Hi,
AAA>I just subscribed to submit something which I consider to be usefull.
This is not very good if anyone is using psender/precips.
psender/precips instructs qs to send email about discarded messages
only if they are discarded due to policy (not av) rules.
So If you add these to a setup
On Fri, 27 Aug 2004, Mark Powell wrote:
> Ok, tracked it down to this code in "sub spamassassin". I put some
> debugging in:
>
> &debug("SA: 0.0");
> while () {
> &debug("SA: 0.0.0");
> print (SOUT $_) || &debug("SA: print error");
> }
> &debug("SA: 0.1");
I put in more debugging
On Fri, Aug 27, 2004 at 11:18:44AM -0400, Asif Iqbal wrote:
> > >i.e. using whatever your triggering condition is (that sounds like the
> > >hardest part to me to get right...), create a local RBL record with a
> > >limited lifespan. Then ensure you are using rblsmtpd, and that it points at
>
> I
On Fri, 27 Aug 2004, Mark Powell wrote:
> On Fri, 27 Aug 2004, Mark Powell wrote:
> The only differences when the email is over 250k is that spamc returns
> instantly without contacting spamd so there's a possibility for some sort
> of timing error in QS. This seems very unlikely though.
> The o
No problem. I picked a subset of the ones you described to use
myself.
Several rules can be combined into one as well ... Things
like:
A virus was detected
virus detected
can be described as .*virus.*detected.*
I don't see too many foreign ones so I dropped a lot of those.
I also had to es
[EMAIL PROTECTED] wrote:
One comment. The line:
.*Invalid content in mail message (message rejected).* Virus-Subject:
bogus antivirus
should be
.*Invalid content in mail message \(message rejected\).*
Virus-Subject: bogus antivirus
And actually, I would say:
.*Invalid content in mail m
On Fri, 27 Aug 2004, Mark Powell wrote:
> On Fri, 27 Aug 2004, Jason Haar wrote:
> > Well that doesn't make sense. Qmail-Scanner doesn't give a monkeys about the
> > exit status of a message that is piped through SA - unlike AV, Q-S will
> > carry on delivering a message that fails in any way, sha
On Thu, Aug 19, 2004 at 10:09:08AM +0530, Devendra Singh wrote:
> At 18/08/04 04:53 (), Jason Haar wrote:
> >On Wed, Aug 18, 2004 at 02:53:40AM +0800, Jason Wong wrote:
> >> If you're running qmail using tcpserver then block it using tcprules.
> >What I
> >> have done is modify my qmail-scanner so
This looks quite useful. I have seen several of these "AV spam"
messages. The worst ones actually contain the MIME encoded text of the
virus. They don't decode on the server because they are considered as
text. (The MIME boundary is not the same as the email MIME
boundary.) Unfortunately,
Hey all!
I want to filter certain mail leaving my qmail gateway. I want to catch
all the mail leaving with a "MAIL FROM:" address of [EMAIL PROTECTED] and
archive it for quality assurance reasons. My assumption is that I need
to add this line to /var/spool/qmailscan/quarantine-attachments.txt:
[E
On Fri, 27 Aug 2004, Jason Haar wrote:
> On Thu, Aug 26, 2004 at 05:12:55PM +0100, Mark Powell wrote:
> > Hi,
> > There is nothing else logged for that message. QS just leaves the files
> > lying around and the message is stuck forever :(
>
> Well that doesn't make sense. Qmail-Scanner doesn't giv
Hello list,
I just subscribed to submit something which I consider to be usefull.
Based on the link at:
http://std.dkuug.dk/keld/virus/header_checks
I created a quarantine-attachments.txt file, attached to this message,
which implements the respective filters for bogus antivirus s
12 matches
Mail list logo
