ishmaelen/local.cf

## local.cf
# datavibe.net spamassassin local config as of 2015-07-17

#   Add *****SPAM***** to the Subject header of spam e-mails
rewrite_header Subject *****SPAM*****

#   Save spam messages as a message/rfc822 MIME attachment instead of
#   modifying the original message (0: off, 2: use text/plain instead)
report_safe 1

add_header all RelaysUntrusted _RELAYSUNTRUSTED_
add_header all Status _YESNO_, score=_SCORE_ required=_REQD_ tests=_TESTS_ autolearn=_AUTOLEARN_ version=_VERSION_
add_header all Relay-Country _RELAYCOUNTRY_

#   Set the threshold at which a message is considered spam (default: 5.0)
required_score 5.0

#   Use Bayesian classifier (default: 1)
use_bayes 1

#   Bayesian classifier auto-learning (default: 1)
bayes_auto_learn 1

bayes_ignore_header X-Bogosity
bayes_ignore_header X-Spam-Flag
bayes_ignore_header X-Spam-Status

# hetzner
dns_server 213.133.98.98

header RCVD_IN_SORBS_SPAM      eval:check_rbl_sub('sorbs', '127.0.0.6')
describe RCVD_IN_SORBS_SPAM    SORBS: sender is a spam source
tflags RCVD_IN_SORBS_SPAM      net
score RCVD_IN_SORBS_SPAM	0.9

header		RCVD_IN_SORBS_DUL	eval:check_rbl('sorbsdul','dul.dnsbl.sorbs.net')
describe	RCVD_IN_SORBS_DUL	SORBS: sender is an end-user
tflags		RCVD_IN_SORBS_DUL	net
score		RCVD_IN_SORBS_DUL	0.7

header		RCVD_IN_SC_SPAM		eval:check_rbl('spamcannibal', 'bl.spamcannibal.org.')
describe	RCVD_IN_SC_SPAM		SpamCannibal: sender is a spam source
tflags		RCVD_IN_SC_SPAM		net
score		RCVD_IN_SC_SPAM		2.2

# UCEPROTECT1 (open relays/proxys/dialups) http://uceprotect.net
header          RCVD_IN_UCEPROTECT1	eval:check_rbl_txt('uceprotect1', 'dnsbl-1.uceprotect.net')
describe        RCVD_IN_UCEPROTECT1	Listed in dnsbl-1.uceprotect.net
tflags          RCVD_IN_UCEPROTECT1	net
score           RCVD_IN_UCEPROTECT1	2.2

# UCEPROTECT2 (open relays/proxys/dialups networks) http://uceprotect.net
header          RCVD_IN_UCEPROTECT2	eval:check_rbl_txt('uceprotect1', 'dnsbl-2.uceprotect.net')
describe        RCVD_IN_UCEPROTECT2	Network listed in dnsbl-2.uceprotect.net
tflags          RCVD_IN_UCEPROTECT2	net
score           RCVD_IN_UCEPROTECT2	1.9

# UCEPROTECT3 (bad networks) http://uceprotect.net
header          RCVD_IN_UCEPROTECT3	eval:check_rbl_txt('uceprotect1', 'dnsbl-3.uceprotect.net')
describe        RCVD_IN_UCEPROTECT3	Network listed in dnsbl-3.uceprotect.net
tflags          RCVD_IN_UCEPROTECT3	net
score           RCVD_IN_UCEPROTECT3	1.3

header		RCVD_IN_LB_SPAM		eval:check_rbl('lashback', 'ubl.lashback.com')
describe	RCVD_IN_LB_SPAM		LASHBACK: sender is a spam source
tflags		RCVD_IN_LB_SPAM		net
score		RCVD_IN_LB_SPAM		1.9

header		RCVD_IN_BS_SPAM		eval:check_rbl('backscatterer', 'ips.backscatterer.org')
describe	RCVD_IN_BS_SPAM		BACKSCATTERER: sender is a spam source
tflags		RCVD_IN_BS_SPAM		net
score		RCVD_IN_BS_SPAM		1.9

header		RCVD_IN_UNSUBSCORE	eval:check_rbl('unsubscore-lastexternal','ubl.unsubscore.com.')
describe	RCVD_IN_UNSUBSCORE	Listed in Lashback unsubscore.com
tflags		RCVD_IN_UNSUBSCORE	net
score		RCVD_IN_UNSUBSCORE	1.9

