John Goerzen <jgoerzen@complete.org> writes:

Of course, one could easily enough just block out Google Groups
entirely. I'm tempted... though I am aware that I myself occasionally
posted (non-spam!) from there during times when I didn't have
established Usenet accounts, and there is probably legit and desirable content from there too (though I don't really know how much, or if it's
worth keeping).

I don't have a spam solution to offer, but just as a data point a pretty substantial amount of the legitimate content in newsgroups I moderate is originally posted via Google Groups.

That probably wouldn't be picked up by a block rule due to its detour
through moderation, but that implies to me this is likely also true of unmoderated groups.

--
Russ Allbery (eagle@eyrie.org) <https://www.eyrie.org/~eagle/>

Please post questions rather than mailing me directly.
<https://www.eyrie.org/~eagle/faqs/questions.html> explains why.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hi folks,

On my INN system running Cleanfeed, still a ton of spam breaks through. Looking
at it, it seems a large portion originates at Google Groups.

Of course, one could easily enough just block out Google Groups entirely. I'm tempted... though I am aware that I myself occasionally posted (non-spam!) from there during times when I didn't have established Usenet accounts, and there is probably legit and desirable content from there too (though I don't really know how much, or if it's worth keeping).

Does anybody have a Google Groups spam solution that's working for them that they could share?

Thanks,

John

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

In article <slrnsjctbm.3ik08.jgoerzen@slrnh.complete.org>,
John Goerzen <jgoerzen@complete.org> wrote:

Hi folks,

On my INN system running Cleanfeed, still a ton of spam breaks through. Looking
at it, it seems a large portion originates at Google Groups.

Of course, one could easily enough just block out Google Groups entirely. I'm >tempted... though I am aware that I myself occasionally posted (non-spam!) from
there during times when I didn't have established Usenet accounts, and there is
probably legit and desirable content from there too (though I don't really know
how much, or if it's worth keeping).

Does anybody have a Google Groups spam solution that's working for them that >they could share?

Thanks,

John

In the Me entry use

Me/groups.google.ca:
--
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising!
Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b Canada on 20 Sept 2021 vote ! Beware https://mindspring.com

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Russ Allbery <eagle@eyrie.org> wrote:

John Goerzen <jgoerzen@complete.org> writes:

Of course, one could easily enough just block out Google Groups
entirely. I'm tempted... though I am aware that I myself occasionally >>posted (non-spam!) from there during times when I didn't have
established Usenet accounts, and there is probably legit and desirable >>content from there too (though I don't really know how much, or if it's >>worth keeping).

I don't have a spam solution to offer, but just as a data point a pretty >substantial amount of the legitimate content in newsgroups I moderate is >originally posted via Google Groups.

There are people who have posted to Usenet for years via Google Groups
who simply will not become subscribers on News servers for whatever
reason. Then there are people who post through Google Groups and complain repeatedly about all the off-topic articles that I just never see. They
just don't see any benefit to kill filing and scoring techniques that
decent newsreaders offer.

There is no good explanation.

That probably wouldn't be picked up by a block rule due to its detour
through moderation, but that implies to me this is likely also true of >unmoderated groups.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2021-09-07, Russ Allbery <eagle@eyrie.org> wrote:

I don't have a spam solution to offer, but just as a data point a pretty substantial amount of the legitimate content in newsgroups I moderate is originally posted via Google Groups.

That probably wouldn't be picked up by a block rule due to its detour
through moderation, but that implies to me this is likely also true of unmoderated groups.

Thanks. I wondered if this might be the case, so probably (for me, at least) just blackholing Google Groups in newsfeeds isn't the answer.

John

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hi,

John Goerzen a tapoté le 06/09/2021 22:09:

Does anybody have a Google Groups spam solution that's working for them that they could share?

SpamAssassin works very good for that but it is slower than cleanfeed...

When I'll have time I will share the script gaved to me by another
newsmaster and some tricks of my conf.


--
Stéphane

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

This is a multi-part message in MIME format.
I have used 21st century technology to compose this post to make it easier for people to read the message in hypertext. I used a DELL keyboard to compose this message.



--
Windows-10: <news://freenews.netfront.net/alt.comp.os.windows-10>
Windows-8: <news://freenews.netfront.net/alt.comp.os.windows-8>
Windows-7: <news://freenews.netfront.net/alt.windows7.general>
Windows XP: <news://freenews.netfront.net/microsoft.public.windowsxp.general>
Windows-XP: <news://freenews.netfront.net/microsoft.public.windowsxp.general>
Firefox: <news://freenews.netfront.net/alt.comp.software.firefox> Thunderbird: <news://freenews.netfront.net/alt.comp.software.thunderbird>

Google Groups: <https://groups.google.com/g/microsoft.public.windowsxp.general>


<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style>
body{font-size:1.2em;color:#900;background-color:#f5f1e4;font-family:Roboto,sans-serif;padding:25px}blockquote{background-color:#eacccc;color:#c16666;font-style:oblique 25deg}.table{display:table}.tr{display:table-row}.td{display:table-cell}
</style>
</head>
<body text="#990000" bgcolor="#f5f1e4">
<div class="moz-cite-prefix">On 06/09/2021 21:09, John Goerzen
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:slrnsjctbm.3ik08.jgoerzen@slrnh.complete.org">
<pre class="moz-quote-pre" wrap="">
Does anybody have a Google Groups spam solution that's working for them that they could share?


