# This is a sample configuration (.spamtestbuddy) to use with Burton's SpamProbe software. # SpamProbe itself, when properly trained, generates amazingly accurate spam probability # scores between 0 and 1. SpamTestBuddy can be used to modify the score slightly to help # reduce both false positives AND false negatives. This is done with a few DNS-based tests # which make use of extra information not available to SpamProbe. The tests slightly nudge # the score towards or away from spam, hopefully resulting in a more accurate classification. # SpamProbe has a default spam threshold of 0.7, but here we use 0.8 for the new threshold. SpamThreshold 0.8 # Skip local IP addresses when extracting the sender's IP address (include any forwarders) SkipReceived 127., 192.168. # SpamProbe itself adds 0 to 0.9999, we just import the existing score from the header. +TestHeaderFloat SPAMPROBE X-SpamProbe: # A check of DNS consistency quickly identifies many suspicious senders. Adds +0.2 +0.2 * TestDnsProblems DNSPROBLEM # Spamhaus ZEN blacklist is a very effective list that can boost the spam likelihood. # Notice that even if the sender is blacklisted by ZEN, a low SpamProbe score ( < 0.5) # will still not exceed the total threshold. ZEN adds +0.3 +0.3 * TestDNSBL ZEN zen.spamhaus.org # The SORBS DUL list lets us check if the sender was a dynamic IP address. This is very # frequently associated with spamming zombies and botnets, so boost the score by +0.1 +0.10 * TestDNSBL SORBSDUL dul.dnsbl.sorbs.net # The WPBL blacklist contains recently detected individual spam sources (not networks). # If this IP address sent spam to WPBL then the score is increased by +0.1 +0.10 * TestDNSBL WPBL db.wpbl.info # Help prevent false positives by consulting dnswl.org. There are different confidence # levels for whitelisted IPs, starting from 'none' (virtually insignificant) to 'high'. # Adjust the score accordingly, if the IP address is whitelisted at some level. -0.02 * TestDNSBL DNSWL.none list.dnswl.org$.0 -0.40 * TestDNSBL DNSWL.low list.dnswl.org$.1 -0.80 * TestDNSBL DNSWL.med list.dnswl.org$.2 -1.00 * TestDNSBL DNSWL.high list.dnswl.org$.3