"Kevin A. McGrail" wrote:
I've been very pleased with SURBL in SA3 and I'd like to increase the scores. However, I don't understand how the default scores like this work:
rules/50_scores.cf:score URIBL_AB_SURBL 0 2.007 0 0.417 rules/50_scores.cf:score URIBL_OB_SURBL 0 1.996 0 3.213 rules/50_scores.cf:score URIBL_PH_SURBL 0 0.839 0 2.000 rules/50_scores.cf:score URIBL_SC_SURBL 0 3.897 0 4.263 rules/50_scores.cf:score URIBL_WS_SURBL 0 0.539 0 1.462
I feel SA is being too conservative with the resource that SURBL provides. Can anyone give me their recommendations for my local configuration file for replacement scores that will be more effective?
I've had the following in production since ~May 2004 (2.64 patched for SURBL support):
score SPAMCOP_URI_RBL_SC 2 score SPAMCOP_URI_RBL_WS 2.0 score SPAMCOP_URI_RBL_PH 3 score SPAMCOP_URI_RBL_OB 1 score SPAMCOP_URI_RBL_AB 2
And one more SURBL listing: (Don't recall the origin; check the SURBL website) score SPAMCOP_URI_RBL_JP 2
IIRC I had SC, OB, and AB all scored higher at one point, but ran into occasional FP problems. In an ISP environment, that's a Very Bad Thing. :/
On my personal server, I've set all of them to 4.
I also have a well-trained global Bayes db on both servers (one "regular" ISP customers, one domain hosting) - I've never had to wipe the Bayes files and start over. You might want to copy the BAYES_nn scores from 2.64; the 3.0.x BAYES_nn scores seem to have been lowered quite a bit and from the SA list traffic, seem to have caused a lot of FNs. (Just one of several reasons I haven't upgraded my 2.64 machines. They're working Just Fine Thanks.)
On top of that, I maintained a local SURBL-style list of domains found in FNs reported by customers. <g> I haven't added anything to it in a long time, although I do continue to feed Bayes with the (far smaller) number of customer reports of FNs and the (VERY) rare FP.
And since I couldn't find it referenced, can anyone tell me what the four numbers after the score mean?
They represent the four combinations possible with/without network tests and with/without Bayes.
1st: No network, no Bayes 2nd: Network enabled, no Bayes 3rd: No network, Bayes enabled 4th: Network enabled, Bayes enabled
-kgd