[SAtalk] Dear Kc8hr, GET YOUR FREE! $101 bucks AND GET BACK YOUR FULL DEPOSITNOW! (fwd)

[Tim]

Hi Guys,

Real creativity here. . .

Later--
Tim

-- Forwarded message --
Return-Path: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
Received: from localhost (localhost.localdomain [127.0.0.1])
by localhost.localdomain (Postfix) with ESMTP id 2B9B56A72B
for <[EMAIL PROTECTED]>; Sat, 16 Aug 2003 15:14:10 -0400 (EDT)
Received: from mail.wwnet.net [209.142.193.12]
by localhost with POP3 (fetchmail-6.1.0)
for [EMAIL PROTECTED] (single-drop); Sat, 16 Aug 2003 15:14:10 -0400 (EDT)
Received: by juice (mbox kc8hr)
 (with Cubic Circle's cucipop (v1.31 1998/05/13) Sat Aug 16 14:13:21 2003)
X-From_: [EMAIL PROTECTED]  Sat Aug 16 13:09:25 2003
Received: from taik-nat-44.uiah.fi (taik-nat-44.uiah.fi [128.214.133.44])
by squirt.wwnet.net (8.12.3/8.12.3/Debian -4) with SMTP id
h7GH9ICN030195
for <[EMAIL PROTECTED]>; Sat, 16 Aug 2003 13:09:23 -0400
Date: Sat, 16 Aug 2003 13:09:22 -0400
Message-Id: <[EMAIL PROTECTED]>
From: Mila <[EMAIL PROTECTED]>
To: Kc8hr <[EMAIL PROTECTED]>
Reply-To: Ollie <[EMAIL PROTECTED]>
Sender: Maria <[EMAIL PROTECTED]>
Subject: Dear Kc8hr,
 GET YOUR FREE! $101 bucks AND GET BACK YOUR FULL DEPOSIT NOW!
MIME-Version: 1.0
Content-type: text/plain
Content-Transfer-Encoding: 8bit
X-Spam-Checker-Version: SpamAssassin 2.60-cvs (1.193-2003-06-13-exp) on
localhost.localdomain
X-Spam-Status: No, hits=1.0 required=2.0 tests=CLICK_BELOW_CAPS,
MANY_EXCLAMATIONS
OFFER,SUBJ_FREE_CAP autolearn=no version=2.60-cvs
X-Spam-Level: *

The GoldenStake Casino Experience, 

Dear , GET YOUR FREE $101 bucks AND GET BACK YOUR FULL DEPOSIT NOW! 
NO DOWNLOAD NEEDED. INSTANT PLAY. INSTANT CASHOUTS. 
 
We pay in 1 hour after receiving your cashout. 
CLICK HERE  http://www.goldenstakecasino.com/?id=samovar TO OPEN ACCOUNT 
As a new player welcome, deposit any amount and we'll credit you with $101 
free money + 30% of your initial deposit! 

You've found the Finest, Fairest, and most Secure casino on the Internet. Play 
at GoldenStake Casino , and we're confident that you'll enjoy your time with us. 
 
Regular Promotions & Prizes 
Secure transactions & total respect for your privacy 
Best quality free casino software in the industry 
 
24hr / 7 days a week friendly customer support 
Better Odds than land-based casinos 

To start playing, open account and enjoy our superb free software with 12 great games: 

CLICK HERE  http://www.goldenstakecasino.com/?id=samovar TO OPEN ACCOUNT RIGHT NOW!
 
-- 
You have received this Newsletter because you, or someone else, is 
registered to this Email Address with gambling related sites. If you 
no longer wish to be included in our Email Updates, 
please mail us [EMAIL PROTECTED] with unsubscribe-subject. 
--

This is special offer for  with [unique number: ]


---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] Women: Revolutionary Climax Product Will Astonish You (fwd)

[Tim]

Another got through:

-- Forwarded message --
Return-Path: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
Received: from localhost (localhost.localdomain [127.0.0.1])
by localhost.localdomain (Postfix) with ESMTP id A43606A711
for <[EMAIL PROTECTED]>; Tue, 19 Aug 2003 10:54:32 -0400 (EDT)
Received: from mail.wwnet.net [209.142.193.7]
by localhost with POP3 (fetchmail-6.1.0)
for [EMAIL PROTECTED] (single-drop); Tue, 19 Aug 2003 10:54:32 -0400 (EDT)
Received: by guyute (mbox kc8hr)
 (with Cubic Circle's cucipop (v1.31 1998/05/13) Tue Aug 19 10:53:29 2003)
X-From_: [EMAIL PROTECTED]  Tue Aug 19 07:52:53 2003
Received: from ns1.siakraya.com ([203.130.206.194])
by squirt.wwnet.net (8.12.3/8.12.3/Debian -4) with ESMTP id
h7JBqjx3002455
for <[EMAIL PROTECTED]>; Tue, 19 Aug 2003 07:52:51 -0400
Received: from doramail-com-bk.mr.outblaze.com ([203.130.206.219])
by ns1.siakraya.com (8.10.1/8.10.1) with SMTP id h7JC2MX05403;
Tue, 19 Aug 2003 19:02:22 +0700
Message-Id: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
From: "C:oldcEmailsusernamescommonnamesgirlsclsort5_30.txt"
<[EMAIL PROTECTED]>
Subject: Women: Revolutionary Climax Product Will Astonish You
Date: Tue, 19 Aug 2003 07:02:04 -0400
MIME-Version: 1.0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Spam-Checker-Version: SpamAssassin 2.60-cvs (1.193-2003-06-13-exp) on
localhost.localdomain
X-Spam-Status: No, hits=1.9 required=2.0 tests=BLANK_LINES_70_80,
FORGED_RCVD_HELO
HTML_50_60,HTML_FONTCOLOR_BLUE,HTML_MESSAGE,MIME_HTML_ONLY
MIME_QP_LONG_LINE autolearn=no version=2.60-cvs
X-Spam-Level: *

Women: Revolutionary Climax Gel Will Astonish You!

You will be astonished by what this new, revolutionary sexual climax gel
will do for you.

- Climax easily during intercourse
- Experience multiple orgasms
- Intensify your orgasms
- Invigorate your sex life
- Boost your partners confidence and interest
- Become sexually excited faster
- Lubricate more quickly and easily

In fact, we guarantee it.

Go To Astonishing Climax Gel Info

To purge your email address from our database, go Here




---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] Spam Filter Comparisons

[Tim]

Hi,

Thought you all might be interested in this artical on freshmeat.net:

http://freshmeat.net/articles/view/964/

Later--
Tim

-- 
Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028
[EMAIL PROTECTED]  | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr

"If it ain't broke, then you're not trying hard enough!" --Red Green


---
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines
at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] URL filtering

[Tim]

Hi Karl,

On Tue, 2 Sep 2003, Karl Larsen wrote:

> 
>   Since I use procmail I have a list of people and lists that I 
> want to receive email from, and most but not all lists, do not have 
> spam. How can I set up SpamAssassin to pass these good lists without any 
> tests? 

I subscribe to 13 lists that rarely, if ever are spammed. I just filter 
them [before] I call SA in my .procmailrc:



:0:
* ^Subject.*SAtalk*
sa

:0fw: spamassassin.lock
| /home/kc8hr/bin/sausr/bin/spamassassin

:0:
* ^X-Spam-Status: Yes
SPAM

This way, only mail addressed to me--and spam--is sent to SA.

Hope that helps!
Tim

-- 
Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028
[EMAIL PROTECTED]  | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr

"If it ain't broke, then you're not trying hard enough!" --Red Green


---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] The lowest rates are online! (fwd)

[Tim]

On Wed, 11 Jun 2003, Jim Ford wrote:

> On Wed, Jun 11, 2003 at 10:10:02AM -0400, Timothy J. Schutte wrote:
> 
> > X-Spam-Status: No, hits=0.9 required=2.0
> 
> Gosh - your required hits is low. Don't you get a lot of false positives?
> The default of 5 works fine for me.

No, but I do have a rather extensive white_list. :-)

I would rather white-list an address than let a creative spam get through.

Later--
Tim 

-- 
Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028
[EMAIL PROTECTED]  | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr

"If it ain't broke, then you're not trying hard enough!" --Red Green


---
This SF.NET email is sponsored by: eBay
Great deals on office technology -- on eBay now! Click here:
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] Kinda OT maybe. SA install/update...

[Tim]

Hi Steve,

On Wed, 11 Jun 2003, Steve Wilson wrote:

> I've been running *nix boxes for a while, but I've gotten WAY too 
> comfortable with GUI-point and click type stuff.  Most of what I've been 
> running have been RH boxes, and I always tried to find RPMs.  From 
> xWindoze or rpm -i -- it's all kind of mindless.  (I SAID I'd gotten way 
> too comfortable - ).  Anyway, 
> with SA (and qmail) I decided that I really oughta do things "right", so 
> I just installed from the tarball(s).  And then upgraded from the 
> tarball(s).  I figured it was giving me a clue as to how little I really 
> knew and making me learn.  But now I'm hearing a LOT about how I should 
> be installing via CPAN or via the SRC RPMs, and I wonder.

I am using a Mandrake system, and yes, RPM's can make you lazy. I got the
SA tarball and installed it in my home directory, following the directions
in the INSTALL file. I wanted to see how the program works and be able to
play with it without having to su to root to edit config files. I have 
learned a great deal about how everything works this way.

Thanks,
Tim

-- 
Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028
[EMAIL PROTECTED]  | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr

"If it ain't broke, then you're not trying hard enough!" --Red Green


---
This SF.NET email is sponsored by: eBay
Great deals on office technology -- on eBay now! Click here:
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] Sneaky Spam: Your PC's Hard Drive (fwd)

[Tim]

Hi,

This guy sneaked past SpamAssassin 2.55. I only use the address for 
Yahoogroups subscriptions, so that must have been where the spammer got 
it. I did [not] "opt in" for anything.

Later--
Tim

-- Forwarded message --
Return-Path: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
Received: from localhost (localhost.localdomain [127.0.0.1])
by localhost.localdomain (Postfix) with ESMTP id 7F7EA2BF57
for <[EMAIL PROTECTED]>; Thu, 19 Jun 2003 10:44:11 -0400 (EDT)
Received: from mail.wwnet.net [209.142.193.12]
by localhost with POP3 (fetchmail-6.1.0)
for [EMAIL PROTECTED] (single-drop); Thu, 19 Jun 2003 10:44:11 -0400 (EDT)
Received: by juice (mbox kc8hr)
 (with Cubic Circle's cucipop (v1.31 1998/05/13) Thu Jun 19 10:41:22 2003)
X-From_: [EMAIL PROTECTED]  Thu Jun 19 00:08:21 2003
Received: from xlate1.mailsvcs.arrl.net (IP-216-37-46-9.colo.corplink.net
[216.37.46.9])
by squirt.wwnet.net (8.12.3/8.12.3/Debian -4) with ESMTP id
h5J48EAf025140
for <[EMAIL PROTECTED]>; Thu, 19 Jun 2003 00:08:20 -0400
Received: from mx6.lillgal.com (mx6.lillgal.com [207.32.185.16])
by xlate1.mailsvcs.arrl.net (8.11.6/8.11.0) with ESMTP id
h5J48Bk31087
for <[EMAIL PROTECTED]>; Wed, 18 Jun 2003 23:08:11 -0500
Received: from sestena.com (localhost [127.0.0.1])
by mx6.lillgal.com (Postfix) with ESMTP id 590C15061C
for <[EMAIL PROTECTED]>; Thu, 19 Jun 2003 00:08:10 -0400 (EDT)
To: [EMAIL PROTECTED]
From: "Asher Moore" <[EMAIL PROTECTED]>
Subject: Your PC's  Hard Drive
X-Priority: 3 (Normal)
Importance: Normal
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Reply-To: [EMAIL PROTECTED]
Errors-To: [EMAIL PROTECTED]
Content-type: text/plain
Message-Id: <[EMAIL PROTECTED]>
Date: Thu, 19 Jun 2003 00:08:10 -0400 (EDT)
X-Spam-Status: No, hits=1.9 required=2.0
tests=CLICK_BELOW,COMPLETELY_FREE,HTML_70_80,
  HTML_LINK_CLICK_HERE,PRIORITY_NO_NAME
version=2.55
X-Spam-Level: *
X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp)

Hello,

A few days ago, we sent you an email talking about how your PC's hard drive is possibly 
infected with SpyWare 
and/or Adware.  This can be very dangerous for your PC and is 
an extreme invasion of your privacy.  SpyWare and/or Adware are files that compani
 es install on your PC 
without your knowledge so they can monitor your Internet activity.  
However, in most cases, these files infect 
your PC and cause your 
hard drive to crash.  

Obviously, you paid a lot for your system and 
don't want it to crash.  Therefore, please 
scan your system now 
absolutely free to check for possible infected 
files.  It only takes 
a few minutes and is well worth it.

To scan your system now Absolutely FREE,  
Click Here:
http://boffo.lillgal.com/redir?id=4786&u=950493871&b=6769

P.S. - If after scanning your system you find 
your system is indeed infected, we strongly encourage you to remove all spyware from your 
PC to ensure that it 
does not crash.

Once again, please 
scan your system now by Clicking Here:
http://boffo.lillgal.com/redir?id=4786&u=950493871&b=6769




We appreciate your patronage, and thank you for opting in.To cancel your 
subscription to this newsletter, http://www.lillgal.com/finish/[EMAIL 
PROTECTED]&source_id=15&mojo=950493871">click here.



---
This SF.Net email is sponsored by: INetU
Attention Web Developers & Consultants: Become An INetU Hosting Partner.
Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission!
INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] As seen on ...

[Tim]

Hi Pierre,

On Thu, 19 Jun 2003, Pierre Bacquet wrote:

> Hello,
> 
> I am receiving a lot of SPAM for HGH for whatever including the
> following recurring sentences :
> 
> As seen on NBC, CBS, and even Oprah ...
> As reported on in the New England Journal of Medicine ...

 

Try setting:

required_hits   2

It works for me, and I get very few errors.

Good Luck!
Tim

-- 
Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028
[EMAIL PROTECTED]  | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr

"If it ain't broke, then you're not trying hard enough!" --Red Green


---
This SF.Net email is sponsored by: INetU
Attention Web Developers & Consultants: Become An INetU Hosting Partner.
Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission!
INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] Sneaky Spam: Your PC's Hard Drive (fwd)

[Tim]

Hi Tony,

On Thu, 19 Jun 2003, Tony Earnshaw wrote:

> Tim wrote:
> 
> > This guy sneaked past SpamAssassin 2.55. I only use the address for 
> > Yahoogroups subscriptions, so that must have been where the spammer got 
> > it. I did [not] "opt in" for anything.
> 
> Good news!
> 
> 1: *Certainly* didn't do anything like sneak past 2.60-CVS. Got 12+, AFAIR;
> 
> 2: 2.60 official is about to be released.

Excellent!

Looking forward,
Tim

-- 
Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028
[EMAIL PROTECTED]  | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr

"If it ain't broke, then you're not trying hard enough!" --Red Green


---
This SF.Net email is sponsored by: INetU
Attention Web Developers & Consultants: Become An INetU Hosting Partner.
Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission!
INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] can't make install if personal

[Tim]

Hi Dan,

All I can say is, it works for me. I have SA in the following locations:

/home/kc8hr/bin/sausr/bin/spamassassin
/home/kc8hr/bin/sausr/share/spamassassin

On Sun, 22 Jun 2003, Dan Jacobson wrote:

> Non-root mentioned twice: These should be consolidated
> $ egrep -in 'personal|non-root' /var/tmp/Mail-SpamAssassin-2.55/INSTALL
> 
> 45:To install as non-root, do something like this:
> 105:Installing SpamAssassin for Personal Use (Not System-Wide)
> 
> also, telling the Personal Use user to do "make install" causes:
> 
> mkdir /usr/local/lib/perl: Permission denied at 
> /usr/share/perl/5.8.0/ExtUtils/Install.pm line 80
> make[1]: *** [pure_site_install] Error 255
> make[1]: Leaving directory `/tmp/danspam/Mail-SpamAssassin-2.55'
> 
> No, your instructions are very wrong
> 
>   make
>   make install
> 
> we never get thru make install. even if we:
> 
>   cd $(tdir)/Mail-SpamAssassin-* && \
>   perl Makefile.PL PREFIX=~/sausr SYSCONFDIR=~/saetc \
>   INST_PREFIX=~/usr INST_SYSCONFDIR=~/etc && \
>   make INST_PREFIX=~/usr INST_SYSCONFDIR=~/etc && \
>   make install INST_PREFIX=~/usr INST_SYSCONFDIR=~/etc
> 
> please somebody tell me how to make install in $HOME!?
> 
> You are trying to write to /usr/local/lib/perl ... but I want to write
> to my home dir, am I "SOL"?!

Make sure you give the full path in the makefile, like mine:

perl Makefile.PL PREFIX=/home/kc8hr/bin/sausr 
SYSCONFDIR=/home/kc8hr/bin/saetc

Good Luck!
Tim

-- 
Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028
[EMAIL PROTECTED]  | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr

"If it ain't broke, then you're not trying hard enough!" --Red Green


---
This SF.Net email is sponsored by: INetU
Attention Web Developers & Consultants: Become An INetU Hosting Partner.
Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission!
INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] 2.60

[Tim]

Hi,

SpamAssassin 2.60 works fine here.