</pre>
</blockquote>
<p>The simple one that I use in Thunderbird is to filter and delete
automatically all posts using:</p>
<p> </p>
<blockquote type="cite">
<pre>User-Agent: G2/1.0</pre>
</blockquote>
So anybody using Google Groups are filtered almost immediately on
entry! I have yet to see any Google-Groopers posting anything useful
for my taste!!
<p>I am amazed that Mussolini supporting news-servers and Neo-Nazi
supporting news-servers aren't blocking Google-Groopers but they
are very happy to block people like yours truly! Their argument is
that people like me are a threat to the Internet <i>per se</i>
when they have failed to produce any evidence whatsoever to
substantiate this!<br>
</p>
<p><br>
</p>
<pre class="moz-signature" cols="72">--
Windows-10: <a class="moz-txt-link-rfc2396E" href="news://freenews.netfront.net/alt.comp.os.windows-10">&lt;news://freenews.netfront.net/alt.comp.os.windows-10&gt;</a>
Windows-8: <a class="moz-txt-link-rfc2396E" href="news://freenews.netfront.net/alt.comp.os.windows-8">&lt;news://freenews.netfront.net/alt.comp.os.windows-8&gt;</a>
Windows-7: <a class="moz-txt-link-rfc2396E" href="news://freenews.netfront.net/alt.windows7.general">&lt;news://freenews.netfront.net/alt.windows7.general&gt;</a>
Windows XP: <a class="moz-txt-link-rfc2396E" href="news://freenews.netfront.net/microsoft.public.windowsxp.general">&lt;news://freenews.netfront.net/microsoft.public.windowsxp.general&gt;</a>
Windows-XP: <a class="moz-txt-link-rfc2396E" href="news://freenews.netfront.net/microsoft.public.windowsxp.general">&lt;news://freenews.netfront.net/microsoft.public.windowsxp.general&gt;</a>
Firefox: <a class="moz-txt-link-rfc2396E" href="news://freenews.netfront.net/alt.comp.software.firefox">&lt;news://freenews.netfront.net/alt.comp.software.firefox&gt;</a>
Thunderbird: <a class="moz-txt-link-rfc2396E" href="news://freenews.netfront.net/alt.comp.software.thunderbird">&lt;news://freenews.netfront.net/alt.comp.software.thunderbird&gt;</a>

Google Groups: <a class="moz-txt-link-rfc2396E" href="https://groups.google.com/g/microsoft.public.windowsxp.general">&lt;https://groups.google.com/g/microsoft.public.windowsxp.general&gt;</a></pre>
</body>
</html>

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 9/8/21 1:58 AM, yamo' wrote:

When I'll have time I will share the script gaved to me by another
newsmaster and some tricks of my conf.

I'd be interested in seeing said script / tricks.



--
Grant. . . .
unix || die

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Wed, 8 Sep 2021 10:43:29 -0600
Grant Taylor <gtaylor@tnetconsulting.net> wrote:

On 9/8/21 1:58 AM, yamo' wrote:

When I'll have time I will share the script gaved to me by another newsmaster and some tricks of my conf.

I'd be interested in seeing said script / tricks.

I'd like to see this also to see where I can improve/replace the way I do it.

For my servers, I check in cleanfeed.local by sending a copy of the message to a script:

$tempfile = rand(100);
$tempfileP = "check/".$tempfile;
saveart($tempfileP);
$spamvalue = `/usr/bin/php /news/spam/bin/spamassassin.php $tempfile`;
$isspam = "/news/spam/found/".$tempfile;
if (-e $isspam) {
return reject('Exceeds Spam Level');
}

So, if the file (copy of message) exists in /news/spam/found, it was identified as spam and is rejected.

The script I wrote in php as that's easy for me. It just accepts the file name as an argument and runs it through spamc:

$spamcommand = $spamc.' -E < '.$spamfile;
$spamresult = passthru($spamcommand, $res);

If it's identified as spam, it moves the file to /news/spam/found, where cleanfeed then sees it there.

Those steps were easy, the hardest part is your spamassassin 'local.cf' file, where you need to make quite a few adjustments for it to work well with a news article instead of an email.

Retro Guy

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

For your reference, records indicate that
John Goerzen <jgoerzen@complete.org> wrote:

Of course, one could easily enough just block out Google Groups entirely.

This is the right solution.

I myself occasionally posted (non-spam!) from
there during times when I didn't have established Usenet accounts

Sunk cost fallacy.

there is
probably legit and desirable content from there too (though I don't really know
how much, or if it's worth keeping).

The right question to ask is: What is *Google* doing to stop the abuse?
It’s fundamentally their responsibility. As with many of their other services, they really don’t seem to care to clean up their own messes.
They certainly aren’t paying *me* to clean up their messes. UDP.

--
"Also . . . I can kill you with my brain."
River Tam, Trash, Firefly

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Russ Allbery schrieb:

I don't have a spam solution to offer, but just as a data point a pretty substantial amount of the legitimate content in newsgroups I moderate is originally posted via Google Groups.

Another point of data:

These were the TOP 5 posting server for de.* in 2014:
| 32.29 17014 individual.net
| 13.37 7043 news.albasani.net
| 10.81 5694 news.eternal-september.org
| 7.80 4108 postnews.google.com
| 7.66 4036 news.arcor.de.POSTED

albasani.net is gone, news.arcor.de is long gone, and everything
(news, mail, chat) has shifted more and more to the web, so I'd think
Google Groups will have an even higher share now.

After a quick look: last month (2021-08), 14% of all posts in de.*
came from Google Groups. I don't think that will be much different for English-speaking hierarchies. That would be a pretty big chunk to
block.

-thh

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

John Goerzen <jgoerzen@complete.org> wrote:

On my INN system running Cleanfeed, still a ton of spam breaks through. Looking
at it, it seems a large portion originates at Google Groups.

In my experience, all of the spam I see on Usenet seems to come from Google.

Of course, one could easily enough just block out Google Groups entirely. I'm
tempted... though I am aware that I myself occasionally posted (non-spam!) from
there during times when I didn't have established Usenet accounts, and there is
probably legit and desirable content from there too (though I don't really know
how much, or if it's worth keeping).

At least in some newsgroups, there are some good messages from Google Groups too and not only bad ones.

--
Don't laugh at the moon when it is day time in France.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Thomas Hochstein <thh@thh.name> wrote:

Russ Allbery schrieb:

I don't have a spam solution to offer, but just as a data point a pretty substantial amount of the legitimate content in newsgroups I moderate is originally posted via Google Groups.

Another point of data:

These were the TOP 5 posting server for de.* in 2014:
| 32.29 17014 individual.net
| 13.37 7043 news.albasani.net
| 10.81 5694 news.eternal-september.org
| 7.80 4108 postnews.google.com
| 7.66 4036 news.arcor.de.POSTED

albasani.net is gone, news.arcor.de is long gone, and everything
(news, mail, chat) has shifted more and more to the web, so I'd think
Google Groups will have an even higher share now.