header		RCVD_IN_TRUNC		eval:check_rbl('truncate','truncate.gbudb.net')
describe	RCVD_IN_TRUNC		Listed in truncate.gbudb.net rbl
tflags		RCVD_IN_TRUNC		net
score		RCVD_IN_TRUNC		1.9

header          RCVD_IN_S5HBL   	eval:check_rbl('s5hbl', 'all.s5h.net')
describe        RCVD_IN_S5HBL		Listed at all.s5h.net rbl
tflags          RCVD_IN_S5HBL		net
score           RCVD_IN_S5HBL		1.9

# http://www.dnsbl.manitu.net/index.php?language=en
header          RCVD_IN_NIX		eval:check_rbl('nix', 'ix.dnsbl.manitu.net.')
describe        RCVD_IN_NIX		Listed at all.s5h.net rbl
tflags          RCVD_IN_NIX		net
score           RCVD_IN_NIX		1.9

body          	HASH_IX       		eval:ixhashtest('ix.dnsbl.manitu.net')
describe      	HASH_IX       		body-hash classified as spam by iX Magazine, Germany
tflags        	HASH_IX       		net
score         	HASH_IX       		1.9

header          RCVD_IN_APEWS		eval:check_rbl('apews', 'l2.apews.org')
describe        RCVD_IN_APEWS		Listed at APEWS
tflags          RCVD_IN_APEWS		net
score           RCVD_IN_APEWS		1.9

header          RCVD_IN_CHILE		eval:check_rbl('dnsblchile', 'dnsblchile.org')
describe        RCVD_IN_CHILE		Listed at dnsblchile
tflags          RCVD_IN_CHILE		net
score           RCVD_IN_CHILE		1.9

header          RCVD_IN_MCAFEE		eval:check_rbl('mcafee', 'cidr.bl.mcafee.com')
describe        RCVD_IN_MCAFEE		Listed at cidr.bl.mcafee.com
tflags          RCVD_IN_MCAFEE		net
score           RCVD_IN_MCAFEE		1.9

# Spam sources
header __RCVD_IN_MSPIKE eval:check_rbl('mspike-lastexternal', 'bl.mailspike.net.') tflags __RCVD_IN_MSPIKE net

# Bad senders
header __RCVD_IN_MSPIKE_Z eval:check_rbl_sub('mspike-lastexternal', '^127\.0\.0\.2$')
describe __RCVD_IN_MSPIKE_Z Spam wave participant
tflags __RCVD_IN_MSPIKE_Z net
header RCVD_IN_MSPIKE_L5 eval:check_rbl_sub('mspike-lastexternal', '^127\.0\.0\.10$')
describe RCVD_IN_MSPIKE_L5 Very bad reputation (-5)
tflags RCVD_IN_MSPIKE_L5 net
header RCVD_IN_MSPIKE_L4 eval:check_rbl_sub('mspike-lastexternal', '^127\.0\.0\.11$')
describe RCVD_IN_MSPIKE_L4 Bad reputation (-4)
tflags RCVD_IN_MSPIKE_L4 net
header RCVD_IN_MSPIKE_L3 eval:check_rbl_sub('mspike-lastexternal', '^127\.0\.0\.12$')
describe RCVD_IN_MSPIKE_L3 Low reputation (-3)
tflags RCVD_IN_MSPIKE_L3 net
header RCVD_IN_MSPIKE_L2 eval:check_rbl_sub('mspike-lastexternal', '^127\.0\.0\.13$')
describe RCVD_IN_MSPIKE_L2 Suspicious reputation (-2)
tflags RCVD_IN_MSPIKE_L2 net

# Good senders
header RCVD_IN_MSPIKE_H5 eval:check_rbl_sub('mspikeg-firsttrusted', '^127\.0\.0\.20$')
describe RCVD_IN_MSPIKE_H5 Excellent reputation (+5)
tflags RCVD_IN_MSPIKE_H5 nice net
header RCVD_IN_MSPIKE_H4 eval:check_rbl_sub('mspikeg-firsttrusted', '^127\.0\.0\.19$')
describe RCVD_IN_MSPIKE_H4 Very Good reputation (+4)
tflags RCVD_IN_MSPIKE_H4 nice net
header RCVD_IN_MSPIKE_H3 eval:check_rbl_sub('mspikeg-firsttrusted', '^127\.0\.0\.18$')
describe RCVD_IN_MSPIKE_H3 Good reputation (+3)
tflags RCVD_IN_MSPIKE_H3 nice net
header RCVD_IN_MSPIKE_H2 eval:check_rbl_sub('mspikeg-firsttrusted', '^127\.0\.0\.17$')
describe RCVD_IN_MSPIKE_H2 Average reputation (+2)
tflags RCVD_IN_MSPIKE_H2 nice net

