Contents of /trunk/spamassassin_config/common/list_specific

# This configuration file contains lists.debian.org specific rulessets

# our MTAs fix up headers for a slew of spams, so mark these as suspicious
# -- joy, 2003-06-28
# deactivated as this rule is also part of SA itself.
#header OUR_MTA_MSGID           Message-Id =~ /\@(murphy|master|gluck)\.debian\.org/
#describe OUR_MTA_MSGID         Sounds like a MsgId autogenerated by our MTAs
#score OUR_MTA_MSGID            1

# -- joy, 2003-08-15
header SENDER_FOR_US    From =~ /\@(murphy|master|gluck|lists)\.debian\.org/
describe SENDER_FOR_US  Sounds like a mail aimed at tricking our MTAs
score SENDER_FOR_US     2

# exception... --joy, 2003-07-12
header WEBSUBS                  X-Remote-IP =~ /./
describe WEBSUBS                Sounds like a subscription request from the web
score WEBSUBS                   -2

# another exception... --joy, 2003-07-27
header SUBSCONFIRM              Subject =~ /CONFIRM [su]\d+/
describe SUBSCONFIRM            Sounds like a subscription request confirmation
score SUBSCONFIRM               -2

# some valid autogenerated mail of ours
# -- joy, 2003-07-09
header OUR_SCRIPTS_1            Orig-From =~ /.+\@debian\.org \(.+ as listmaster\)/
describe OUR_SCRIPTS_1          Mail likely generated by .bin/mladmin
score OUR_SCRIPTS_1             -5

# our daily un/subscription report gets ~8 SA points !
# lower it to 3
# -- zobel, 2006-12-10
header _OUR_UNSUB_CHANGES1      Subject =~ /Daily un\/subscription report/
meta OUR_UNSUB_CHANGES          (_OUR_UNSUB_CHANGES1 && OUR_MTA_MSGID)
describe OUR_UNSUB_CHANGES      Daily mail sent to listmaster about un/subscriptions
score OUR_UNSUB_CHANGES         -5

# exception... --joy, 2003-08-15
body MDOMOSUBS          /^Request forwarded.$/
describe MDOMOSUBS      Sounds like a subscription request via majorsmart
score MDOMOSUBS         -2

# another exception --joy, 2004-05-27
#body OURCRONMAILS      Subject =~ /^Cron \<list\@.*\/var\/list\//
#describe OURCRONMAILS  Sounds like a legitimate cron job mail
#score OURCRONMAILS     -3

header MURPHY_LOCAL_FORWARDED   Resent-From =~ /murphy\.debian\.org/
describe MURPHY_LOCAL_FORWARDED Mail has been locally forwarded.
score MURPHY_LOCAL_FORWARDED    -5

# temp work-around for d-l-f

header RFR  Subject =~ /\[RFR\]/
describe RFR Request for revision
score RFR -5

# pasc 2004-02-02
header AM_REPORT        Subject =~ /AM Report for Week Ending/
describe AM_REPORT      Auto-generated AM summary
score AM_REPORT         -5

# automated reports on debian-l10n-french
header MURPHY_MIGUS_REPORT      Subject =~ /Etat dans le CVS des/
describe MURPHY_MIGUS_REPORT    Auto-generated report from migus on translations
score MURPHY_MIGUS_REPORT       -5

# our own whitelisting of subscribers
header LDOSUBSCRIBER            X-Subscriber-murphy.debian.org =~ /./
describe LDOSUBSCRIBER          Sender is a lists.debian.org subscriber
score LDOSUBSCRIBER             -6

1	don	2	# This configuration file contains lists.debian.org specific rulessets
2
3			# our MTAs fix up headers for a slew of spams, so mark these as suspicious
4			# -- joy, 2003-06-28
5	don	17	# deactivated as this rule is also part of SA itself.
6			#header OUR_MTA_MSGID Message-Id =~ /\@(murphy\|master\|gluck)\.debian\.org/
7			#describe OUR_MTA_MSGID Sounds like a MsgId autogenerated by our MTAs
8			#score OUR_MTA_MSGID 1
9	don	2
10			# -- joy, 2003-08-15
11			header SENDER_FOR_US From =~ /\@(murphy\|master\|gluck\|lists)\.debian\.org/
12			describe SENDER_FOR_US Sounds like a mail aimed at tricking our MTAs
13			score SENDER_FOR_US 2
14
15			# exception... --joy, 2003-07-12
16			header WEBSUBS X-Remote-IP =~ /./
17			describe WEBSUBS Sounds like a subscription request from the web
18			score WEBSUBS -2
19
20			# another exception... --joy, 2003-07-27
21			header SUBSCONFIRM Subject =~ /CONFIRM [su]\d+/
22			describe SUBSCONFIRM Sounds like a subscription request confirmation
23			score SUBSCONFIRM -2
24
25			# some valid autogenerated mail of ours
26			# -- joy, 2003-07-09
27			header OUR_SCRIPTS_1 Orig-From =~ /.+\@debian\.org \(.+ as listmaster\)/
28			describe OUR_SCRIPTS_1 Mail likely generated by .bin/mladmin
29			score OUR_SCRIPTS_1 -5
30
31			# our daily un/subscription report gets ~8 SA points !
32			# lower it to 3
33			# -- zobel, 2006-12-10
34			header _OUR_UNSUB_CHANGES1 Subject =~ /Daily un\/subscription report/
35			meta OUR_UNSUB_CHANGES (_OUR_UNSUB_CHANGES1 && OUR_MTA_MSGID)
36			describe OUR_UNSUB_CHANGES Daily mail sent to listmaster about un/subscriptions
37			score OUR_UNSUB_CHANGES -5
38
39			# exception... --joy, 2003-08-15
40			body MDOMOSUBS /^Request forwarded.$/
41			describe MDOMOSUBS Sounds like a subscription request via majorsmart
42			score MDOMOSUBS -2
43
44			# another exception --joy, 2004-05-27
45			#body OURCRONMAILS Subject =~ /^Cron \<list\@.*\/var\/list\//
46			#describe OURCRONMAILS Sounds like a legitimate cron job mail
47			#score OURCRONMAILS -3
48
49			header MURPHY_LOCAL_FORWARDED Resent-From =~ /murphy\.debian\.org/
50			describe MURPHY_LOCAL_FORWARDED Mail has been locally forwarded.
51			score MURPHY_LOCAL_FORWARDED -5
52
53			# temp work-around for d-l-f
54
55			header RFR Subject =~ /\[RFR\]/
56			describe RFR Request for revision
57			score RFR -5
58
59			# pasc 2004-02-02
60			header AM_REPORT Subject =~ /AM Report for Week Ending/
61			describe AM_REPORT Auto-generated AM summary
62			score AM_REPORT -5
63
64			# automated reports on debian-l10n-french
65			header MURPHY_MIGUS_REPORT Subject =~ /Etat dans le CVS des/
66			describe MURPHY_MIGUS_REPORT Auto-generated report from migus on translations
67			score MURPHY_MIGUS_REPORT -5
68
69			# our own whitelisting of subscribers
70			header LDOSUBSCRIBER X-Subscriber-murphy.debian.org =~ /./
71			describe LDOSUBSCRIBER Sender is a lists.debian.org subscriber
72			score LDOSUBSCRIBER -6
73