After a quick look: last month (2021-08), 14% of all posts in de.*
came from Google Groups. I don't think that will be much different for English-speaking hierarchies. That would be a pretty big chunk to
block.

Agreed. Unless it's actual spam - i.e. not just articles which some
people happen to dislike -, I think articles posted via Google Groups
should not be blocked.

FWIW, individual.net is my NSP and in the - mostly technical - groups
I am subscribed to, Google Groups postings are not really a problem.

Looking at in in another way: If people read with a real newsreader,
*they* can block Google Groups postings if they want to, i.e. their NSP
does have to do it for them.

So IMO, only if the volume of the alleged 'spam' is a - real - problem
for the NSPs/News-Admins *themselves*, should they (try to) block it.

--
Frank Slootweg, ex (part-time) News Admin in some tiny 150K employee company.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Frank Slootweg <this@ddress.is.invalid> wrote:

Thomas Hochstein <thh@thh.name> wrote:

Russ Allbery schrieb:

I don't have a spam solution to offer, but just as a data point a pretty >>>substantial amount of the legitimate content in newsgroups I moderate is >>>originally posted via Google Groups.

Another point of data:

These were the TOP 5 posting server for de.* in 2014:
| 32.29 17014 individual.net
| 13.37 7043 news.albasani.net
| 10.81 5694 news.eternal-september.org
| 7.80 4108 postnews.google.com
| 7.66 4036 news.arcor.de.POSTED

albasani.net is gone, news.arcor.de is long gone, and everything
(news, mail, chat) has shifted more and more to the web, so I'd think >>Google Groups will have an even higher share now.

After a quick look: last month (2021-08), 14% of all posts in de.*
came from Google Groups. I don't think that will be much different for >>English-speaking hierarchies. That would be a pretty big chunk to
block.

Agreed. Unless it's actual spam - i.e. not just articles which some
people happen to dislike -, I think articles posted via Google Groups
should not be blocked.

FWIW, individual.net is my NSP and in the - mostly technical - groups
I am subscribed to, Google Groups postings are not really a problem.

Looking at in in another way: If people read with a real newsreader,
*they* can block Google Groups postings if they want to, i.e. their NSP
does have to do it for them.

So IMO, only if the volume of the alleged 'spam' is a - real - problem
for the NSPs/News-Admins *themselves*, should they (try to) block it.

There are massive numbers of articles posted to Usenet via several
servers that Google Groups peer with that don't meet the cancellable
spam threshold but are always off topic advertising wherever posted.

Cross-posted political articles, often whole-text copyright violation of articles found on the Web, aren't on topic, but they don't meet the
definition of cancellable spam.

We don't have to worry too much about cancellable spam and how it
appears to users as there are decent spam countermeasures. It's all the
other off-topic garbage.

The statistics Thomas provided don't tell us about on-topic posting via
Google Groups, and that's the only number that's important. Are there
enough on-topic versus non-spam off-topic articles being posted through
Google Groups to peer with them? That's the only true consideration.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hi,

A little bit long post...

Le Wed, 8 Sep 2021 10:43:29 -0600, Grant Taylor a écrit :

On 9/8/21 1:58 AM, yamo' wrote:

When I'll have time I will share the script gaved to me by another
newsmaster and some tricks of my conf.

I'd be interested in seeing said script / tricks.

On a debian buster ( spamassassin 3.4.4 is a good choice)
Or bullseye (3.4.6 working fine but there is some tricks that I've lost in a SD card :< ) :


___________________

In /etc/news/newsfeeds :


spamchk!:local.test:Tp,Ac:spamchk %s#replace local.test by some usefull groups

___________________
In /usr/lib/news/bin/spamchk :
#!/bin/sh
# -----------------------------------------------------------------
# File: spamchk
# Purpose: SPAMASSASSIN shell-based filter used with INN
# Location: /usr/local/bin
# Author: Doug Le Tough
# -----------------------------------------------------------------

#set -x
# Variables
PATH=$PATH:/usr/lib/news/bin/
SM="/usr/lib/news/bin/sm"
BC="/usr/bin/bc -l"
AWK="/usr/bin/awk"
ICONV="/usr/bin/iconv"
SPAMC_USER="news"
#SPAMC AND LOCAL TUNNING...
#SPAMC="/usr/local/bin/spamc -t 55 -n 55 -c --max-size=64000 --retry-sleep=39 --filter-retries=2 --connect-retries=3"
#SPAMC="/usr/local/bin/spamc -t 55 -n 55 -c --retry-sleep=39 --filter-retries=2 --connect-retries=3"
# SLOW but usefull tunning :
#SPAMC="/usr/local/bin/spamc -t 25 -n 25 -c --retry-sleep=37 --filter-retries=7 --connect-retries=13"
# faster but skip a lot of spam
SPAMC="/usr/local/bin/spamc -t 5 -n 5 -c --filter-retry-sleep=99 --retry-sleep=99 --filter-retries=2 --connect-retries=2"
LOG="/var/log/news/news.spam"
LOGGER="logger -p news.notice"
# after mkdir /var/tmp/spamchk
SPAMLOG_PATH="/var/tmp/spamchk"
MESSAGE=""
NEWSGROUPS="erreur"
#CONVERTI="_converti"
# Spam max score
# LOCAL STUFF
SPAM_LIMIT=5
#SPAM_LIMIT=7.4
#erreur Spam spotted: [0/0] **
ERRORMID='0/0';
ERRORINIT='@000F00000000000000000000000000000000@';
#MESSAGESPAM = $1
# Pipe message to spamc
if [ "$ERRORINIT" != "$1" ] ; then
SPAM_VALUE1=$($SM -S $1 |$SPAMC | $AWK -F '/' '{print $1}' )
if [ "$MESSAGE" != "$SPAM_VALUE1" ] ; then
if [ "$ERRORMID" != "$SPAM_VALUE1" ] ; then
# echo "## $0 : $1 [$SPAM_VALUE1]" >> $LOG
# echo "## $1 [$SPAM_VALUE1]" >> $LOG
# SPAM_VALUE=$(echo "(5*$SPAM_VALUE)" | $BC)
if (( $(echo "$SPAM_VALUE1 $SPAM_LIMIT" | awk '{exit ( $1 < $2)}') )); then
#then
MID=$($SM -S $1 2>/dev/null | grep Message-ID)
CLEAN_MID=$(echo $MID | $AWK -F "<" '{print $2}' | $AWK -F ">" '{print $1}')
NEWSGROUPS=$($SM -S $1 | grep Newsgroups)
MESSAGE="$SPAM_VALUE1/$SPAM_LIMIT"
echo "Spam $MESSAGE $MID $NEWSGROUPS" >> $LOG
#echo "$0: Spam spotted: [$MESSAGE] ** $MID"
# Move spam article to SPAMLOG_PATH
# $SM -S $1 >> $SPAMLOG_PATH/$SPAM_VALUE1.$CLEAN_MID
# LOCAL STUFF : /usr/lib/news/bin/ctlinnd
/usr/lib/news/bin/ctlinnd cancel $CLEAN_MID 2>/dev/null 1>/dev/null
# rapport un peu bavard ...
#head -100 "$SPAMLOG_PATH/$SPAM_VALUE1.$CLEAN_MID" > "$SPAMLOG_PATH/$SPAM_VALUE1.$CLEAN_MID_cut"
# LOCAL STUFF : /usr/lib/news/bin/rapportspam for debugging in some local.spam group
#/usr/lib/news/bin/rapportspam.misc.test.pl $CLEAN_MID "$MESSAGE" "$SPAMLOG_PATH/$SPAM_VALUE1.$CLEAN_MID_cut"
else
# seulement log
echo "## $1 [$SPAM_VALUE1]" >> $LOG
# echo "## $0 : $1 [$SPAM_VALUE1]" >> $LOG
# pour tests
#echo "$DATE $HOST $0: $1 PAS DE Spam : [ $SPAM_VALUE1 < $SPAM_LIMIT ] ** $MID"
fi
else
#errlog
echo "$0 $1 erreur [$SPAM_VALUE1] $MID" >>$LOG
fi
else
echo "erreur $0 : $1 [$SPAM_VALUE1] vide [$MESSAGE]" >>$LOG
exit 1
fi