# *_L and *_Z may overlap, so account for that
meta __RCVD_IN_MSPIKE_LOW RCVD_IN_MSPIKE_L5 || RCVD_IN_MSPIKE_L4 || RCVD_IN_MSPIKE_L3 || RCVD_IN_MSPIKE_L2
meta RCVD_IN_MSPIKE_ZBI __RCVD_IN_MSPIKE_Z && !__RCVD_IN_MSPIKE_LOW

# Scores
score RCVD_IN_MSPIKE_ZBI 4.1
score RCVD_IN_MSPIKE_L5 5.2
score RCVD_IN_MSPIKE_L4 4.2
score RCVD_IN_MSPIKE_L3 3.9
score RCVD_IN_MSPIKE_L2 0.8
score RCVD_IN_MSPIKE_H2 -0.5

score FROM_LOCAL_NOVOWEL 1.1 # was 3.1
score FROM_LOCAL_HEX 0.5 # was 1.399
score RCVD_IN_SORBS_DUL 2.5
score RCVD_IN_SBL 2.7
score SUBJ_ALL_CAPS 2.5 # was 2.077
score RCVD_IN_NJABL_SPAM 3.0 # orig 2.7
score RCVD_IN_PBL 1.5 # orig 0.905
score FH_DATE_PAST_20XX 0.0
score INVALID_MSGID 2.3 # orig 1.9
score HTML_FONT_SIZE_LARGE 0.5 # orig 0.001
score FORGED_YAHOO_RCVD 3.5 # orig 2.297
score RCVD_IN_BL_SPAMCOP_NET 3.5 # orig 1.96
score BAD_CREDIT 2.5 # orig 0.001
score NA_DOLLARS 2.5 # orig 1.329
score ADVANCE_FEE_2 2.5 # orig 1.234
score RDNS_NONE 2.0 # orig 0.1
score URIBL_BLACK 3.9 # orig 1.955
score FH_HELO_EQ_D_D_D_D 1.5 # orig 0.001
score RDNS_DYNAMIC 1.5 # orig 0.1
score RCVD_IN_SORBS_WEB 2.5 # orig 0.619
score RCVD_IN_PBL 2.0 # orig 1.5
score HABEAS_ACCREDITED_SOI 0.5 # was -4.3, is complete bullshit
score RCVD_IN_BSP_TRUSTED 0.5 # was -4.3, is bullshit
score BAYES_60 1.2 # was 1.0
score SPF_SOFTFAIL 1.596 # was 0.596
score MISSING_MID 1.5 # was 0.001
score URIBL_RHS_DOB 2.7 # was 1.083
score URIBL_OB_SURBL 2.6 # was 1.5
score URIBL_SC_SURBL 1.6  # was 0.474
score HTML_MESSAGE 0.6 # was 0.001
score US_DOLLARS_3 2.0 # was 0.63
score FORGED_HOTMAIL_RCVD2 2.502 # was 1.502
score MISSING_HEADERS 2.0 # was 1.292
score SPF_PASS -0.5 # was -0
score HTML_IMAGE_RATIO_02 1.5 # was 0.383
score SUBJECT_NEEDS_ENCODING 0.3 # was 0.001
score HTML_IMAGE_RATIO_04 0.5 # was 0.172
score MONEY_BACK 1.0 # was 0.001
score HTML_SHORT_LINK_IMG_3 0.75 # was 0.001
score HTML_IMAGE_ONLY_24 1.8 # was 1.552
score URIBL_JP_SURBL 3.0 # was 1.501
score BAYES_80 2.5 # was 2.0
score BAD_CREDIT 3.5 # was 2.5
score RCVD_IN_BRBL_LASTEXT 2.0 # was 1.644
score URIBL_DBL_SPAM 1.9 # was 1.7
score URIBL_SBL 0.8 #was 0.644
score HTML_FONT_LOW_CONTRAST 0.5 # was 0.001
score RCVD_IN_DNSWL_HI 0 # was -5
score RCVD_IN_DNSWL_MED 0 # was -2 or something
score FILL_THIS_FORM 0.06 # was 0.001
score T_REMOTE_IMAGE 0.1 # was 0.01
score HK_SPAMMY_FILENAME 0.9 # was 0.001
score MIME_HTML_MOSTLY 0.9 # was 0.001
score T_FREEMAIL_DOC_PDF 1.0 # was 0.01
score FREEMAIL_ENVFROM_END_DIGIT 1 # was 0.1
score FREEMAIL_FROM 0.8 # was 0.001
score HTML_MESSAGE 0.8 # was 0.6
score RCVD_IN_NJABL_PROXY 1.5 # was 0.208
score UNPARSEABLE_RELAY 1.0 # was 0.001
score RDNS_DYNAMIC 2.5 #was .5
score T_OBFU_JPG_ATTACH 0.9 #w was 0.01
score T_REMOTE_IMAGE 0.7 # was 0.1
score DEAR_BENEFICIARY 1.451 # was 0.451
score LOTS_OF_MONEY 0.501 # was 0.001
score MONEY_LOTTERY 1.2 # was 0.001
score RCVD_IN_DNSWL_BLOCKED 0.3 # was 0.001
#score BAYES_99 3.3 # was 3.5
score DNS_FROM_OPENWHOIS 0.0 # was 1.1
score RCVD_IN_BRBL_LASTEXT 3.1 # was 2
score URIBL_WS_SURBL 1.9 # was 1.659
score URIBL_BLOCKED 3.5 # was 0.001
score DNS_FROM_AHBL_RHSBL 0 #ahbl no longer exists
score URI_NO_WWW_INFO_CGI 2.6 # was 2.299
score HTML_IMAGE_RATIO_06 0.3 # was 0.001
score BAYES_999 2.0 # was 0.2
score BAYES_00 -1.1 # was -1.9
	# datavibe.net spamassassin local config as of 2015-07-17

