# active ruleset list, automatically generated from http://ruleqa.spamassassin.org/ # with results from: day 1: bb-doc bb-fredt bb-guenther_fraud bb-jhardin bb-jhardin_fraud bb-jm bb-kmcgrail bb-trec_enron bb-zmi bernie-it_batt bernie-mix hege jm kgolding wt-en1 wt-en2 wt-en3 wt-en4 wt-en5 wt-jp1 wt-jp2; day 2: bb-doc bb-fredt bb-guenther_fraud bb-jhardin bb-jhardin_fraud bb-jm bb-kmcgrail bb-trec_enron bb-zmi bernie-it_batt bernie-mix dos hege jm kgolding wt-en1 wt-en2 wt-en3 wt-en4 wt-en5 wt-jp1 wt-jp2; day 3: bb-doc bb-fredt bb-guenther_fraud bb-jhardin bb-jhardin_fraud bb-jm bb-kmcgrail bb-trec_enron bb-zmi bernie-it_batt bernie-mix dos hege jm wt-en1 wt-en2 wt-en3 wt-en4 wt-en5 wt-jp1 wt-jp2 # tflags userconf ALL_TRUSTED # good enough AXB_HELO_HOME_UN # good enough BASE64_LENGTH_78_79 # tflags learn BAYES_00 # tflags learn BAYES_05 # tflags learn BAYES_20 # tflags learn BAYES_40 # tflags learn BAYES_50 # tflags learn BAYES_60 # tflags learn BAYES_80 # tflags learn BAYES_95 # tflags learn BAYES_99 # good enough BUG6152_INVALID_DATE_TZ_ABSURD # tflags userconf CHARSET_FARAWAY # tflags userconf CHARSET_FARAWAY_HEADER # tflags userconf CORRUPT_FROM_LINE_IN_HDRS # good enough DATE_IN_FUTURE_96_Q # good enough DATE_IN_FUTURE_Q_PLUS # good enough DEAR_BENEFICIARY # tflags net DIGEST_MULTIPLE # tflags net DKIM_ADSP_ALL # tflags net DKIM_ADSP_CUSTOM_HIGH # tflags net DKIM_ADSP_CUSTOM_LOW # tflags net DKIM_ADSP_CUSTOM_MED # tflags net DKIM_ADSP_DISCARD # tflags net DKIM_ADSP_NXDOMAIN # tflags net DKIM_SIGNED # tflags net DKIM_VALID # tflags net DKIM_VALID_AU # tflags net DNS_FROM_AHBL_RHSBL # tflags net DNS_FROM_RFC_BOGUSMX # tflags net DNS_FROM_RFC_DSN # tflags publish DOS_ANAL_SPAM_MAILER # good enough DOS_HIGHBIT_HDRS_BODY # good enough DOS_OE_TO_MX # good enough DOS_OUTLOOK_TO_MX # good enough DYN_RDNS_AND_INLINE_IMAGE # good enough DYN_RDNS_SHORT_HELO_HTML # good enough DYN_RDNS_SHORT_HELO_IMAGE # tflags userconf ENV_AND_HDR_SPF_MATCH # good enough FB_CIALIS_LEO3 # good enough FB_EXTRA_INCHES # good enough FB_QUALITY_REPLICA # good enough FB_REPLICA_ROLEX # good enough FB_SOFTTABS # good enough FH_FAKE_RCVD_LINE # good enough FH_FAKE_RCVD_LINE_B # good enough FH_FROM_GET_NAME # good enough FH_HELO_ALMOST_IP # good enough FH_HELO_EQ_CHARTER # good enough FH_HELO_EQ_D_D_D_D # good enough FH_HOST_EQ_DYNAMICIP # good enough FH_HOST_EQ_VERIZON_P # good enough FM_LOTTO_YOU_WON # good enough FM_SEX_HELODDDD # good enough FORGED_TBIRD_IMG_ARROW # good enough FORGED_TBIRD_IMG_SIZE # good enough FORGED_TBIRD_IMG_TO_MX # tflags userconf FRAGMENTED_MESSAGE # tflags userconf FROM_DOMAIN_NOVOWEL # tflags userconf FROM_LOCAL_NOVOWEL # good enough FROM_MISSP_DYNIP # good enough FROM_MISSP_FREEMAIL # good enough FROM_MISSP_MSFT # tflags net FROM_MISSP_SPF_FAIL1 # tflags net FROM_MISSP_SPF_FAIL2 # good enough FROM_URI # good enough FR_TITLE_CONS_6 # good enough FSL_FAKE_HOTMAIL_RVCD # good enough FSL_HELO_BARE_IP_1 # good enough FSL_HELO_DEVICE # good enough