Thanks,
Tim

-- 
Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028
[EMAIL PROTECTED]  | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr

"If it ain't broke, then you're not trying hard enough!" --Red Green


---
This SF.Net email is sponsored by: INetU
Attention Web Developers & Consultants: Become An INetU Hosting Partner.
Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission!
INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] Gang Bang Model Photo Shoot... (fwd)

[Tim]

Hi Guys,

Here's another one that sneaked by SpamAssassin 2.60-cvs.

Question: The header mentions "autolearn=no". . .I thought autolearn was 
"on" by default?

Thanks,
Tim


-- Forwarded message --
Return-Path: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
Received: from localhost (localhost.localdomain [127.0.0.1])
by localhost.localdomain (Postfix) with ESMTP id CA5B32C00D
for <[EMAIL PROTECTED]>; Thu,  3 Jul 2003 09:12:54 -0400 (EDT)
Received: from mail.wwnet.net [209.142.193.12]
by localhost with POP3 (fetchmail-6.1.0)
for [EMAIL PROTECTED] (single-drop); Thu, 03 Jul 2003 09:12:54 -0400 (EDT)
Received: by juice (mbox kc8hr)
 (with Cubic Circle's cucipop (v1.31 1998/05/13) Thu Jul  3 09:11:56 2003)
X-From_: [EMAIL PROTECTED]  Wed Jul  2 19:08:26 2003
Received: from xlate1.mailsvcs.arrl.net (IP-216-37-46-9.colo.corplink.net
[216.37.46.9])
by squirt.wwnet.net (8.12.3/8.12.3/Debian -4) with ESMTP id
h62N8KxR006804
for <[EMAIL PROTECTED]>; Wed, 2 Jul 2003 19:08:26 -0400
Received: from mxtest01.nablear.com ([207.32.166.150])
by xlate1.mailsvcs.arrl.net (8.11.6/8.11.0) with ESMTP id
h62N8Ik04076
for <[EMAIL PROTECTED]>; Wed, 2 Jul 2003 18:08:19 -0500
Received: from reffnan.com (localhost [127.0.0.1])
by mxtest01.nablear.com (Postfix) with ESMTP id B3FD62C20301
for <[EMAIL PROTECTED]>; Wed,  2 Jul 2003 19:08:17 -0400 (EDT)
To: [EMAIL PROTECTED]
From: "Cassandra Moore" <[EMAIL PROTECTED]>
Subject: Gang Bang Model Photo  Shoot...
X-Priority: 3 (Normal)
Importance: Normal
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Reply-To: [EMAIL PROTECTED]
Errors-To: [EMAIL PROTECTED]
Content-type: text/plain
Message-Id: <[EMAIL PROTECTED]>
Date: Wed,  2 Jul 2003 19:08:17 -0400 (EDT)
X-Spam-Checker-Version: SpamAssassin 2.60-cvs (1.193-2003-06-13-exp) on
localhost.localdomain
X-Spam-Status: No, hits=1.1 required=2.0 tests=FORGED_RCVD_HELO,
PRIORITY_NO_NAME
autolearn=no version=2.60-cvs
X-Spam-Level: *

Hey Guys..

I Just Got Back From Modeling Tryout...

It  Turned  Out  To  Be  Huge Gang-Bang

http://boffo.reffnan.com/redir?id=4833&u=1007565552&b=6880

Imagine  20  Hot  Models  And  About  10  Photographers  All  In  A Naked Pile  Of  
Wet  Flesh

I  Can  Let  You  In  For  Free.Just  For  The  Next  3  Days.

http://boffo.reffnan.com/redir?id=4833&u=1007565552&b=6880

Love  Carla


---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0016ave/direct;at.asp_061203_01/01
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] Oops, was Re: Gang Bang Model Photo Shoot... (fwd)

[Tim]

Hi Again

I figured out why the spam made it through. It was addressed to one of 
my alternative e-mail addresses, which was white_listed, but isn't 
anymore.

Sorry to add to the noise level!
Tim

On Thu, 3 Jul 2003, Tim wrote:

> Hi Guys,
> 
> Here's another one that sneaked by SpamAssassin 2.60-cvs.
> 
> Question: The header mentions "autolearn=no". . .I thought autolearn was 
> "on" by default?
> 
> Thanks,
> Tim
> 
> 
> -- Forwarded message --
> Return-Path: <[EMAIL PROTECTED]>
> Delivered-To: [EMAIL PROTECTED]
> Received: from localhost (localhost.localdomain [127.0.0.1])
>   by localhost.localdomain (Postfix) with ESMTP id CA5B32C00D
>   for <[EMAIL PROTECTED]>; Thu,  3 Jul 2003 09:12:54 -0400 (EDT)
> Received: from mail.wwnet.net [209.142.193.12]
>   by localhost with POP3 (fetchmail-6.1.0)
>   for [EMAIL PROTECTED] (single-drop); Thu, 03 Jul 2003 09:12:54 -0400 (EDT)
> Received: by juice (mbox kc8hr)
>  (with Cubic Circle's cucipop (v1.31 1998/05/13) Thu Jul  3 09:11:56 2003)
> X-From_: [EMAIL PROTECTED]  Wed Jul  2 19:08:26 2003
> Received: from xlate1.mailsvcs.arrl.net (IP-216-37-46-9.colo.corplink.net
> [216.37.46.9])
>   by squirt.wwnet.net (8.12.3/8.12.3/Debian -4) with ESMTP id
> h62N8KxR006804
>   for <[EMAIL PROTECTED]>; Wed, 2 Jul 2003 19:08:26 -0400
> Received: from mxtest01.nablear.com ([207.32.166.150])
>   by xlate1.mailsvcs.arrl.net (8.11.6/8.11.0) with ESMTP id
> h62N8Ik04076
>   for <[EMAIL PROTECTED]>; Wed, 2 Jul 2003 18:08:19 -0500
> Received: from reffnan.com (localhost [127.0.0.1])
>   by mxtest01.nablear.com (Postfix) with ESMTP id B3FD62C20301
>   for <[EMAIL PROTECTED]>; Wed,  2 Jul 2003 19:08:17 -0400 (EDT)
> To: [EMAIL PROTECTED]
> From: "Cassandra Moore" <[EMAIL PROTECTED]>
> Subject: Gang Bang Model Photo  Shoot...
> X-Priority: 3 (Normal)
> Importance: Normal
> MIME-Version: 1.0
> Content-Transfer-Encoding: 8bit
> Reply-To: [EMAIL PROTECTED]
> Errors-To: [EMAIL PROTECTED]
> Content-type: text/plain
> Message-Id: <[EMAIL PROTECTED]>
> Date: Wed,  2 Jul 2003 19:08:17 -0400 (EDT)
> X-Spam-Checker-Version: SpamAssassin 2.60-cvs (1.193-2003-06-13-exp) on
>   localhost.localdomain
> X-Spam-Status: No, hits=1.1 required=2.0 tests=FORGED_RCVD_HELO,
> PRIORITY_NO_NAME
>   autolearn=no version=2.60-cvs
> X-Spam-Level: *
> 
> Hey Guys..
> 
> I Just Got Back From Modeling Tryout...
> 
> It  Turned  Out  To  Be  Huge Gang-Bang
> 
> http://boffo.reffnan.com/redir?id=4833&u=1007565552&b=6880
> 
> Imagine  20  Hot  Models  And  About  10  Photographers  All  In  A Naked Pile  Of  
> Wet  Flesh
> 
> I  Can  Let  You  In  For  Free.Just  For  The  Next  3  Days.
> 
> http://boffo.reffnan.com/redir?id=4833&u=1007565552&b=6880
> 
> Love  Carla
> 

-- 
Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028
[EMAIL PROTECTED]  | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr

"If it ain't broke, then you're not trying hard enough!" --Red Green


---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0016ave/direct;at.asp_061203_01/01
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] procmail.log changes???

[Tim]

Hi Mairhtin,

On Sat, 5 Jul 2003, Mairhtin O'Feannag wrote:

> I'd like the procmail.log file to contain the intended addressee as well as the 
> subject and things that are normally in the log.  Is there a way to tailor the 
> entries that are put in the 
> log?

Try this in your .procmailrc:

SHELL=/bin/sh
PATH=$PATH
PMDIR=$HOME/Procmail
LOGFILE=$PMDIR/log
MAILDIR=$HOME/mail
VERBOSE=yes

The "VERBOSE=yes" should give you just about everything you want to know. 
Just watch out that the log doesn't get too big--it will, real quick!

Later--
Tim

-- 
Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028
[EMAIL PROTECTED]  | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr

"If it ain't broke, then you're not trying hard enough!" --Red Green



---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0016ave/direct;at.asp_061203_01/01
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] Sneaky Spam: Provicial federal funds (fwd)

[Tim]

Hi Guys,

Here's one that came in under the radar. I have no idea how I got on this 
list as I live in the U.S.

Tim

-- Forwarded message --
Return-Path: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
Received: from localhost (localhost.localdomain [127.0.0.1])
by localhost.localdomain (Postfix) with ESMTP id B1C0C69CCF
for <[EMAIL PROTECTED]>; Sun, 13 Jul 2003 12:14:33 -0400 (EDT)
Received: from mail.wwnet.net [209.142.193.12]
by localhost with POP3 (fetchmail-6.1.0)
for [EMAIL PROTECTED] (single-drop); Sun, 13 Jul 2003 12:14:33 -0400 (EDT)
Received: by guyute (mbox kc8hr)
 (with Cubic Circle's cucipop (v1.31 1998/05/13) Sun Jul 13 12:12:29 2003)
X-From_: [EMAIL PROTECTED]  Sun Jul 13 12:04:56 2003
Received: from sprite.wwnet.net (sprite.wwnet.net [209.142.211.2])
by squirt.wwnet.net (8.12.3/8.12.3/Debian -4) with SMTP id
h6DG4twm010504
for <[EMAIL PROTECTED]>; Sun, 13 Jul 2003 12:04:55 -0400
Message-Id: <[EMAIL PROTECTED]>
Received: (qmail 20809 invoked from network); 13 Jul 2003 16:04:54 -
Received: from ip216-239-75-165.vif.net (HELO capitalnet.com)
(216.239.75.165)
  by sprite.wwnet.net with SMTP; 13 Jul 2003 16:04:54 -
From: "Canada Books" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Subject: Provicial federal funds
Sender: "Canada Books" <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Date: Sun, 13 Jul 2003 12:05:43 -0400
Content-Transfer-Encoding: 8bit
X-Spam-Checker-Version: SpamAssassin 2.60-cvs (1.193-2003-06-13-exp) on
localhost.localdomain
X-Spam-Status: No, hits=1.9 required=2.0 tests=FORGED_RCVD_HELO,
LINES_OF_YELLING
MSGID_FROM_MTA_HEADER,MSGID_FROM_MTA_LATER autolearn=no
version=2.60-cvs
X-Spam-Level: *


CANADA BOOKS
36 Felix Renaud
Aylmer  
Qc
J9H 7C1
(819)682-7983


PRESS RELEASE

CANADIAN SUBSIDY DIRECTORY YEAR 2003 EDITION

Legal Deposit-National Library of Canada
ISBN 2-922870-05-7

The new revised edition of the Canadian Subsidy Directory 2003 is now
available. 
The new edition is the most complete and affordable reference for anyone
looking for financial support.
It is deemed to be the perfect tool for new or existing businesses,
individual ventures, foundations and associations.

This Publication contains  more than 2000 direct and indirect financial
subsidies, grants and loans offered by government departments and
agencies, foundations, associations and organisations.  In this new 2003
edition
all programs are well described.

The Canadian Subsidy Directory is the most comprehensive tool to start up
a business, improve existent activities, set up a business plan, or obtain
assistance from experts in fields such as: Industry, transport,
agriculture, communications, municipal infrastructure, education,
import-export, labor, construction and renovation, the service sector,
hi-tech industries, research and development, joint ventures, arts,
cinema, theatre, music and recording industry, the self employed,
contests, and new talents.
Assistance from and for foundations and associations, guidance to prepare
a business plan, market surveys, computers, and much more!

The Canadian Subsidy Directory is sold $ 69.95, to obtain a copy please
call:

Canada Books, (819)682-7983


---
This SF.Net email sponsored by: Parasoft
Error proof Web apps, automate testing & more.
Download & eval WebKing and get a free book.
www.parasoft.com/bulletproofapps1
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] The best ANTl-SPAM software for you, Kc8hr!Ibr gUHQ LfFpfDl...? (fwd)

[Tim]

Looks like we have some competition.

;-)
Tim

-- Forwarded message --
Received: from localhost [127.0.0.1] by localhost.localdomain
with SpamAssassin (2.60-cvs 1.193-2003-06-13-exp);
Mon, 14 Jul 2003 10:44:32 -0400
From: [EMAIL PROTECTED]
To: Kc8hr <[EMAIL PROTECTED]>
Subject: The best ANTl-SPAM software for you,
 Kc8hr!   Ibr gUHQ LfFpfDl...?
Date: Mon, 14 Jul 2003 09:41:43 -0400
Message-Id: <[EMAIL PROTECTED]>
X-Spam-Flag: YES
X-Spam-Checker-Version: SpamAssassin 2.60-cvs (1.193-2003-06-13-exp) on
localhost.localdomain
X-Spam-Status: Yes, hits=7.6 required=2.0 tests=BIZ_TLD,HTML_50_60
HTML_FONTCOLOR_CYAN,HTML_FONTCOLOR_GRAY,HTML_FONTCOLOR_UNSAFE
HTML_FONTCOLOR_YELLOW,HTML_FONT_BIG,HTML_FONT_LOW_CONTRAST
HTML_MESSAGE,HTML_SHOUTING3,HTML_TAG_BALANCE_HEAD
HTML_TAG_EXISTS_TBODY,HTTP_ESCAPED_HOST,HTTP_EXCESSIVE_ESCAPES
NO_REAL_NAME,PLING_QUERY,SUBJ_HAS_SPACES autolearn=no version=2.60-cvs
X-Spam-Level: ***
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="--=_3F12C1D0.D6E3BB0F"

Spam detection software, running on the system "localhost.localdomain", has
identified this incoming email as possible spam.  The original message
has been attached to this so you can view it (if it isn't spam) or block
similar future email.  If you have any questions, see
[EMAIL PROTECTED] for details.

Content preview:  This is a multipart message in MIME format. Go to:
  http://www.pro2w%61r%65.biz/r%65m%65%64y/%61%64v182/ zdz XAelw
  TheVeryBest - Software Downloads Top-Rank Software Download Site on the
  Internet URI:http://www.pro2w%61r%65.biz/r%65m%65%64y/%61%64v182/
  Internet->URI:http://www.pro2w%61r%65.biz/r%65m%65%64y/%61%64v182/
  Email->URI:http://www.pro2w%61r%65.biz/r%65m%65%64y/%61%64v182/ Spam
  Remedy v1.5 PRO Spam Remedy (3.17MB) [...] 

Content analysis details:   (7.6 points, 2.0 required)

 pts rule name  description
 -- --
 0.0 PLING_QUERYSubject has exclamation mark and question mark
 0.0 NO_REAL_NAME   From: does not include a real name
 1.7 SUBJ_HAS_SPACESSubject contains lots of white space
 0.0 HTML_TAG_EXISTS_TBODY  BODY: HTML has "tbody" tag
 0.0 HTML_TAG_BALANCE_HEAD  BODY: HTML has unbalanced "head" tags
 0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar to background
 0.2 HTML_FONTCOLOR_YELLOW  BODY: HTML font color is yellow
 0.2 HTML_50_60 BODY: Message is 50% to 60% HTML
 2.0 HTML_MESSAGE   BODY: HTML included in message
 0.1 HTML_FONTCOLOR_GRAYBODY: HTML font color is gray
 0.1 HTML_FONT_BIG  BODY: HTML has a big font
 0.1 HTML_FONTCOLOR_UNSAFE  BODY: HTML font color not in safe 6x6x6 palette
 0.0 HTML_SHOUTING3 BODY: HTML has very strong "shouting" markup
 0.0 HTML_FONTCOLOR_CYANBODY: HTML font color is cyan
 1.6 HTTP_ESCAPED_HOST  URI: Uses %-escapes inside a URL's hostname
 1.7 BIZ_TLDURI: Contains a URL in the BIZ top-level domain
 0.0 HTTP_EXCESSIVE_ESCAPES URI: Completely unnecessary %-escapes inside a URL

The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam.  If you wish to view
it, it may be safer to save it to a file and open it with an editor.
--- Begin Message ---
Title: zdz XAelw
 TheVeryBest - Software Downloads  Top-Rank Software Download Site on the Internet  Internet->Email->Spam Remedy v1.5 PRO Spam Remedy        (3.17MB) l bBA urlZyWbPcVy TTDz ZI dk Description: tgKgHOrdcuFC NXONw LO The powerful, effective and intelligent anti-spam tool. It automatically cleans spam messages out of your mailbox before you receive or read them. lNKKTtntt YkEgrplafFd hZIJNGz Features:Cckqoac aIw oQOmc  Automatically Blocking Spam Spam Remedy automatically checks your mail boxes and filters unwanted, dangerous, or offensive mail messages to save your time from manually detecting and organizing mail messages. Effectively Spam Detecting A complex Aritificial Intelligence algorithm has been used in Spam Remedy product to detecting legitimate mail messages and spam messages,the technique has more precision than other filter-based and keyword-based anti-spam technologies. Be Sure You Get Your Right Mail Messages Spam Remedy doesn't confirm a spam message by a single keyword in mail content. It examines the entire message - source, headers and mail content to confirm whether it is a spam message. Supports Multiple Email Types and Almost All Email Clients Spam Remedy supports POP3, Hotmail/MSN, IMAP4 and MAPI email accounts,Directly works with almost all email clients(Outlook Express, Becky Mail,Foxmail,Outlook, The bat!, Eudora etc.), espacially includes support for web-based

Re: [SAtalk] The best ANTl-SPAM software for you, Kc8hr! Ibr gUHQLfFpfDl...? (fwd)

[Tim]

Hi Tony,

On Mon, 14 Jul 2003, Tony Earnshaw wrote:

> P.s: your score was much to low, considering your 2.60. You need to 
> start using RBL and DCC checks at the least (avoiding anything to do 
> with OSIRUS, at the moment - DoS death, namely.)

