# active ruleset list, automatically generated from http://ruleqa.spamassassin.org/ # with results from: bb-doc bb-jm bb-zmi cthielen daf parkerm theo wtogami zmi # good enough ADVANCE_FEE_3 # good enough ADVANCE_FEE_4 # tflags userconf AWL # good enough AXB_FAKETZ # good enough BAD_ENC_HEADER # good enough BANG_OPRAH # tflags learn BAYES_00 # tflags learn BAYES_05 # tflags learn BAYES_20 # tflags learn BAYES_40 # tflags learn BAYES_50 # tflags learn BAYES_60 # tflags learn BAYES_80 # tflags learn BAYES_95 # tflags learn BAYES_99 # good enough CUM_SHOT # good enough DATE_IN_FUTURE_03_06 # good enough DATE_IN_FUTURE_12_24 # good enough DATE_IN_FUTURE_24_48 # good enough DATE_IN_FUTURE_48_96 # good enough DATE_IN_FUTURE_96_XX # good enough DATE_IN_PAST_06_12 # good enough DATE_IN_PAST_96_XX # good enough DATE_SPAMWARE_Y2K # good enough DEAR_WINNER # tflags net DIGEST_MULTIPLE # good enough DISGUISE_PORN_MUNDANE # tflags net DNS_FROM_AHBL_RHSBL # tflags net DNS_FROM_RFC_ABUSE # tflags net DNS_FROM_RFC_BOGUSMX # tflags net DNS_FROM_RFC_DSN # tflags net DNS_FROM_RFC_POST # tflags net DNS_FROM_RFC_WHOIS # tflags net DNS_FROM_SECURITYSAGE # good enough DRUGS_ANXIETY # good enough DRUGS_ANXIETY_EREC # good enough DRUGS_ANXIETY_OBFU # good enough DRUGS_DIET # good enough DRUGS_ERECTILE # good enough DRUGS_ERECTILE_OBFU # good enough DRUGS_HDIA # good enough DRUGS_MANYKINDS # good enough DRUGS_SLEEP_EREC # good enough DRUG_DOSAGE # good enough DRUG_ED_GENERIC # good enough DRUG_ED_SILD # good enough EMPTY_MESSAGE # good enough EM_ROLEX # good enough ENGLISH_UCE_SUBJECT # tflags userconf ENV_AND_HDR_SPF_MATCH # good enough EXCUSE_24 # good enough FAKE_HELO_LYCOS # good enough FAKE_HELO_MAIL_COM # good enough FAKE_HELO_MAIL_COM_DOM # good enough FAKE_HELO_MSN # good enough FAKE_HELO_YAHOO_CA # good enough FAKE_OUTBLAZE_RCVD # good enough FB_CIALIS_LEO3 # good enough FB_SAVE_LEO # good enough FB_THOUS_PERSONAL # good enough FB_VALIUM_LEO2 # good enough FB_VIAGRA_LEO2 # good enough FB_VIAGRA_LEO3 # good enough FB_YOURSELF_MASTER # good enough FH_DATE_IS_19XX # good enough FH_DATE_PAST_20XX # good enough FH_FROM_HOODIA # good enough FH_FROM_TO_PERC # good enough FH_HELO_GMAILSMTP # good enough FH_RCVD_WITHSMTPFOR # good enough FM_CLAIM_IPOD # good enough FORGED_AOL_TAGS # good enough FORGED_HOTMAIL_RCVD # good enough FORGED_IMS_HTML # good enough FORGED_IMS_TAGS # good enough FORGED_MSGID_AOL # good enough FORGED_MSGID_EXCITE # good enough FORGED_MSGID_HOTMAIL # good enough FORGED_MSGID_MSN # good enough FORGED_MSGID_YAHOO # good enough FORGED_MUA_AOL_FROM # good enough FORGED_MUA_EUDORA # good enough FORGED_MUA_IMS # good enough FORGED_MUA_MOZILLA # good enough FORGED_MUA_OIMO # good enough FORGED_MUA_OUTLOOK # good enough FORGED_MUA_THEBAT_BOUN # good enough FORGED_OUTLOOK_HTML # good enough FORGED_OUTLOOK_TAGS # good enough FORGED_QUALCOMM_TAGS # good enough FORGED_TELESP_RCVD # good enough FORGED_THEBAT_HTML # good enough FORGED_YAHOO_RCVD # good enough FORWARD_LOOKING # good enough FREE_PORN # good enough FROM_ALL_NUMS # good enough FROM_BLANK_NAME # good enough FROM_ENDS_IN_NUMS # good enough FROM_HAS_MIXED_NUMS # good