fi
exit 0


In debian tunning spamassassin for NNTP :

___________________
/etc/spamassassin/drugs.cf
# local filter that I could send by mail to not inform spammers...

___________________
/etc/spamassassin/headers.cf
# local filter ...

___________________
/etc/spamassassin/init.pre
# disabling standard filters :
# loadplugin Mail::SpamAssassin::Plugin::RelayCountry
#loadplugin Mail::SpamAssassin::Plugin::Hashcash
#loadplugin Mail::SpamAssassin::Plugin::SPF

___________________
/etc/spamassassin/karma.cf
#loadplugin Mail::SpamAssassin::Plugin::Karmasphere

___________________
/etc/spamassassin/local.cf
lock_method flock
## par défaut 0600
# maybe to be updated...
#bayes_file_mode=0666
time_limit 200
ignore_always_matching_regexps 1
required_score 5.0
#required_score 7.4
use_bayes 1
bayes_auto_learn 1
bayes_auto_learn_threshold_spam 5.9
bayes_auto_learn_threshold_nonspam -5
bayes_expiry_max_db_size 500000
#bayes_auto_expire 1
bayes_auto_expire 0
# bayes_ignore_header X-Bogosity
# bayes_ignore_header X-Spam-Flag
# bayes_ignore_header X-Spam-Status
loadplugin Mail::SpamAssassin::Plugin::Shortcircuit
#loadplugin Mail::SpamAssassin::Plugin::WLBLEval
# Some shortcircuiting, if the plugin is enabled
#
ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
shortcircuit USER_IN_WHITELIST on
shortcircuit USER_IN_DEF_WHITELIST on
shortcircuit USER_IN_ALL_SPAM_TO on
shortcircuit SUBJECT_IN_WHITELIST on

# the opposite; blacklisted mails can also save CPU
#
shortcircuit USER_IN_BLACKLIST on
shortcircuit USER_IN_BLACKLIST_TO on
shortcircuit SUBJECT_IN_BLACKLIST on
# if you have taken the time to correctly specify your "trusted_networks",
# this is another good way to save CPU
#
# shortcircuit ALL_TRUSTED on

# and a well-trained bayes DB can save running rules, too
#

shortcircuit BAYES_99 spam

# shortcircuit BAYES_00 ham

endif # Mail::SpamAssassin::Plugin::Shortcircuit

allow_user_rules 1
loadplugin Mail::SpamAssassin::Plugin::TextCat
#loadplugin Mail::SpamAssassin::Plugin::URIDNSBL
#loadplugin Mail::SpamAssassin::Plugin::DNSEval
#use_pyzor 0
#use_dcc 0
#use_dcc 0
#use_razor 0
ok_languages fr
use_txrep 1
txrep_dilution_factor 0.86
txrep_factor 0.47
#default txrep_learn_penalty 20
txrep_learn_penalty 30
#default txrep_learn_bonus 20
txrep_learn_bonus 30
#whitelist_from someadresses
#blacklist_from someadresses

___________________
/etc/spamassassin/meta.cf
#local STUFF for all meta rules ...

___________________
/etc/spamassassin/news.cf
#very long local stuff...

___________________
/etc/spamassassin/nospam.cf
# local stuff...

___________________
/etc/spamassassin/prets.cf
# local stuff

___________________
/etc/spamassassin/sa-compile.pre
# Rule2XSBody - speedup by compilation of ruleset to native code
#
loadplugin Mail::SpamAssassin::Plugin::Rule2XSBody

___________________
/etc/spamassassin/sexe.cf
#local stuff on boring sex spam

___________________
/etc/spamassassin/spamassassin_fr.cf
# stuff found on the web

___________________
/etc/spamassassin/v310.pre
#loadplugin Mail::SpamAssassin::Plugin::DCC
#loadplugin Mail::SpamAssassin::Plugin::Pyzor
#loadplugin Mail::SpamAssassin::Plugin::Razor2
#loadplugin Mail::SpamAssassin::Plugin::SpamCop
#loadplugin Mail::SpamAssassin::Plugin::AntiVirus
#may working...
#loadplugin Mail::SpamAssassin::Plugin::AWL
# AutoLearnThreshold - threshold-based discriminator for Bayes auto-learning
#
loadplugin Mail::SpamAssassin::Plugin::AutoLearnThreshold
# TextCat - language guesser
#
loadplugin Mail::SpamAssassin::Plugin::TextCat
# AccessDB - lookup from-addresses in access database
#
#loadplugin Mail::SpamAssassin::Plugin::AccessDB