Sorry, I am using a single machine on a 56K dialup connection, and network
checks can be very time-consuming. I would rather have a large whitelist. 

Actually, I get very few 'false positives'--haven't had one since 
upgrading to 2.60

Thanks,
Tim

-- 
Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028
[EMAIL PROTECTED]  | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr

"If it ain't broke, then you're not trying hard enough!" --Red Green


---
This SF.Net email sponsored by: Parasoft
Error proof Web apps, automate testing & more.
Download & eval WebKing and get a free book.
www.parasoft.com/bulletproofapps1
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] Business Proposal (fwd)

[Tim]

Hi Guys,

These Nigerian scammers are really getting creative. This one scored 1.1!

Tim

-- Forwarded message --
Return-Path: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
Received: from localhost (localhost.localdomain [127.0.0.1])
by localhost.localdomain (Postfix) with ESMTP id 8F31569CD7
for <[EMAIL PROTECTED]>; Fri, 18 Jul 2003 09:30:06 -0400 (EDT)
Received: from mail.wwnet.net [209.142.193.7]
by localhost with POP3 (fetchmail-6.1.0)
for [EMAIL PROTECTED] (single-drop); Fri, 18 Jul 2003 09:30:06 -0400 (EDT)
Received: by juice (mbox kc8hr)
 (with Cubic Circle's cucipop (v1.31 1998/05/13) Fri Jul 18 09:27:34 2003)
X-From_: [EMAIL PROTECTED]  Fri Jul 18 06:19:43 2003
Received: from flashmail.com ([207.173.216.239])
by squirt.wwnet.net (8.12.3/8.12.3/Debian -4) with ESMTP id
h6IAJXSR024662
for <[EMAIL PROTECTED]>; Fri, 18 Jul 2003 06:19:43 -0400
Received: from flashmail.com (unverified [207.173.216.239]) 
by flashmail.com (SurgeMail 1.4b) with ESMTP id 84200066 
for multiple; Fri, 18 Jul 2003 03:16:07 -0700
Sender: [EMAIL PROTECTED]
From: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Business Proposal
X-Mailer: Quality Web Email v3.0y, http://netwinsite.com/refw.htm
Date: Fri, 18 Jul 2003 03:16:06 -0700
Message-id: <[EMAIL PROTECTED]>
X-Server: High Performance Mail Server - http://surgemail.com
X-Spam-Checker-Version: SpamAssassin 2.60-cvs (1.193-2003-06-13-exp) on
localhost.localdomain
X-Spam-Status: No, hits=1.1 required=2.0 tests=DEAR_FRIEND,FAKE_HELO_FLASHMAIL
US_DOLLARS_2 autolearn=no version=2.60-cvs
X-Spam-Level: *

FROM: DR. Oshioke michael
 UNION BANK PLC.
 40 MARINA STREET,
 LAGOS.
 FAX: 234-1-759-0801
 
Dear friend,
 
I am writing you this message to solicit for your kind
assistance in this mutually beneficial transaction. I am
using this medium to introduce myself to you. I am DR.
Oshioke michael, a banker by profession.
 
 Proposition:
 
A foreigner, Late Engr. Johnson Juan Creek, an oil merchant
and a contractor who died in a ghastly plane crash on 7th
November, 1996.  Until his death,left with us in his account
a closing balance of US$18.5M which I am now seeking your
assistance to act as the foreign next of kin and cousin to
late Engr. Creek's estate in claiming the money into your
account before I will arrange to meet you in your country
for the disbursement.
 
I believe from my few points above, you can begin to get an
idea why I need your participation. Let me explain how the
money, which is the basis of this business I am proposing,
came about. Before I became a deputy director, some years
ago I was an Accounts Officer to some special corporate
customers. One of these very important customers of our
bank(Union ank PLC) was Engineer Johnson Juan Creek of
blessed memory, an American citizen, who had spent most of
his years before his death working in Africa and mostly in
Nigeria. He died in a ADC plane crash on 7th Novemer, 1996
in Nigeria. This money belonged to
 him. Technically speaking now,it belongs only to his name.
The money is payment he received for acontract he executed
on behalf of the Federal Ministry of Works and Housing for
the government (Installation of Pipelines in Warri
Refinery). My reason for deciding to carry out this
transaction is that Engr. Creek did not mention any next of
kin in any of the documents held by the bank for the number
of years he had banked with us. Since 1996 we have searched
for anybody that could be related to Engr. Creek, I was
mandated by the bank to search for a relation of Engr. Creek
and I did this from January1997 to December 1999. I came
across your name during my personal search for a trusted and
reliable foreigner who could claim this funds as the
beneficiary to late Engr. Creek.

Nevertheless, as it is, there is no relative. Now, the
Chairman of the bank who is a retired soldier has indicated
his intentions for the money.I have all the necessary papers
and documents which will
facilitate the release of the funds into your account
without any delay. This is made possible by virtue of the
fact that I am an insider here in the bank, so, I know all
what it takes to successfully conclude the transaction
without any hitch.During the last meeting of Directors and
Deputies, he said that he would donate the money to a
discredited military trust fund if it is not claimed soon,
thisinvariably means the continuous flow of more arms and
ammunition. I know for sure that not all of the money will
go to the military trust some will surely line his pockets
and that of anybody who is in support of his plan. My plan
is to get a trust worthy person that can, under my constant
guidance present him self as a cousin to the late
Engr.Creek. I want you to note that your citizenship does
not matter; You do not have to be an American. The papers
deman

[SAtalk] +$B6KHk>pJs;o(B + (fwd)

[Tim]

Hi Guys,
(B
(BHere is another sneaky one. It is entirely in Japanese, so I have set the 
(Bfollowing in my user_prefs:
(B
(B# Languages--rejects non-English spam
(Bok_languages en
(Bok_locales en
(B
(BLater--
(BTim
(B
(B-- Forwarded message --
(BReturn-Path: <[EMAIL PROTECTED]>
(BDelivered-To: [EMAIL PROTECTED]
(BReceived: from localhost (localhost.localdomain [127.0.0.1])
(Bby localhost.localdomain (Postfix) with ESMTP id 0DD3C69DEF
(Bfor <[EMAIL PROTECTED]>; Fri, 18 Jul 2003 16:57:30 -0400 (EDT)
(BReceived: from mail.wwnet.net [209.142.193.7]
(Bby localhost with POP3 (fetchmail-6.1.0)
(Bfor [EMAIL PROTECTED] (single-drop); Fri, 18 Jul 2003 16:57:30 -0400 (EDT)
(BReceived: by juice (mbox kc8hr)
(B (with Cubic Circle's cucipop (v1.31 1998/05/13) Fri Jul 18 16:54:56 2003)
(BX-From_: [EMAIL PROTECTED]  Fri Jul 18 15:19:42 2003
(BReceived: from r02-a02-b2.data-hotel.net (r02-a02-b2.data-hotel.net
(B[203.174.77.73])
(Bby squirt.wwnet.net (8.12.3/8.12.3/Debian -4) with SMTP id
(Bh6IJJVSR024381
(Bfor <[EMAIL PROTECTED]>; Fri, 18 Jul 2003 15:19:41 -0400
(BReceived: (qmail 26188 invoked by uid 0); 19 Jul 2003 04:12:33 +0900
(BReceived: from unknown (HELO computer) (43.244.20.155)
(B  by 0 with SMTP; 19 Jul 2003 04:12:33 +0900
(BDate: Sat, 19 Jul 2003 04:12:31 +0900
(BX-SMTP-Proxy: [EMAIL PROTECTED]/2.02
(BX-Original-MailAddr: [EMAIL PROTECTED]
(BFrom: <[EMAIL PROTECTED]>
(BTo: [EMAIL PROTECTED]
(BSubject: +=?ISO-2022-JP?B?GyRCNktIaz5wSnM7bxsoQg==?=
(B +
(BMessage-Id: <[EMAIL PROTECTED]>
(BMIME-Version: 1.0
(BContent-Type: text/plain; charset=ISO-2022-JP
(BContent-Transfer-Encoding: 7bit
(BX-Mailer: Becky! ver 1.26.09
(BX-Spam-Checker-Version: SpamAssassin 2.60-cvs (1.193-2003-06-13-exp) on
(Blocalhost.localdomain
(BX-Spam-Status: No, hits=0.0 required=2.0 tests=NO_REAL_NAME autolearn=no
(Bversion=2.60-cvs
(BX-Spam-Level: 
(B
(B
(B¡½¡½¡½¡½¡½¡½¡½¡½¡½¡½¡½¡½¡½¡½¡½¡½¡½¡½¡½¡½¡½¡½¡½¡½¡½¡½¡½¡½¡½¡½¡½
(B¢£¡¡¥½¥Õ¥È¤ÎÁí¹ç¾¦¼Ò¡¡¥¦¥£¥ó¥É¡¼¢£
(B
(Bñ°Ì¤Ï¤¹¤Ù¤Æ±ß¤Ç¤¹
(BOffice XP Pro   1
(BWindows XP Pro   4000
(BWindows 2000 Pro 4000
(BWindows 2000 server 1
(BWindows NET server 2003 12000
(BAcrobat5.0J  5000
(BGoLive 6.0J  4000
(BIllustrator 10.0J   1
(BPageMaker 7.0J   7000
(BPhotoshop 7.0J  1
(BPhotoshop Elements 2.0J  3000
(BPremiere 6.5J   1
(BDreamweaver MXJ  5000
(BFlash MXJ5000
(BStudio MXJ  1
(BMaya 5 Unlimited2
(BLightWave 3D 7.5J   1
(BShade 6J Pro1
(BAuto CAD 2004J  2
(BAuto CAD 2002J  15000
(BAuto CAD LT 2002J   1
(BVector Works Ver.10J1
(BNorton Systemworks 2003J pro 3000
(BQuarkXpress Ver.4.1J1
(BSinger Song Writer 6.0J  5000
(BPaint Shop Pro 7J3000
(BATLAS ËÝÌõ¥À¥Ö¥ë¥Ñ¥Ã¥¯ V9   1
(BTheËÝÌõ¥×¥í¥Õ¥§¥Ã¥·¥ç¥Ê¥ëV7 1
(B¥ê¥Ã¥Á¥Æ¥­¥¹¥È¥³¥ó¥Ð¡¼¥¿2003 9000
(BDrive Image 2002J3000
(BFile Maker Pro 6.0J  5000
(B¥Û¡¼¥à¥Ú¡¼¥¸¡¦¥Ó¥ë¥À¡¼ V73000
(BPartitionMagic 8.0J  3000
(BÌïÀ¸ÈÎÇä 03 Pro 1
(BÌïÀ¸µëÍ¿ 03 1
(BÌïÀ¸²ñ·× 03 Pro 1
(B
(B<Ãíʸ¤Î»ÅÊý>
(B´ü´Ö¸ÂÄê¤ÇÈÎÇ䤷¤Þ¤¹¡£´õ˾ÉÊ¡¤Í¹ÊØÈֹ桤
(BÁ÷¤êÀè½»½ê¡¤»á̾¡¤¹ç·×¶â³Û,
(B¤ª¿¶¹þ¤ßͽÄêÆü¤òµ­¤·¤Æ¤ª¿½¤·¹þ¤ß¤¯¤À¤µ¤¤¡£
(B¤¹¤Ù¤Æ¥æ¡¼¥¶¡¼ÅÐÏ¿¤Ç¤­¤Þ¤»¤ó¡£windowsÆüËܸìÀ½ÉÊÈǤǤ¹
(B¤´Ãíʸ¤Ï¤³¤³¢ª [EMAIL PROTECTED]
(B
(B___
(B¢£¡¡¥Ñ¥Á¥¹¥í΢¾ðÊó+¶ËÈë¾ðÊó»ï¡¡¢£
(B
(B¤³¤Î°ìºý¤ÇƯ¤«¤º¡¢¿©¤Ù¤Æ¤¤¤±¤ë¾ðÊ󤬥®¥Ã¥·¥êËþºÜ¡ª
(Bï¤âÃΤé¤Ê¤¤Î¢µ»¡¿Î¢¾ðÊó¤Ê¤Î¤ÇÈȺ᥹¥ì¥¹¥ì¤ä°ãË¡¤Ê¤³¤È¤â...
(B¤â¤Á¤í¤ó°ãË¡¥Í¥¿¤Ï°­ÍѸ·¶Ø¡£
(B
(B¡Ö³¤°ìÈ֡ס¡ÂçÅö¤¿¤ê¥»¥Ã¥ÈÂÇË¡
(B¡Ö²Ö²ÐÉ´·Ê¡×¡¡ÂçÅö¤¿¤ê¡ÜÏ¢¥Á¥ã¥ó¥»¥Ã¥ÈÂÇË¡
(B¡ÖÌԽò¦¡×¡¡¥µ¥Ð¥Á¥ã¥ó±Êµ×·Ñ³
(B¡Ö¥µ¥Ð¥ó¥Ê¥Ñ¡¼¥¯¡×¡¡ÂçÅö¤¿¤ê¥»¥Ã¥ÈÂÇË¡
(B¡Ö¥ß¥ê¥ª¥ó¥´¥Ã¥É¡×¡¡£±£°£°¡ó³ÎΨ³ä£Ç£Ç³ÎÄ깶άˡ
(B
(B¾åµ­¤Îµ¡¼ï¤Î¹¶Î¬Ë¡¤òÁ´Éô¥»¥Ã¥È¤Ç¤Ê¤ó¤È1±ß
(B¤ÎÆÃÊ̲Á³Ê¤Ë¤ÆÄ󶡤µ¤»¤Æ¤¤¤¿¤À¤­¤Þ¤¹¡ª¡£
(Bhttp://www.angelfire.com/jazz/kouryaku/index.htm
(B
(B___
(B¢£ ¥µ¥¯¥é¤Ï°ìÀÚ¤ª¤ê¤Þ¤»¤ó¡¢2000±ß¤Ç40Æü´Ö»È¤¤ÊüÂê ¢£
(B
(B¤Ê¤ó¤ÈÅÐÏ¿¡¢½ñ¹þ¤ß¡¢ÊÖ¿®ÌµÎÁ¤Ç¤¹¡£
(B¥á¡¼¥ë¥ì¥Ç¥£¡¼¤Ë¤è¤ë¥µ¥¯¥é¹Ô°Ù°ìÀڤʤ·¡£
(B¤ï¤ê¤­¤Ã¤¿ÉÕ¤­¹ç¤¤¤ò´õ˾¤¹¤ë
(BÌõ¤¢¤ê¤Î½÷À­¤¬½¸¤Þ¤Ã¤Æ¤¤¤Þ¤¹¡£
(B
(B¼õÉÕ¥µ¥¤¥È
(Bhttp://deai-club.kir.jp/jwb..love/top-n55.html
(B
(B__
(B¢£ ÅÐÏ¿¤µ¤ì¤Æ¤¤¤ë½÷À­²ñ°÷¤Ë¤Ïɬ¤º¤ª²ñ¤¤¤Ç¤­¤Þ¤¹¡ª ¢£
(B
(B³Î¼Â¤Ê½Ð²ñ¤¤¤ò¼Â¸½¤Ç¤­¤ëÂç¿Í¤Î¤¿¤á¤Î½Ð²ñ¤¤¥µ¡¼¥¯¥ë¤Ç¤¹¡£
(Bhttp://deai-club.kir.jp/top-n55

Re: [SAtalk] Changing global scores for tests

[Tim]

Hi Henry,

On Sat, 19 Jul 2003, Henry Van Styn wrote:

> Hi!
>  
> I want to increase the value of the test VIAGRA from 0.0 to 5.0 site
> wide. How do I do this?

Try adding this line to user_prefs:

score VIAGRA5.0

 

-- 
Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028
[EMAIL PROTECTED]  | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr

"If it ain't broke, then you're not trying hard enough!" --Red Green


---
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the
same time. Free trial click here: http://www.vmware.com/wl/offer/345/0
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] How to "whitelist" an address?

[Tim]

Hi Bonny,

On Sun, 27 Jul 2003, Bonny wrote:

> As the subject states, I got a false positive on a message sent to me
> from a mailing list.
> 
> How do I put that e-mail address into a whitelist?

Simply add the address to your ~/.spamassassin/user_prefs file in the 
following format:

whitelist_from 

Later--
Tim

-- 
Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028
[EMAIL PROTECTED]  | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr

"If it ain't broke, then you're not trying hard enough!" --Red Green


---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] whitelist not working?!?

