首页 | 邮件资讯 | 技术教程 | 解决方案 | 产品评测 | 邮件人才 | 邮件博客 | 邮件系统论坛 | 软件下载 | 邮件周刊 | 热点专题 | 工具
网络技术 | 操作系统 | 邮件系统 | 客户端 | 电子邮箱 | 反垃圾邮件 | 邮件安全 | 邮件营销 | 移动电邮 | 邮件软件下载 | 电子书下载

反垃圾邮件

技术综述 | 客户端 | 服务器端 |
首页 > 反垃圾邮件 > 服务器端反垃圾邮件技术 > Spamassassin Explanation > 正文

Spamassassin Explanation

出处:疯狂老头的博客 作者:疯狂老头 时间:2006-9-5 23:20:00
Test  Description
ACCESSDB  Message would have been caught by accessdb
ACT_NOW_CAPS  Talks about 'acting now' with capitals
ADDRESS_IN_SUBJECT  To: address appears in Subject
ADDR_FREE  From Address contains FREE
ADDR_NUMS_AT_BIGSITE  Has an address with lots of numbers at a big ISP
ADVANCE_FEE_1  Appears to be advance fee fraud (Nigerian 419)
ADVANCE_FEE_2  Appears to be advance fee fraud (Nigerian 419)
ADVANCE_FEE_3  Appears to be advance fee fraud (Nigerian 419)
ADVANCE_FEE_4  Appears to be advance fee fraud (Nigerian 419)
ALL_NATURAL  Spam is 100% natural?!
ALL_TRUSTED  Passed through trusted hosts only via SMTP
AMATEUR_PORN  Possible porn - Amateur Porn
AMAZING_STUFF  Amazing Stuff
AS_SEEN_ON  As seen on national TV!
AWL  From: address is in the auto white-list
BAD_CREDIT  Eliminate Bad Credit
BAD_ENC_HEADER  Message has bad MIME encoding in the header
BANG_EXERCISE  Talks about exercise with an exclamation!
BANG_GUAR  Something is emphatically guaranteed
BANG_MORE  Talks about more with an exclamation!
BANG_OPRAH  Talks about Oprah with an exclamation!
BARGAIN_URL  Includes a link to a likely spammer domain
BAYES_00  Bayesian spam probability is 0 to 1%
BAYES_05  Bayesian spam probability is 1 to 5%
BAYES_20  Bayesian spam probability is 5 to 20%
BAYES_40  Bayesian spam probability is 20 to 40%
BAYES_50  Bayesian spam probability is 40 to 60%
BAYES_60  Bayesian spam probability is 60 to 80%
BAYES_80  Bayesian spam probability is 80 to 95%
BAYES_95  Bayesian spam probability is 95 to 99%
BAYES_99  Bayesian spam probability is 99 to 100%
BEST_PORN  Possible porn - Best, Largest, Most Porn
BE_BOSS  Be your own boss
BILLION_DOLLARS  Talks about lots of money
BILL_1618  Possible mention of bill 1618 (anti-spam bill)
BIZ_TLD  Contains an URL in the BIZ top-level domain
BLANK_LINES_70_80  Message body has 70-80% blank lines
BLANK_LINES_80_90  Message body has 80-90% blank lines
BLANK_LINES_90_100  Message body has 90-100% blank lines
BODY_8BITS  Body includes 8 consecutive 8-bit characters
BODY_ENHANCEMENT  Information on growing body parts
BODY_ENHANCEMENT2  Information on getting larger body parts
CHARSET_FARAWAY  Character set indicates a foreign language
CHARSET_FARAWAY_HEADER  A foreign language charset used in headers
CHINA_HEADER  Involves 'china.com'
CLICK_BELOW_CAPS  Asks you to click below (in capital letters)
CLICK_TO_REMOVE_1  Click to be removed
COMPETE  Compete for your business
CONFIDENTIAL_ORDER  Confidentiality on all orders
CONFIRMED_FORGED  Received headers are forged
CONSOLIDATE_DEBT  Consolidate debt, credit, or bills
CUM_SHOT  Possible porn - Cum Shot
DATE_IN_FUTURE_03_06  Date: is 3 to 6 hours after Received: date
DATE_IN_FUTURE_06_12  Date: is 6 to 12 hours after Received: date
DATE_IN_FUTURE_12_24  Date: is 12 to 24 hours after Received: date
DATE_IN_FUTURE_24_48  Date: is 24 to 48 hours after Received: date
DATE_IN_FUTURE_48_96  Date: is 48 to 96 hours after Received: date
DATE_IN_FUTURE_96_XX  Date: is 96 hours or more after Received: date
DATE_IN_PAST_03_06  Date: is 3 to 6 hours before Received: date
DATE_IN_PAST_06_12  Date: is 6 to 12 hours before Received: date
DATE_IN_PAST_12_24  Date: is 12 to 24 hours before Received: date
DATE_IN_PAST_24_48  Date: is 24 to 48 hours before Received: date
DATE_IN_PAST_48_96  Date: is 48 to 96 hours before Received: date
DATE_IN_PAST_96_XX  Date: is 96 hours or more before Received: date
DATE_SPAMWARE_Y2K  Date header uses unusual Y2K formatting
DAV_NON_HOTMAIL  Message sent using DAV, but not via Hotmail
DCC_CHECK  Listed in DCC (http://rhyolite.com/anti-s...
DEAR_FRIEND  Dear Friend? That's not very dear!
