Topic: Fuzzy OCR

[Brave Dave]

I'm not sure if this is an issue, but is fuzzy ocr like a lot more aggressive on spam ?

It seems to be reporting FUZZY_OCR_WRONG_EXTENSION in the X-Spam-Status: header of the email repeatedly

eg.
X-Spam-Status: Yes, hits=11.1 required=8.0
        tests=FUZZY_OCR_WRONG_EXTENSION,FUZZY_OCR_WRONG_EXTENSION,FUZZY_OCR_WRONG_EXTENSION,FUZZY_OCR_WRONG_EXTENSION,FUZZY_OCR_WR
ONG_EXTENSION,FUZZY_OCR_WRONG_EXTENSION,HTML_MESSAGE,SARE_UNA,SUBJ_DOLLARS

[cactus]

I'm not sure if this is an issue, but is fuzzy ocr like a lot more aggressive on spam ?

It seems to be reporting FUZZY_OCR_WRONG_EXTENSION in the X-Spam-Status: header of the email repeatedly

eg.
X-Spam-Status: Yes, hits=11.1 required=8.0
        tests=FUZZY_OCR_WRONG_EXTENSION,FUZZY_OCR_WRONG_EXTENSION,FUZZY_OCR_WRONG_EXTENSION,FUZZY_OCR_WRONG_EXTENSION,FUZZY_OCR_WR
ONG_EXTENSION,FUZZY_OCR_WRONG_EXTENSION,HTML_MESSAGE,SARE_UNA,SUBJ_DOLLARS

Could it be that this message had five images/attachements? Normally you get this message when the file type of the attached image does not match the actual file format of the image.

[Brave Dave]

Of course - I think in fact it had 7.

I'm not thinking is a bug, or it is not behaving as intended, but the consequence for me here is that spam scores have been ramped up.

What I am seeing is that some users like to use outlook (perhaps in particular) and like to make their email look like a letter using gifs etc...

What I had to do was go into the /etc/mail/spamassassin folder and move the fuzzy* files out - the email spam scores dropped and it's flowing again.

Of course their email format is more spamificated than plain text or html without images, and I know it's Outlook that is doing this funny thing.. and I tell them... but suppers on the stove and I've got to get to it.

in the end the rules seem hard - searching around there doesn't seem to be any other comments

I have the spam score set @ 8

[cactus]

Of course - I think in fact it had 7.

I'm not thinking is a bug, or it is not behaving as intended, but the consequence for me here is that spam scores have been ramped up.

What I am seeing is that some users like to use outlook (perhaps in particular) and like to make their email look like a letter using gifs etc...

What I had to do was go into the /etc/mail/spamassassin folder and move the fuzzy* files out - the email spam scores dropped and it's flowing again.

Of course their email format is more spamificated than plain text or html without images, and I know it's Outlook that is doing this funny thing.. and I tell them... but suppers on the stove and I've got to get to it.

in the end the rules seem hard - searching around there doesn't seem to be any other comments

I have the spam score set @ 8

It is not bad to use Outlook, but the FuzzyOCR plugin has determined that the file header of the attached files are not in line with the extension of the file, which is something that happens quite a lot with spam images. The FuzzyOCR plugin analyzes every attachment and mentions all the filters with a positive result for that mail, so seven attachments that have incorrect attachments means seven times a hot on the FUZZY_OCR_WRONG_EXTENSION check, for each instance the SPAM score is raised with the value that is assigned to this check.

One remark on your solution, if you want it to be permanent you need to make your changes in a slightly other way as the configuration files of SME Server are templated, otherwise your changes might get lost over updates and configuration changes.

First of all you need to make a custom-template tree, then copy the original template fragment you would like to make changes to to this new tree.
After that make your modifications in the templates-custom tree and finally regenerate the configuration file using the expand-template /path/to/config/file. Some services need to restart to load the configuration changes. Detailed information can be found in the SME Server Development Guide linked in the wiki.