[Tim]

On Tue, 29 Jul 2003, Bonny wrote:

> Hello all!
> 
> In my ./spamassassin/user_prefs I put:
> 
> whitelist_from@tuttinudi.com

Try:

whitelist_from  [EMAIL PROTECTED]

Later--
Tim

-- 
Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028
[EMAIL PROTECTED]  | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr

"If it ain't broke, then you're not trying hard enough!" --Red Green


---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] What are the rules for whitelist_from file-glob-stylepatterns?

[Tim]

Hi Clark,

On Wed, 30 Jul 2003, Clark I Anderson wrote:

> What are the detailed requirements for file-glob-style patterns used for
> items in whitelist_from, Etc.?
> 
>   How extensively can you use asterisks?  (e.g.: [EMAIL PROTECTED]
> *elsewhere*  )?
> 
>   What is the minimum part of an email address that will be effective?

I don't claim to be an expert at regex or file globbing, but here is a 
sample from my user_prefs file:

whitelist_from *arrl.org
whitelist_from *MAIL.CNN.COM
whitelist_from *techtv.com
whitelist_to [EMAIL PROTECTED]
whitelist_to [EMAIL PROTECTED]

I have not tried using more than one wildcard per line.

Good Luck!
Tim

-- 
Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028
[EMAIL PROTECTED]  | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr

"If it ain't broke, then you're not trying hard enough!" --Red Green


---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] WHITELIST QUESTION

[Tim]

On Wed, 30 Jul 2003, Alan Fullmer wrote:

> I have a question for someone.
> 
> What does Whitelist_from actually look at?  all headers? or a single one?
> 
> Is there a way to whitelist this line:  From: "Alan Fullmer"
> <[EMAIL PROTECTED]>

Here is how I would do it:

whitelist_from [EMAIL PROTECTED]

Later--
Tim

-- 
Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028
[EMAIL PROTECTED]  | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr

"If it ain't broke, then you're not trying hard enough!" --Red Green


---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] Wired Article

[Tim]

Hi Guys,

Thought you might enjoy this article on Wired:

http://www.wired.com/news/culture/0,1284,59859,00.html

I enjoy wading through each morning's batch of spam looking for high 
scores too.

Later--
Tim

-- 
Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028
[EMAIL PROTECTED]  | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr

"If it ain't broke, then you're not trying hard enough!" --Red Green


---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] bqtW Powerful DVD copy software. nhmW Now you can save your favoritemovies. (fwd)

[Tim]

Hi Guys,

Here is another one that sneaked past SpamAssassin.

Tim

-- Forwarded message --
Return-Path: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
Received: from localhost (localhost.localdomain [127.0.0.1])
by localhost.localdomain (Postfix) with ESMTP id 89A6B6A717
for <[EMAIL PROTECTED]>; Wed,  6 Aug 2003 09:08:02 -0400 (EDT)
Received: from mail.wwnet.net [209.142.193.12]
by localhost with POP3 (fetchmail-6.1.0)
for [EMAIL PROTECTED] (single-drop); Wed, 06 Aug 2003 09:08:02 -0400 (EDT)
Received: by juice (mbox kc8hr)
 (with Cubic Circle's cucipop (v1.31 1998/05/13) Wed Aug  6 09:03:45 2003)
X-From_: [EMAIL PROTECTED]  Wed Aug  6 01:39:46 2003
Received: from leonsmail.com (x1-6-00-06-25-48-75-76.classicnet.net
[64.72.40.242])
by squirt.wwnet.net (8.12.3/8.12.3/Debian -4) with SMTP id
h765daiv008845
for <[EMAIL PROTECTED]>; Wed, 6 Aug 2003 01:39:46 -0400
Received: from unknown (105.176.7.225)
by leonsmail.com (8.9.3/8.9.3) id blxBYyTZUVaE
for <[EMAIL PROTECTED]>; Tue, 5 Aug 2003 23:36:30 -0500
Message-Id: <[EMAIL PROTECTED]>
From: [EMAIL PROTECTED]
Date: Tue, 5 Aug 2003 23:36:30 -0500
Subject: bqtW Powerful DVD copy software. nhmW  Now you can save your
favorite movies.
To: [EMAIL PROTECTED]
X-Mailer: MIME-tools 5.503 (Entity 5.501)
MIME-Version: 1.0
Content-Type: text/plain;
Content-Transfer-Encoding: 8bit
X-Spam-Checker-Version: SpamAssassin 2.60-cvs (1.193-2003-06-13-exp) on
localhost.localdomain
X-Spam-Status: No, hits=1.7 required=2.0 tests=BIZ_TLD,
NO_REAL_NAME autolearn=no
version=2.60-cvs
X-Spam-Level: *

You can copy any DVD jdrsu to a single, standard CD.
Don't have a CD recorder? alr You can save your favorite movies
to your computer and view anytime! vwr Follow link for more info.
http://www.wertek.biz/dvd/adv177/
qqb

Want leave ? busr Drop a line to [EMAIL PROTECTED]
ZhBcS.NNWfQ,WfQ qwfsdq


---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] How to whitelist these lists so that Bayes doesn't getconfused?

[Tim]

Hi Harri,
On Tue, 5 Aug 2003, Harri Pesonen wrote:

> I added the following, is that correct?
> 
> whitelist_from_rcvd [EMAIL PROTECTED] sourceforge.net

You could also try the following:

whitelist_to [EMAIL PROTECTED]

This works for me to whitelist anything from sourceforge.net, where I am 
on several lists.

Good Luck,
Tim

-- 
Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028
[EMAIL PROTECTED]  | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr

"If it ain't broke, then you're not trying hard enough!" --Red Green


---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] Books...

[Tim B]

Hey does anyone know if there are any spamassassin books comming out?





---
This SF.net email is sponsored by: Perforce Software.
Perforce is the Fast Software Configuration Management System offering
advanced branching capabilities and atomic changes on 50+ platforms.
Free Eval! http://www.perforce.com/perforce/loadprog.html
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] Acronym Update

[Tim Stoop]

Op vrijdag 16 januari 2004 19:13, schreef Carl Chipman:
> For the new people on the list, I was wondering what the following acronyms
> mean:
>
> LART

Luser Attitude Re-adjustment Tool

> UBE/UCE

Unsollicited Bulk Email/Unsollicited Commercial Email (aka SPAM)

> Are the acronoyms in the FAQ?

They are quite well known acronyms, in the Open Source World. Try the Hacker's 
Dictionary when you encounter more.

-- 
Met vriendelijke groet,
Tim Stoop

Random quote/fortune:
The most common form of marriage proposal: "YOU'RE WHAT!?"



---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] UPDATES Tripwire 1.16 and Bigevil 2.06k

[Tim Litwiller]

If you change the version number lines to all  be the same number of 
digits, the script given earlier today will report  the update correctly

for example
# Version 1.00  Initial release
# Version 1.01  Avoid FPs with Forwards, Embedded images and PGP.
# Version 1.02  Avoid FPs with Yahoo Groups
# Version 1.10  Tested against Corpus, removed FPs.
# Version 1.11  Removed FPs from RM corpus
# Version 1.13  Removed poor performing tests thanks to hit-freq from user.
# Version 1.14  Reverted to V.1.11 + changes from Bart Schaefer for 
fewer FPs.
# Version 1.15  Added PGP MESSAGE to meta rules.

instead of

# Version 1.0Initial release
# Version 1.01  Avoid FPs with Forwards, Embedded images and PGP.
# Version 1.02  Avoid FPs with Yahoo Groups
# Version 1.1Tested against Corpus, removed FPs.
# Version 1.11  Removed FPs from RM corpus
# Version 1.13  Removed poor performing tests thanks to hit-freq from user.
# Version 1.14  Reverted to V.1.11 + changes from Bart Schaefer for 
fewer FPs.
# Version 1.15  Added PGP MESSAGE to meta rules.



... Go easy on those auto update scripts ;)
 





---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] Looking for comments on this rule: EMAIL in URL

[Tim B]

because a lot of spam contains some email address in an embedded uri 
that I'm seeing.  I threw together this rule:

uri MY_EMAILINURL_1 /https?:([EMAIL PROTECTED])/i
describe MY_EMAILINURL_1Contains what appears to be an Email 
Address in URL
score MY_EMAILINURL_1   1.5

basically it seems to work well as it searches for http or https an @ 
symbol and atleast two parts which may make up a domain.tld

I did it this way, because the email contained in the URL wasn't always 
the recipient, but often some sender, or someone that might get credit 
if the URL is clicked.





---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] Looking for comments on this rule: EMAIL in URL

[Tim B]

ack just shoot my copy and past cleanup.

uri MY_EMAILINURL_1/https?:([EMAIL PROTECTED])/i

Tim B wrote:

because a lot of spam contains some email address in an embedded uri 
that I'm seeing.  I threw together this rule:

uri MY_EMAILINURL_1 /https?:([EMAIL PROTECTED])/i
describe MY_EMAILINURL_1Contains what appears to be an Email 
Address in URL
score MY_EMAILINURL_1   1.5

basically it seems to work well as it searches for http or https an @ 
symbol and atleast two parts which may make up a domain.tld

I did it this way, because the email contained in the URL wasn't always 
the recipient, but often some sender, or someone that might get credit 
if the URL is clicked.





---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk




---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] Re: Looking for comments on this rule: EMAIL in URL

[Tim B]

humm.. didn't think of ^  thanks



ack just shoot my copy and past cleanup.

uri MY_EMAILINURL_1/https?:([EMAIL PROTECTED])/i


This an be subject to a mild denial of service attack.

You probably mean to use '[EMAIL PROTECTED]' and '[^.]' instead of '.' in a couple
of places.
Scott

---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk




---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] New Ruleset: EvilNumbers

[Tim Litwiller]

and you can add these to your rules_du_jour by adding this

 Here are settings for evilnumber 

EVILNUMBERS=7; # Index of evilnumbers data into the arrays is 7


CF_URLS[7]="http://www.merchantsoverseas.com/wwwroot/gorilla/evilnumbers.cf";;
CF_FILES[7]="evilnumbers.cf";
CF_NAMES[7]="EvilNumber";
PARSE_NEW_VER_SCRIPTS[7]="grep -i '^[ ]*#.*version' 
| sort | tail -n1";





---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] RulesDuJour; minor change

[Tim Litwiller]

Chris Thielen wrote:

On Wed, 2004-01-21 at 18:23, Erik Slooff wrote:
 

Hi Chris,

Small change for RulesDuJour: when sa is not in path lint will not succeed
(line 313). Maybe you could add a variable that contains the path to sa in
the settings?
Erik

   

Will do.  Should have it up tomorrow, along with some other changes.

 

Note,  I added a rulesdujour  rule set to the exit0 wiki this morning 
for William Stearn's black list since I find it quite usefull.



---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] Popcorn & Backhair have been combined into 1 Set

[Tim B]

Jennifer Wheeler wrote:
Hello spam peeps

Adam Lopresto and I have recently begun working together on Chickenpox,
and while working on that set, it occurred to him how to fix the
limitations in Backhair, using similar ideas we're using in pox.  This
change in essence "combines" Backhair & Popcorn.

If you use this newest version of Backhair, you may delete the Popcorn
Set. It covers the wholegamut.
N  ::sniffle:: say it ain't 
so...  Oh the humanity!

..That makes me very sad  :'(  Popcorn was my first ruleset.

How about for old times sake, you leave the popcorn.cf file around with 
just a comment in it

>
http://www.emtinc.net/spamhammers.htm 

Jennifer <-- 44 on new Backhair set ;)   ...oooh the urge to say it!
B..(cough cough) (cough cough cough) nah, best not to.
 
Say it Say It Say It!



---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] doing a kind of "! whitelist_from_rcvd" possible ?

[Tim B]

Matt Kettler wrote:

At 04:56 PM 1/21/2004, you wrote:

Hi

SA offers the possibility of having a "smarter" whitelist which
whitelists only if the sending relay is "related" to the sending email,
like
whitelist_from_rcvd [EMAIL PROTECTED]  example.com

is there a possibility to somehow do the opposite, ie

"blacklist [EMAIL PROTECTED] only if the relay is NOT related to the
"example.com" domain


There's no keyword for it, but you could do this with a couple of custom 
rules.

For example:

header  __FROM_HOTMAIL  From =~ /hotmail.com/i
header __RCVD_HOTMAIL   Received =~/hotmail.com/i
meta LOCAL_FROM_NOT_RCVD_HOTMAIL (__FROM_HOTMAIL && ! __RCVD_HOTMAIL)
score   LOCAL_FROM_NOT_RCVD_HOTMAIL 1.0


as much of these big freemail adresses (yahoo, netscape, mail, etc) are
spoofed anyway.  For example, i see a lot of @yahoo.com emails coming
from
everywhere, except from yahoo.com's servers


I think a lot of these types as well you will find come in with no 
message-id header forcing your MTA to add a message id... I wonder if 
you could instead do this:

header __FROM_HOTMAIL   From =~ /hotmail\.com/i
header __MY_MTAID   Message-Id =~ /[EMAIL PROTECTED]/i
meta MY_MTA_ADDED_RCVD_HOTMAIL  (__FROM_HOTMAIL && __MY_MYAID)
score MY_MTA_ADDED_RCVD_HOTMAIL 1.0




---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] the list itself???

[Tim B]

did I get booted off the list, no list traffic or is sourceforge down? 
I haven't gotten anything really since friday



---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] the list itself???

[Tim B]

Whew... thought I maybe I offended or something



---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] thank you guys

[Tim B]

HolyMoly...69.27 seconds?!  
How'd you port SpamAssassin to run on a Commodore Vic-20?

-JR
BAHAHA... that ALMOST got me to spew coffee out my nose.



---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] e.g. whitelisting

[Tim Litwiller]

Spyros Tsiolis wrote:

For example whitelisting.

Any examples on whitelisting messages that are marked as spam when 
they are not ?

From what I understand from


http://au.spamassassin.org/doc/Mail_SpamAssassin_Conf.html

if you get legit messages as spam, you can configure in
/etc/mail/spamassassin/local.cf
to treat it as legit.
Any ideas ?

Not sure why you are asking here if you have the documentation.

As it shows on the link you posted.

# this whitelists the entire domain
whitelist_from [EMAIL PROTECTED] 

# this whitelists just these 2 email addresses 
whitelist_from [EMAIL PROTECTED] [EMAIL PROTECTED]





---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] rewrite_subject not working

[Tim Walker]

I recently installed SpamAssassin on a FreeBSD box running sendmail, and 
using procmail as the MTA.

SpamAssassin seems to be doing ok, but it's not changing the subject line 
of the email messages that score higher than the required_hits.

It does put the X-Spam-Status line in the message header:
X-Spam-Status: No, hits=-98.5 required=5.0 
tests=PLING,DEAR_SOMEBODY,A_FROM_IN_AUTO_WLIST version=2.01

but the subject remains unchanged.

The ~/.spamassassin/user_prefs is the default created by SpamAssassin, so 
everything is commented out.

Any thoughts?
TW


___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] SpamAssassin does not build on SunOS

[Tim Steele]

The problem is that snprintf doesn't exist.  If you borrow this from another
source and link it in then it works.

It would be nice if this could be fixed in a future version.

Tim


___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] SpamAssassin doesn't build on SunOS

[Tim Steele]

The problem is that snprintf doesn't exist.  If you borrow this from another
source and link it in then it works.

It would be nice if this could be fixed in a future version.

Tim


___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] Weird behavior with SA 2.60 rc1

[Tim Buck]

I installed 2.60 rc1 (upgraded from 2.55) yesterday afternoon. Two
of my users today reported several very obvious spam messages got
through; none has on my account. I looked at the offending messages,
and they had no SpamAssassin headers whatsoever; they, for whatever
reason, were not even processed through SA (we use Procmail on an
individual by individual basis to filter mail through SA).
I couldn't find any reason for this change in behavior, and out of
28 people who use SpamAssassin, only 2 reported this. I looked at
their .procmailrc and .spamassassin/user_prefs files and didn't
see anything out of the ordinary.
I even had one user switch back to running spamassassin (the
standalone version) instead of spamc (the client-daemon version),
but it made no difference.
So I've reverted back to SA 2.55. Anyone else see this behavior?

Tim Buck * Information Technology Manager * Recognition Research, Inc.
PHONE +1 540 961-6500 * FAX +1 540 961-3568 * EMAIL [EMAIL PROTECTED]
Good judgment comes from bad experience; a lot of that comes from
bad judgment.


---
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines
at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] SA Score in Subject Line???

[Tim Litwiller]

Here is how I do it -  these lines are in 
/etc/mail/spamassassin/local.cf on my system

# Whether to change the subject of suspected spam
rewrite_subject 1
# Text to prepend to subject if rewrite_subject is used
subject_tag [SPAM-Score-_HITS_]


jpf wrote:

Is there someway that I can edit the subject line to get the SA score in
there? I am using SA 2.55 and procmail.
TIA

jpf





---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk


 





---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] Re: SA rejection

[Tim Day]

On Wed, 2003-08-27 at 19:19, Chris Santerre wrote:
> I received 2 spamassassin rejections from your server today.
> bottlenose.demon.co.uk
> 
> 1) Orisoft is dead. Remove the test from SA ASAP. it Blacklists everyone
> now.
> 2) Don't scan the spamassassin list. We often talk about spam.
> 3) Sending rejections based on Spamassassin score has generally been frowned
> upon. 