DEAR_SOMETHING  Contains 'Dear (something)'
DEEP_DISC_MEDS  Deep discount medications
DIET_1  Lose Weight Spam
DIET_2  Describes weight loss
DIET_3  Describes body fat loss
DIGEST_MULTIPLE  Message hits more than one network digest check
DISGUISE_PORN  Attempts to disguise porn words
DISGUISE_PORN_MUNDANE  Attempts to disguise mundane words used in porn
DK_POLICY_SIGNALL  Domain Keys: policy says domain signs all mails
DK_POLICY_SIGNSOME  Domain Keys: policy says domain signs some mails
DK_POLICY_TESTING  Domain Keys: policy says domain is testing DK
DK_SIGNED  Domain Keys: message has an unverified signature
DK_VERIFIED  Domain Keys: signature passes verification
DNS_FROM_AHBL_RHSBL  From: sender listed in dnsbl.ahbl.org
DNS_FROM_RFC_ABUSE  Envelope sender in abuse.rfc-ignorant.org
DNS_FROM_RFC_BOGUSMX  Envelope sender in bogusmx.rfc-ignorant.org
DNS_FROM_RFC_DSN  Envelope sender in dsn.rfc-ignorant.org
DNS_FROM_RFC_POST  Envelope sender in postmaster.rfc-ignorant.org
DNS_FROM_RFC_WHOIS  Envelope sender in whois.rfc-ignorant.org
DNS_FROM_SECURITYSAGE  Envelope sender in blackholes.securitysage.com
DOMAIN_4U2  Domain name containing a "4u" variant
DOMAIN_RATIO  Message body mentions many internet domains
DRUGS_ANXIETY  Refers to an anxiety control drug
DRUGS_ANXIETY_EREC  Refers to both an erectile and an anxiety drug
DRUGS_ANXIETY_OBFU  Obfuscated reference to an anxiety control drug
DRUGS_DIET  Refers to a diet drug
DRUGS_DIET_OBFU  Obfuscated reference to a diet drug
DRUGS_ERECTILE  Refers to an erectile drug
DRUGS_ERECTILE_OBFU  Obfuscated reference to an erectile drug
DRUGS_MANYKINDS  Refers to at least four kinds of drugs
DRUGS_MUSCLE  Refers to a muscle relaxant
DRUGS_PAIN  Refers to a pain relief drug
DRUGS_PAIN_OBFU  Obfuscated reference to a pain relief drug
DRUGS_SLEEP  Refers to a sleep aid drug
DRUGS_SLEEP_EREC  Refers to both an erectile and a sleep aid drug
DRUGS_SMEAR1  Two or more drugs crammed together into one word
DRUG_DOSAGE  Talks about price per dose
DRUG_ED_CAPS  Mentions an E.D. drug
DRUG_ED_COMBO  Viagra and other drugs
DRUG_ED_GENERIC  Mentions Generic Viagra
DRUG_ED_ONLINE  Fast Viagra Delivery
DRUG_ED_SILD  Talks about an E.D. drug using its chemical name
EARN_PER_WEEK  Contains 'earn $something per week'
EMAIL_ROT13  Body contains a ROT13-encoded email address
EMPTY_MESSAGE  Message appears to be empty with no Subject: text
EM_ROLEX  Message puts emphasis on the watch manufacturer
ENGLISH_UCE_SUBJECT  Subject contains an English UCE tag
ENTITY_DEC_ALPHANUM  HTML contains needlessly encoded characters
ENV_AND_HDR_SPF_MATCH  Env and Hdr From used in default SPF WL Match
EXCUSE_10  "if you do not wish to receive any more"
EXCUSE_12  Nobody's perfect
EXCUSE_23  Claims you have provided permission
EXCUSE_24  Claims you wanted this ad
EXCUSE_4  Claims you can be removed from the list
EXCUSE_6  Claims you can be removed from the list
EXCUSE_REMOVE  Talks about how to be removed from mailings
EXTRA_CASH  Offers Extra Cash
EXTRA_MPART_TYPE  Header has extraneous Content-type:...type= entry
FAKED_UNDISC_RECIPS  Faked To "Undisclosed-Recipients"
FAKE_HELO_EMAIL_COM  Host HELO did not match rDNS: email.com
FAKE_HELO_EUDORAMAIL  Host HELO did not match rDNS: eudoramail.com
FAKE_HELO_EXCITE  Host HELO did not match rDNS: excite.com
FAKE_HELO_LYCOS  Host HELO did not match rDNS: lycos.com
FAKE_HELO_MAIL_COM  Host HELO did not match rDNS: mail.com
FAKE_HELO_MAIL_COM_DOM  Relay HELO'd with suspicious hostname (mail.com)
FAKE_HELO_MSN  Host HELO did not match rDNS: msn.com
FAKE_HELO_YAHOO_CA  Host HELO did not match rDNS: yahoo.ca
FAKE_OUTBLAZE_RCVD  Received header contains faked 'mr.outblaze.com'
FIN_FREE  Freedom of a financial nature
FORGED_AOL_RCVD  Received forged, contains fake AOL relays
FORGED_AOL_TAGS  AOL mailers can't send HTML in this format
FORGED_EUDORAMAIL_RCVD  Forged eudoramail.com 'Received:' header found
FORGED_GW05_RCVD  Forged 'by gw05' 'Received:' header found
FORGED_HOTMAIL_RCVD  Forged hotmail.com 'Received:' header found
FORGED_HOTMAIL_RCVD2  hotmail.com 'From' address, but no 'Received:'
FORGED_IMS_HTML  IMS can't send HTML message only
FORGED_IMS_TAGS  IMS mailers can't send HTML in this format
FORGED_JUNO_RCVD  'From' juno.com does not match 'Received' headers
FORGED_MSGID_AOL  Message-ID is forged, (aol.com)
FORGED_MSGID_EXCITE  Message-ID is forged, (excite.com)
FORGED_MSGID_HOTMAIL  Message-ID is forged, (hotmail.com)
FORGED_MSGID_MSN  Message-ID is forged, (msn.com)
FORGED_MSGID_YAHOO  Message-ID is forged, (yahoo.com)
FORGED_MUA_AOL_FROM  Forged mail pretending to be from AOL (by From)
FORGED_MUA_EUDORA  Forged mail pretending to be from Eudora
FORGED_MUA_IMS  Forged mail pretending to be from IMS
FORGED_MUA_MOZILLA  Forged mail pretending to be from Mozilla
FORGED_MUA_OIMO  Forged mail pretending to be from MS Outlook IMO
FORGED_MUA_OUTLOOK  Forged mail pretending to be from MS Outlook
FORGED_MUA_THEBAT_BOUN  Mail pretending to be from The Bat! (boundary)
FORGED_MUA_THEBAT_CS  Mail pretending to be from The Bat! (charset)
FORGED_OUTLOOK_HTML  Outlook can't send HTML message only
FORGED_OUTLOOK_TAGS  Outlook can't send HTML in this format
FORGED_QUALCOMM_TAGS  QUALCOMM mailers can't send HTML in this format
FORGED_RCVD_HELO  Received: contains a forged HELO
FORGED_TELESP_RCVD  Contains forged hostname for a DSL IP in Brazil
FORGED_THEBAT_HTML  The Bat! can't send HTML message only
FORGED_YAHOO_RCVD  'From' yahoo.com does not match 'Received' headers
FORWARD_LOOKING  Stock Disclaimer Statement
FRAGMENTED_MESSAGE  Partial message
FREE_ACCESS  Contains 'free access' with capitals
FREE_PORN  Possible porn - Free Porn
FREE_PREVIEW  Free Preview
FREE_QUOTE_INSTANT  Free express or no-obligation quote
FREE_SAMPLE  Contains 'free sample' with capitals
FROM_ALL_NUMS  From numeric address (except US/Canada phones)
FROM_AND_TO_SAME  From and To are the same, but not exactly
FROM_BLANK_NAME  From: contains empty name
FROM_DOMAIN_NOVOWEL  From: domain has series of non-vowel letters
FROM_ENDS_IN_NUMS  From: ends in many numbers
FROM_EXCESS_BASE64  From: base64 encoded unnecessarily
FROM_EXCESS_QP  From: quoted-printable encoded unnecessarily