# WhitelistSubject - Whitelist/Blacklist certain subject regular expressions
#
loadplugin Mail::SpamAssassin::Plugin::WhiteListSubject
loadplugin Mail::SpamAssassin::Plugin::MIMEHeader
#may not be usefull (?)
loadplugin Mail::SpamAssassin::Plugin::ReplaceTags

___________________
/etc/spamassassin/v312.pre
#loadplugin Mail::SpamAssassin::Plugin::DKIM

___________________
/etc/spamassassin/v320.pre
loadplugin Mail::SpamAssassin::Plugin::Check
#loadplugin Mail::SpamAssassin::Plugin::HTTPSMismatch
#loadplugin Mail::SpamAssassin::Plugin::URIDetail
#very usefull
loadplugin Mail::SpamAssassin::Plugin::Shortcircuit
# Plugins which used to be EvalTests.pm
# broken out into separate plugins
loadplugin Mail::SpamAssassin::Plugin::Bayes
loadplugin Mail::SpamAssassin::Plugin::BodyEval
#loadplugin Mail::SpamAssassin::Plugin::DNSEval
loadplugin Mail::SpamAssassin::Plugin::HTMLEval
loadplugin Mail::SpamAssassin::Plugin::HeaderEval
loadplugin Mail::SpamAssassin::Plugin::MIMEEval
#loadplugin Mail::SpamAssassin::Plugin::RelayEval
#loadplugin Mail::SpamAssassin::Plugin::URIEval
#loadplugin Mail::SpamAssassin::Plugin::WLBLEval

#loadplugin Mail::SpamAssassin::Plugin::VBounce

# Rule2XSBody - speedup by compilation of ruleset to native code
#
loadplugin Mail::SpamAssassin::Plugin::Rule2XSBody

# ASN - Look up the Autonomous System Number of the connecting IP
# and create a header containing ASN data for bayes tokenization.
# See plugin's POD docs for usage info.
#
# loadplugin Mail::SpamAssassin::Plugin::ASN

# ImageInfo - rules to match metadata of image attachments
#
#loadplugin Mail::SpamAssassin::Plugin::ImageInfo

___________________
/etc/spamassassin/v330.pre
#loadplugin Mail::SpamAssassin::Plugin::PhishTag
#loadplugin Mail::SpamAssassin::Plugin::FreeMail

___________________
/etc/spamassassin/v340.pre
#may not be usefull
loadplugin Mail::SpamAssassin::Plugin::AskDNS

___________________
/etc/spamassassin/v341.pre
# TxRep - Reputation database that replaces AWL
loadplugin Mail::SpamAssassin::Plugin::TxRep

# URILocalBL - Provides ISP and Country code based filtering as well as
# quick IP based blocks without a full RBL implementation - Bug 7060

# loadplugin Mail::SpamAssassin::Plugin::URILocalBL

# PDFInfo - Use several methods to detect a PDF file's ham/spam traits
# loadplugin Mail::SpamAssassin::Plugin::PDFInfo

___________________
/etc/spamassassin/v342.pre

# HashBL - Use EBL email blocklist
# loadplugin Mail::SpamAssassin::Plugin::HashBL

# ResourceLimits - assure your spamd child processes
# do not exceed specified CPU or memory limit
# loadplugin Mail::SpamAssassin::Plugin::ResourceLimits


# FromNameSpoof - help stop spam that tries to spoof other domains using
# the from name
# loadplugin Mail::SpamAssassin::Plugin::FromNameSpoof

# Phishing - finds uris used in phishing campaigns detected by
# OpenPhish or PhishTank feeds.
# loadplugin Mail::SpamAssassin::Plugin::Phishing

# allow URI rules to look at DKIM headers if they exist
# parse_dkim_uris 1


___________________
/etc/spamassassin/v343.pre
# loadplugin Mail::SpamAssassin::Plugin::OLEVBMacro


___________________
~news/.spamassassin/user_prefs
######################
#very important file #
######################
#score USER_IN_WHITELIST -6.0

ok_languages fr
bayes_ignore_header X-Received
bayes_ignore_header Received
bayes_ignore_header Path
bayes_ignore_header TO
bayes_ignore_header CC
dns_available yes

############################################################################### score BAYES_00 -2.5
score BAYES_05 -1.6
# score BAYES_10 -1.0 #n'existe pas à ma connaissance
score BAYES_20 -0.5
score BAYES_40 1.2
score BAYES_50 2.2
score BAYES_60 3.2
score BAYES_80 4.6
score BAYES_95 5.6
score BAYES_99 6.3
# BAYES_999 actuellement inutile mais à laisser si abandon de 100 SHORTCIRCUIT
score BAYES_999 2.7
# BAYES_999 s'ajoute à BAYES_99 ###############################################################################

bayes_auto_learn_threshold_nonspam 0.1
bayes_auto_learn_threshold_spam 7.0
bayes_auto_learn 1
# LIVE_PORN 1 -> 2.55
score LIVE_PORN 2.55
# BANKING_LAWS 4 -> 4.55
score BANKING_LAWS 4.55
# MONEY_BACK 3.2 -> 4.25
score MONEY_BACK 4.25
############################
## LOTS_OF_MONEY peu fiable
## LOTS_OF_MONEY 3.1 -> 0.3 -> 0.7 -> 0.9 -> 1.3 -> 1.1 -> 0.95 -> 0.55 -> 0.43 -> 0.235
score LOTS_OF_MONEY 0.235
# REFINANCE_YOUR_HOME 1.1 -> 2 -> 2.9 > 3.944
score REFINANCE_YOUR_HOME 3.944
# __CLICK_HERE 0.2 -> 0.65 -> 1.5 -> 2.55
score __CLICK_HERE 2.557

