HELO_EQ_D_D_D_D # good enough FH_HOST_EQ_DYNAMICIP # good enough FH_HOST_EQ_PACBELL_D # good enough FH_HOST_EQ_VERIZON_P # good enough FH_HOST_IN_ADDRARPA # good enough FH_MSGID_XXX # good enough FILL_THIS_FORM_FRAUD_PHISH # good enough FILL_THIS_FORM_LOAN # good enough FILL_THIS_FORM_LONG # good enough FM_LOTTO_YOU_WON # good enough FM_SCHOOLING # good enough FM_SEX_HELODDDD # good enough FM_VEGAS_CASINO # good enough FORGED_TBIRD_IMG_ARROW # good enough FORGED_TBIRD_IMG_SIZE # good enough FORGED_TBIRD_IMG_TO_MX # tflags userconf FRAGMENTED_MESSAGE # tflags userconf FROM_DOMAIN_NOVOWEL # tflags userconf FROM_LOCAL_NOVOWEL # good enough FROM_MISSP_DYNIP # good enough FROM_MISSP_FREEMAIL # good enough FROM_MISSP_MSFT # good enough FRT_APPROV # good enough FRT_PHARMAC # good enough FRT_ROLEX # good enough FR_TITLE_NUMS # good enough FR_WATCHES_HTTP # good enough FSL_FAKE_GMAIL_RCVD # good enough FSL_FAKE_HOTMAIL_RVCD # good enough FSL_HELO_BARE_IP_1 # good enough FSL_HELO_DEVICE # good enough FSL_HELO_NON_FQDN_1 # good enough FSL_INTERIA_ABUSE # good enough FSL_YG_ABUSE # good enough FS_ABIGGER # good enough FS_APPROVE_YOU # good enough FS_ERECTION # good enough FS_LARGE_PERCENT2 # good enough FS_MORE_CONFIDENT # good enough FS_NUDE # good enough FS_OBFU_PRMCY # good enough FS_REPLICA # good enough FS_REPLICAWATCH # good enough FS_START_LOSE # good enough FS_WEIGHT_LOSS # good enough FS_WILL_HELP # tflags userconf GTUBE # tflags net HABEAS_ACCREDITED_COI # tflags net HABEAS_ACCREDITED_SOI # tflags userconf HASHCASH_20 # tflags userconf HASHCASH_21 # tflags userconf HASHCASH_22 # tflags userconf HASHCASH_23 # tflags userconf HASHCASH_24 # tflags userconf HASHCASH_25 # tflags userconf HASHCASH_2SPEND # tflags userconf HASHCASH_HIGH # tflags userconf HEAD_LONG # good enough HELO_LH_HOME # good enough HELO_OEM # tflags userconf HIGH_CODEPAGE_URI # good enough HK_FAKENAME_EBAY # good enough HK_FAKENAME_PAYPAL # good enough HK_LOTTO # good enough HK_NAME_DRUGS # good enough HK_RANDOM_ENVFROM # good enough HS_VPXL # tflags userconf HTML_CHARSET_FARAWAY # good enough IMG_DIRECT_TO_MX # tflags publish JM_I_FEEL_LUCKY # good enough JM_SOUGHT_FRAUD_1 # good enough JM_SOUGHT_FRAUD_2 # good enough JM_SOUGHT_FRAUD_3 # good enough KAM_LOTTO1 # good enough KAM_LOTTO2 # tflags publish KAM_STOCKOTC # tflags publish KAM_STOCKTIP15 # tflags publish KAM_STOCKTIP20 # tflags publish KAM_STOCKTIP21 # tflags publish KAM_STOCKTIP4 # tflags publish KAM_STOCKTIP6 # good enough KB_DATE_CONTAINS_TAB # good enough KB_FAKED_THE_BAT # good enough KB_RATWARE_BOUNDARY # good enough KB_RATWARE_MSGID # good enough KB_RATWARE_OUTLOOK_08 # good enough KB_RATWARE_OUTLOOK_12 # good enough KB_RATWARE_OUTLOOK_16 # good enough KB_RATWARE_OUTLOOK_MID # good enough LIVEFILESTORE # good enough LOTTERY_PH_004470 # good enough LOTTO_ADMITS # good enough LOTTO_AGENT # good enough LOTTO_WINNINGS # good enough LOTTO_WIN_01 # good enough L_SPAM_TOOL_13 # tflags userconf MIME_CHARSET_FARAWAY # tflags userconf MISSING_HB_SEP # good enough MONEY_FORM # good enough MONEY_LOTTERY # good enough MSOE_MID_WRONG_CASE # tflags net NO_DNS_FOR_FROM # tflags userconf NO_RECEIVED # tflags userconf NO_RELAYS # good enough PART_CID_STOCK # good enough PCT_FOR_YOU # tflags net PYZOR_CHECK # tflags net RAZOR2_CF_RANGE_51_100 # tflags net RAZOR2_CF_RANGE_E4_51_100 # tflags net RAZOR2_CF_RANGE_E8_51_100 # tflags net RAZOR2_CHECK # tflags net RCVD_IN_BL_SPAMCOP_NET # tflags net RCVD_IN_BRBL_LASTEXT # tflags net RCVD_IN_BSP_TRUSTED # tflags net RCVD_IN_DNSWL_HI # tflags net RCVD_IN_DNSWL_LOW # tflags net RCVD_IN_DNSWL_MED # tflags net RCVD_IN_IADB_DK # tflags net RCVD_IN_IADB_DOPTIN # tflags net RCVD_IN_IADB_DOPTIN_GT50 # tflags net RCVD_IN_IADB_DOPTIN_LT50 # tflags net RCVD_IN_IADB_EDDB # tflags net RCVD_IN_IADB_EPIA # tflags net RCVD_IN_IADB_GOODMAIL # tflags net RCVD_IN_IADB_LISTED # tflags net RCVD_IN_IADB_LOOSE # tflags net RCVD_IN_IADB_MI_CPEAR # tflags net RCVD_IN_IADB_MI_CPR_30 # tflags net RCVD_IN_IADB_MI_CPR_MAT # tflags net RCVD_IN_IADB_ML_DOPTIN # tflags net RCVD_IN_IADB_NOCONTROL # tflags net RCVD_IN_IADB_OOO # tflags net RCVD_IN_IADB_OPTIN # tflags net RCVD_IN_IADB_OPTIN_GT50 # tflags net RCVD_IN_IADB_OPTIN_LT50 # tflags net RCVD_IN_IADB_OPTOUTONLY # tflags net RCVD_IN_IADB_RDNS # tflags net RCVD_IN_IADB_SENDERID # tflags net RCVD_IN_IADB_SPF # tflags net RCVD_IN_IADB_UNVERIFIED_1 # tflags net RCVD_IN_IADB_UNVERIFIED_2 # tflags net RCVD_IN_IADB_UT_CPEAR # tflags net RCVD_IN_IADB_UT_CPR_30 # tflags net RCVD_IN_IADB_UT_CPR_MAT # tflags net RCVD_IN_IADB_VOUCHED # tflags net RCVD_IN_MAPS_DUL # tflags net RCVD_IN_MAPS_NML # tflags net RCVD_IN_MAPS_OPS # tflags net RCVD_IN_MAPS_RBL # tflags net RCVD_IN_MAPS_RSS # tflags net RCVD_IN_NJABL_CGI # tflags net RCVD_IN_NJABL_MULTI # tflags net RCVD_IN_NJABL_PROXY # tflags net RCVD_IN_NJABL_RELAY # tflags net RCVD_IN_NJABL_SPAM # tflags net RCVD_IN_PBL # tflags net RCVD_IN_PSBL # tflags net RCVD_IN_PSBL_2WEEKS # tflags net RCVD_IN_SBL # tflags net RCVD_IN_SORBS_BLOCK # tflags net RCVD_IN_SORBS_DUL # tflags net RCVD_IN_SORBS_HTTP # tflags net RCVD_IN_SORBS_MISC # tflags net RCVD_IN_SORBS_SMTP # tflags net RCVD_IN_SORBS_SOCKS # tflags net RCVD_IN_SORBS_WEB # tflags net RCVD_IN_SORBS_ZOMBIE # tflags net RCVD_IN_SSBL # tflags net RCVD_IN_SSC_TRUSTED_COI # tflags net RCVD_IN_XBL # good enough RDNS_LOCALHOST # good enough REPLYTO_WITHOUT_TO_CC # good enough SANE_04e8bf28eb445199a7f11b943c44d209 # good enough SANE_0c3c2453c66df7c8df280ebdad248db4 # good enough SANE_1c4f3286fa4aed6424ced88bfaf8b09c # good enough SANE_288f8016d836af09d6d57034b52fc5f6 # good enough SANE_2b173a7fb7518c75ac8a2d294d773fd8 # good enough SANE_391bf5f63e3ab72e7f461b71f06eee80 # good enough SANE_3b92eda751c992f230f215fb7eb36844 # good enough SANE_4ef8302546bf270a19baf98508afacc4 # good enough SANE_57eb6fb7217efcb7a706124454426ee6 # good enough SANE_5d45e71013e1bf6aa9c7f86d6cf21c0d # good enough SANE_7429530a7398f43f1f1b795f9420714e # good enough SANE_91eb43f705d25c804374a746d7519660 # good enough SANE_970bca3528887c0b4e6a1e0d63d20450 # good enough SANE_af2f58d5e4002bcd31ef44b83569de4b # good enough SANE_b58d7945d89b7afc9e2753c83b00ab44 # good enough SANE_c51de255d6cba77d524cf655d5bcee17 # good enough SANE_d0d2b0f6373bf91253d66dd74c594b87 # good enough SANE_d1ef7f3b64327d9d1c3535a0b7d7de11 # good enough SHORT_HELO_AND_INLINE_IMAGE # good enough SPAMMY_XMAILER # tflags net SPF_FAIL # tflags net SPF_HELO_FAIL # tflags net SPF_HELO_NEUTRAL # tflags