FROM_HAS_MIXED_NUMS  From: contains numbers mixed in with letters
FROM_HAS_ULINE_NUMS  From: contains an underline and numbers/letters
FROM_ILLEGAL_CHARS  From: has too many raw illegal characters
FROM_LOCAL_DIGITS  From: localpart has long digit sequence
FROM_LOCAL_HEX  From: localpart has long hexadecimal sequence
FROM_LOCAL_NOVOWEL  From: localpart has series of non-vowel letters
FROM_NONSENDING_DOMAIN  Message is from domain that never sends email
FROM_NO_LOWER  From address has no lower-case characters
FROM_NO_USER  From: has no local-part before @ sign
FROM_OFFERS  From address is "at something-offers"
FROM_STARTS_WITH_NUMS  From: starts with many numbers
FRONTPAGE  Frontpage used to create the message
FULL_REFUND  Offers a full refund
FUZZY_AFFORDABLE  Attempt to obfuscate words in spam
FUZZY_AMBIEN  Attempt to obfuscate words in spam
FUZZY_BILLION  Attempt to obfuscate words in spam
FUZZY_CELEBREX  Attempt to obfuscate words in spam
FUZZY_CPILL  Attempt to obfuscate words in spam
FUZZY_CREDIT  Attempt to obfuscate words in spam
FUZZY_ERECT  Attempt to obfuscate words in spam
FUZZY_FOLLOW  Attempt to obfuscate words in spam
FUZZY_GUARANTEE  Attempt to obfuscate words in spam
FUZZY_MEDICATION  Attempt to obfuscate words in spam
FUZZY_MILF  Attempt to obfuscate words in spam
FUZZY_MILLION  Attempt to obfuscate words in spam
FUZZY_MONEY  Attempt to obfuscate words in spam
FUZZY_MORTGAGE  Attempt to obfuscate words in spam
FUZZY_OBLIGATION  Attempt to obfuscate words in spam
FUZZY_OFFERS  Attempt to obfuscate words in spam
FUZZY_PHARMACY  Attempt to obfuscate words in spam
FUZZY_PHENT  Attempt to obfuscate words in spam
FUZZY_PLEASE  Attempt to obfuscate words in spam
FUZZY_PRESCRIPT  Attempt to obfuscate words in spam
FUZZY_PRICES  Attempt to obfuscate words in spam
FUZZY_REFINANCE  Attempt to obfuscate words in spam
FUZZY_REMOVE  Attempt to obfuscate words in spam
FUZZY_ROLEX  Attempt to obfuscate words in spam
FUZZY_SOFTWARE  Attempt to obfuscate words in spam
FUZZY_THOUSANDS  Attempt to obfuscate words in spam
FUZZY_TRAMADOL  Attempt to obfuscate words in spam
FUZZY_VICODIN  Attempt to obfuscate words in spam
FUZZY_VIOXX  Attempt to obfuscate words in spam
FUZZY_VLIUM  Attempt to obfuscate words in spam
FUZZY_VPILL  Attempt to obfuscate words in spam
FUZZY_XPILL  Attempt to obfuscate words in spam
GAPPY_SUBJECT  Subject: contains G.a.p.p.y-T.e.x.t
GET_PAID  Get Paid
GTUBE  Generic Test for Unsolicited Bulk Email
GUARANTEED_100_PERCENT  One hundred percent guaranteed
GUARANTEED_STUFF  Guaranteed Stuff
HABEAS_ACCREDITED_COI  Habeas Accredited Confirmed Opt-In or Better
HABEAS_ACCREDITED_SOI  Habeas Accredited Opt-In or Better
HABEAS_CHECKED  Habeas Checked
HAIR_LOSS  Cures Baldness
HARDCORE_PORN  Possible porn - Hardcore Porn
HASHCASH_20  Contains valid Hashcash token (20 bits)
HASHCASH_21  Contains valid Hashcash token (21 bits)
HASHCASH_22  Contains valid Hashcash token (22 bits)
HASHCASH_23  Contains valid Hashcash token (23 bits)
HASHCASH_24  Contains valid Hashcash token (24 bits)
HASHCASH_25  Contains valid Hashcash token (25 bits)
HASHCASH_2SPEND  Hashcash token already spent in another mail
HASHCASH_HIGH  Contains valid Hashcash token (>25 bits)
HDR_ORDER_MTSRIX  Headers are in order found in spam (MTSRIX)
HDR_ORDER_TRIMRS  Headers are in order found in spam (TRIMRS)
HEADER_COUNT_CTYPE  Multiple Content-Type headers found
HEADER_SPAM  Bulk email fingerprint (header-based) found
HEAD_ILLEGAL_CHARS  Headers have too many raw illegal characters
HEAD_LONG  Message headers are very long
HELO_DYNAMIC_ADELPHIA  Relay HELO'd using suspicious hostname (Adelphia)
HELO_DYNAMIC_ATTBI  Relay HELO'd using suspicious hostname (ATTBI.com)
HELO_DYNAMIC_CHELLO_NL  Relay HELO'd using suspicious hostname (Chello.nl)
HELO_DYNAMIC_CHELLO_NO  Relay HELO'd using suspicious hostname (Chello.no)
HELO_DYNAMIC_COMCAST  Relay HELO'd using suspicious hostname (Comcast)
HELO_DYNAMIC_DHCP  Relay HELO'd using suspicious hostname (DHCP)
HELO_DYNAMIC_DIALIN  Relay HELO'd using suspicious hostname (T-Dialin)
HELO_DYNAMIC_HCC  Relay HELO'd using suspicious hostname (HCC)
HELO_DYNAMIC_HEXIP  Relay HELO'd using suspicious hostname (Hex IP)
HELO_DYNAMIC_HOME_NL  Relay HELO'd using suspicious hostname (Home.nl)
HELO_DYNAMIC_IPADDR  Relay HELO'd using suspicious hostname (IP addr 1)
HELO_DYNAMIC_IPADDR2  Relay HELO'd using suspicious hostname (IP addr 2)
HELO_DYNAMIC_NTL  Relay HELO'd using suspicious hostname (NTL)
HELO_DYNAMIC_OOL  Relay HELO'd using suspicious hostname (OptOnline)
HELO_DYNAMIC_ROGERS  Relay HELO'd using suspicious hostname (Rogers)
HELO_DYNAMIC_RR2  Relay HELO'd using suspicious hostname (RR 2)
HELO_DYNAMIC_SPLIT_IP  Relay HELO'd using suspicious hostname (Split IP)
HELO_DYNAMIC_TELIA  Relay HELO'd using suspicious hostname (Telia)
HELO_DYNAMIC_VELOX  Relay HELO'd using suspicious hostname (Veloxzone)
HELO_DYNAMIC_VTR  Relay HELO'd using suspicious hostname (VTR)
HELO_DYNAMIC_YAHOOBB  Relay HELO'd using suspicious hostname (YahooBB)
HG_HORMONE  Talks about hormones for human growth
HIDDEN_CHARGES  Talks about Hidden Charges
HIDE_WIN_STATUS  Javascript to hide URLs in browser
HOT_NASTY  Possible porn - Hot, Nasty, Wild, Young
HTML_00_10  Message is 0% to 10% HTML
HTML_10_20  Message is 10% to 20% HTML
HTML_20_30  Message is 20% to 30% HTML
HTML_30_40  Message is 30% to 40% HTML
HTML_40_50  Message is 40% to 50% HTML
HTML_50_60  Message is 50% to 60% HTML
HTML_60_70  Message is 60% to 70% HTML
HTML_70_80  Message is 70% to 80% HTML
HTML_80_90  Message is 80% to 90% HTML
HTML_90_100  Message is 90% to 100% HTML
HTML_ATTR_BAD  HTML has many bad attributes in tags
HTML_ATTR_UNIQUE  HTML appears to have random attributes in tags
HTML_BACKHAIR_2  HTML tags used to obfuscate words
HTML_BACKHAIR_4  HTML tags used to obfuscate words
HTML_BACKHAIR_8  HTML tags used to obfuscate words
HTML_BADTAG_00_10  HTML message is 0% to 10% bad tags
HTML_BADTAG_10_20  HTML message is 10% to 20% bad tags
HTML_BADTAG_20_30  HTML message is 20% to 30% bad tags
HTML_BADTAG_30_40  HTML message is 30% to 40% bad tags
HTML_BADTAG_40_50  HTML message is 40% to 50% bad tags
HTML_BADTAG_50_60  HTML message is 50% to 60% bad tags