enough FROM_ILLEGAL_CHARS # good enough FROM_LOCAL_NOVOWEL # good enough FROM_NO_USER # good enough FROM_OFFERS # good enough FR_WWW_DOMAIN_23SUBDIR # good enough FS_START_DOYOU2 # good enough FUZZY_MERIDIA # good enough FUZZY_SPRM # good enough FUZZY_STOCK # good enough FU_HOODIA # good enough GAPPY_SUBJECT # good enough GEO_QUERY_STRING # good enough GMD_FAKETZ # tflags net HABEAS_ACCREDITED_COI # tflags net HABEAS_ACCREDITED_SOI # tflags net HABEAS_CHECKED # tflags userconf HASHCASH_20 # tflags userconf HASHCASH_21 # tflags userconf HASHCASH_22 # tflags userconf HASHCASH_23 # tflags userconf HASHCASH_24 # tflags userconf HASHCASH_25 # tflags userconf HASHCASH_2SPEND # tflags userconf HASHCASH_HIGH # good enough HEADER_COUNT_CTYPE # good enough HEADER_SPAM # good enough HEAD_ILLEGAL_CHARS # good enough HELO_DYNAMIC_CHELLO_NL # good enough HELO_DYNAMIC_DHCP # good enough HELO_DYNAMIC_DIALIN # good enough HELO_DYNAMIC_HCC # good enough HELO_DYNAMIC_HOME_NL # good enough HELO_DYNAMIC_IPADDR # good enough HELO_DYNAMIC_IPADDR2 # good enough HELO_DYNAMIC_SPLIT_IP # good enough HS_EXTRA # good enough HS_FORGED_OE_FW # good enough HS_GETMEOFF # good enough HS_INDEX_PARAM # good enough HS_MEETUP_FOR_SEX # good enough HS_SUBJ_ONLINE_PHARMACEUTICAL # good enough HS_SYNDICATE_P2 # tflags userconf HTML_CHARSET_FARAWAY # good enough HTTPS_HTTP_MISMATCH # good enough HTTPS_IP_MISMATCH # good enough HTTP_77 # good enough HTTP_ESCAPED_HOST # good enough HTTP_EXCESSIVE_ESCAPES # good enough INTERRUPTUS # good enough INVALID_DATE # good enough INVALID_MSGID # good enough INVALID_TZ_CST # good enough INVALID_TZ_GMT # good enough INVESTMENT_ADVICE # good enough INVESTMENT_EXPERT # good enough JM_LC_MID # good enough JM_RCVD_QMAILV1 # good enough JM_RCVD_SENDMAILID # good enough KAM_STOCKOTC # good enough KAM_STOCKTIP12 # good enough KAM_STOCKTIP15 # good enough KAM_STOCKTIP2 # good enough KAM_STOCKTIP20 # good enough KAM_STOCKTIP24 # good enough KAM_STOCKTIP3 # good enough KAM_STOCKTIP6 # good enough KAM_STOCKTIP8 # good enough KOREAN_UCE_SUBJECT # good enough LOCALPART_IN_SUBJECT # good enough LONGWORDS # good enough MALE_ENHANCE # good enough MID_DEGREES # good enough MID_MJW_STOX # good enough MILLION_USD # good enough MIME_BAD_ISO_CHARSET # good enough MIME_BASE64_TEXT # good enough MIME_BOUND_ALLHEX_17 # good enough MIME_BOUND_DD_DIGITS # good enough MIME_BOUND_DIGITS_15 # good enough MIME_BOUND_MANY_HEX # good enough MIME_BOUND_RKFINDY # good enough MIME_HTML_MOSTLY # good enough MISSING_DATE # good enough MISSING_MIMEOLE # good enough MORE_SEX # good enough MPART_ALT_DIFF # good enough MSGID_DOLLARS_RANDOM # good enough MSGID_NO_HOST # good enough MSGID_OUTLOOK_INVALID # good enough MSGID_RANDY # good enough MSGID_SHORT # good enough MSGID_SPAM_CAPS # good enough MSGID_SPAM_LETTERS # good enough MSGID_YAHOO_CAPS # tflags net NO_DNS_FOR_FROM # good enough NO_PRESCRIPTION # good enough NO_RDNS_DOTCOM_HELO # tflags userconf NO_RECEIVED # tflags userconf NO_RELAYS # good enough NULL_IN_BODY # good enough NUMERIC_HTTP_ADDR # good enough ONLINE_PHARMACY # good enough PERCENT_RANDOM # good enough PLING_QUERY # good enough