FSL_LSPACES_ABUSE # good enough FS_MORE_CONFIDENT # good enough FS_REPLICA # good enough FS_REPLICAWATCH # tflags userconf GTUBE # tflags userconf HASHCASH_20 # tflags userconf HASHCASH_21 # tflags userconf HASHCASH_22 # tflags userconf HASHCASH_23 # tflags userconf HASHCASH_24 # tflags userconf HASHCASH_25 # tflags userconf HASHCASH_2SPEND # tflags userconf HASHCASH_HIGH # tflags userconf HEAD_LONG # good enough HELO_LH_HOME # good enough HELO_NO_DOMAIN # good enough HELO_OEM # good enough HK_FAKENAME_MICROSOFT # good enough HK_NAME_DRUGS # good enough HK_NAME_FREE # good enough HK_RANDOM_ENVFROM # good enough HK_RANDOM_FROM # good enough HK_SCAM_N2 # tflags userconf HTML_CHARSET_FARAWAY # good enough IMAGESHACK_URI # good enough IMG_DIRECT_TO_MX # good enough KAM_LOTTO1 # good enough KB_DATE_CONTAINS_TAB # good enough KB_FAKED_THE_BAT # good enough KB_RATWARE_MSGID # good enough KB_RATWARE_OUTLOOK_MID # good enough LIVEFILESTORE # good enough LOTTERY_PH_004470 # good enough LOTTO_AGENT # good enough L_SPAM_TOOL_13 # good enough MANY_SPAN_IN_TEXT # tflags userconf MIME_CHARSET_FARAWAY # tflags userconf MISSING_HB_SEP # good enough MONEY_FRAUD_8 # good enough MONEY_FROM_MISSP # good enough MSOE_MID_WRONG_CASE # tflags net NO_DNS_FOR_FROM # tflags userconf NO_RECEIVED # tflags userconf NO_RELAYS # good enough NSL_RCVD_FROM_USER # good enough PART_CID_STOCK # tflags net PYZOR_CHECK # tflags net RAZOR2_CF_RANGE_51_100 # tflags net RAZOR2_CF_RANGE_E4_51_100 # tflags net RAZOR2_CF_RANGE_E8_51_100 # tflags net RAZOR2_CHECK # tflags net RCVD_IN_BL_SPAMCOP_NET # tflags net RCVD_IN_CSS # tflags net RCVD_IN_DNSWL_HI # tflags net RCVD_IN_DNSWL_LOW # tflags net RCVD_IN_DNSWL_MED # tflags net RCVD_IN_DNSWL_NONE # tflags net RCVD_IN_IADB_DK # tflags net RCVD_IN_IADB_DOPTIN # tflags net RCVD_IN_IADB_DOPTIN_GT50 # tflags net RCVD_IN_IADB_DOPTIN_LT50 # tflags net RCVD_IN_IADB_EDDB # tflags net RCVD_IN_IADB_EPIA # tflags net RCVD_IN_IADB_GOODMAIL # tflags net RCVD_IN_IADB_LISTED # tflags net RCVD_IN_IADB_LOOSE # tflags net RCVD_IN_IADB_MI_CPEAR # tflags net RCVD_IN_IADB_MI_CPR_30 # tflags net RCVD_IN_IADB_MI_CPR_MAT # tflags net RCVD_IN_IADB_ML_DOPTIN # tflags net RCVD_IN_IADB_NOCONTROL # tflags net RCVD_IN_IADB_OOO # tflags net RCVD_IN_IADB_OPTIN # tflags net RCVD_IN_IADB_OPTIN_GT50 # tflags net RCVD_IN_IADB_OPTIN_LT50 # tflags net RCVD_IN_IADB_OPTOUTONLY # tflags net RCVD_IN_IADB_RDNS # tflags net RCVD_IN_IADB_SENDERID # tflags net RCVD_IN_IADB_SPF # tflags net RCVD_IN_IADB_UNVERIFIED_1 # tflags net RCVD_IN_IADB_UNVERIFIED_2 # tflags net RCVD_IN_IADB_UT_CPEAR # tflags net RCVD_IN_IADB_UT_CPR_30 # tflags net RCVD_IN_IADB_UT_CPR_MAT # tflags net RCVD_IN_IADB_VOUCHED # tflags net RCVD_IN_MAPS_DUL # tflags net RCVD_IN_MAPS_NML # tflags net RCVD_IN_MAPS_OPS # tflags net RCVD_IN_MAPS_RBL # tflags net RCVD_IN_MAPS_RSS # tflags net RCVD_IN_NJABL_CGI # tflags net RCVD_IN_NJABL_MULTI # tflags net RCVD_IN_NJABL_PROXY # tflags net RCVD_IN_NJABL_RELAY # tflags net