HTML_BADTAG_60_70  HTML message is 60% to 70% bad tags
HTML_BADTAG_70_80  HTML message is 70% to 80% bad tags
HTML_BADTAG_80_90  HTML message is 80% to 90% bad tags
HTML_BADTAG_90_100  HTML message is 90% to 100% bad tags
HTML_CHARSET_FARAWAY  A foreign language charset used in HTML markup
HTML_COMMENT_SAVED_URL  HTML message is a saved web page
HTML_COMMENT_SHORT  HTML comment is very short
HTML_EHTML2  HTML has doubled end HTML tag
HTML_EMBEDS  HTML with embedded plugin object
HTML_EVENT_UNSAFE  HTML contains unsafe auto-executing code
HTML_EXTRA_CLOSE  HTML contains far too many close tags
HTML_FONT_BIG  HTML tag for a big font size
HTML_FONT_FACE_BAD  HTML font face is not a word
HTML_FONT_FACE_CAPS  HTML font face has excess capital characters
HTML_FONT_INVISIBLE  HTML font color is same as background
HTML_FONT_LOW_CONTRAST  HTML font color similar to background
HTML_FONT_SIZE_HUGE  HTML font size is huge
HTML_FONT_SIZE_LARGE  HTML font size is large
HTML_FONT_SIZE_NONE  HTML font size is negative
HTML_FONT_SIZE_TINY  HTML font size is tiny
HTML_FONT_TINY  HTML tag for a tiny font size
HTML_FORMACTION_MAILTO  HTML includes a form which sends mail
HTML_IMAGE_ONLY_04  HTML: images with 0-400 bytes of words
HTML_IMAGE_ONLY_08  HTML: images with 400-800 bytes of words
HTML_IMAGE_ONLY_12  HTML: images with 800-1200 bytes of words
HTML_IMAGE_ONLY_16  HTML: images with 1200-1600 bytes of words
HTML_IMAGE_ONLY_20  HTML: images with 1600-2000 bytes of words
HTML_IMAGE_ONLY_24  HTML: images with 2000-2400 bytes of words
HTML_IMAGE_ONLY_28  HTML: images with 2400-2800 bytes of words
HTML_IMAGE_ONLY_32  HTML: images with 2800-3200 bytes of words
HTML_IMAGE_RATIO_02  HTML has a low ratio of text to image area
HTML_IMAGE_RATIO_04  HTML has a low ratio of text to image area
HTML_IMAGE_RATIO_06  HTML has a low ratio of text to image area
HTML_IMAGE_RATIO_08  HTML has a low ratio of text to image area
HTML_LINK_IMAGE_BUG  HTML link plus image plus web bug
HTML_LINK_OPT_OUT  HTML link text says "opt out" or similar
HTML_LINK_PUSH_HERE  HTML link text says "push here" or similar
HTML_MESSAGE  HTML included in message
HTML_MIME_NO_HTML_TAG  HTML-only message, but there is no HTML tag
HTML_MISSING_CTYPE  Message is HTML without HTML Content-Type
HTML_NONELEMENT_00_10  0% to 10% of HTML elements are non-standard
HTML_NONELEMENT_10_20  10% to 20% of HTML elements are non-standard
HTML_NONELEMENT_20_30  20% to 30% of HTML elements are non-standard
HTML_NONELEMENT_30_40  30% to 40% of HTML elements are non-standard
HTML_NONELEMENT_40_50  40% to 50% of HTML elements are non-standard
HTML_NONELEMENT_50_60  50% to 60% of HTML elements are non-standard
HTML_NONELEMENT_60_70  60% to 70% of HTML elements are non-standard
HTML_NONELEMENT_70_80  70% to 80% of HTML elements are non-standard
HTML_NONELEMENT_80_90  80% to 90% of HTML elements are non-standard
HTML_NONELEMENT_90_100  90% to 100% of HTML elements are non-standard
HTML_OBFUSCATE_05_10  Message is 5% to 10% HTML obfuscation
HTML_OBFUSCATE_10_20  Message is 10% to 20% HTML obfuscation
HTML_OBFUSCATE_20_30  Message is 20% to 30% HTML obfuscation
HTML_OBFUSCATE_30_40  Message is 30% to 40% HTML obfuscation
HTML_OBFUSCATE_40_50  Message is 40% to 50% HTML obfuscation
HTML_OBFUSCATE_50_60  Message is 50% to 60% HTML obfuscation
HTML_OBFUSCATE_60_70  Message is 60% to 70% HTML obfuscation
HTML_OBFUSCATE_70_80  Message is 70% to 80% HTML obfuscation
HTML_OBFUSCATE_80_90  Message is 80% to 90% HTML obfuscation
HTML_OBFUSCATE_90_100  Message is 90% to 100% HTML obfuscation
HTML_SHORT_CENTER  HTML is very short with CENTER tag
HTML_SHORT_COMMENT  HTML is very short with HTML comments
HTML_SHORT_LENGTH  HTML is extremely short
HTML_SHORT_LINK_IMG_1  HTML is very short with a linked image
HTML_SHORT_LINK_IMG_2  HTML is very short with a linked image
HTML_SHORT_LINK_IMG_3  HTML is very short with a linked image
HTML_SHOUTING3  HTML has very strong "shouting" markup
HTML_SHOUTING4  HTML has very strong "shouting" markup
HTML_SHOUTING5  HTML has very strong "shouting" markup
HTML_SHOUTING6  HTML has very strong "shouting" markup
HTML_SHOUTING7  HTML has very strong "shouting" markup
HTML_TAG_BALANCE_BODY  HTML has unbalanced "body" tags
HTML_TAG_BALANCE_HEAD  HTML has unbalanced "head" tags
HTML_TAG_EXIST_BGSOUND  HTML has "bgsound" tag
HTML_TAG_EXIST_MARQUEE  HTML has "marquee" tag
HTML_TAG_EXIST_TBODY  HTML has "tbody" tag
HTML_TEXT_AFTER_BODY  HTML contains text after BODY close tag
HTML_TEXT_AFTER_HTML  HTML contains text after HTML close tag
HTML_TINY_FONT  body contains 1 or 0-point font
HTML_TITLE_EMPTY  HTML title contains no text
HTML_TITLE_LONG  HTML title is very long
HTML_TITLE_UNTITLED  HTML title contains "Untitled"
HTML_WEB_BUGS  Image tag intended to identify you
HTTPS_IP_MISMATCH  IP to HTTPS link found in HTML
HTTP_77  Contains an URL-encoded hostname (HTTP77)
HTTP_CTRL_CHARS_HOST  Uses control sequences inside a URL hostname
HTTP_ESCAPED_HOST  Uses %-escapes inside a URL's hostname
HTTP_EXCESSIVE_ESCAPES  Completely unnecessary %-escapes inside a URL
IMPOTENCE  Impotence cure
INFO_TLD  Contains an URL in the INFO top-level domain
INTERRUPTUS  Message looks to contain HTML-interrupted text
INVALID_DATE  Invalid Date: header (not RFC 2822)
INVALID_DATE_TZ_ABSURD  Invalid Date: header (timezone does not exist)
INVALID_MSGID  Message-Id is not valid, according to RFC 2822
INVALID_TZ_CST  Invalid date in header (wrong CST timezone)
INVALID_TZ_EST  Invalid date in header (wrong EST timezone)
INVALID_TZ_GMT  Invalid date in header (wrong GMT/UTC timezone)
INVESTMENT_ADVICE  Message mentions investment advice
INVESTMENT_EXPERT  Message mentions investment expert
IP_LINK_PLUS  Dotted-decimal IP address followed by CGI
JAPANESE_UCE_SUBJECT  Subject contains a Japanese UCE tag
JOIN_MILLIONS  Join Millions of Americans
JS_FROMCHARCODE  Document is built from a Javascript charcode array
KOREAN_UCE_SUBJECT  Subject: contains Korean unsolicited email tag
LIVE_PORN  Possible porn - Live Porn
LOCALPART_IN_SUBJECT  Local part of To: address appears in Subject
LONGWORDS  Long string of long words
LOTS_OF_STUFF  Thousands or millions of pictures, movies, etc.