# FREE_PORN 0.8 -> 1.2 -> 1.5 -> 2.5 -> 4.75 > 5.75
score FREE_PORN 5.755
score US_DOLLARS_3 0.9
# 0.8 -> 1.8 -> 1.5 -> 1.65
score T_FILL_THIS_FORM_SHORT 1.655
score FILL_THIS_FORM 2.15
score FILL_THIS_FORM_SHORT 2.15
score FILL_THIS_FORM_LONG 2.65
score FILL_THIS_FORM_LOAN 3.15
score FILL_THIS_FORM_FRAUD_PHISH 4.65
score T_FILL_THIS_FORM_FRAUD_PHISH 2.55
score T_FILL_THIS_FORM_LONG 1.65
# SUBJ_ALL_CAPS 1.4 > 0.9 -> 1 -> 1.23
score SUBJ_ALL_CAPS 1.23
# HTML_COMMENT_8BITS 2.0 -> 2.25
score HTML_COMMENT_8BITS 2.25
# score UPPERCASE_25_50 2.9
# UPPERCASE_50_75 3.5 -> 2.47 -> 2.16
score UPPERCASE_50_75 2.16
score UPPERCASE_75_100 3.9
# TVD_SPACE_RATIO 0.45 > 0.59 -> 0.659 -> 0.249
score TVD_SPACE_RATIO 0.249
# TVD_SPACE_RATIO_MINFP 0.45 -> 0.545
score TVD_SPACE_RATIO_MINFP 0.545
score URI_HEX 1.2
# URI_TRY_3LD 0.2 -> 0.7
score URI_TRY_3LD 0.7
# MONEY_FRAUD_3 3.3 -> 1.3
score MONEY_FRAUD_3 1.3
score XFER_LOTSA_MONEY 3.5
score MONEY_FORM_SHORT 1.9
# 3 scores suivants 0.2 -> 0.45 -> 1.45 -> 1.66-> 1.76 > 1.86
score ADVANCE_FEE_3_NEW 1.865
score ADVANCE_FEE_3_NEW_MONEY 1.865
score ADVANCE_FEE_3_NEW_FORM 1.865
# à surveiller faux positifs possibles
# doublon possible avec une autre règle
# ADVANCE_FEE_2_NEW_MONEY 3.9 -> 2.7 -> 2.9 -> 2 -> 2.2 -> 1.26 > 1.365
score ADVANCE_FEE_2_NEW_MONEY 1.365
# ADVANCE_FEE_2_NEW_FORM 1 -> 1.66 -> 1.97
score ADVANCE_FEE_2_NEW_FORM 1.97
# ADVANCE_FEE_4_NEW 2.753 -> 2.99 -> 2
score ADVANCE_FEE_4_NEW 2

# RISK_FREE 6.9 -> 3.9
score RISK_FREE 3.9
# LONGWORDS 2 > 3.9 > 4.25
score LONGWORDS 4.25
# LUCRATIVE 2.9 -> 3.7 -> 4.75 -> 2.35
score LUCRATIVE 2.35
# DEAR_SOMETHING 2.0 -> 2.44 -> 2.64
score DEAR_SOMETHING 2.64
# BODY_8BITS peu pertinent sur les news
# BODY_8BITS 1.5 -> 0.7 -> 1.17 -> 0.57 -> 0.275
score BODY_8BITS 0.275
# passage de 2.7 à 1.7
score FIN_FREE 1.7
# BODY_SINGLE_WORD 2.5 -> 1.3 -> 0.9 -> 0.6 > 0.444 > 0.144
score BODY_SINGLE_WORD 0.144
# BODY_SINGLE_URI 1.1 -> 0.455 -> 0.333
score BODY_SINGLE_URI 0.333
score SUBJECT_SEXUAL 6.9
## à surveiller : 0.4 -> 1.25 -> 0.66 -> 0.355
score WEIRD_QUOTING 0.355
# 1.3 au lieu de 3.3 puis 1.4
score RCVD_IN_PBL 1.4
#peu pertinent dans les news
# FSL_BULK_SIG 0.6 -> 0.1
score FSL_BULK_SIG 0.1
# PLING_QUERY 0.5 -> 0.755
score PLING_QUERY 0.755
score T_HK_NAME_DR 0.1
# HK_RANDOM_FROM 0.6 -> 1 -> 1.2 -> 0.777
score HK_RANDOM_FROM 0.777
########
score URG_BIZ 7.9
score PRICES_ARE_AFFORDABLE 3.9
score LOW_PRICE 3.9
#BANG_GUAR 1.0 -> 1.5 -> 2.15 -> 3.15 -> 4.15
score BANG_GUAR 4.15
# FROM_LOCAL_NOVOWEL 2.0 -> 1.35
score FROM_LOCAL_NOVOWEL 1.35
score URI_NOVOWEL 2.1
score URI_OBFU_WWW 4.1
# FUZZY_ERECT 2.4 -> 0.78 -> 1.28
score FUZZY_ERECT 1.28

# FUZZY_CREDIT 2.4 -> 2.9 -> 2.2 -> 0.5 -> 0.9 -> 1.15 -> 0.75 -> 0.55 -> 0.77 -> 0.87
score FUZZY_CREDIT 0.87
# DIET_1 5.79 -> 2.79
# faux positifs!!
score DIET_1 2.79
score HK_LOTTO_NAME 3.66
# GAPPY_SUBJECT 2 -> 3.4 -> 3.6 -> 4.6 -> 4.05 -> 2.55
score GAPPY_SUBJECT 2.55
#1.6 au lieu de 0.6 puis 3.6
score SUBJ_BUY 4.9
# 0.1 -> 0.8 > 1.8 -> 1.95 -> 2.25
score MONEY_FRAUD_5 2.25
# 0 -> 0.5 -> 2.9 -> 3.95
score FORM_FRAUD_5 3.95
score GOOG_REDIR_SHORT -0.3
# MARKETING_PARTNERS 2.5 -> 3.5 -> 5.5 -> 6.5
score MARKETING_PARTNERS 6.5
score SPOOF_COM2COM 0.2
# SPOOF_COM2OTH 2.7 ->0.2
score SPOOF_COM2OTH 0.2
#### A surveiller #################
# SERGIO_SUBJECT_PORN014 4.5 -> 1.5 -> 1.95
score SERGIO_SUBJECT_PORN014 2.95
score SERGIO_SUBJECT_PORN015 5.0
score SERGIO_SUBJECT_VIAGRA01 4.5
score MONEY_FROM_41 3.5
# FUZZY_XPILL 2.8 -> 1.8
# 2.8 faux positifs
score FUZZY_XPILL 2.65
score SUBJECT_FUZZY_MEDS 3.5
score DEAR_BENEFICIARY 4.85
# T_ANY_PILL_PRICE 0.0 -> 1.1 -> 1.9
score T_ANY_PILL_PRICE 3.35
score FUZZY_CPILL 3.8
score GUARANTEED_100_PERCENT 4.9
# DRUG_ED_SILD 0.0 -> 0.66
score DRUG_ED_SILD 0.66
# DRUG_ED_ONLINE 0.6 -> 1.6 -> 4.6 -> 5.6
score DRUG_ED_ONLINE 5.6
# faux positifs pour DRUG_DOSAGE 2.27 -> 2.3 -> 1.9 -> 2.25 -> 2.27 -> 1.97 score DRUG_DOSAGE 1.97
# DRUGS_ANXIETY 3.6 -> 1.6 -> 1.1 -> 2.6 -> 3 -> 2.6 -> 1.95 -> 2.35 -> 2.46 score DRUGS_ANXIETY 2.46

