I know I can remove the KAM.cf. But then if I understand correct I need to disable SA-Update also. Any my changes may be overwritten by updates.
Looking at the eFa report "SpamAssassin Rule Hits" on our system we find that that KAM tags by far more HAM than SPAM.
It would be nice to have an option to either Customize KAM.cf and not have it updated, or disable it.
To many of the test in KAM give weight where it should not, or too much weight. There is a Numbers test that gives weight to anything with numbers in the Subject. We are constantly have valid emails in our system with Invoice, PO and RFQ numbers.
Too many single tests generate weight in excess of 50% of the Hold weight of 5. Many tests single tests give 3.5+ points.
The developer is adding 1.0 if senders do not have an SPF or DKIM record. While I agree SPF and DKIM are good tools, they are not required by RFC. And the fact that he thinks he can force people to use it by penalizing them is ludicrous.
While spam is bad, holding HAM is much worse.# RULE FOR DOMAINS THAT HAVE NOT IMPLEMENTED ANY ANTI-FORGERY MECHANISMS
if (version >= 3.003002)
# We may recommend people start raising the score for this to force more people to use SPF or DKIM Since Gmail and AOL work much better with / require SPF.
header __KAM_SPF_NONE eval:check_for_spf_none()
meta KAM_LAZY_DOMAIN_SECURITY (!__DKIM_EXISTS && __KAM_SPF_NONE)
score KAM_LAZY_DOMAIN_SECURITY 1.0
describe KAM_LAZY_DOMAIN_SECURITY Sending domain does not have any anti-forgery methods