LOW_PRICE  Lowest Price
MAILTO_SUBJ_REMOVE  mailto URI includes removal text
MAILTO_TO_REMOVE  Includes a 'remove' email address
MAILTO_TO_SPAM_ADDR  Includes a link to a likely spammer email
MALE_ENHANCE  Message talks about enhancing men
MANY_EXCLAMATIONS  Subject has many exclamations
MARKETING_PARTNERS  Claims you registered with a partner
MEET_SINGLES  Meet Singles
MICROSOFT_EXECUTABLE  Message includes Microsoft executable program
MICRO_CAP_WARNING  SEC-mandated penny-stock warning
MILLION_USD  Talks about millions of dollars
MIME_BAD_ISO_CHARSET  MIME character set is an unknown ISO charset
MIME_BASE64_BLANKS  Extra blank lines in base64 encoding
MIME_BASE64_NO_NAME  base64 attachment does not have a file name
MIME_BASE64_TEXT  Message text disguised using base64 encoding
MIME_BOUND_DD_DIGITS  Spam tool pattern in MIME boundary
MIME_BOUND_DIGITS_15  Spam tool pattern in MIME boundary
MIME_BOUND_DIGITS_7  Spam tool pattern in MIME boundary
MIME_BOUND_MANY_HEX  Spam tool pattern in MIME boundary
MIME_BOUND_NEXTPART  Spam tool pattern in MIME boundary
MIME_BOUND_RKFINDY  Spam tool pattern in MIME boundary (rfkindy)
MIME_CHARSET_FARAWAY  MIME character set indicates foreign language
MIME_HEADER_CTYPE_ONLY  'Content-Type' found without required MIME headers
MIME_HTML_MOSTLY  Multipart message mostly text/html MIME
MIME_HTML_ONLY  Message only has text/html MIME parts
MIME_HTML_ONLY_MULTI  Multipart message only has text/html MIME parts
MIME_MISSING_BOUNDARY  MIME section missing boundary
MIME_QP_LONG_LINE  Quoted-printable line longer than 76 chars
MIME_SUSPECT_NAME  MIME filename does not match content
MISSING_DATE  Missing Date: header
MISSING_HB_SEP  Missing blank line between message header and body
MISSING_HEADERS  Missing To: header
MISSING_MIMEOLE  Message has X-MSMail-Priority, but no X-MimeOLE
MISSING_MIME_HB_SEP  Missing blank line between MIME header and body
MISSING_SUBJECT  Missing Subject: header
ML_MARKETING  Multi Level Marketing mentioned
MONEY_BACK  Money back guarantee
MORE_SEX  Talks about a bigger drive for sex
MORTGAGE_BEST  Information on mortgages
MORTGAGE_PITCH  Looks like mortgage pitch
MORTGAGE_RATES  Information on mortgage rates
MPART_ALT_DIFF  HTML and text parts are different
MPART_ALT_DIFF_COUNT  HTML and text parts are different
MSGID_DOLLARS  Message-Id has pattern used in spam
MSGID_FROM_MTA_HEADER  Message-Id was added by a relay
MSGID_FROM_MTA_HOTMAIL  Message-Id was added by a hotmail.com relay
MSGID_FROM_MTA_ID  Message-Id for external message added locally
MSGID_LONG  Message-ID is unusually long
MSGID_MULTIPLE_AT  Message-ID contains multiple '@' characters
MSGID_NO_HOST  Message-Id has no hostname
MSGID_OUTLOOK_INVALID  Message-Id is fake (in Outlook Express format)
MSGID_RANDY  Message-Id has pattern used in spam
MSGID_RATWARE1  Bulk email fingerprint found
MSGID_SHORT  Message-ID is unusually short
MSGID_SPAM_99X9XX99  Spam tool Message-Id: (99x9xx99 variant)
MSGID_SPAM_ALPHA_NUM  Spam tool Message-Id: (alpha-numeric variant)
MSGID_SPAM_CAPS  Spam tool Message-Id: (caps variant)
MSGID_SPAM_LETTERS  Spam tool Message-Id: (letters variant)
MSGID_SPAM_ZEROES  Spam tool Message-Id: (12-zeroes variant)
MSGID_YAHOO_CAPS  Message-ID has ALLCAPS@yahoo.com
MULTI_FORGED  Received headers indicate multiple forgeries
NASTY_GIRLS  Possible porn - Nasty Girls
NA_DOLLARS  Talks about a million North American dollars
NONEXISTENT_CHARSET  Character set doesn't exist
NORMAL_HTTP_TO_IP  Uses a dotted-decimal IP address in URL
NOT_ADVISOR  Not registered investment advisor
NO_COST  No such thing as a free lunch (3)
NO_DNS_FOR_FROM  Envelope sender has no MX or A DNS records
NO_FORMS  No Claim Forms
NO_MEDICAL  No Medical Exams
NO_OBLIGATION  There is no obligation
NO_PRESCRIPTION  No prescription needed
NO_RDNS_DOTCOM_HELO  Host HELO'd as a big ISP, but had no rDNS
NO_REAL_NAME  From: does not include a real name
NO_RECEIVED  Informational: message has no Received headers
NO_RELAYS  Informational: message was not relayed via SMTP
NUMERIC_HTTP_ADDR  Uses a numeric IP address in URL
OBFUSCATING_COMMENT  HTML comments which obfuscate text
OBSCURED_EMAIL  Message seems to contain rot13ed address
OFFSHORE_SCAM  Off Shore Scams
ONE_TIME  One Time Rip Off
ONLINE_PHARMACY  Online Pharmacy
OPTING_OUT_CAPS  Talks about opting out (capitalized version)
ORG_MIME_TOOLS  Organization is MIME-tools
PERCENT_RANDOM  Message has a random macro in it
PLING_PLING  Subject has lots of exclamation marks
PLING_QUERY  Subject has exclamation mark and question mark
PORN_15  Possible porn - various types of feline
PORN_16  Possible porn - nasty, dirty, little etc.
PORN_URL_MISC  URL uses words/phrases which indicate porn (misc)
PORN_URL_SEX  URL uses words/phrases which indicate porn (sex)
PORN_URL_SLUT  URL uses words/phrases which indicate porn (slut)
PREST_NON_ACCREDITED  'Prestigious Non-Accredited Universities'
PREVENT_NONDELIVERY  Message has Prevent-NonDelivery-Report header
PRICES_ARE_AFFORDABLE  Message says that prices aren't too expensive
PRIORITY_NO_NAME  Message has priority, but no user agent name
PYZOR_CHECK  Listed in Pyzor (http://pyzor.sf.net/)
QUALIFY_FOR_THIS  Qualify for this special...