Sorry!!!
1) That was news to me, thanks. 
2) Good point.  I've reordered my filters so list messages are filed
before the Spam-Flag check.
3) The rejection isn't entirely automatic: I have to go into a folder,
set a label on messages for rejection and then apply a filter.  The rate
of false positives has been so slow (ie zero so far as I know, until
now) that I'd got sloppy in scanning them.  I'll consider this a wake-up
call.

Tim




---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] defining the min/max score per test

[Tim B]

Mark C wrote:

Hi,

I have spamassassin installed on my
debian woody e-mail server, out of the box it works generally ok, except
for a few false alerts, which is why this mail comes in, I wish to allow
each use to setup their own user_prefs file, I have sucsessfully
implimented this, but I'm having trouble understanding and defining a
test score reigon.
From what I have read any test marked with a 0 will disable or ignore
that test, but what I'm not sure of is the score range you can give
them,
for example, take the following:

AREA TESTED  DEFAULT SCORES
(local, net, with bayes, with bayes+net)
MSN_GROUPS   0.0
Q_FOR_SELLER -0.499 -0.278 -0.399 -0.399
For example in the above, if it finds anything in the body that indicats
it came from the MSN Communities, it gives it a score of 0.0 (which if I
am correct doesn't add anything to the total spam test score), whereas
on the test marked: Q_FOR_SELLER, if the Subject is an eBay question,
then depending upon the type of scoring system you use it would give it
a score of any the above listed.
This is the problem, what is the minimum setting you can use? what is
the maximum and how do they increment?
as some are makred as  -0.443, -0.536, then some are marked as 4.300, 0.218

Whilst I understand the total spam score is usually set to 4.0 (this is
different than this total score, basically from what I understand, if
any of these tests add up to 4.0, then they are tagged as spam.
Sorry if I do not make myself clear, hopefully I've come across as asking
the correct quuestion.
Rehards

Mark C

a score of 0 disables the test all together





---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] Chucking by attachment name

[Tim Connolly]

   Has anyone devised a plan to chuck all the email with attachments 
matching a list of known viral names?  Like thank_you/pif ...etc..

Using procmail/SA2.55



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] Exim x Spamassassin x Aliases x user preferences

[Tim Dijkstra]

On Wed, 3 Sep 2003 10:30:54 -0300
"Alberto Pereira" <[EMAIL PROTECTED]> wrote:

> Example: the email [EMAIL PROTECTED] is an alias for 3 emails:
> [EMAIL PROTECTED]
> [EMAIL PROTECTED]
> [EMAIL PROTECTED]
> 
> But when "all" calls spamassassin after the delivery director, the
> spamc search the preference for the user all, which doesn't exist.
> Only real users have individual anti-spam preferences.
> 

I guess this depends on the order of your 'directors' in the exim.conf
file. If you have the director that expand aliases _before_ the one that
does spamchecking then the message will be sa-checked for each user
separately, each time with their own prefs. If you have the directors in
reversed order, it's checked only once with the global prefs.

grts Tim 


---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] SA and tagging/removing

[Tim B]

[EMAIL PROTECTED] wrote:

OK, fine, you have persuaded me.

So I have one question: how can I delete the message, when we use qmail and for local 
delivery we use the qmail-local? We run the SA after the AMAVIS + antivirus (both 
written in the .qmail file, because these programs must be turn off/on by the user). 
The chain of the programs, that fotward the message between each other is long. So we 
need the solution with qmail.
If we would use procmail for local delivery, it would be easy, because is was many 
times described here ...
But when SA could delete the message ... ;-)

Probably the easiest way to do this is to look at the way your calling 
spamassassin and write a script that will do what you want.

Another good reason why you wouldn't want spamassassin to delete mail is 
because some MTA's when they pass mail off to a filter program EXPECT 
something back and just deleting the mail would cause the MTA to go into 
a recovery mode thinking the external program broke and recover the mail 
effectivly bypassing spamassassin all together.

I can't think of one off the top of my head, but I do know I have seen 
this as a "feature"



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] If you use DCC w/SA please read

[Tim Litwiller]

So since I really don't know anything about the iptables firewall on my 
mail server do you more details so I can check to make sure that this is 
set correctly?



Dave Lugo wrote:

Howdy all,

It's been noticed that more mid-sized sites are using the DCC
with SA.  This is potentially very cool, as it means the pool
of checksums will grow, providing better bulk detection for all
participating sites and clients.
However (yeah, there's a BUT here :), it seems that there are
numerous sites that aren't poking the necessary holes in their
firewalls, thereby wasting their bandwidth, as well as bandwidth 
on the DCC server side.

For proper DCC client to remote server functioning, the following 
will do the trick:

allow udp local gt 1023 to remote 6277
allow udp remote 6277 to local gt 1023 

Here's some semi-boilerplate* info I've sent a few sites:

-
Your organization's DCC clients appears to be behind a firewall that
allows outgoing UDP packets to distant port 6277 but filters responses
from those same distant UDP port 6277.  As a result, the retransmission
mechanisms in the DCC client code try hard but never get answers.
It might help to think of port 6277 like port 53.

Feel free to use the public DCC servers, but please fix your firewall.
It is increasing your DCC traffic by about 50 times.
-
I'm hopeful that a "do firewall $foo for DCC" in the SA docs, plus 
this friendly reminder, will help some or most sites that haven't
yet realized that they are rejecting DCC query responses.

Best regards,

Dave

PS - for specific firewall configuration info, please consult the
documentation/readme/man pages/etc for your site.
PPS - I'm not subscribed to Spamassassin-talk, so if you want me to
see your reply, please cc me :)
* boilerplate verbiage provided by Vernon

 





---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] incorectly identified trusted host

[Tim B]

Problem in spamassassin 2.60 -- trusted relay

There seems there might be a glitch in the detection of trusted relays 
which is causing RBL checks to be bypassed.

Is there a way to bypass the autodetection of trusted relays and use 
only ones specified in a .cf file?  I searched bugzilla and didn't see 
the same problem I'm seeing.

should I open a bugzilla ticket?  I didn't see this in the bugzilla 
database, then again, my skills at querying it is not the greatest.

Spamassassin version 2.60
net::dns is installed
OS Mandrake Linux 9.1
MTA Postfix 1.1.13
Spamassassin is behind a NAT translated firewall, and has a private 
address.  (192.168.100.3)

I have no trusted relays, as this plays inbound gateway, I trust no one, 
but it looks like because my server uses my internal DNS server, it 
finds that my host resolves to an internal IP (which is correct), then 
it assumes that the relay is trusted and skips all rbl checks.

This is a sample header: (note I changed the destination address)
--
From [EMAIL PROTECTED]  Tue Oct  7 
17:45:12 2003
Return-Path: <[EMAIL PROTECTED]>
Received: from cleverconsumers.com (mx41.cleverconsumers.com [64.191.9.41])
by mail2.someplace.com (Postfix) with SMTP id 045F89F101
for <[EMAIL PROTECTED]>; Tue,  7 Oct 2003 17:45:09 -0400 (EDT)
Content-Type: multipart/alternative; 
boundary="--=_1065540450-9705-0"
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.411 (Entity 5.404)
To: <[EMAIL PROTECTED]>
Received: from img.cleverconsumers.com by cleverconsumers.com id 
<[EMAIL PROTECTED]> for [EMAIL PROTECTED]; Tue,  7 
Oct 2003 21:00:11 GMT
From: "Miracle Device" 
<[EMAIL PROTECTED]>
Subject: Prevent Amber Alerts:  Do you know where your children are?
Date: Tue,  7 Oct 2003 21:00:11 GMT
Message-Id: <[EMAIL PROTECTED]>
Errors-To: <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
List-Unsubscribe: 

,

X-Spam-Flag: YES
X-Spam-Checker-Version: SpamAssassin 2.60-contentcatcher
(1.212-2003-09-23-exp) on pf2.contentcatcher.com
X-Spam-Level: ***
X-Spam-Status: Yes, hits=19.4 required=5.0 tests=BAYES_99,CC_EMAILINURL_1,
CC_HTTPPORTODD_1,DO_IT_TODAY,EXCUSE_19,FROM_ENDS_IN_NUMS,

HTML_IMAGE_RATIO_08,HTML_MESSAGE,LIMITED_TIME_ONLY,LINES_OF_YELLING,
MIME_QP_NO_CHARSET,NORMAL_HTTP_TO_IP,ONLY_COST autolearn=no
version=2.60-contentcatcher
X-Spam-Report:
*  1.0 FROM_ENDS_IN_NUMS From: ends in numbers
*  4.0 ONLY_COST BODY: Only $$$
*  1.0 DO_IT_TODAY BODY: Do it Today
*  0.2 LIMITED_TIME_ONLY BODY: Offers a limited time offer
*  2.0 EXCUSE_19 BODY: Claims you opted-in or registered
*  0.1 HTML_MESSAGE BODY: HTML included in message
*  0.4 HTML_IMAGE_RATIO_08 BODY: HTML has a low ratio of text 
to image area
*  1.0 LINES_OF_YELLING BODY: A WHOLE LINE OF YELLING DETECTED
*  5.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100%
*  [score: 1.]
*  0.2 MIME_QP_NO_CHARSET RAW: Quoted-printable inline text 
with no charset
*  1.0 NORMAL_HTTP_TO_IP URI: Uses a dotted-decimal IP address 
in URL
*  0.5 CC_EMAILINURL_1 URI: Contains what appears to be an 
Email Address in URL
*  2.5 CC_HTTPPORTODD_1 URI: Link to a non standard port 80 host
-

This is associated output from spamassassin -D

debug: Score set 3 chosen.
debug: Initialising learner
debug: received-header: parsed as [ ip=64.191.9.41 
rdns=mx41.cleverconsumers.com helo=cleverconsumers.com 
by=pf2.contentcatcher.com ident= ]
debug: dns_available set to yes in config file, skipping test
debug: received-header: 'by' mail2.someplace.com has reserved IP 
192.168.101.3
debug: received-header: 'by' mail2.someplace.com has reserved IP 
192.168.100.3
debug: received-header: 'by' mail2.someplace.com has no public IPs
debug: received-header: relay 64.191.9.41 trusted? yes
debug: is Net::DNS::Resolver available? yes
debug: all '*From' addrs: 
[EMAIL PROTECTED] 
[EMAIL PROTECTED]
debug: running header regexp tests; score so far=0





---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] incorectly identified trusted host

[Tim B]

David B Funk wrote:

On Tue, 7 Oct 2003, Tim B wrote:

 

Yes I have.. that was the first thing I tried...  it still thinks when
there's just one other host that the host is trusted.
   

Havn't seen that one, sounds like a true bug.



 

I guess I will open a bugzilla request then.

thanks for the input

Tim



---
This SF.net email is sponsored by: SF.net Giveback Program.
SourceForge.net hosts over 70,000 Open Source Projects.
See the people who have HELPED US provide better services:
Click here: http://sourceforge.net/supporters.php
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] 5.0 spampoints

[Tim B]

Jeffrey Schilperoord wrote:
What is the easyest way to change the 5.0 spampoints to a higher level ?

greetings Jeffrey Schilperoord

in your /etc/mail/spamassassin/local.cf file add/change the line
required_hits 5  to whatever you want it to be.


---
This SF.net email is sponsored by: The SF.net Donation Program.
Do you like what SourceForge.net is doing for the Open
Source Community?  Make a contribution, and help us add new
features and functionality. Click here: http://sourceforge.net/donate/
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] Question Re: SpamAssassin Port on FreeBSD 4.9

[Gustafson, Tim]

Hello

I have installed SpamAssassin from the FreeBSD port
(/usr/ports/mail/spamass-milter/) and it is generally working fine.  I tried
to set up SQL user preferences by adding the following to my
/usr/local/etc/mail/spamassassin/local.cf file (which I know is the correct
one because all the other preferences in this file are working):

user_scores_dsn DBI:mysql:ws1001:localhost
user_scores_sql_username MYLOGIN
user_scores_sql_password MYPASSWORD
user_scores_sql_table SPAMAssassinPreferences
user_scores_sql_field_username EMailAddress
user_scores_sql_field_preference Preference
user_scores_sql_field_value Value

The table is defined in the database as:

CREATE TABLE SPAMAssassinPreferences (
  ID int(10) unsigned NOT NULL auto_increment,
  EMailAddress char(100) NOT NULL default '',
  Preference char(100) NOT NULL default '',
  Value char(100) NOT NULL default '',
  PRIMARY KEY  (ID)
) TYPE=MyISAM;

I inserted a row into this table:

+--+-+---+---+
| ID   | EMailAddress| Preference| Value |
+--+-+---+---+
| 1000 | [EMAIL PROTECTED] | required_hits | 4.7   |
+--+-+---+---+

And then I stopped and re-started spamd on my server.  SpamAssassin still
runs, but it does not seem to pay any attention to this table at all.  It
issues no error messages regarding SQL, and does not display the line
'retrieving prefs for  from SQL server' as the README file in the
SQL folder says it should.

Am I doing something wrong?  Can someone please clue me in as to what I
might be missing?

Thanks.

Tim


---
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you be more productive?  Does it
help you create better code?   SHARE THE LOVE, and help us help
YOU!  Click Here: http://sourceforge.net/donate/
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] How to tell if Bayes is working?

[Tim B]

How can I tell if the Bayes Filtering is working in 2.50?




---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] How to tell if Bayes is working?

[Tim B]

Theo Van Dinter wrote:

On Mon, Feb 17, 2003 at 02:05:00PM -0500, Tim B wrote:


Thanks..



:)



since the ones I'm using to teach 2.50 bayes filters were tagged as spam 
and non spam by 2.43 & 2.44 do I need to remove the spamassassin markup?


sa-learn will remove the markup if it sees a X-Spam-Status header. :)



Thanks!





---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] Bayes is enabled, but not being included in tests

[Tim B]

Don't know if this one of your problems or not, but you might want to 
look at adding: bayes_file_mode since you are using a site wide 
configuration.  Also make sure the user that spamassassin is running as 
has the proper read and write permissions to the files defined in your 
bayes_path statement

might want to try this quickly by doing a

chown spamassassinuser:spamassassinuser /etc/mail/spamassassin/bayes
chown spamassassinuser:spamassassinuser /etc/mail/spamassassin/bayes/*
Shane Allen wrote:
= Config =
required_hits 7
rewrite_subject   0
report_safe   0
use_terse_report  1
use_dcc   0
use_pyzor 0
use_razor10
use_razor20
spam_level_char   +
use_bayes 1
bayes_path/etc/mail/spamassassin/bayes
bayes_use_hapaxes 1
bayes_expiry_min_db_size  200
bayes_expiry_scan_count   5000
auto_learn1
auto_learn_threshold_nonspam  -2.0
auto_learn_threshold_spam 15.0
==
I have used sa-learn to train the bayesian scanner with approximately
3500 ham and 3000 spam messages. 

[EMAIL PROTECTED]:/etc/mail/spamassassin# cat bayes_msgcount |wc -c
   2113
So, first, those numbers don't seem to jive. I verified after running
sa-learn on my corpuses that it displayed 'Learned from  messages.',
and in each case, it learned from a number of messages appropriate to
the corpus that I fed it.
I seem to remember reading in the source or in the pod docs or some such
that it used that file as a counter to know when to lock and perform
certain operations, so I'm not too worried about that...
However, after training it, I still do not see that it is using bayes
rules, nor do I see that it is auto-learning from messages that are
being scanned. I receive a message that scores -6.4, and the output of
the `cat|wc -c` above does not change. Nor, I believe, do the sizes of
the bayes_toks or bayes_seen dbs.
To forestall questions and invite suggestions, the reason we set
min_db_size to 200 is because disk space is cheap and we did not
think that 5MB/10 rows would be sufficient for a globally used db.
Additionally, we are unsure of the impact of having a large db, and it
is a small matter to change the min_db_size and then run an expire if it
turns out that a larger database slows things down. I am very open to
suggestions here.
So... anyone have any ideas why I'm not seeing BAYES_?? rules? An
example message sent after the training is below:
 Msg 
Return-Path: [EMAIL PROTECTED]
Received: from mail [63.251.38.140]  
by localhost with POP3 (fetchmail-6.2.0)
for [EMAIL PROTECTED] (single-drop); Wed, 26 Mar 2003 23:35:21 -0600 (CST)
Received: by onemail.net (CommuniGate Pro PIPE 3.5.9)
  with PIPE id 15721593; Wed, 26 Mar 2003 23:34:54 -0600
Received: from [66.138.218.169] (HELO escaflowne)
  by onemail.net (CommuniGate Pro SMTP 3.5.9)
  with ESMTP id 15721353 for [EMAIL PROTECTED]; Wed, 26 Mar 2003 23:34:41 -0600
Received: from shane by escaflowne with local (Exim 3.36 #1 (Debian))
id 18yQ2D-0008Tq-00
for <[EMAIL PROTECTED]>; Wed, 26 Mar 2003 23:34:41 -0600
Date: Wed, 26 Mar 2003 23:34:40 -0600
From: Shane Allen <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: testing bayes stuff
Message-ID: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.4i
X-Spam-Status: No, hits=-6.4 required=7.0
tests=USER_AGENT_MUTT
version=2.52
X-Spam-Level:
X-Spam-Checker-Version: SpamAssassin 2.52 (1.174.2.8-2003-03-24-exp)
X-Bogosity: No, tests=bogofilter, spamicity=0.00, version=0.11.1.3

Hopefully I will see a bayes_?? rule above, and I will be able to cancel
the email to satalk.
=
--
Shane Allen <[EMAIL PROTECTED]>
---
This SF.net email is sponsored by:
The Definitive IT and Networking Event. Be There!
NetWorld+Interop Las Vegas 2003 -- Register today!
http://ads.sourceforge.net/cgi-bin/redirect.pl?keyn0001en
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk




---
This SF.net email is sponsored by:
The Definitive IT and Networking Event. Be There!
NetWorld+Interop Las Vegas 2003 -- Register today!
http://ads.sourceforge.net/cgi-bin/redirect.pl?keyn0001en
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] SAproxy

[Tim Litwiller]

I am looking at the saproxy I donwloaded from the bloomba site.  