PORN_15 # good enough PREST_NON_ACCREDITED # good enough PRIORITY_NO_NAME # tflags net PYZOR_CHECK # good enough RATWARE_EFROM # good enough RATWARE_EGROUPS # good enough RATWARE_GECKO_BUILD # good enough RATWARE_HASH_2 # good enough RATWARE_HASH_2_V2 # good enough RATWARE_MOZ_MALFORMED # good enough RATWARE_MS_HASH # good enough RATWARE_NAME_ID # good enough RATWARE_OE_MALFORMED # good enough RATWARE_OUTLOOK_NONAME # good enough RATWARE_RCVD_AT # good enough RATWARE_RCVD_PF # good enough RATWARE_ZERO_TZ # tflags net RAZOR2_CF_RANGE_51_100 # tflags net RAZOR2_CF_RANGE_E4_51_100 # tflags net RAZOR2_CF_RANGE_E8_51_100 # tflags net RAZOR2_CHECK # good enough RCVD_AM_PM # good enough RCVD_DOUBLE_IP_LOOSE # good enough RCVD_DOUBLE_IP_SPAM # good enough RCVD_FAKE_HELO_DOTCOM # good enough RCVD_HELO_IP_MISMATCH # good enough RCVD_ILLEGAL_IP # tflags net RCVD_IN_BL_SPAMCOP_NET # tflags net RCVD_IN_BSP_OTHER # tflags net RCVD_IN_BSP_TRUSTED # tflags net RCVD_IN_DSBL # tflags net RCVD_IN_IADB_VOUCHED # tflags net RCVD_IN_MAPS_DUL # tflags net RCVD_IN_MAPS_NML # tflags net RCVD_IN_MAPS_RBL # tflags net RCVD_IN_MAPS_RSS # tflags net RCVD_IN_NJABL_CGI # tflags net RCVD_IN_NJABL_DUL # tflags net RCVD_IN_NJABL_MULTI # tflags net RCVD_IN_NJABL_PROXY # tflags net RCVD_IN_NJABL_RELAY # tflags net RCVD_IN_NJABL_SPAM # tflags net RCVD_IN_SBL # tflags net RCVD_IN_SORBS_BLOCK # tflags net RCVD_IN_SORBS_DUL # tflags net RCVD_IN_SORBS_HTTP # tflags net RCVD_IN_SORBS_MISC # tflags net RCVD_IN_SORBS_SMTP # tflags net RCVD_IN_SORBS_SOCKS # tflags net RCVD_IN_SORBS_WEB # tflags net RCVD_IN_SORBS_ZOMBIE # tflags net RCVD_IN_WHOIS_BOGONS # tflags net RCVD_IN_WHOIS_HIJACKED # tflags net RCVD_IN_WHOIS_INVALID # tflags net RCVD_IN_XBL # good enough RCVD_NUMERIC_HELO # good enough REMOVE_BEFORE_LINK # good enough REPLICA_WATCH # good enough REPTO_OVERQUOTE_THEBAT # good enough REPTO_QUOTE_AOL # good enough REPTO_QUOTE_IMS # good enough REPTO_QUOTE_MSN # good enough REPTO_QUOTE_QUALCOMM # good enough REPTO_QUOTE_YAHOO # tflags net ROUND_THE_WORLD # good enough ROUND_THE_WORLD_LOCAL # good enough SORTED_RECIPS # tflags net SPF_FAIL # tflags net SPF_HELO_FAIL # tflags net SPF_HELO_NEUTRAL # tflags net SPF_HELO_PASS # tflags net SPF_HELO_SOFTFAIL # tflags net SPF_NEUTRAL # tflags net SPF_PASS # tflags net SPF_SOFTFAIL # good enough STOCK_ALERT # good enough SUBJECT_DRUG_GAP_C # good enough SUBJECT_DRUG_GAP_L # good enough SUBJECT_DRUG_GAP_S # good enough SUBJECT_DRUG_GAP_VA # good enough SUBJECT_DRUG_GAP_X # tflags userconf SUBJECT_IN_BLACKLIST # tflags userconf SUBJECT_IN_WHITELIST # good enough SUBJECT_NEEDS_ENCODING # good enough SUBJECT_SEXUAL # good enough SUBJ_AS_SEEN # good enough SUBJ_ILLEGAL_CHARS # good enough SUBJ_RE_NUM # good enough SUBJ_YOUR_FAMILY # good enough SUB_HELLO # good enough SUSPICIOUS_RECIPS # good enough TO_MALFORMED # good enough TO_NO_USER # good enough TRACKER_ID # good enough TT_MSGID_TRUNC # good enough TVD_ACT_193 # good enough TVD_APP_LOAN # good enough TVD_BODY_END_STAR # good enough TVD_DEAD_JOB # good enough TVD_DEAR_HOMEOWNER # good enough TVD_DOLLARS_US # good enough TVD_EB_PHISH # good enough TVD_ENHANCE # good