RATWARE_BOUND_PIECE  Bulk email fingerprint (piece boundary) found
RATWARE_EFROM  Bulk email fingerprint (envfrom) found
RATWARE_EGROUPS  Bulk email fingerprint (eGroups) found
RATWARE_GECKO_BUILD  Bulk email fingerprint (Gecko faked) found
RATWARE_HASH_2  Bulk email fingerprint (hash 2) found
RATWARE_HASH_2_V2  Bulk email fingerprint (hash 2 v2) found
RATWARE_HASH_DASH  Contains a hashbuster in Send-Safe format
RATWARE_JPFREE  Bulk email fingerprint (jpfree) found
RATWARE_MOZ_MALFORMED  Bulk email fingerprint (Mozilla malformed) found
RATWARE_MPOP_WEBMAIL  Bulk email fingerprint (mPOP Web-Mail)
RATWARE_MS_HASH  Bulk email fingerprint (msgid ms hash) found
RATWARE_NAME_ID  Bulk email fingerprint (msgid from) found
RATWARE_NETIP  Bulk email fingerprint (netIP) found
RATWARE_OE_MALFORMED  X-Mailer has malformed Outlook Express version
RATWARE_OUTLOOK_NONAME  Bulk email fingerprint (Outlook no name) found
RATWARE_RCVD_AT  Bulk email fingerprint (Received @) found
RATWARE_RCVD_LC_ESMTP  Bulk email fingerprint ('esmtp' Received) found
RATWARE_RCVD_PF  Bulk email fingerprint (Received PF) found
RATWARE_STORM_URI  Bulk email fingerprint (StormPost) found
RATWARE_ZERO_TZ  Bulk email fingerprint (+0000) found
RAZOR2_CF_RANGE_51_100  Razor2 gives confidence level above 50%
RAZOR2_CF_RANGE_E4_51_100  Razor2 gives engine 4 confidence level above 50%
RAZOR2_CF_RANGE_E8_51_100  Razor2 gives engine 8 confidence level above 50%
RAZOR2_CHECK  Listed in Razor2 (http://razor.sf.net/)
RCVD_AM_PM  Received headers forged (AM/PM)
RCVD_BONUS_SPC_DATE  Bulk email fingerprint (bonus space) found
RCVD_BY_IP  Received by mail server with no name
RCVD_DOUBLE_IP_LOOSE  Received: by and from look like IP addresses
RCVD_DOUBLE_IP_SPAM  Bulk email fingerprint (double IP) found
RCVD_FAKE_HELO_DOTCOM  Received contains a faked HELO hostname
RCVD_HELO_IP_MISMATCH  Received: HELO and IP do not match, but should
RCVD_ILLEGAL_IP  Received: contains illegal IP address
RCVD_IN_BL_SPAMCOP_NET  Received via a relay in bl.spamcop.net
RCVD_IN_BSP_OTHER  Sender is in Bonded Sender Program (other relay)
RCVD_IN_BSP_TRUSTED  Sender is in Bonded Sender Program (trusted relay)
RCVD_IN_DSBL  Received via a relay in list.dsbl.org
RCVD_IN_IADB_VOUCHED  ISIPP IADB lists as vouched-for sender
RCVD_IN_MAPS_DUL  Relay in DUL, http://www.mail-abuse.org/...
RCVD_IN_MAPS_NML  Relay in NML, http://www.mail-abuse.org/...
RCVD_IN_MAPS_RBL  Relay in RBL, http://www.mail-abuse.org/...
RCVD_IN_MAPS_RSS  Relay in RSS, http://www.mail-abuse.org/...
RCVD_IN_NJABL_CGI  NJABL: sender is an open formmail
RCVD_IN_NJABL_DUL  NJABL: dialup sender did non-local SMTP
RCVD_IN_NJABL_MULTI  NJABL: sent through multi-stage open relay
RCVD_IN_NJABL_PROXY  NJABL: sender is an open proxy
RCVD_IN_NJABL_RELAY  NJABL: sender is confirmed open relay
RCVD_IN_NJABL_SPAM  NJABL: sender is confirmed spam source
RCVD_IN_SBL  Received via a relay in Spamhaus SBL
RCVD_IN_SORBS_BLOCK  SORBS: sender demands to never be tested
RCVD_IN_SORBS_DUL  SORBS: sent directly from dynamic IP address
RCVD_IN_SORBS_HTTP  SORBS: sender is open HTTP proxy server
RCVD_IN_SORBS_MISC  SORBS: sender is open proxy server
RCVD_IN_SORBS_SMTP  SORBS: sender is open SMTP relay
RCVD_IN_SORBS_SOCKS  SORBS: sender is open SOCKS proxy server
RCVD_IN_SORBS_WEB  SORBS: sender is a abuseable web server
RCVD_IN_SORBS_ZOMBIE  SORBS: sender is on a hijacked network
RCVD_IN_WHOIS_BOGONS  CompleteWhois: sender on bogons IP block
RCVD_IN_WHOIS_HIJACKED  CompleteWhois: sender on hijacked IP block
RCVD_IN_WHOIS_INVALID  CompleteWhois: sender on invalid IP block
RCVD_IN_XBL  Received via a relay in Spamhaus XBL
RCVD_NUMERIC_HELO  Received: contains an IP address used for HELO
RECEIVE_OFFER  Receive a special offer
REFINANCE_NOW  Home refinancing
REFINANCE_YOUR_HOME  Home refinancing
REMOVE_BEFORE_LINK  Removal phrase right before a link
REMOVE_PAGE  URL of page called "remove"
REMOVE_POSTAL  Send real mail to be unsubscribed
REPLICA_WATCH  Message talks about a replica watch
REPLY_TO_EMPTY  Reply-To: is empty
REPTO_OVERQUOTE_THEBAT  The Bat! doesn't do quoting like this
REPTO_QUOTE_AOL  AOL doesn't do quoting like this
REPTO_QUOTE_IMS  IMS doesn't do quoting like this
REPTO_QUOTE_MSN  MSN doesn't do quoting like this
REPTO_QUOTE_QUALCOMM  Qualcomm/Eudora doesn't do quoting like this
REPTO_QUOTE_YAHOO  Yahoo! doesn't do quoting like this
RESISTANCE_IS_FUTILE  Resistance to this spam is futile
REVERSE_AGING  Reverses Aging
RISK_FREE  Risk free. Suuurreeee....