# DRUGS_ANXIETY_EREC 3.9 -> 3.4
score DRUGS_ANXIETY_EREC 3.55
# DRUGS_ANXIETY_OBFU 3.95 -> 2.95
score DRUGS_ANXIETY_OBFU 2.95
score DRUGS_DIET 3.75
score DRUGS_DIET_OBFU 3.77
# DRUGS_ERECTILE 3.2 -> 2.9 -> 2.4
score DRUGS_ERECTILE 2.75
score DRUGS_ERECTILE_OBFU 3.75
score DRUGS_HDIA 4.35
score DRUGS_MANYKINDS 4.95
score DRUGS_MUSCLE 4.75
score DRUGS_SLEEP_EREC 4.88
score DRUGS_SMEAR1 4.98
score DRUGS_STOCK_MIMEOLE 4.15
score HK_NAME_DRUGS 6.55
# 5.1 -> 1.5 -> 0.9 -> 1.25 -> 1.37
# beaucoup de faux positifs
score DRUG_ED_CAPS 1.37
score TVD_QUAL_MEDS 5.6
score ONLINE_PHARMACY 9.1
score TVD_VISIT_PHARMA 6.8
# NO_PRESCRIPTION 4.8 -> 5.95
score NO_PRESCRIPTION 5.95
# IMPOTENCE 3.2 -> 3.75
score IMPOTENCE 3.75
# HK_NAME_MR_MRS 0.1 -> 0.25
score HK_NAME_MR_MRS 0.25
# PDS_BTC_ID 0.5 -> 0.355
score PDS_BTC_ID 0.355
# BITCOIN_SPAM_02 2.5 -> 0.55 -> 0.75 -> 0.355
score BITCOIN_SPAM_02 0.355
# BITCOIN_SPAM_03 2.5 -> 1.0 -> 1.75 -> 2.05
score BITCOIN_SPAM_03 2.05
#score DKIM_SIGNED 0.1 -> -0.3
score DKIM_SIGNED -0.3
# DKIM_INVALID 0.1-> 0.3
score DKIM_INVALID 0.3
# 0.3 avec 0.4 faux positifs
score DKIM_ADSP_CUSTOM_MED 0.1
# 0.3 avec 0.4 faux positifs
score NML_ADSP_CUSTOM_MED 0.1
score STOX_REPLY_TYPE_WITHOUT_QUOTES 0.35

score XPRIO 0.0
score BODY_ENHANCEMENT 1.7
# score 3.0 -> 1.0 SUBJ_YOUR_FAMILY -> 2.36 -> 2.66 -> 2.77
score SUBJ_YOUR_FAMILY 2.77
score MIXED_ES 0.17
#4.5 BAD_CREDIT BODY: Contient "Eliminate Bad Credit"
# 4.5 -> 8.5
score BAD_CREDIT 8.5
# T_MONEY_PERCENT 0.0 -> 0.6 -> 0.75
score T_MONEY_PERCENT 0.75
# spam google?
# MIME_QP_LONG_LINE 0.2 -> 0.45 -> 0.66
score MIME_QP_LONG_LINE 0.66
score SUBJECT_NEEDS_ENCODING 0.0
# FUZZY_AMBIEN 0.6 -> 1.6 -> 1.9 -> 2.36 -> 2.46
score FUZZY_AMBIEN 2.46
# sur usenet bof...
score TRACKER_ID 0.1
# UNWANTED_LANGUAGE_BODY 2.8 -> 1 -> 0.6 -> 0.3 -> 0.1
score UNWANTED_LANGUAGE_BODY 0.1



# bugs possible sur ces regles
body SPAM45_UTF8 /\x{0441}\x{0435}\x{043A}\x{0441}\x{0430}/i
score SPAM45_UTF8 0.2
describe SPAM45_UTF8 Spam possible

body SPAM46_UTF8 /\x{0646}\x{0648}\x{0643}\x{0623}\x{0627}\x{0646}\x{0623}/i
score SPAM46_UTF8 0.2
describe SPAM46_UTF8 Spam possible