userconf SPF_HELO_PASS # tflags net SPF_HELO_SOFTFAIL # tflags net SPF_NEUTRAL # tflags userconf SPF_PASS # tflags net SPF_SOFTFAIL # good enough STOCK_IMG_HDR_FROM # good enough STOCK_IMG_HTML # good enough STOX_REPLY_TYPE_WITHOUT_QUOTES # tflags userconf SUBJECT_IN_BLACKLIST # tflags userconf SUBJECT_IN_WHITELIST # good enough THEBAT_UNREG # good enough TO_NO_BRKTS_DYNIP # good enough TVD_FINGER_02 # good enough TVD_PH_REC # good enough TVD_PH_SUBJ_ACCOUNTS_POST # good enough TVD_PH_SUBJ_SEC_MEASURES # good enough TVD_QUAL_MEDS # good enough TVD_RCVD_IP # good enough TVD_RCVD_IP4 # good enough TVD_RCVD_SINGLE # good enough TVD_VISIT_PHARMA # good enough LOTTO_DEPT # good enough MONEY_DEAL # good enough TVD_PH_7 # good enough TVD_PH_SUBJ_META # tflags userconf UNPARSEABLE_RELAY # tflags net URIBL_AB_SURBL # tflags net URIBL_BLACK # tflags net URIBL_GREY # tflags net URIBL_JP_SURBL # tflags net URIBL_OB_SURBL # tflags net URIBL_PH_SURBL # tflags net URIBL_RED # tflags net URIBL_RHS_DOB # tflags net URIBL_SBL # tflags net URIBL_SC_SURBL # tflags net URIBL_WS_SURBL # tflags userconf URI_NOVOWEL # good enough URI_OBFU_WWW # tflags userconf USER_IN_ALL_SPAM_TO # tflags userconf USER_IN_BLACKLIST # tflags userconf USER_IN_BLACKLIST_TO # tflags userconf USER_IN_DEF_DKIM_WL # tflags userconf USER_IN_DEF_SPF_WL # tflags userconf USER_IN_DEF_WHITELIST # tflags userconf USER_IN_DKIM_WHITELIST # tflags userconf USER_IN_MORE_SPAM_TO # tflags userconf USER_IN_SPF_WHITELIST # tflags userconf USER_IN_WHITELIST # tflags userconf USER_IN_WHITELIST_TO # good enough XMAILER_MIMEOLE_OL_015D5 # good enough XMAILER_MIMEOLE_OL_07794 # good enough XMAILER_MIMEOLE_OL_09BB4 # good enough XMAILER_MIMEOLE_OL_1ECD5 # good enough XMAILER_MIMEOLE_OL_20C99 # good enough XMAILER_MIMEOLE_OL_22B61 # good enough XMAILER_MIMEOLE_OL_25340 # good enough XMAILER_MIMEOLE_OL_3857F # good enough XMAILER_MIMEOLE_OL_3D61D # good enough XMAILER_MIMEOLE_OL_465CD # good enough XMAILER_MIMEOLE_OL_4B815 # good enough XMAILER_MIMEOLE_OL_4BF4C # good enough XMAILER_MIMEOLE_OL_4EEDB # good enough XMAILER_MIMEOLE_OL_4F240 # good enough XMAILER_MIMEOLE_OL_58CB5 # good enough XMAILER_MIMEOLE_OL_5B79A # good enough XMAILER_MIMEOLE_OL_6554A # good enough XMAILER_MIMEOLE_OL_7533E # good enough XMAILER_MIMEOLE_OL_812FF # good enough XMAILER_MIMEOLE_OL_83BF7 # good enough XMAILER_MIMEOLE_OL_8627E # good enough XMAILER_MIMEOLE_OL_91287 # good enough XMAILER_MIMEOLE_OL_9B90B # good enough XMAILER_MIMEOLE_OL_ADFF7 # good enough XMAILER_MIMEOLE_OL_B30D1 # good enough XMAILER_MIMEOLE_OL_B4B40 # good enough XMAILER_MIMEOLE_OL_BC7E6 # good enough XMAILER_MIMEOLE_OL_C65FA # good enough XMAILER_MIMEOLE_OL_CAC8F # good enough XMAILER_MIMEOLE_OL_CF0C0 # good enough XMAILER_MIMEOLE_OL_F3B05 # good enough XMAILER_MIMEOLE_OL_F475E # good enough XMAILER_MIMEOLE_OL_F6D01 # good enough XMAILER_MIMEOLE_OL_FF5C8 # good enough X_MAILER_CME_6543_MSN # tflags net __DKIM_DEPENDABLE # tflags net __DNS_FROM_RFC_ABUSE # tflags net __DNS_FROM_RFC_POST # tflags net __DNS_FROM_RFC_WHOIS # tflags net __RCVD_IN_BRBL # tflags net __RCVD_IN_DNSWL # tflags net __RCVD_IN_IADB # tflags net __RCVD_IN_NJABL # tflags net __RCVD_IN_SORBS # tflags net __RCVD_IN_ZEN # tflags net __RFC_IGNORANT_ENVFROM