Open the configuration , click on host mape
look / read thru the information that is there, 
then make a new line at the bottom
818 = mail.myisp.com:110 
where mail.myisp.com is the mail server you are trying to connect to
then in your email program look on the mail server settings,
find where the pop3 port setting is - it almost always has 110 in the 
box - change that to 818. 
leave your username the same as it was prior to setting up saproxy

now -
your mail client will call saproxy on port 818,
saproxy will connect to your isp mailserver thru nortons port 110 proxy
Chris Santerre wrote:

I was hoping to play with SAProxy this weekend. Is therre a way to use it
with norton AV or is it one or the other?
 

-Original Message-
From: Simon Byrnand [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 05, 2003 2:31 AM
To: Jack Gostl
Cc: SpamAssassin listserve
Subject: Re: [SAtalk] SAproxy
   

I'm trying to get SAProxy working. According to the docs, I 
 

should point
   

my OE at 127.0.0.1, and then change my account to
"account_name:server". After I do this, I'm getting authentication
failures. I looked in my server log, and did some traces 
 

and I find that
   

the account is begin submitted as "account_name:server" 
 

instead of just
   

"account_name".

I've gone over the OE config a few times, and its OK. The 
 

Host Map in
   

SAProxy looks good, so I'm now wondering if this is a perl 
 

issue of some
   

kind.

Any ideas?
 

One - do you have any virus scanners installed on the computer ? Most
virus scanners these days include a pop3 proxy server, so if that is
installed/enabled then there may *already* be something listening on
127.0.0.1 port 110 before you run saproxy :)
Regards,
Simon


---
This SF.net email is sponsored by:  Etnus, makers of 
TotalView, The best
thread debugger on the planet. Designed with thread debugging features
you've never dreamed of, try TotalView 6 free at www.etnus.com.
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

   



---
This SF.net email is sponsored by:  Etnus, makers of TotalView, The best
thread debugger on the planet. Designed with thread debugging features
you've never dreamed of, try TotalView 6 free at www.etnus.com.
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk


 





---
This SF.net email is sponsored by:  Etnus, makers of TotalView, The best
thread debugger on the planet. Designed with thread debugging features
you've never dreamed of, try TotalView 6 free at www.etnus.com.
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] Best way to process the log?

[Tim Litwiller]

Alex, your script currently doesn't do qmail so I modified it to just 
parsing the spamd logs  and redid the part that gets the number of clean 
and spam messages - that together with mrtg and a few other perl and sh 
bit an pieces that run in cron  is what i use to create this report 
page.   I am still fiddling with it and a few other ideas.



http://mailhost.bccwebhosting.com/mrtg/



Alex van den Bogaerdt wrote:

On Wed, May 28, 2003 at 04:45:16PM +0200, DEFFONTAINES Vincent wrote:
 

Alex,

I'd like to help, since no-one answered, you're Dutch ("sniff, sniff 
Nobody loves me") and anyway I've been through the whole gamut of 
learning Postscript and SA, from filter to spampd to amavisd-new. 
I can make SA-Exim 4 work perfectly well, for everything and a lot 
more, in every case.
 

I did answer. Am I blacklisted or something, or was my reply tagged as 
spam on some setups? I am interested to know.
   

I received your message and if you scored any points it was below 5.0 :)

 

Advertising my script again (hehe) : http://www.gryzor.com/tools
does this job.
   

I will have a look at this and provide feedback.  Thanks for your
answer.
cheers,
Alex
---
This SF.net email is sponsored by: eBay
Get office equipment for less on eBay!
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk


 





---
This SF.net email is sponsored by: eBay
Get office equipment for less on eBay!
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] whitelist

[Tim Litwiller]

Jack Gostl wrote:

On Wed, 28 May 2003, Jack Gostl wrote:

 

On Wed, 28 May 2003, Matt Kettler wrote:

   

The whitelists within spamassassin are rules and as such it simply adds 
-100 to the message score.

The way to get an absolute whitelist that aborts processing is the 
configure procmail, or whatever other tool you use, to not even call SA in 
the first place. You'll get more performance boost that way than anything 
that could be done in SA anyway.
 

Great idea! I'll dig it out of the procmail docs.
   

I don't suppose someone out there could tell me how to tell procmail to
simply accept the message and stop processing?
 

At 07:27 PM 5/28/2003 -0400, Jack Gostl wrote:

 

If something is added to whitelist_from, does it actually reduce
processing time or does it simply push the score way down? It would be
nice if it didn't eat CPU cycles.
   

   

 

this was posted earlier today

:0
* ! ? test -f $HOME/.sabypass
{
:0fw
* < 256000
| /usr/bin/spamc -f
then if you want to enable the bypass for a user
touch /home/bubba/.sabypass
where /home/bubba is the users home directory 

}





---
This SF.net email is sponsored by: eBay
Get office equipment for less on eBay!
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] Maybe Spam?

[Tim Litwiller]

If you are using outlook as your mail client you might want to look at 
spambayes
http://starship.python.net/crew/mhammond/spambayes

I have been using it along with SA for several weeks and am very happy 
with it.

Tyler Hardison wrote:

I just wanted to throw an idea out there in case there might be interest.
Recently, I implemented SA on a site wide basis (SMTP relay from qmail to
exchange) with much success. Our users have recently come back and asked me
about the possibility of implementing what I call a score range or offset.
So, where the site wide threshold is currently set to five, we get a few
false positives usually scoring 5.1 - 6.0, and conversely spam that is being
scored 4.5 - 4.9. While to me this isn't a problem (hey we're eliminating
98% of what is spam), the users came up with the "maybe" idea.  So in the
setup I thought of this idea:
Maybe_Factor 1 (default 0) 

Where messages within 5.0 - 6.0 (1 offset from threshold) are marked with
"maybe". This way, messages scoring higher then 6 (or more) are marked with
a definite. Then the user's outlook rules could move the maybes to a
separate folder but the definite can be wiped out.
Just an idea, I've already looked at the SA code and it doesn't seem
terribly hard to implement, and if there is more interest, I'll release a
patch. If I'm way off base feel free to educate me :-)
Tyler Hardison
Network Administrator
The Modesto Bee
(209)480-7921 / (209)578-2264
"tyler: I know! That patch makes free() a NOP :)" - Jonathan Patschke 
 (regarding a patch to libc/malloc.c on OpenBSD that "Unbreaks 64bit
archs..")



---
This SF.net email is sponsored by: eBay
Get office equipment for less on eBay!
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk


 





---
This SF.net email is sponsored by: eBay
Get office equipment for less on eBay!
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] Maybe Spam?

[Tim Litwiller]

Yes, this would be a major pain on a large rollout.

Tyler Hardison wrote:

-Original Message-
From: Tim Litwiller [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 03, 2003 10:41 AM
Cc: [EMAIL PROTECTED]
Subject: Re: [SAtalk] Maybe Spam?
If you are using outlook as your mail client you might want 
to look at 
spambayes
http://starship.python.net/crew/mhammond/spambayes

I have been using it along with SA for several weeks and am 
very happy 
with it.

   

This is not an option for us. We have over 4000 clients. I dont plan on
doing a large scale deployment like that. 

---
This SF.net email is sponsored by: eBay
Get office equipment for less on eBay!
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk


 





---
This SF.net email is sponsored by: eBay
Get office equipment for less on eBay!
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] Checking the validity of from against another header

[Tim B]

Hi all

I'm currently adding a header field which contains the enevelope from 
email address.  I was wondering if there was a way to write a rule where 
 I could check this header against the from header field?

Spamassassin 2.55
Postfix 1.11
Procmail/formail in use.
I add the header:
X-Enve-sender:[EMAIL PROTECTED]
and I want to compare it to the From: Header


---
This SF.net email is sponsored by:  Etnus, makers of TotalView, The best
thread debugger on the planet. Designed with thread debugging features
you've never dreamed of, try TotalView 6 free at www.etnus.com.
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] Cool regexp GUI

[Tim Litwiller]

Thanks, I've been looking for something like that on and off for a long 
time.

Justin Mason wrote:

for UNIX and windows.  very cool:

http://weitz.de/regex-coach/

 





---
This SF.net email is sponsored by:  Etnus, makers of TotalView, The best
thread debugger on the planet. Designed with thread debugging features
you've never dreamed of, try TotalView 6 free at www.etnus.com.
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

going OT: --- Re: [SAtalk] Spammers sneaking lower Bayes scores

[Tim Litwiller]

 It is best to be politically correct nowadays. 


this attitude is a big part of what is wrong with the world these days!

It is infinately better to say it how it is or how you see it than to 
attempt to be politically correct.

That doesn't mean you can't be nice when you say what you really think. 
People generally respect those that they hear the truth from.



---
This SF.Net email is sponsored by: INetU
Attention Web Developers & Consultants: Become An INetU Hosting Partner.
Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission!
INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: going OT: --- Re: [SAtalk] Spammers sneaking lower Bayes scores

[Tim Litwiller]

:) 

Tony Earnshaw wrote:

Tim Litwiller wrote:






---
This SF.Net email is sponsored by: INetU
Attention Web Developers & Consultants: Become An INetU Hosting Partner.
Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission!
INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] mrtg

[Tim Litwiller]

http://mailhost.bccwebhosting.com/mrtg/

the mrtg part is some perl scripts parsing the spamassassin and amavis logs

then since I was pasring thru those files anyways I decided to grab the 
users names and make
make some more interesting items for the page.

I'm still adjusting the scripts etc.  if you want to play with them 
holler and I'll tar them up and post them.
or ...  here maybe if I just post them someone will come back with a 
whole new dimmension of functions
http://mailhost.bccwebhosting.com/mrtg/mrtgfiles.tar.gz

have fun with it and let me know about the enhancements you add.



Ronny Roethof wrote:

Hi,

I was wondering if anyone has an idea/experience with spammassassin in
combination with mrtg?
If so, how did you do this, where your experiences ?
Met vriendelijke groeten/With regards,

Ronny Roethof

--
Ronny Roethof
WWW: http://www.roethof.net/
E-Mail: [EMAIL PROTECTED]


---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0016ave/direct;at.asp_061203_01/01
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk


 





---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0016ave/direct;at.asp_061203_01/01
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] OT - spamassassin - mailserver recommendations - passthru to exchangeafter scan

[Tim Litwiller]

I have been running  mail servers for several of our clients with 
spamassassin for several months.  Now a client that has an exchange 
server want to clean up thier email but pass the mail thru to the 
exchange server.  I have seen several discussions the lead me to believe 
that this is not an uncommon setup here on the list.

Which would be your recomendations for linux distro 
which mailer is reasonably  secure easy to keep secure
scan for virus with clam av
scan with spamassassin
then forward to exchange server

note - I have only used e-smith (based on redhat with qmail)
but since they don't want the file server and web server parts I was 
thinking of using something else.





---
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the
same time. Free trial click here: http://www.vmware.com/wl/offer/345/0
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] OT - spamassassin - mailserver recommendations - passthruto exchange after scan

[Tim Litwiller]

this sounds exactly like what I need - what version of linux are you
running it on?
can you give me more details on the setup and configuration

Thanks!


alan premselaar wrote:

>On 7/17/03 10:46 PM, "Tim Litwiller" <[EMAIL PROTECTED]> wrote:
>
>  
>
>>I have been running  mail servers for several of our clients with
>>spamassassin for several months.  Now a client that has an exchange
>>server want to clean up thier email but pass the mail thru to the
>>exchange server.  I have seen several discussions the lead me to believe
>>that this is not an uncommon setup here on the list.
>>
>>Which would be your recomendations for linux distro
>>which mailer is reasonably  secure easy to keep secure
>>scan for virus with clam av
>>scan with spamassassin
>>then forward to exchange server
>>
>>
>
>I do this using Sendmail / MIMEDefang / SpamAssassin / Clamav
>it works damned well and i'm happy with it.
>
>granted, there are other solutions out there that use different MTAs (of
>which i'm not familiar with, but others on the list are)
>
>with the assistance of members of the MIMEDefang list, I have even gotten
>the setup to do LDAP lookups into the Active Directory and return an Unknown
>user... error if appropriate. This has nearly eliminated all the bounce
>notifications to the postmaster account that's caused by exchange sending a
>*new* mail to notify the sender that the user doesn't exist. (typically when
>a worm or spam comes in with a forged sender)  it also reduces the load on
>the system by doing so.
>
>again, other MTAs will give you these capabilities as well, some won't.
>
>YMMV
>
>alan
>
>
>
>  
>





---
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the
same time. Free trial click here: http://www.vmware.com/wl/offer/345/0
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] OT - Spamstats problem.

[Tim Litwiller]

here is a version that only needs the spamd logs
http://mailhost.bccwebhosting.com/mrtg/sstats.tar.gz
it creates part of the stats on this page
http://mailhost.bccwebhosting.com/mrtg/


Jim Ford wrote:

Hi,

I'm trying spamstats, but there seems to be insufficient logging for it to
return meaningful stats. Spamd logs OK, but spamstats appears to need
sendmail logging info in addition. Sendmail will probably forever remain a
mystery to me (I'm scared of the reputedly difficult creation of the conf
file!). Any practical tips, please?
Regards: Jim Ford

 





---
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the
same time. Free trial click here: http://www.vmware.com/wl/offer/345/0
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] More granular reporting on unflagged Spam available?

[Tim Provencio]

Title: More granular reporting on unflagged Spam available?





Is there a way to add the scores to the tests that were done?  For example, in the following it does report the number of hits the required and the test but is it possible to display the score of each test similar to as it does in the case of Spam?

X-Spam-Status: No, hits=-1.4 required=5.0 tests=ACCOUNT_CLICK,EMAIL_ATTRIBUTION,IN_REP_TO,
    KNOWN_MAILING_LIST,NO_REAL_NAME,QUOTED_EMAIL_TEXT, SPAM_PHRASE_03_05,USER_AGENT_PINE


Reason being; in the case of missed messages, it would be nice to see what tests are resulting in what scores.  I've looked thru the config options and don't see anything of the likes.  Is there some "secret" or undocumented directive I can turn on to accomplish this?

Thanks much,
Tim

RE: [SAtalk] More granular reporting on unflagged Spam available?

[Tim Provencio]

Title: RE: [SAtalk] More granular reporting on unflagged Spam available?





Well, thanks for the input but unfortunately it does appear that my original assumption was correct (no switch to turn on the per-rules scores in an unflagged Spam).  There were some good tips but unfortunately they don't fit my implementation and/or environment (custom SA wrapper script between 3rd party SMTP front end and Exchange Server IMC on same NT machine for site-wide filtering).

Thanks,
Tim


-Original Message-
From: Tim Provencio [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, October 16, 2002 11:34 AM
To: '[EMAIL PROTECTED]'
Subject: [SAtalk] More granular reporting on unflagged Spam available?



Is there a way to add the scores to the tests that were done?  For example, in the following it does report the number of hits the required and the test but is it possible to display the score of each test similar to as it does in the case of Spam?

X-Spam-Status: No, hits=-1.4 required=5.0 tests=ACCOUNT_CLICK,EMAIL_ATTRIBUTION,IN_REP_TO, 
    KNOWN_MAILING_LIST,NO_REAL_NAME,QUOTED_EMAIL_TEXT, SPAM_PHRASE_03_05,USER_AGENT_PINE 
Reason being; in the case of missed messages, it would be nice to see what tests are resulting in what scores.  I've looked thru the config options and don't see anything of the likes.  Is there some "secret" or undocumented directive I can turn on to accomplish this?

Thanks much, 
Tim 

[SAtalk] This should go to the sightings list, but it brings up an important flaw

[Tim Helton]

I got a spam today, that hit many rules, and still only got a 0.6

-Spam-Status: No, hits=0.6 required=5.0

  tests=BASE64_ENC_TEXT,CUSTOM_FREE_HD,CUSTOM_GET_FREE
  DATE_MISSING,FORGED_AOL_RCVD,IN_REP_TO,MISSING_MIMEOLE
  REMOVE_PAGE,SPAM_PHRASE_01_02,SUBJECT_HAS_DATE
 
SUB_FREE_OFFER,USER_AGENT,USER_AGENT_MUTT,USER_AGENT_OE
  WEB_BUG
version=2.41

It looks like it was abusing the "USER_AGENT" negative scoring to gain
-5.5 points
score USER_AGENT_OE  -0.3
score USER_AGENT_MUTT-4.109
score USER_AGENT -1.143


Maybe it would be beneficial to see if more than 1 user agent is
detected, and give it a +2, instead of a -5




---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] 100% cpu utilization

[Tim Holterhus]

Hi,

I installed the current spamassassin & razor packages from source last
night. I haven't started configuring it yet, as I assume that it
works just fine out of the box.
Trying to run spamassassin -D --lint succeeded for the very first time,
but any further attempt to run either the lint check or just using it as
a mail filter in procmail drives cpu & memory utilization up to 100%
until the kernel kills the process a few minutes later. This happens
both as root and as a regular user.
I have no idea what to look for, can anyone help, please?