ROUND_THE_WORLD  Received: says mail sent around the world (DNS)
ROUND_THE_WORLD_LOCAL  Received: says mail sent around the world (HELO)
RUDE_HTML  Spammer message says you need an HTML mailer
SATIS_GUAR  Mail guarantees satisfaction
SAVE_THOUSANDS  Save big money
SEE_FOR_YOURSELF  See for yourself
SENT_IN_COMPLIANCE  Claims compliance with spam regulations
SOMETHING_FOR_ADULTS  Possible porn - Adult Web Sites
SOME_BREAKTHROUGH  Describes some sort of breakthrough
SORTED_RECIPS  Recipient list is sorted by address
SPF_FAIL  SPF: sender does not match SPF record (fail)
SPF_HELO_FAIL  SPF: HELO does not match SPF record (fail)
SPF_HELO_NEUTRAL  SPF: HELO does not match SPF record (neutral)
SPF_HELO_PASS  SPF: HELO matches SPF record
SPF_HELO_SOFTFAIL  SPF: HELO does not match SPF record (softfail)
SPF_NEUTRAL  SPF: sender does not match SPF record (neutral)
SPF_PASS  SPF: sender matches SPF record
SPF_SOFTFAIL  SPF: sender does not match SPF record (softfail)
SPOOF_COM2COM  URI contains ".com" in middle and end
SPOOF_COM2OTH  URI contains ".com" in middle
SPOOF_NET2COM  URI contains ".net" or ".org", then ".com"
SPOOF_OURI  URI has items in odd places
STOCK_ALERT  Offers a alert about a stock
STRONG_BUY  Tells you about a strong buy
SUBJECT_DIET  Subject talks about losing pounds
SUBJECT_DRUG_GAP_C  Subject contains a gappy version of 'cialis'
SUBJECT_DRUG_GAP_L  Subject contains a gappy version of 'levitra'
SUBJECT_DRUG_GAP_P  Subject contains a gappy version of 'phentermine'
SUBJECT_DRUG_GAP_S  Subject contains a gappy version of 'soma'
SUBJECT_DRUG_GAP_VA  Subject contains a gappy version of 'valium'
SUBJECT_DRUG_GAP_VIC  Subject contains a gappy version of 'vicodin'
SUBJECT_DRUG_GAP_X  Subject contains a gappy version of 'xanax'
SUBJECT_ENCODED_TWICE  Subject: MIME encoded twice
SUBJECT_EXCESS_BASE64  Subject: base64 encoded encoded unnecessarily
SUBJECT_EXCESS_QP  Subject: quoted-printable encoded unnecessarily
SUBJECT_FUZZY_CHEAP  Attempt to obfuscate words in Subject:
SUBJECT_FUZZY_MEDS  Attempt to obfuscate words in Subject:
SUBJECT_FUZZY_PENIS  Attempt to obfuscate words in Subject:
SUBJECT_FUZZY_TION  Attempt to obfuscate words in Subject:
SUBJECT_IN_BLACKLIST  Subject: contains string in the user's black-list
SUBJECT_IN_WHITELIST  Subject: contains string in the user's white-list
SUBJECT_NOVOWEL  Subject: has long non-vowel letter sequence
SUBJECT_SEXUAL  Subject indicates sexually-explicit content
SUBJ_2_NUM_PARENS  Subject contains common spam sign (2 numbers)
SUBJ_ALL_CAPS  Subject is all capitals
SUBJ_AS_SEEN  Subject contains "As Seen"
SUBJ_BUY  Subject line starts with Buy or Buying
SUBJ_CONSONANTS  Subject contains consecutive consonants in "word"
SUBJ_DOLLARS  Subject starts with dollar amount
SUBJ_FOR_ONLY  Subject contains "For Only"
SUBJ_FREE_CAP  Subject contains "FREE" in CAPS
SUBJ_GUARANTEED  Subject GUARANTEED
SUBJ_HAS_SPACES  Subject contains lots of white space
SUBJ_HAS_UNIQ_ID  Subject contains a unique ID
SUBJ_ILLEGAL_CHARS  Subject: has too many raw illegal characters
SUBJ_LIFE_INSURANCE  Subject includes "life insurance"
SUBJ_YOUR_DEBT  Subject contains "Your Bills" or similar
SUBJ_YOUR_FAMILY  Subject contains "Your Family"
SUBJ_YOUR_OWN  Subject contains "Your Own"
SUB_FREE_OFFER  Subject starts with "Free"
SUB_HELLO  Subject starts with "Hello"
SUSPICIOUS_RECIPS  Similar addresses in recipient list
TERRA_ES  Contains URI to a document hosted at 'terra.es'
TO_ADDRESS_EQ_REAL  To: repeats address as real name
TO_CC_NONE  No To: or Cc: header
TO_EMPTY  To: is empty
TO_MALFORMED  To: has a malformed address
TO_NO_USER  To: has no local-part before @ sign
TO_RECIP_MARKER  To header contains 'recipient' marker
TO_TXT  Sent to a text file
TRACKER_ID  Incorporates a tracking ID number
UNCLAIMED_MONEY  People just leave money laying around
UNCLOSED_BRACKET  Headers contain an unclosed bracket
UNDISC_RECIPS  Valid-looking To "undisclosed-recipients"
UNIQUE_WORDS  Message body has many words used only once
UNPARSEABLE_RELAY  Informational: message has unparseable relay lines
UNRESOLVED_TEMPLATE  Headers contain an unresolved template
UNWANTED_LANGUAGE_BODY  Message written in an undesired language
UPPERCASE_25_50  message body is 25-50% uppercase
UPPERCASE_50_75  message body is 50-75% uppercase
UPPERCASE_75_100  message body is 75-100% uppercase
URG_BIZ  Contains urgent matter
URIBL_AB_SURBL  Contains an URL listed in the AB SURBL blocklist
URIBL_JP_SURBL  Contains an URL listed in the JP SURBL blocklist
URIBL_OB_SURBL  Contains an URL listed in the OB SURBL blocklist
URIBL_PH_SURBL  Contains an URL listed in the PH SURBL blocklist
URIBL_SBL  Contains an URL listed in the SBL blocklist
URIBL_SC_SURBL  Contains an URL listed in the SC SURBL blocklist
URIBL_WS_SURBL  Contains an URL listed in the WS SURBL blocklist
URI_4YOU  Message has URI 4you
URI_AFFILIATE  Contains a URI with an affiliate ID code
URI_DIGITS  URI hostname has long digit sequence
URI_HEX  URI hostname has long hexadecimal sequence
URI_IS_POUND  Filename is just a '\#'; probably a JS trick
URI_NOVOWEL  URI hostname has long non-vowel sequence
URI_NO_WWW_ANY_CGI  CGI with long hostname other fourth-level "www"
URI_NO_WWW_BIZ_CGI  CGI in .biz TLD other than third-level "www"
URI_NO_WWW_INFO_CGI  CGI in .info TLD other than third-level "www"
URI_OFFERS  Message has link to company offers
URI_REDIRECTOR  Message has HTTP redirector URI
URI_SCHEME_MIXED_CASE  URI scheme has mixed uppercase and lowercase
URI_UNSUBSCRIBE  URI contains suspicious unsubscribe link
URI_UPPER_LOWER  URI contains capitalized hostname parts ("Abcde")
USERPASS  URL contains username and (optional) password
USER_IN_ALL_SPAM_TO  User is listed in 'all_spam_to'
USER_IN_BLACKLIST  From: address is in the user's black-list
USER_IN_BLACKLIST_TO  User is listed in 'blacklist_to'
USER_IN_DEF_SPF_WL  From: address is in the default SPF white-list
USER_IN_DEF_WHITELIST  From: address is in the default white-list
USER_IN_MORE_SPAM_TO  User is listed in 'more_spam_to'
USER_IN_SPF_WHITELIST  From: address is in the user's SPF whitelist
USER_IN_WHITELIST  From: address is in the user's white-list
USER_IN_WHITELIST_TO  User is listed in 'whitelist_to'
US_DOLLARS_3  Mentions millions of $ ($NN,NNN,NNN.NN)
VIA_GAP_GRA  Attempts to disguise the word 'viagra'
WEIRD_PORT  Uses non-standard port number for HTTP
WEIRD_QUOTING  Weird repeated double-quotation marks
WE_HONOR_ALL  Claims to honor removal requests
WHILE_YOU_SLEEP  While you Sleep
WHY_PAY_MORE  Why Pay More?