	# Add ***SPAM*** to the Subject header of spam e-mails
	rewrite_header Subject ***SPAM***

	# Save spam messages as a message/rfc822 MIME attachment instead of
	# modifying the original message (0: off, 2: use text/plain instead)
	report_safe 1

	add_header all RelaysUntrusted _RELAYSUNTRUSTED_
	add_header all Status _YESNO_, score=_SCORE_ required=_REQD_ tests=_TESTS_ autolearn=_AUTOLEARN_ version=_VERSION_
	add_header all Relay-Country _RELAYCOUNTRY_

	# Set the threshold at which a message is considered spam (default: 5.0)
	required_score 5.0

	# Use Bayesian classifier (default: 1)
	use_bayes 1

	# Bayesian classifier auto-learning (default: 1)
	bayes_auto_learn 1

	bayes_ignore_header X-Bogosity
	bayes_ignore_header X-Spam-Flag
	bayes_ignore_header X-Spam-Status

	# hetzner
	dns_server 213.133.98.98

	header RCVD_IN_SORBS_SPAM eval:check_rbl_sub('sorbs', '127.0.0.6')
	describe RCVD_IN_SORBS_SPAM SORBS: sender is a spam source
	tflags RCVD_IN_SORBS_SPAM net
	score RCVD_IN_SORBS_SPAM 0.9

	header RCVD_IN_SORBS_DUL eval:check_rbl('sorbsdul','dul.dnsbl.sorbs.net')
	describe RCVD_IN_SORBS_DUL SORBS: sender is an end-user
	tflags RCVD_IN_SORBS_DUL net
	score RCVD_IN_SORBS_DUL 0.7

	header RCVD_IN_SC_SPAM eval:check_rbl('spamcannibal', 'bl.spamcannibal.org.')
	describe RCVD_IN_SC_SPAM SpamCannibal: sender is a spam source
	tflags RCVD_IN_SC_SPAM net
	score RCVD_IN_SC_SPAM 2.2