enough TVD_FINGER_01 # good enough TVD_FINGER_02 # good enough TVD_FLOAT_GENERAL # good enough TVD_FUZZY_DEGREE # good enough TVD_FUZZY_FINANCE # good enough TVD_FUZZY_FIXED_RATE # good enough TVD_FUZZY_MICROCAP # good enough TVD_FUZZY_PHARMACEUTICAL # good enough TVD_FUZZY_SYMBOL # good enough TVD_FW_MESG1 # good enough TVD_HEAD_KERNEL # good enough TVD_INCREASE_SIZE # good enough TVD_LINK_SAVE # good enough TVD_LONG_WORD5 # good enough TVD_NOT_SATISFIED # good enough TVD_PH_7 # good enough TVD_PH_REC # good enough TVD_PH_SUBJ_ACCOUNTS_POST # good enough TVD_PH_SUBJ_META # good enough TVD_PH_SUBJ_META_ALL # good enough TVD_PH_SUBJ_SEC_MEASURES # good enough TVD_PH_SUBJ_UPDATE # good enough TVD_PH_SUBJ_URGENT # good enough TVD_PP_PHISH # good enough TVD_QUAL_MEDS # good enough TVD_RATWARE_CB # good enough TVD_RATWARE_CB_2 # good enough TVD_RATWARE_MSGID_01 # good enough TVD_RATWARE_MSGID_02 # good enough TVD_SECTION # good enough TVD_SINGLE_SPAN_DIV # good enough TVD_SPACED_SUBJECT_WORD3 # good enough TVD_SPACED_WORDS # good enough TVD_STOCK1 # good enough TVD_SUBJ_APPR_LOAN # good enough TVD_SUBJ_END_STAR # good enough TVD_SUBJ_FINGER_03 # good enough TVD_SUBJ_OWE # good enough TVD_SUBJ_WIPE_DEBT # good enough TVD_UA_FOSTERING # good enough TVD_UNDER_VALUED # good enough TVD_VISIT_PHARMA # good enough TVD_VIS_HIDDEN # good enough FORGED_IMS_HTML # good enough FORGED_IMS_TAGS # good enough FORGED_OUTLOOK_HTML # good enough FORGED_OUTLOOK_TAGS # good enough HS_PHARMA_1 # good enough RATWARE_MS_HASH # good enough RATWARE_OUTLOOK_NONAME # good enough TVD_FW_GRAPHIC_NAME_LONG # good enough TVD_FW_GRAPHIC_NAME_MID # good enough UNCLAIMED_MONEY # good enough UNCLOSED_BRACKET # tflags userconf UNPARSEABLE_RELAY # good enough UNRESOLVED_TEMPLATE # good enough UPPERCASE_50_75 # good enough UPPERCASE_75_100 # good enough URG_BIZ # tflags net URIBL_AB_SURBL # tflags net URIBL_BLACK # tflags net URIBL_GREY # tflags net URIBL_JP_SURBL # tflags net URIBL_OB_SURBL # tflags net URIBL_PH_SURBL # tflags net URIBL_RED # tflags net URIBL_SBL # tflags net URIBL_SC_SURBL # tflags net URIBL_WS_SURBL # good enough URI_L_PHP # good enough URI_NOVOWEL # good enough URI_NO_WWW_BIZ_CGI # good enough URI_NO_WWW_INFO_CGI # tflags userconf USER_IN_ALL_SPAM_TO # tflags userconf USER_IN_BLACKLIST # tflags userconf USER_IN_BLACKLIST_TO # tflags userconf USER_IN_DEF_SPF_WL # tflags userconf USER_IN_DEF_WHITELIST # tflags userconf USER_IN_MORE_SPAM_TO # tflags userconf USER_IN_SPF_WHITELIST # tflags userconf USER_IN_WHITELIST # tflags userconf USER_IN_WHITELIST_TO # good enough VERTICAL_DRUGS_1 # good enough VIA_GAP_GRA # good enough WEIRD_QUOTING # good enough X_IP # good enough X_LIBRARY # good enough X_MESSAGE_INFO # good enough X_MSMAIL_PRIORITY_HIGH # good enough X_ORIG_IP_NOT_IPV4 # good enough X_PRIORITY_CC # good enough ZMIde_EBAYJOBSURI # good enough ZMIde_REPLICA1 # good enough ZMIde_REPLICA2 # good enough ZMIde_REPLICASURE # good enough ZMIde_SEXUALEXPL1 # tflags net __RCVD_IN_IADB # tflags net __RCVD_IN_NJABL # tflags net __RCVD_IN_SBL_XBL # tflags net __RCVD_IN_SORBS # tflags net __RCVD_IN_WHOIS # tflags net __RFC_IGNORANT_ENVFROM