WHY_WAIT  What are you waiting for
WITH_LC_SMTP  Received line contains spam-sign (lowercase smtp)
WRINKLES  Removes Wrinkles
X_AUTH_WARN_FAKED  X-Authentication-Warning header looks faked
X_IP  Message has X-IP header
X_LIBRARY  Message has X-Library header
X_MAILER_SPAM  X-Mailer: header is bulk email fingerprint
X_MESSAGE_FLAG_ODD  Message has X-Message-flag header (odd case)
X_MESSAGE_INFO  Bulk email fingerprint (X-Message-Info) found
X_MIME_AUTOCONVERTED  Message has X-MIME-Autoconverted "Yes" header
X_MSMAIL_PRIORITY_HIGH  Sent with 'X-Msmail-Priority' set to high
X_ORIG_IP_NOT_IPV4  X-Originating-IP doesn't look like IPv4 address
X_PRIORITY_CC  Cc: after X-Priority: (bulk email fingerprint)
X_PRIORITY_HIGH  Sent with 'X-Priority' set to high
YAHOO_DRS_REDIR  Has Yahoo Redirect URI
YAHOO_RD_REDIR  Has Yahoo Redirect URI
YOU_CAN_SEARCH  You can search for anyone
__MIME_BASE64  Includes a base64 attachment
__MIME_QP  Includes a quoted-printable attachment
__RCVD_IN_NJABL  Received via a relay in combined.njabl.org
__RCVD_IN_SBL_XBL  Received via a relay in Spamhaus SBL+XBL
__RCVD_IN_SORBS  SORBS: sender is listed in SORBS
相关文章 热门文章
  • Exim SpamAssassin回复远程缓冲区溢出漏洞
  • Exchange SpamAssassin SMTP Sink
  • My SpamAssassin MySQL How-To
  • Clamav + Amavisd-new + Spamassassin 系统设置
  • Spamassassin CustomRulesets
  • postfix + SpamAssassin with SPAM Quarantine
  • 垃圾信攻防战 - SpamAssassin
  • Postfix + Amavisd-new + SpamAssassin + ClamAV
  • Clamav + Amavisd-new + Spamassassin 系统设置说明
  • amavisd-new 怎么关闭调用 spamassassin ?
  • SpamAssassin 规则例子
  • 最新 Clamav,SpamAssassin,Amavisd-new 安装说明
  • Imail反垃圾邮件技术
  • Qmail反垃圾邮件技术
  • 防范垃圾邮件技术
  • 谢绝第三方邮件转发
  • Postfix反垃圾邮件技术
  • Sendmail反垃圾邮件技术
  • 追踪垃圾邮件来源
  • 邮件过滤技术
  • OPEN RELAY的解决方案
  • 美讯智SMG邮件安全网关使用FAQ
  • 三分钟打造反垃圾邮件服务器
  • 黑名单服务器
  • 自由广告区
     
    最新软件下载
  • SharePoint Server 2010 部署文档
  • Exchange 2010 RTM升级至SP1 教程
  • Exchange 2010 OWA下RBAC实现的组功能...
  • Lync Server 2010 Standard Edition 标..
  • Lync Server 2010 Enterprise Edition...
  • Forefront Endpoint Protection 2010 ...
  • Lync Server 2010 Edge 服务器部署文档
  • 《Exchange 2003专家指南》
  • Mastering Hyper-V Deployment
  • Windows Server 2008 R2 Hyper-V
  • Microsoft Lync Server 2010 Unleashed
  • Windows Server 2008 R2 Unleashed
  • 今日邮件技术文章
  • 腾讯,在创新中演绎互联网“进化论”
  • 华科人 张小龙 (中国第二代程序员 QQ...
  • 微软推出新功能 提高Hotmail密码安全性
  • 快压技巧分享:秒传邮件超大附件
  • 不容忽视的邮件营销数据分析过程中的算..
  • 国内手机邮箱的现状与未来发展——访尚..
  • 易观数据:2011Q2中国手机邮箱市场收入..
  • 穿越时空的爱恋 QQ邮箱音视频及贺卡邮件
  • Hotmail新功能:“我的朋友可能被黑了”
  • 入侵邻居网络发骚扰邮件 美国男子被重..
  • 网易邮箱莫子睿:《非你莫属》招聘多过..
  • 中国电信推广189邮箱绿色账单
  • 最新专题
  • 鸟哥的Linux私房菜之Mail服务器
  • Exchange Server 2010技术专题
  • Windows 7 技术专题
  • Sendmail 邮件系统配置
  • 组建Exchange 2003邮件系统
  • Windows Server 2008 专题
  • ORF 反垃圾邮件系统
  • Exchange Server 2007 专题
  • ISA Server 2006 教程专题
  • Windows Vista 技术专题
  • “黑莓”(BlackBerry)专题
  • Apache James 专题
  • 分类导航
    邮件新闻资讯:
    IT业界 | 邮件服务器 | 邮件趣闻 | 移动电邮
    电子邮箱 | 反垃圾邮件|邮件客户端|网络安全
    行业数据 | 邮件人物 | 网站公告 | 行业法规
    网络技术:
    邮件原理 | 网络协议 | 网络管理 | 传输介质
    线路接入 | 路由接口 | 邮件存储 | 华为3Com
    CISCO技术 | 网络与服务器硬件
    操作系统:
    Windows 9X | Linux&Uinx | Windows NT
    Windows Vista | FreeBSD | 其它操作系统
    邮件服务器:
    程序与开发 | Exchange | Qmail | Postfix
    Sendmail | MDaemon | Domino | Foxmail
    KerioMail | JavaMail | Winwebmail |James
    Merak&VisNetic | CMailServer | WinMail
    金笛邮件系统 | 其它 |
    反垃圾邮件:
    综述| 客户端反垃圾邮件|服务器端反垃圾邮件
    邮件客户端软件:
    Outlook | Foxmail | DreamMail| KooMail
    The bat | 雷鸟 | Eudora |Becky! |Pegasus
    IncrediMail |其它
    电子邮箱: 个人邮箱 | 企业邮箱 |Gmail
    移动电子邮件:服务器 | 客户端 | 技术前沿
    邮件网络安全:
    软件漏洞 | 安全知识 | 病毒公告 |防火墙
    攻防技术 | 病毒查杀| ISA | 数字签名
    邮件营销:
    Email营销 | 网络营销 | 营销技巧 |营销案例
    邮件人才:招聘 | 职场 | 培训 | 指南 | 职场
    解决方案:
    邮件系统|反垃圾邮件 |安全 |移动电邮 |招标
    产品评测:
    邮件系统 |反垃圾邮件 |邮箱 |安全 |客户端
    广告联系 | 合作联系 | 关于我们 | 联系我们 | 繁體中文
    版权所有:邮件技术资讯网©2003-2010 www.5dmail.net, All Rights Reserved
    www.5Dmail.net Web Team   粤ICP备05009143号