	# UCEPROTECT1 (open relays/proxys/dialups) http://uceprotect.net
	header RCVD_IN_UCEPROTECT1 eval:check_rbl_txt('uceprotect1', 'dnsbl-1.uceprotect.net')
	describe RCVD_IN_UCEPROTECT1 Listed in dnsbl-1.uceprotect.net
	tflags RCVD_IN_UCEPROTECT1 net
	score RCVD_IN_UCEPROTECT1 2.2

	# UCEPROTECT2 (open relays/proxys/dialups networks) http://uceprotect.net
	header RCVD_IN_UCEPROTECT2 eval:check_rbl_txt('uceprotect1', 'dnsbl-2.uceprotect.net')
	describe RCVD_IN_UCEPROTECT2 Network listed in dnsbl-2.uceprotect.net
	tflags RCVD_IN_UCEPROTECT2 net
	score RCVD_IN_UCEPROTECT2 1.9

	# UCEPROTECT3 (bad networks) http://uceprotect.net
	header RCVD_IN_UCEPROTECT3 eval:check_rbl_txt('uceprotect1', 'dnsbl-3.uceprotect.net')
	describe RCVD_IN_UCEPROTECT3 Network listed in dnsbl-3.uceprotect.net
	tflags RCVD_IN_UCEPROTECT3 net
	score RCVD_IN_UCEPROTECT3 1.3

	header RCVD_IN_LB_SPAM eval:check_rbl('lashback', 'ubl.lashback.com')
	describe RCVD_IN_LB_SPAM LASHBACK: sender is a spam source
	tflags RCVD_IN_LB_SPAM net
	score RCVD_IN_LB_SPAM 1.9

	header RCVD_IN_BS_SPAM eval:check_rbl('backscatterer', 'ips.backscatterer.org')
	describe RCVD_IN_BS_SPAM BACKSCATTERER: sender is a spam source
	tflags RCVD_IN_BS_SPAM net
	score RCVD_IN_BS_SPAM 1.9

	header RCVD_IN_UNSUBSCORE eval:check_rbl('unsubscore-lastexternal','ubl.unsubscore.com.')
	describe RCVD_IN_UNSUBSCORE Listed in Lashback unsubscore.com
	tflags RCVD_IN_UNSUBSCORE net
	score RCVD_IN_UNSUBSCORE 1.9

	header RCVD_IN_TRUNC eval:check_rbl('truncate','truncate.gbudb.net')
	describe RCVD_IN_TRUNC Listed in truncate.gbudb.net rbl
	tflags RCVD_IN_TRUNC net
	score RCVD_IN_TRUNC 1.9

	header RCVD_IN_S5HBL eval:check_rbl('s5hbl', 'all.s5h.net')
	describe RCVD_IN_S5HBL Listed at all.s5h.net rbl
	tflags RCVD_IN_S5HBL net
	score RCVD_IN_S5HBL 1.9

	# http://www.dnsbl.manitu.net/index.php?language=en
	header RCVD_IN_NIX eval:check_rbl('nix', 'ix.dnsbl.manitu.net.')
	describe RCVD_IN_NIX Listed at all.s5h.net rbl
	tflags RCVD_IN_NIX net
	score RCVD_IN_NIX 1.9

	body HASH_IX eval:ixhashtest('ix.dnsbl.manitu.net')
	describe HASH_IX body-hash classified as spam by iX Magazine, Germany
	tflags HASH_IX net
	score HASH_IX 1.9

	header RCVD_IN_APEWS eval:check_rbl('apews', 'l2.apews.org')
	describe RCVD_IN_APEWS Listed at APEWS
	tflags RCVD_IN_APEWS net
	score RCVD_IN_APEWS 1.9

	header RCVD_IN_CHILE eval:check_rbl('dnsblchile', 'dnsblchile.org')
	describe RCVD_IN_CHILE Listed at dnsblchile
	tflags RCVD_IN_CHILE net
	score RCVD_IN_CHILE 1.9

	header RCVD_IN_MCAFEE eval:check_rbl('mcafee', 'cidr.bl.mcafee.com')
	describe RCVD_IN_MCAFEE Listed at cidr.bl.mcafee.com
	tflags RCVD_IN_MCAFEE net
	score RCVD_IN_MCAFEE 1.9

	# Spam sources
	header __RCVD_IN_MSPIKE eval:check_rbl('mspike-lastexternal', 'bl.mailspike.net.') tflags __RCVD_IN_MSPIKE net