# fin bugs possible

####################################
### 0.0 ou commenté ###
####################################
#score RAZOR2_CHECK 0.9
#score RAZOR2_CF_RANGE_51_100 2.3
#score RAZOR2_CF_RANGE_E4_51_100 1.9
#score RAZOR2_CF_RANGE_E8_51_100 2.0
#score URIBL_SBL 0.2
#score URIBL_SBL_A 0.3
score URI_NO_WWW_INFO_CGI 0.0
# TVD_PH_BODY_ACCOUNTS_PRE
# rien à faire sur usenet
# passage de 2.4 à 1.6 puis 0.0(faux positifs)
score TVD_PH_BODY_ACCOUNTS_PRE 0.0
# PDS_BTC_ID 0.4 -> 0.0
score PDS_BTC_ID 0.0
score PDS_BTC_MSGID 0.0
# APOSTROPHE_FROM 0.5 -> 0.0
score APOSTROPHE_FROM 0.0
score AC_FROM_MANY_DOTS 0.0
# CTE_8BIT_MISMATCH 1.0 -> 0.0
score CTE_8BIT_MISMATCH 0.0
score EMPTY_MESSAGE 0.0
describe EMPTY_MESSAGE Bug spam assassin?
score TO_NO_BRKTS_FROM_MSSP 0.0
score SUBJ_ILLEGAL_CHARS 0.0
score XPRIO_SHORT_SUBJ 0.0
score FRNAME_IN_MSG_XPRIO 0.0
score XPRIO 0.0
score MSM_PRIO_REPTO 0.0
score FORGED_GMAIL_RCVD 0.0
score FROM_EXCESS_BASE64 0.0
score FROM_STARTS_WITH_NUMS 0.0
score MSGID_RANDY 0.0
score HEADER_SPAM 0.0
score FROM_ADDR_WS 0.0
score TVD_FINGER_02 0.0
score PDS_FROM_2_EMAILS 0.0
score NAME_EMAIL_DIFF 0.0
score __RFC_IGNORANT_ENVTO 0.0
score DNS_TO_RFC_DSN 0.0
score DNS_TO_RFC_POST 0.0
#score DNS_TO_RFC_ABUSE 0.0
score DNS_TO_RFC_WHOIS 0.0
score DNS_TO_RFC_BOGUSMX 0.0
score RDNS_NONE 0.0
score __RFC_IGNORANT_ENVRECEIVED 0.0
score DNS_RECEIVED_RFC_DSN 0.0
score DNS_RECEIVED_RFC_POST 0.0
score DNS_RECEIVED_RFC_ABUSE 0.0
score DNS_RECEIVED_RFC_WHOIS 0.0
score DNS_RECEIVED_RFC_BOGUSMX 0.0
score MISSING_HEADERS 0.0
score MISSING_FROM 0.0
score MISSING_DATE 0.0
score MISSING_MID 0.0
score MISSING_SUBJECT 0.0
score PP_MIME_FAKE_ASCII_TEXT 0.0
score NO_RECEIVED 0.0
score FREEMAIL_FROM 0.0
# FROM_ADDR_WS Malformed From address
# FROM_ADDR_WS 3.0 -> 0.0
# HEADER_SPAM 2.0 -> 0.0
score MALFORMED_FREEMAIL 0.0
score NO_RECEIVED 0.0
score NO_RELAYS 0.0
score INVALID_DATE 0.0
score REPLYTO_WITHOUT_TO_CC 0.0
score TO_NO_BRKTS_PCNT 0.0
score FROM_NO_USER 0.0
#score URIBL_GREY 1.4
#URIBL_DBL_ABUSE_REDIR 1.3 -> 0.7
#score URIBL_DBL_ABUSE_REDIR 0.7
#score URIBL_ABUSE_SURBL 2.5
#score URIBL_PH_SURBL 0.8
#score URIBL_RHS_DOB 2.4
#score URIBL_WS_SURBL 1.9
#score URIBL_MW_SURBL 1.6
#score URIBL_CR_SURBL 1.7
## 2.5 -> 2.4 -> 2.3 -> 0.9
#score URIBL_BLACK 0.9
## 3.8 -> 3.7 -> 2.7 attention à URIBL_RED
# URIBL_DBL_SPAM 2.7 -> 1.9
#score URIBL_DBL_SPAM 1.9
#score URIBL_DBL_PHISH 4.3
#score URIBL_DBL_MALWARE 4.7
#score URIBL_DBL_BOTNETCC 3.8
#score URIBL_DBL_ABUSE_SPAM 3.9
# 1.5 attention avec 3.9 faux positifs
#score URIBL_DBL_ABUSE_PHISH 1.5
# 4.3 faux positif URIBL_DBL_ABUSE_MALW -> 3.2 -> 2.2 -> 1.2
#score URIBL_DBL_ABUSE_MALW 1.2
#score URIBL_DBL_ABUSE_BOTCC 4.2
# passage de 0.7 à 1.7
# attention à URIBL_DBL_SPAM (passage de 3.7 à 2.7)
#score URIBL_RED 1.7
#score URIBL_BLOCKED 0.9
#score URIBL_DBL_ERROR 0.1
# SPOOF_COM2COM 2.0 -> 0.2
score DKIM_ADSP_DISCARD 0.0
score DKIM_ADSP_NXDOMAIN 0.0
score FREEMAIL_REPLY 0.0
score FREEMAIL_FORGED_REPLYTO 0.0
score FREEMAIL_REPLYTO 0.0
#score RCVD_IN_SORBS_WEB 0.5
#score RCVD_IN_SBL_CSS 0.5
# STOX_REPLY_TYPE 0.4 > 0.1 > 0.0
score STOX_REPLY_TYPE 0.0


##compiling the rules :

nice -n 19 sa-compile --keep-tmps 2> /var/log/sa-compile.log



--
Stéphane 🔗<http://pasdenom.info/fortune/>
Nous oublions aisément nos fautes lorsqu'elles ne sont sues que de nous.
-+- François de La Rochefoucauld (1613-1680), Maximes 196 -+-

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 9/19/21 4:11 AM, yamo' wrote:

Hi,

A little bit long post...

Thank you for sharing.

I'll read ~> study this as time permits in the coming days.



--
Grant. . . .
unix || die

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hi Frank,

After a quick look: last month (2021-08), 14% of all posts in de.*
came from Google Groups. I don't think that will be much different for
English-speaking hierarchies. That would be a pretty big chunk to
block.

According to Richard's spool stats
https://www.greenend.org.uk/rjk/spoolstats/
https://www.greenend.org.uk/rjk/spoolstats/agents-summary.html
in the last 7 days, about 9000 articles out of 27000 in the Big-8 and
uk.* came from Google Groups. A third!

--
Julien ÉLIE

« Cela n'a rien de remarquable. Il suffit d'appuyer sur la bonne touche
au bon moment et l'instrument joue tout seul. » (J.-S. Bach)

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 9/19/21 10:16 AM, Grant Taylor wrote:

On 9/19/21 4:11 AM, yamo' wrote:

Hi,

A little bit long post...

Thank you for sharing.

I'll read ~> study this as time permits in the coming days.

I am not sure if anyone has used it with an NNTP server yet but rspamd
is generally superior to SpamAssassin in every way https://www.rspamd.com/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)