I attached the output from the initial lint check, maybe there's
something in there for the experts?

Regards,

-Tim


sp.log
Description: Binary data

[SAtalk] Re: spamd frozen?

[Tim Treaster]

Spamassassin works VERY well except when Razor fails.

Today my servers load rose to 30+. This of course brings my qmail to a
crawl. This has happened 3 times in the last year or so. The best way to
avoid this in the future is to add the following to local.cf:

score RAZOR_CHECK0
score RAZOR2_CHECK   0

This disables razor completly.

Tim Treaster
ByteWare Systems


 On Thu, 9 Jan 2003, Bernd Schmelter
 ([EMAIL PROTECTED]) wrote:

 > Lindsey Simon wrote:
 > > I can attest to the same situation on two different
 servers, both
 > > debian woody, happening since two days ago. The load avg on
 one was @
 > > 60.
 > >
 > > What's bizarre is that spamassassin was doing fine for a
 few months
 > > before this.
 > >
 > > Very DoS like. Spambombs? exploits? Anybody gotta guess?
 >
 > [...]
 >
 > me too ;-(
 >
 > SuSE 8.1 Distribution, Postfix, spamcheck.py, spamassassin
 v2.43
 >
 > Same Problems with amavisd-new, calling spamassassin via
 procmail,
 > spamc/spamd.
 >
 >
 > Some spamd-processes hang. I've found some tcp-sync with
 netstat and
 > one open udp-Port, that listened world-wide.
 >
 > Yesterday i added "dns_available  no" in
 > /etc/mail/spamassassin/local.cf, but today it hangs again.
 >
 > Now I call spamd with the "-L" option.
 >
 > man spamd:
 >
 >  ---
 > |   -L, --local
 > |  Perform only local tests on all mail.  In other
 > |  words,
 > |  skip DNS and other network tests.
 > |  Works the same as the "-L" flag to spamassassin
 >  ---
 >
 > [...]
 >
 > hth
 > Benn







---
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] MAPS RBL+ in Spam Assassin

[Gustafson, Tim]

Hello

I am new to Spam Assassin.  I see that it checks e-mail against the MAPS
databases, but that it does not appear to check the RBL+ database.  Is there
some way for me to add this check to the list?

Thanks.

Tim


---
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you be more productive?  Does it
help you create better code?   SHARE THE LOVE, and help us help
YOU!  Click Here: http://sourceforge.net/donate/
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

RE: [SAtalk] MAPS RBL+ in Spam Assassin

[Gustafson, Tim]

I think this is because Sendmail checks the current peer's IP address
against the RBL, and SA scans all the Received: headers in the e-mail for
matches.

Tim

-Original Message-
From: Bill Polhemus [mailto:[EMAIL PROTECTED]
Sent: Friday, November 07, 2003 10:39 AM
To: 'Gustafson, Tim'
Cc: [EMAIL PROTECTED]
Subject: RE: [SAtalk] MAPS RBL+ in Spam Assassin


I'm curious about this.

I use Sendmail (8.12 or thereabouts) and Sendmail allows you to specify any
of a number of RBLs directly, which I have done.

Therefore it isn't really necessary for SA to check against these RBLs. I
have noticed that two-thirds of SPAM headed my way gets caught by Sendmail's
checks, and nearly all the rest gets grabbed by SA.

William L. Polhemus, Jr. P.E.
Polhemus Engineering Company
Katy, Texas USA

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Gustafson, Tim
Sent: Friday, November 07, 2003 7:51 AM
To: [EMAIL PROTECTED]
Subject: [SAtalk] MAPS RBL+ in Spam Assassin

Hello

I am new to Spam Assassin.  I see that it checks e-mail against the MAPS
databases, but that it does not appear to check the RBL+ database.  Is there
some way for me to add this check to the list?




---
This SF.Net email sponsored by: ApacheCon 2003,
16-19 November in Las Vegas. Learn firsthand the latest
developments in Apache, PHP, Perl, XML, Java, MySQL,
WebDAV, and more! http://www.apachecon.com/
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] Another question re: Spam Assassin and SQL

[Gustafson, Tim]

Hello

I think I figured something out, and I just want to confirm:

Am I correct in understanding now that the SQL user preferences system only
works when you run Spam Assassin through Procmail?  Can it be set up to run
from the Spamass-Milter?

Thanks.

Tim


---
This SF.Net email sponsored by: ApacheCon 2003,
16-19 November in Las Vegas. Learn firsthand the latest
developments in Apache, PHP, Perl, XML, Java, MySQL,
WebDAV, and more! http://www.apachecon.com/
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] Bounce all but whitelist

[Tim Merkel]

I have a client who wishes to only allow mail into his inbox that is
explicitly allowed via his white list.  Yahoo currently allows you to do
this (which is where they got the idea).

I currently host multiple domains using postfix virtual mailboxes with
spamc/spamd (config files below).  spamd is reading user preferences from
mysql.  I would like to implement this so that this particular client
could use this functionality without affecting the way SA handles other
users spam.

Is there a user preference I can use to accomplish this?  I have
considered writing my own logic into my 'postfixfilter' to check the
userpref table in MySQL before calling spamc. Has anybody has success with
this.  Can anyone think of a better solution for this?

Thanks in advance for your help!

Tim Merkel

#/etc/postfix/main.cf (abbreviated)
#
=#
service
type  private unpriv  chroot  wakeup  maxproc command + args
#   (yes)   (yes)   (yes)   (never) (100)
#
=smtp
inet  n   -   n   -   -   smtpd
  -o content_filter=spamfilter:
spamfilter unix -   n   n   -   -   pipe
  flags=Rq user=spamfilter argv=/usr/bin/postfixfilter -f ${sender} --
${recipient}


#/usr/bin/postfixfilter
/usr/bin/spamc -u $4 | /usr/sbin/sendmail -i "$@"
exit $?

#ps aux | grep spam
1011  8027  0.0  3.1 20168 16216 ?   SNov05   0:03
/usr/bin/spamd -d -c -a -x -q -u spamfilter



---
This SF.Net email sponsored by: ApacheCon 2003,
16-19 November in Las Vegas. Learn firsthand the latest
developments in Apache, PHP, Perl, XML, Java, MySQL,
WebDAV, and more! http://www.apachecon.com/
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] Bounce all but white list

[Tim Merkel]

I have a client who wishes to only allow mail into his inbox that is
explicitly allowed via his white list.  Yahoo currently allows you to do
this (which is where they got the idea).

I currently host multiple domains using postfix virtual mailboxes with
spamc/spamd (config files below).  spamd is reading user preferences from
mysql.  I would like to implement this so that this particular client
could use this functionality without affecting the way SA handles other
users spam.

Is there a user preference I can use to accomplish this?  I have
considered writing my own logic into my 'postfixfilter' to check the
userpref table in MySQL before calling spamc. Has anybody has success with
this.  Can anyone think of a better solution for this?

Thanks in advance for your help!

Tim Merkel

#/etc/postfix/main.cf (abbreviated)
#
=#
service
type  private unpriv  chroot  wakeup  maxproc command + args
#   (yes)   (yes)   (yes)   (never) (100)
#
=smtp
inet  n   -   n   -   -   smtpd
  -o content_filter=spamfilter:
spamfilter unix -   n   n   -   -   pipe
  flags=Rq user=spamfilter argv=/usr/bin/postfixfilter -f ${sender} --
${recipient}


#/usr/bin/postfixfilter
/usr/bin/spamc -u $4 | /usr/sbin/sendmail -i "$@"
exit $?

#ps aux | grep spam
1011  8027  0.0  3.1 20168 16216 ?   SNov05   0:03
/usr/bin/spamd -d -c -a -x -q -u spamfilter



---
This SF.Net email sponsored by: ApacheCon 2003,
16-19 November in Las Vegas. Learn firsthand the latest
developments in Apache, PHP, Perl, XML, Java, MySQL,
WebDAV, and more! http://www.apachecon.com/
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

RE: [SAtalk] Bounce all but whitelist

[Tim Merkel]

This is a great start, but how do I tell SA to delete the blacklisted mail
just for this user?

Blacklisting [EMAIL PROTECTED] in MySQL will tag everything as SPAM but not delete it.
Since my users are postfix virtual, they do not have a ~/.procmailrc file,
or a home directory for that matter.  I would only like to delete
blacklisted e-mail for this user, so a global option is out of the picture.
Thanks again for your help!

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Terry
Milnes
Sent: Wednesday, November 12, 2003 4:57 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: [SAtalk] Bounce all but whitelist


Haha I just had to try this  Blacklist [EMAIL PROTECTED] in the db for that
particular user, then add his acceptable senders as whitelisted entries.

Don't know about any negative ramifications, but it does work and will
fit in with the way you want it to.

tm

Tim Merkel wrote:
> I have a client who wishes to only allow mail into his inbox that is
> explicitly allowed via his white list.  Yahoo currently allows you to do
> this (which is where they got the idea).
>
> I currently host multiple domains using postfix virtual mailboxes with
> spamc/spamd (config files below).  spamd is reading user preferences from
> mysql.  I would like to implement this so that this particular client
> could use this functionality without affecting the way SA handles other
> users spam.
>
> Is there a user preference I can use to accomplish this?  I have
> considered writing my own logic into my 'postfixfilter' to check the
> userpref table in MySQL before calling spamc. Has anybody has success with
> this.  Can anyone think of a better solution for this?
>
> Thanks in advance for your help!
>
> Tim Merkel
>
> #/etc/postfix/main.cf (abbreviated)
> #
> =#
> service
> type  private unpriv  chroot  wakeup  maxproc command + args
> #   (yes)   (yes)   (yes)   (never) (100)
> #
>
=smt
p
> inet  n   -   n   -   -   smtpd
>   -o content_filter=spamfilter:
> spamfilter unix -   n   n   -   -   pipe
>   flags=Rq user=spamfilter argv=/usr/bin/postfixfilter -f ${sender} --
> ${recipient}
>
>
> #/usr/bin/postfixfilter
> /usr/bin/spamc -u $4 | /usr/sbin/sendmail -i "$@"
> exit $?
>
> #ps aux | grep spam
> 1011  8027  0.0  3.1 20168 16216 ?   SNov05   0:03
> /usr/bin/spamd -d -c -a -x -q -u spamfilter
>
>
>
> ---
> This SF.Net email sponsored by: ApacheCon 2003,
> 16-19 November in Las Vegas. Learn firsthand the latest
> developments in Apache, PHP, Perl, XML, Java, MySQL,
> WebDAV, and more! http://www.apachecon.com/
> ___
> Spamassassin-talk mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
>
>
>



---
This SF.Net email sponsored by: ApacheCon 2003,
16-19 November in Las Vegas. Learn firsthand the latest
developments in Apache, PHP, Perl, XML, Java, MySQL,
WebDAV, and more! http://www.apachecon.com/
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk



---
This SF.Net email sponsored by: ApacheCon 2003,
16-19 November in Las Vegas. Learn firsthand the latest
developments in Apache, PHP, Perl, XML, Java, MySQL,
WebDAV, and more! http://www.apachecon.com/
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] Site-wide opt-op

[Tim Johnson]

I have a smtp gateway running sendmail 8.12.10. How 
do I setup a site-wide filter and still retain the ability to select which users 
are sent through spamassassin? Also, if I can pose two questions in the same 
message, how do I (and only I) add spam/ham to the site-wide bayes filter (99.9% 
of the users will not have accounts anyway).Tim Johnson
 

Re: [SAtalk] Site-wide opt-op

[Tim Johnson]

Thanks, is amavisd-new linked from the Spamassassin homepage?

Tim

- Original Message - 
From: "Alain Fauconnet" <[EMAIL PROTECTED]>
To: "Tim Johnson" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Thursday, November 27, 2003 10:11 PM
Subject: Re: [SAtalk] Site-wide opt-op


> On Thu, Nov 27, 2003 at 08:19:04PM -0400, Tim Johnson wrote:
> 
> > I have a smtp gateway running sendmail  8.12.10.  How  do  I  setup  a
> site-wide filter and still retain the ability to  select  which  users
> are sent through spamassassin? Also, if I can pose  two  questions  in
> the  same message, how do I (and only I) add spam/ham to the site-wide
> bayes  filter  (99.9%  of  the  users  will not have accounts anyway).
> 
> Please wrap your text lines -- thanks.
> 
> Looks to me like amavisd-new can do what you want. It has the  concept
> of  'spam-lover'  i.e.  recipients  who bypass the spam checking. It's
> kind  of  reversed  compared  to  what  you  asked  for   though   (in
> amavisd-new, you specify who does NOT  get  his/her  mails  filtered).
> 
> If properly configured, Spam Assassin as called from amavisd-new  will
> auto-learn from detected  spam.  AFAIK  it  will  not  auto-learn  ham
> though (not even sure that'd be something reasonable to do it on every
> ham message).
> 
> What  you can do (and what I do) is invoking sa-learn --ham ... on the
> files containing the false positives reported by your user. You should
> run this as the user running the amavisd-new daemons.
> 
> Greets,
> _Alain_
> 
> -- 
> Alain Fauconnet
> IT Security Specialist & CISO -- ITServ
> Asian Institute of Technology


---
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you be more productive?  Does it
help you create better code?  SHARE THE LOVE, and help us help
YOU!  Click Here: http://sourceforge.net/donate/
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] Rules Modification /Content Filtering Results

[Tim B]

<--- snip >

My Question/Concerns

Does anybody have any ideas about how this would affect the bayesian 
learning system? If i suddenly changed my mind about liking porn one day 
and decided to block all porn, would I need to clear out my bayesian 
learning database so that it would begin to learn that i dont like porn?

Is there anything fundamentally flawed with my idea? Would this really 
mess up the filtering mechanism?

Thanks in advance for your thoughts!



---
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you be more productive?  Does it
help you create better code?  SHARE THE LOVE, and help us help
YOU!  Click Here: http://sourceforge.net/donate/
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
I would venture to say it has to do with the configuration your using. 
If your using a peruser bayes or sitewide bayes.  If your using sitewide 
bayes then one person's options can have an effect on anothers.  if your 
using individual bayes then it won't.   I've never tried per-user bayes, 
so I don't know if it would even work that way.





---
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you be more productive?  Does it
help you create better code?  SHARE THE LOVE, and help us help
YOU!  Click Here: http://sourceforge.net/donate/
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] Postfix - procmail - spamassassin config

[Tim B]

Daniel Kaliel wrote:

Hey

At least once a week our server hangs.  I can't figure this out.  It seems
to be hanging when spamassassin is working on large emails.  Here is how I
have it setup and where I am confused.
My confusion lies in this.  If I use the mailbox_command field in postfix do
I need all of below, or will that invoke procmail and all I really need is a
properly configed .procmailrc file?
In postfix main.cf:
mailbox_command = /usr/bin/procmail -f -a "$USER"
In master.cf it invokes a file spamfilter.sh:

spamassassin unix - n n - - pipe
user=filter argv=/usr/local/bin/spamfilter.sh -f ${sender} -- ${recipient}
smtp inet n - n - - smtpd
-o content_filter=spamassassin:
smtp unix - - n - - smtp
-o content_filter=spamassassin:
The spamfilter.sh file looks like:

#!/bin/bash
/usr/bin/spamassassin | /usr/sbin/sendmail -i "$@"
exit $?
Then there is a .forward file in each users directory:
"|IFS='' && exec /usr/bin/procmail || exit 75 #username"
And a .procmailrc file:
#
MAILDIR=$HOME/mail
LOGFILE=$HOME/promaillog
#Blackberry forward
#
well first off, I wouldn't run spamassassin on email that is over 512k 
in size.  Spamc/Spamd won't run on mail over 250K if I remember correctly.

I don't know of a good way to use a shell script to determine the size 
of the message, but if you want to continue using the shell script, I 
would switch to using spamc/spamd

otherwise you can use sitewide procmail and put in your /etc/procmail 
file the following:
:0fw
* < 512000
| spamassassin

which will test to see if the mail is under 512000 bytes, and if it is 
run spamassassin on it.





---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] New to SA

[Tim B]

Rachel E. Hewitt wrote:

New to SA and unix. I am using SA 2.6 with Guinevere and GW 6. It is
helping a lot. I have spent about 3 hours looking through the archives
of this list and have not found the answer yeta couple questions:
1. if using the spamassassin --lint at the command prompt and it just
goes back to the dos prompt after a moment does that mean that SA is
running without any errors?
2. Where/how do I add a subject line test to get it to work. For
example if I wanted to block all emails with xanax in the subject line I
am guessing the rule would be 

header SUBJ_XANAX  Subject =~ /xanax/i
describe SUBJ_XANAXSubject contains xanax
score SUBJ_XANAX 5
1)  spamassassin --lint should only give output IF there is some kind of 
configuration or rule problem.

2) Yes that is exactly how to write some basic rules.  there's some 
great references available on the web about writing your own rules
these are a couple that come right to mind infact I beleive the authors 
of these site subscribe to this list:

http://mywebpages.comcast.net/mkettler/sa/SA-rules-howto.txt
http://www.exit0.us/


---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] Interesting service...