	# Bad senders
	header __RCVD_IN_MSPIKE_Z eval:check_rbl_sub('mspike-lastexternal', '^127\.0\.0\.2$')
	describe __RCVD_IN_MSPIKE_Z Spam wave participant
	tflags __RCVD_IN_MSPIKE_Z net
	header RCVD_IN_MSPIKE_L5 eval:check_rbl_sub('mspike-lastexternal', '^127\.0\.0\.10$')
	describe RCVD_IN_MSPIKE_L5 Very bad reputation (-5)
	tflags RCVD_IN_MSPIKE_L5 net
	header RCVD_IN_MSPIKE_L4 eval:check_rbl_sub('mspike-lastexternal', '^127\.0\.0\.11$')
	describe RCVD_IN_MSPIKE_L4 Bad reputation (-4)
	tflags RCVD_IN_MSPIKE_L4 net
	header RCVD_IN_MSPIKE_L3 eval:check_rbl_sub('mspike-lastexternal', '^127\.0\.0\.12$')
	describe RCVD_IN_MSPIKE_L3 Low reputation (-3)
	tflags RCVD_IN_MSPIKE_L3 net
	header RCVD_IN_MSPIKE_L2 eval:check_rbl_sub('mspike-lastexternal', '^127\.0\.0\.13$')
	describe RCVD_IN_MSPIKE_L2 Suspicious reputation (-2)
	tflags RCVD_IN_MSPIKE_L2 net

	# Good senders
	header RCVD_IN_MSPIKE_H5 eval:check_rbl_sub('mspikeg-firsttrusted', '^127\.0\.0\.20$')
	describe RCVD_IN_MSPIKE_H5 Excellent reputation (+5)
	tflags RCVD_IN_MSPIKE_H5 nice net
	header RCVD_IN_MSPIKE_H4 eval:check_rbl_sub('mspikeg-firsttrusted', '^127\.0\.0\.19$')
	describe RCVD_IN_MSPIKE_H4 Very Good reputation (+4)
	tflags RCVD_IN_MSPIKE_H4 nice net
	header RCVD_IN_MSPIKE_H3 eval:check_rbl_sub('mspikeg-firsttrusted', '^127\.0\.0\.18$')
	describe RCVD_IN_MSPIKE_H3 Good reputation (+3)
	tflags RCVD_IN_MSPIKE_H3 nice net
	header RCVD_IN_MSPIKE_H2 eval:check_rbl_sub('mspikeg-firsttrusted', '^127\.0\.0\.17$')
	describe RCVD_IN_MSPIKE_H2 Average reputation (+2)
	tflags RCVD_IN_MSPIKE_H2 nice net

	# _L and _Z may overlap, so account for that
	meta __RCVD_IN_MSPIKE_LOW RCVD_IN_MSPIKE_L5 \|\| RCVD_IN_MSPIKE_L4 \|\| RCVD_IN_MSPIKE_L3 \|\| RCVD_IN_MSPIKE_L2
	meta RCVD_IN_MSPIKE_ZBI __RCVD_IN_MSPIKE_Z && !__RCVD_IN_MSPIKE_LOW

	# Scores
	score RCVD_IN_MSPIKE_ZBI 4.1
	score RCVD_IN_MSPIKE_L5 5.2
	score RCVD_IN_MSPIKE_L4 4.2
	score RCVD_IN_MSPIKE_L3 3.9
	score RCVD_IN_MSPIKE_L2 0.8
	score RCVD_IN_MSPIKE_H2 -0.5

	score FROM_LOCAL_NOVOWEL 1.1 # was 3.1
	score FROM_LOCAL_HEX 0.5 # was 1.399
	score RCVD_IN_SORBS_DUL 2.5
	score RCVD_IN_SBL 2.7
	score SUBJ_ALL_CAPS 2.5 # was 2.077
	score RCVD_IN_NJABL_SPAM 3.0 # orig 2.7
	score RCVD_IN_PBL 1.5 # orig 0.905
	score FH_DATE_PAST_20XX 0.0
	score INVALID_MSGID 2.3 # orig 1.9
	score HTML_FONT_SIZE_LARGE 0.5 # orig 0.001
	score FORGED_YAHOO_RCVD 3.5 # orig 2.297
	score RCVD_IN_BL_SPAMCOP_NET 3.5 # orig 1.96
	score BAD_CREDIT 2.5 # orig 0.001
	score NA_DOLLARS 2.5 # orig 1.329
	score ADVANCE_FEE_2 2.5 # orig 1.234
	score RDNS_NONE 2.0 # orig 0.1
	score URIBL_BLACK 3.9 # orig 1.955
	score FH_HELO_EQ_D_D_D_D 1.5 # orig 0.001
	score RDNS_DYNAMIC 1.5 # orig 0.1
	score RCVD_IN_SORBS_WEB 2.5 # orig 0.619
	score RCVD_IN_PBL 2.0 # orig 1.5
	score HABEAS_ACCREDITED_SOI 0.5 # was -4.3, is complete bullshit
	score RCVD_IN_BSP_TRUSTED 0.5 # was -4.3, is bullshit
	score BAYES_60 1.2 # was 1.0
	score SPF_SOFTFAIL 1.596 # was 0.596
	score MISSING_MID 1.5 # was 0.001
	score URIBL_RHS_DOB 2.7 # was 1.083
	score URIBL_OB_SURBL 2.6 # was 1.5
	score URIBL_SC_SURBL 1.6 # was 0.474
	score HTML_MESSAGE 0.6 # was 0.001
	score US_DOLLARS_3 2.0 # was 0.63
	score FORGED_HOTMAIL_RCVD2 2.502 # was 1.502
	score MISSING_HEADERS 2.0 # was 1.292
	score SPF_PASS -0.5 # was -0
	score HTML_IMAGE_RATIO_02 1.5 # was 0.383
	score SUBJECT_NEEDS_ENCODING 0.3 # was 0.001
	score HTML_IMAGE_RATIO_04 0.5 # was 0.172
	score MONEY_BACK 1.0 # was 0.001
	score HTML_SHORT_LINK_IMG_3 0.75 # was 0.001
	score HTML_IMAGE_ONLY_24 1.8 # was 1.552
	score URIBL_JP_SURBL 3.0 # was 1.501
	score BAYES_80 2.5 # was 2.0
	score BAD_CREDIT 3.5 # was 2.5
	score RCVD_IN_BRBL_LASTEXT 2.0 # was 1.644
	score URIBL_DBL_SPAM 1.9 # was 1.7
	score URIBL_SBL 0.8 #was 0.644
	score HTML_FONT_LOW_CONTRAST 0.5 # was 0.001
	score RCVD_IN_DNSWL_HI 0 # was -5
	score RCVD_IN_DNSWL_MED 0 # was -2 or something
	score FILL_THIS_FORM 0.06 # was 0.001
	score T_REMOTE_IMAGE 0.1 # was 0.01
	score HK_SPAMMY_FILENAME 0.9 # was 0.001
	score MIME_HTML_MOSTLY 0.9 # was 0.001
	score T_FREEMAIL_DOC_PDF 1.0 # was 0.01
	score FREEMAIL_ENVFROM_END_DIGIT 1 # was 0.1
	score FREEMAIL_FROM 0.8 # was 0.001
	score HTML_MESSAGE 0.8 # was 0.6
	score RCVD_IN_NJABL_PROXY 1.5 # was 0.208
	score UNPARSEABLE_RELAY 1.0 # was 0.001
	score RDNS_DYNAMIC 2.5 #was .5
	score T_OBFU_JPG_ATTACH 0.9 #w was 0.01
	score T_REMOTE_IMAGE 0.7 # was 0.1
	score DEAR_BENEFICIARY 1.451 # was 0.451
	score LOTS_OF_MONEY 0.501 # was 0.001
	score MONEY_LOTTERY 1.2 # was 0.001
	score RCVD_IN_DNSWL_BLOCKED 0.3 # was 0.001
	#score BAYES_99 3.3 # was 3.5
	score DNS_FROM_OPENWHOIS 0.0 # was 1.1
	score RCVD_IN_BRBL_LASTEXT 3.1 # was 2
	score URIBL_WS_SURBL 1.9 # was 1.659
	score URIBL_BLOCKED 3.5 # was 0.001
	score DNS_FROM_AHBL_RHSBL 0 #ahbl no longer exists
	score URI_NO_WWW_INFO_CGI 2.6 # was 2.299
	score HTML_IMAGE_RATIO_06 0.3 # was 0.001
	score BAYES_999 2.0 # was 0.2
	score BAYES_00 -1.1 # was -1.9