RCVD_IN_NJABL_SPAM # tflags net RCVD_IN_PBL # tflags net RCVD_IN_PSBL # tflags net RCVD_IN_RP_CERTIFIED # tflags net RCVD_IN_RP_RNBL # tflags net RCVD_IN_RP_SAFE # tflags net RCVD_IN_SBL # tflags net RCVD_IN_SORBS_BLOCK # tflags net RCVD_IN_SORBS_DUL # tflags net RCVD_IN_SORBS_HTTP # tflags net RCVD_IN_SORBS_MISC # tflags net RCVD_IN_SORBS_SMTP # tflags net RCVD_IN_SORBS_SOCKS # tflags net RCVD_IN_SORBS_WEB # tflags net RCVD_IN_SORBS_ZOMBIE # tflags net RCVD_IN_XBL # good enough S25R_1 # good enough S25R_6 # good enough SANE_04e8bf28eb445199a7f11b943c44d209 # good enough SANE_3b92eda751c992f230f215fb7eb36844 # good enough SANE_4ef8302546bf270a19baf98508afacc4 # good enough SANE_7429530a7398f43f1f1b795f9420714e # good enough SANE_75491b468ec2e117e50f9842d32abfab # good enough SANE_d0d2b0f6373bf91253d66dd74c594b87 # good enough SHORT_HELO_AND_INLINE_IMAGE # good enough SPAMMY_XMAILER # tflags net SPF_FAIL # tflags net SPF_HELO_FAIL # tflags net SPF_HELO_NEUTRAL # tflags userconf SPF_HELO_PASS # tflags net SPF_HELO_SOFTFAIL # tflags net SPF_NEUTRAL # tflags userconf SPF_PASS # tflags net SPF_SOFTFAIL # good enough STOCK_IMG_HDR_FROM # good enough STOX_REPLY_TYPE_WITHOUT_QUOTES # good enough STYLE_GIBBERISH # tflags userconf SUBJECT_IN_BLACKLIST # tflags userconf SUBJECT_IN_WHITELIST # good enough TAB_IN_FROM # good enough TINY_FLOAT # good enough TO_NO_BRKTS_DYNIP # good enough TT_MSGID_TRUNC # good enough TVD_FINGER_02 # good enough TVD_QUAL_MEDS # good enough TVD_RCVD_SINGLE # good enough TWO_IPS_RCVD # good enough DEAR_EMAIL # good enough FORM_FRAUD_5 # good enough FROM_MISSP_EH_MATCH # good enough FROM_MISSP_USER # tflags userconf UNPARSEABLE_RELAY # tflags net URIBL_AB_SURBL # tflags net URIBL_BLACK # tflags net URIBL_DBL_ERROR # tflags net URIBL_DBL_SPAM # tflags net URIBL_GREY # tflags net URIBL_JP_SURBL # tflags net URIBL_OB_SURBL # tflags net URIBL_PH_SURBL # tflags net URIBL_RED # tflags net URIBL_RHS_DOB # tflags net URIBL_SBL # tflags net URIBL_SC_SURBL # tflags net URIBL_WS_SURBL # good enough URI_DOM_OBFU # tflags userconf URI_NOVOWEL # tflags userconf USER_IN_ALL_SPAM_TO # tflags userconf USER_IN_BLACKLIST # tflags userconf USER_IN_BLACKLIST_TO # tflags net USER_IN_DEF_DKIM_WL # tflags userconf USER_IN_DEF_SPF_WL # tflags userconf USER_IN_DEF_WHITELIST # tflags net USER_IN_DKIM_WHITELIST # tflags userconf USER_IN_MORE_SPAM_TO # tflags userconf USER_IN_SPF_WHITELIST # tflags userconf USER_IN_WHITELIST # tflags userconf USER_IN_WHITELIST_TO # good enough XMAILER_MIMEOLE_OL_1ECD5 # good enough XMAILER_MIMEOLE_OL_22B61 # good enough XMAILER_MIMEOLE_OL_8627E # good enough X_MAILER_CME_6543_MSN # tflags net __DNS_FROM_RFC_ABUSE # tflags net __DNS_FROM_RFC_POST # tflags net __DNS_FROM_RFC_WHOIS # tflags net __RCVD_IN_BRBL # tflags net __RCVD_IN_DNSWL # tflags net __RCVD_IN_IADB # tflags net __RCVD_IN_NJABL # tflags net __RCVD_IN_SORBS # tflags net __RCVD_IN_ZEN # tflags net __RESIGNER1 # tflags net __RESIGNER2 # tflags net __RFC_IGNORANT_ENVFROM