My best spam rules right now

I’ve already before mentioned my antispam setup, but today I just ran a little check on my “hispam” mailbox (the spams with so high spam points that I never even bother to check them for false positives), 43MB of 7900+ spams (received during ~40 hours), to see which ones of my own handicrafted rules that get triggered the most. I use a set of 40+ custom spamassassin rules to help it trigger more mails as spam, since some of the very short mails seem to be hard to catch otherwise, and some of the mails are in many ways looking like mail I would normally get.

Anyway, my top-10 rules are:

  1. 1624 6.0 DS_BODY_DRUGBRAND      BODY: mentions drug brand
  2. 1428 6.0 DS_SUBJECT_DRUGBRAND   Subject mentions drug brand
  3. 828 6.0 DS_FROM_HAXX     spoofed address
  4. 769 4.0 DS_BODY_DISCOUNT    BODY: mentions percent discount
  5. 745 4.0 DS_SUBJECT_DISCOUNT   subject mentions percent discount
  6. 415 2.1 DS_TO_OWNER   To contains -owner
  7. 200 6.0 DS_BODY_NODOCTOR  BODY: mentions “no doctor”
  8. 195 2.0 DS_MAILER_THEBAT  sent with the bat
  9. 189 6.0 DS_BODY_DESIGNBRANDS  BODY: mentions designer brand(s)
  10. 158 3.0 DS_BODY_REPLICAS  BODY: speaks of replicas

The first number is number of hits. The second is the “spam points” I assign a match. Then there’s the name of the rule and my description for it. The “spam points” can best be seen relative to the other rules, as what makes a single mail a spam in the end involves multiple factors that aren’t shown here.