[Tim B]

Hey I stumbled over this little gem of a marketeer, looks like they 
claim they can bypass any spamfilter.   Anyone familiar with this group?

onlinemarketingpros.net



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] Interesting service...

[Tim B]

Fred wrote:
Tim B wrote:

Hey I stumbled over this little gem of a marketeer, looks like they
claim they can bypass any spamfilter.   Anyone familiar with this group?
onlinemarketingpros.net



That's funny, their website says in business since 1997, but their whois
shows different (10 days ago ;):
rs.internic.net
   Domain Name: ONLINEMARKETINGPROS.NET
   Registrar: INNERWISE, INC. D/B/A ITSYOURDOMAIN.COM
   Whois Server: whois.itsyourdomain.com
   Referral URL: http://www.itsyourdomain.com
   Name Server: NS1.ZHIHAI.NET
   Name Server: NS2.ZHIHAI.NET
   Status: ACTIVE
   Updated Date: 06-dec-2003
   Creation Date: 06-dec-2003
   Expiration Date: 06-dec-2004
netsol.com
Record created on December 06, 2003
Record last updated on December 06, 2003
Record expires on December 06, 2004
Registrant
Domain Administrator
JMA Solutions
[EMAIL PROTECTED]
1568 5th Ave.Suite 310
Baltimore, MD 21225 US
+1.4102365698
LOL...  well that's half the fun... after I stumbled across their page, 
I searched for similar pages, and found a bunch more claiming to bypass 
filters.   I'm half tempted to subscribe to some of the spamming 
software so I can get the updates so I can make SA rules to kill em off 
before they get widly used.



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] Domain DNS Blacklists

[Tim B]

Mark Lowes wrote:
Afternoon all,

I've had a dig through the archives and wiki for a definitive answer
with no success.  Is it currently possible to use DNS based domain
blacklists at the moment in SA?  (such as
http://www.securitysage.com/guides/postfix_uce_rhsbl.html)
   thanks
  Mark
Yes

this should work.  may need a little tweeking.

header RCVD_SECSAGE_RBL  eval:check_rbl('SECSAGE', 
'blackhole.securitysage.com.')

describe RCVD_SECSAGE_RBL  SECSAGE: listed in Security Sage's RBL
score RCVD_SECSAGE_RBL  0.01
tflags RCVD_SECSAGE_RBL net






---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] Domain DNS Blacklists

[Tim B]

Matt Kettler wrote:
At 09:06 AM 12/16/03 -0500, Tim B wrote:

this should work.  may need a little tweeking.

header RCVD_SECSAGE_RBL  eval:check_rbl('SECSAGE', 
'blackhole.securitysage.com.')

describe RCVD_SECSAGE_RBL  SECSAGE: listed in Security Sage's RBL
score RCVD_SECSAGE_RBL  0.01
tflags RCVD_SECSAGE_RBL net


Tim, the above example will do a IP based lookup,  which works for most 
DNSBLs.

However, it will not work for a domain-name based DNSBL like secsage.

Check out how check_rbl_from_host works in the RFCI_DSN rule (quoted in 
my other post to this thread).





---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
Ahhh

thanks for correcting me...  LOL.. teach me to try to think that early 
in the morning for me.



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] daily / weekly reports

[Tim Litwiller]

Jens,  Thanks for this handy piece of code.

Jens Madsen wrote:

Hack away,



-- 

cat Report_spam.pl
#!/usr/bin/perl -w
#- 

#
#   File Name: Report_spam.pl
#   Author: Jens Madsen
#
#   Revision history:
#  2003/12/14  Jens Madsen
#  Initial Revision
#
#   Description:
#   This program parses the file provided by the first passed 
argument and
#   generates a report by user and site. The file is typically the 
maillog
#   file. This was designed for a Linux RH 9 environment. Use at 
your own risk.
#.
#
#
#+ 

use English;
use strict;
#
#   File definitions
#
my ($mlfile) = $ARGV[0];
#
# Open mail log and process spamd messages
#
open (MAILLOG, "$mlfile") || die "Cant open $mlfile";
my (@maillogText) = ;
close (MAILLOG);
my ($mailitem);
my (%spamUserSummary,%spamSummary, %spamTable);
$spamSummary{'spam.count'} = 0;
$spamSummary{'clean.count'} = 0;
$spamSummary{'spam.size'} = 0;
$spamSummary{'clean.size'} = 0;
$spamSummary{'spam.time'} = 0;
$spamSummary{'clean.time'} = 0;
my ($pid, $loginout, $user, $host, $ip, $time, $messageid);
foreach $mailitem (@maillogText)
 {
   chomp $mailitem;
   if (my($conntime, $connpid) = ($mailitem =~ /^ (\w{3} \s+ \d{1,2} 
\s \d\d:\d\d:\d\d )
\s+ \w+ \s+ spamd \[ 
(\d+) \] : \s+ connection \s+ /xi))
 {
   #$spamTable{$connpid}{'conntime'} = $conntime;
   #print "spamd connection: $conntime 
$spamTable{$connpid}{'conntime'} $connpid \$ mailitem\n";
 }
   elsif (my($infotime, $infopid) = ($mailitem =~ /^ (\w{3} \s+ 
\d{1,2} \s \d\d:\d\d:\d\d )
   \s+ \w+ \s+ spamd 
\[ (\d+) \] : \s+ info:\s+  /xi))
 {
   $spamTable{$infopid}{'conntime'} = $infotime;
   #print "spamd info: $mailitem\n";
 }
   elsif (my($procpid, $procmessageid, $procuser)
  = ($mailitem =~ /spamd \[ (\d+) \] : \s+ processing \s 
message \s+ (\S+) \s+ for (\s+)  /xi))
 {
   $spamTable{$procpid}{'messageid'} = $procmessageid;
   $spamTable{$procpid}{'procuser'} = $procuser;

   #print "spamd processing: $mailitem\n";
 }
   elsif (my($spampid, $spamtype, $spamstats, $spamuser, $spamtime, 
$spamsize)
  = ($mailitem =~ /spamd \[ (\d+) \] : \s+ (identified \s 
spam|clean \s message) \s+
   (\([^)]*\)) \s+ for \s+ (\S+) \s+ in \s+ 
(\S+) \s+ seconds,
   \s+ (\S+) /xi))
 {
#print "Time: $spamTable{$spampid}{'conntime'}\n";
   my $spam;
   my ($user, $uid) = split (/:/, $spamuser);
   if ($spamtype =~/spam/x) {
 $spam = "spam";
   }
   else {
 $spam = "clean";
   }
   if (!exists ($spamUserSummary{$user})) {
 $spamUserSummary{$user}{'spam.count'} = 0;
 $spamUserSummary{$user}{'clean.count'} = 0;
 $spamUserSummary{$user}{'spam.size'} = 0;
 $spamUserSummary{$user}{'clean.size'} = 0;
 $spamUserSummary{$user}{'spam.time'} = 0;
 $spamUserSummary{$user}{'clean.time'} = 0;
   }
   $spamUserSummary{$user}{"$spam.count"}++;
   $spamUserSummary{$user}{"$spam.size"} = 
$spamUserSummary{$user}{"$spam.size"} + $spamsize;
   $spamUserSummary{$user}{"$spam.time"} = 
$spamUserSummary{$user}{"$spam.time"} + $spamtime;

   $spamSummary{"$spam.count"}++;
   $spamSummary{"$spam.size"} = $spamSummary{"$spam.size"} + 
$spamsize;
   $spamSummary{"$spam.time"} = $spamSummary{"$spam.time"} + 
$spamtime;

 }
   else
 {
 }
 }
print "\n\nSpam Summary by User\n";
print "   Spam 
Clean\n";
print "User  CountSize   Time Count
Size   Time   Percent\n";
foreach $user (sort(keys(%spamUserSummary))) {
 my $percent = $spamUserSummary{$user}{'spam.count'} * 100.0 /
   ($spamUserSummary{$user}{'spam.count'} + 
$spamUserSummary{$user}{'clean.count'});
 printf "%-8s   %4d   %9d%7.1f  %4d   %9d%7.1f %5.1f\n",
   $user,
 $spamUserSummary{$user}{'spam.count'},
 $spamUserSummary{$user}{'spam.size'},
 $spamUserSummary{$user}{'spam.time'},
 $spamUserSummary{$user}{'clean.count'},
 $spamUserSummary{$user}{'clean.size'},
 $spamUserSummary{$user}{'clean.time'},
 $percent;
}
print "\n\nSpam Summary\n";
print "  Spam Clean\n";
print " CountSize   Time CountSize   
Time   Percent\n";
my $percent = $spamSummary{'spam.count'} * 100.0 /
 ($spamSummary{'spam.count'} + $spamSummary{'clean.count'});
printf "  %4d   %9d%7.1f  %4d   %9d%7.1f %5.1f\n\n",
 $spamSummary{'spam.count'},
 

[SAtalk] required_hits = 5.x ???

[Tim B]

I don't think I've seen this covered ever.  can required_hits = 5.5?

everywhere points to a whole number, like 5, or 6 ect ect.



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] required_hits = 5.x ???

[Tim B]

Theo Van Dinter wrote:
On Thu, Dec 18, 2003 at 11:01:22PM -0500, Tim B wrote:

I don't think I've seen this covered ever.  can required_hits = 5.5?


yes.  the documentation (and code) specifies 5.0 as the default.
integers are used just for simplicity, but floats are allowed.
Ok great...

I thought since I never saw a .x used anywhere, that the .0 and integer 
everywhere else ment it had to be an integer.



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] IE redirect rule

[Tim B]

Bill Larson wrote:

http://www.dslreports.com/shownews/36402
http://www.enterpriseitplanet.com/security/news/article.php/3288771
http://www.secunia.com/advisories/10395/
Microsoft Knowledge Base Article - 833786:
http://support.microsoft.com/?id=833786
In this exploit using:
http://[EMAIL PROTECTED]/malicious.html
http://[EMAIL PROTECTED]/malicious.html

http://[EMAIL PROTECTED]/malicious.html

returns http://www.trusted_site.com/ in the browser address line  this can
be done with any website.  It can also be done with a https site as well.
Any suggested rulesets for this one.

Bill Larson



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
funny, I was just working on something for this... this is what I have 
so far.  I'm not very good with perl expressions soo

rawbody /htt(p|ps):\/\/[EMAIL PROTECTED]/i
describeIE Exploit See Microsoft Knowledge Base Article - 833786
score   6.0




---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] IE redirect rule

[Tim B]

Tim B wrote:

Bill Larson wrote:

http://www.dslreports.com/shownews/36402
http://www.enterpriseitplanet.com/security/news/article.php/3288771
http://www.secunia.com/advisories/10395/
Microsoft Knowledge Base Article - 833786:
http://support.microsoft.com/?id=833786
In this exploit using:
http://[EMAIL PROTECTED]/malicious.html
http://[EMAIL PROTECTED]/malicious.html

http://[EMAIL PROTECTED]/malicious.html

returns http://www.trusted_site.com/ in the browser address line  this 
can
be done with any website.  It can also be done with a https site as well.

Any suggested rulesets for this one.

Bill Larson



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
funny, I was just working on something for this... this is what I have 
so far.  I'm not very good with perl expressions soo

rawbody /htt(p|ps):\/\/[EMAIL PROTECTED]/i
describeIE Exploit See Microsoft Knowledge Base Article - 833786
score6.0

ack, I forgot to type in the test name... the name I'm using is IE_EXPLOIT_1

Oh yea.. and what I read off of bugtraq 0x01 or 0x00 also works...

so maybe something like this as well

rawbody  IE_EXPLOIT_2  /htt(p|ps):\/\/[EMAIL PROTECTED]/i
describe IE_EXPLOIT_2	IE Exploit See Microsoft Knowledge Base Article - 
833786
score 	IE_EXPLOIT_2	6.0





---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] downside to sa-learn and extra headers...

[Tim B]

Howdy All,

I want to feed ham into sa-learn every night.  However when I get the 
ham i'm going to have a bunch more received headers and extra Microsoft 
SMTP headers because of the way it's going to be send to me.  What's the 
downside to learning ham with these extra headers?

I know I can use formail to remove most of these headers as long as I'm 
really specific about which headers need to be removed (make formail 
very explicit as to which ones to yank out).

what does spamassassin use to track what mail it's already learned as 
spam?



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] downside to sa-learn and extra headers...

[Tim B]

Matt Kettler wrote:
At 07:52 AM 12/23/2003, Tim B wrote:

I want to feed ham into sa-learn every night.  However when I get the 
ham i'm going to have a bunch more received headers and extra 
Microsoft SMTP headers because of the way it's going to be send to 
me.  What's the downside to learning ham with these extra headers?


Define "the way it's going to be send to me"

If it's a redirect that only adds a Received header or two, you should 
be fine.

If it's a forward that adds a whole new set of headers you're completely 
hosed.
Basically going to be fed to me via MS-SMTP that has the mail stored. 
So it's the origional mail, but with a series of extra received from 
headers, and x-sender and x-receiver that MS-SMTP adds.


I know I can use formail to remove most of these headers as long as 
I'm really specific about which headers need to be removed (make 
formail very explicit as to which ones to yank out).


You can also use bayes_ignore_header in SA.  
Humm...
Forgot SA had that feature


---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] False positives

[Tim B]

schafer wrote:

To Spamassassin:

My publication is double-opted in by 15,000 families with children with
autism.  We are routinely victimized by incompetent software like
spamassassin because of false positives.  This is just as intolerable as
> spam.  It is worse than spam because it victimizes the innocent in 
the name

It saddens me that I know a family which subscribes to your newsletter. 
(it's a good thing I went back over my email otherwise I would be 
stooping to the same level of ignorance as you).

of stopping spam.  (And it may even be a violation of the Americans With
Disabilities Act which prohibits discrimination against the disabled) It is
rank hypocricy.
THIS IS LAUGHABLE...but Hey if you want to get into an ADA discussion...
Spamassassin's report being in plain clear text is very much in line 
with current regulation for accessability, as it's report being in plain 
text is easily read by accessability software.  Now your newsletter on 
the other hand, with all the fancy HTML markup, embedded javascript, and 
html execution code, click able links with %'s characters in it... well 
let's just say it could easily be made a case that your news letter does 
not work with accessability software, and therefore discriminates 
against those which are visually impared.

NO ONE is forced to use spamassassin or any other anti-spam technology. 
 If your subscribers or your ISP is making use of any antispam 
technology, it was agreeded to allow them to so, and they should examine 
their Terms of service agreements with their ISPs.

Just as your newsletter asks us to take the time to get educated and 
involved with autism, you should get educated about spam, spamassassin, 
and antispam technologies.

False positives are intolerable and commercial products that allow them
should be outlawed as much as spam should be.
>
I do not know if this is the right place to complain as I could not find an
email address that offers feedback to the company.  This arrogance stinks,
too.  As if software developers don't need public feedback about their junky
products.
If you took two seconds, you'd realise Spamassassin is NOT a commerical 
Product, but an opensource one, non commerical, worked on by volunteers 
fighting the good fight.

This piece of junk software rates my publication 99%-100% likely to be spam.
"* 3.0 -- BODY: Bayesian classifier says spam probability is 99 to 100%"
Ha! What crap.  The offending email is also parked at this website page:

http://home.doitnow.com/~edit/index.htm
Bayesian Classifier is install specific and rates email based on mail 
based on what it's BEEN TAUGHT BY THE SPECIFIC SITE.  In other words, if 
a bayes/bayesian classifier says your mail is spam, it's because it was 
taught to do so.

And yes, I did look at the offending email.  And guess WHAT!  it's a 
series of classified style ads (oops.. I mean calender of events)..

Lenny Schafer
Schafer Autism Report
Exhibit:

 Start SpamAssassin results
7.10 points, 5.5 required;
* -0.1 -- Message-Id indicates the message was sent from MS Exchange
* 0.9 -- BODY: No such thing as a free lunch (3)
* 0.5 -- BODY: No Fees
* 0.5 -- BODY: Possible porn - Hot, Nasty, Wild, Young
* 0.1 -- BODY: HTML link text says "click here"
* 0.1 -- BODY: HTML font color is red
* 0.2 -- BODY: FONT Size +2 and up or 3 and up
* 0.1 -- BODY: HTML font color not within safe 6x6x6 palette
* 1.5 -- BODY: Message is 20% to 30% HTML
* 0.1 -- BODY: HTML has "tbody" tag
* 0.2 -- BODY: JavaScript code
* 0.1 -- BODY: HTML font color is blue
* 3.0 -- BODY: Bayesian classifier says spam probability is 99 to 100%
[score: 0.9988]
* 0.2 -- BODY: HTML contains unsafe auto-executing code
* 2.9 -- BODY: HTML has very strong "shouting" markup
* 0.4 -- URI: Uses %-escapes inside a URL's hostname
* 0.7 -- URI: Includes a link to a likely spammer email address
* 0.0 -- Asks you to click below
* -4.3 -- AWL: Auto-whitelist adjustment
 End of SpamAssassin result
why are you including autoexecuting code?
why are you including java script?
why so many huge fonts?
why are you using URLs which have to make use of % signs?
Why haven't you informed your subscribers that if antispam technology is 
being used on their systems, to add the sending address to their 
white/passthru lists since you obviously know your mail is so often 
misidentified as spam.



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk