- 论坛徽章:
- 0
|
集成了SA和DCC,在每次用POP3软件发信后,查看信件:
Received: from localhost by lab
with SpamAssassin (version 3.1.3);
Fri, 09 Mar 2007 19:55:02 +0800
From: "user1@spam.net.cn" <user1@spam.net.cn>
To: "user2" <user2@spam.net.cn>
Subject: *****SPAM***** =?gb2312?B?Rnc6ILT6wO29+LP2v9qxqLnYtcjStc7x?=
Date: Fri, 9 Mar 2007 19:54:30 +0800
Message-Id: <200703091954271973646@spam.net.cn>
X-Spam-DCC: : lab26 1000; Body=19 Fuz1=19
X-Spam-Flag: YES
X-Spam-Checker-Version: SpamAssassin 3.1.3 (2006-06-01) on lab26
X-Spam-Level: ********
X-Spam-Status: Yes, score=8.4 required=4.0 tests=AWL,CN_BODY_109,CN_BODY_130,
CN_BODY_180,CN_BODY_204,CN_BODY_249,CN_BODY_376,CN_BODY_50,
CN_BODY_531,CN_BODY_62,CN_BODY_755,CN_BODY_88,CN_SUBJECT_207,
CN_SUBJECT_441,CN_SUBJECT_8,MIME_BASE64_TEXT autolearn=no
version=3.1.3
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------=_45F14B16.37843D36"
This is a multi-part message in MIME format.
------------=_45F14B16.37843D36
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Spam detection software, running on the system "lab26", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: user2, ÄúºÃ£¡ ÏÂÃæÊÇת·¢Óʼþ Ô­Óʼþ·¢¼þÈËÃû×Ö: Õ²Éú
Ô­Óʼþ·¢¼þÈ˵ØÖ·£ºmo@163.com Ô­ÓʼþÊÕ¼þÈËÃû×Ö£ºling@ccert.edu.cn
Ô­ÓʼþÊÕ¼þÈ˵ØÖ·£ºling@ccert.edu.cn Ô­Óʼþ³­ËÍÈËÃû×Ö£º
Ô­Óʼþ³­ËÍÈ˵ØÖ·£º [...]
Content analysis details: (8.4 points, 4.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.5 CN_SUBJECT_441 Subject contains "³ö¿Ú"
0.5 CN_SUBJECT_8 Subject contains "ÒµÎñ"
1.0 CN_SUBJECT_207 Subject contains "±¨¹Ø"
0.3 CN_BODY_204 BODY: Body contains "³ÏÐÅ"
0.3 CN_BODY_531 BODY: Body contains "ÎÒ¹«Ë¾"
0.4 CN_BODY_249 BODY: Body contains "±¾¹«Ë¾"
0.0 CN_BODY_88 BODY: Body contains "ÊýÁ¿"
0.1 CN_BODY_62 BODY: Body contains "º£¹Ø"
0.4 CN_BODY_180 BODY: Body contains "´«Õæ"
0.2 CN_BODY_50 BODY: Body contains "À´µç"
0.2 CN_BODY_755 BODY: Body contains "½ø³ö¿Ú"
2.5 CN_BODY_109 BODY: Body contains "¹ó˾"
2.4 CN_BODY_130 BODY: Body contains "ÎÒ˾"
0.3 CN_BODY_376 BODY: Body contains "Ǣ̸"
1.5 MIME_BASE64_TEXT RAW: Message text disguised using base64 encoding
-2.1 AWL AWL: From: address is in the auto white-list
虽然信头中可以看到X-Spam-DCC这一行代表DCC生效了,但怎么看SPAMASSASSIN的打分机制中也包括计算了DCC的分数呢?在X-Spam-Status的字段和Content analysis details: 列表中,并没看到DCC的相关信息呀 |
|