I had a false positive today from a non-spam (but semi-commercial) message and it
appears to be a bug, albeit one that isn't too likely to occur, in the
HTTP_ESCAPED_HOST rule. Since this rule is scored at 4.0 I thought I should mention it.
Here's the text that triggered the score:
-
Check
On Wed, Jan 30, 2002 at 09:14:54PM -0500, Dave Weiner wrote:
> > On Wed, Jan 30, 2002 at 05:41:25PM -0500, Dave Weiner wrote:
> > > Check out my SA-user-admin, available from http://www.gallowglass.org
> >
> > Before I start to work on it, has anyone done the same for file based
> > user_prefs ye
no.
You have a few different options.
1. Use a mail scanner that uses SA
or
2. Use a scanner that doesn't natively use SA
and
3. Make sure your users understand the need for personal virus protection.
Currently, I use SA with the Email Sanitizer (see option 2) by John Hardin
[ http://www.imps
Hi,
Just wondering, Does Spam Assassin Automatically protect from most virii also?
Regards
Arrchie
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
It's hard/impossible to *optimize* the scores by hand. You can still set them by hand using intuition and do "well enough", particularly if you're only setting/adjusting a couple rules and you guide your scoring based off the existing scores. I wouldn't want to go through and hand-score all 3
On Wed, 2002-01-30 at 19:29, Olivier Nicole wrote:
Now I may be wrong, but how new tests can be introduced if they are
not accounted by the GA to get some weight?
You can create new rules in your own config files, and assign them any score you like. You can get a sense of what kind o
These are all good points, but I think from the fact that many people find SpamAssassin useful because it identifies spam with a low false-positive rate that most of the time, most people consider the same things to be spam. There are definitely some weird sample points in the corpus, but by a
Sure, send me a patch :)
C
On Wed, 2002-01-30 at 18:49, Duncan Findlay wrote:
On Wed, Jan 30, 2002 at 09:05:02AM -0800, Craig Hughes wrote:
> on 1/29/02 7:14 PM, Duncan Findlay at [EMAIL PROTECTED] wrote:
>
> > On Tue, Jan 29, 2002 at 09:23:56PM -0500, dman wrote:
> >> Wow. I wonde
You could either run the GA yourself (which requires building up a corpus of spam and non-spam to feed it, not sure how large it would need to be), or you more easily can just tweak scores on individual rules (this is very simple). For example, you could just create a file called /path/to/spam
No, I think by large samples he means it needs a lot of examples of what
is and what is not spam. In fact, the corpus we feed to the GA includes
some 75,000+ spam messages and 46,000+ non-spam messages, weighted
towards messages which tend to yield false-positives (mailing lists,
etc). The summa
The code is available. There are actually two different GAs in the /masses directory -- one, evolve.cxx is Justin's, based on a library called galib; the other, craig-evolve.cxx is mine, based on pgapack so it can make use of multiple CPUs (and even multiple nodes if your computational desires
> Running the GA yourself would likely
> yield better results, but at least you have an option now :-).
Well I guess if GA was used, it is because it is practically
unfeasible to acheive proper scoring by hand :)
In fact I'd rather run SA that way than temper with the scores.
I plan to quaranti
Duncan,
>One other problem is that the GA currently (IIRC) doesn't process the
>messages, just the tests hit. Of course, now, the test are different from
>those 2 versions ago, messing up the GA.
Replacing the message by the result of the test would be pretty simple
I beleive.
X-Spam-Status:
On Thu, Jan 31, 2002 at 09:46:15AM +0700, Olivier Nicole wrote:
| One of my concern, for example, as a sys admin, I start my email by
| "Dear user" this is quite highly pondered. One more hit and my message
| would get lost.
|
| I receive quite some emails from Indian/Sri Lankan/Pakistanese peo
On Thu, Jan 31, 2002 at 09:46:15AM +0700, Olivier Nicole wrote:
> Greg,
>
> > You don't run SpamAssassin's genetic algorithm -- I gather that only
> > Justin Mason, the prime developer, does that currently. He has a big
> > huge pile ("the corpus") of mail, spam and non-spam, that is used to
> >
On Wed, Jan 30, 2002 at 09:05:02AM -0800, Craig Hughes wrote:
> on 1/29/02 7:14 PM, Duncan Findlay at [EMAIL PROTECTED] wrote:
>
> > On Tue, Jan 29, 2002 at 09:23:56PM -0500, dman wrote:
> >> Wow. I wonder what the cause is ... probably CPU due to heavy regex
> >
> > I'm guessing RAM is the lim
Greg,
> You don't run SpamAssassin's genetic algorithm -- I gather that only
> Justin Mason, the prime developer, does that currently. He has a big
> huge pile ("the corpus") of mail, spam and non-spam, that is used to
> feed the GA and generate the scores in everyone's
> /usr/share/spamassassin
On 31 January 2002, Olivier Nicole said:
> I wonder if/how I should/could update the ponderations that are given
> by the genetic algorithm.
>
> I know little about GA, bt I think I remember (some 12 or 15 years
> ago) that it needed quite big samples.
>
> So I beleive I should keep all incoming
By stating that GA's need large samples, I assume you are referring to
the population size. For years, people have been arguing whether a
large or small population is better. The best theory we have on the
inner workings of a GA, the Building Block Theory, is by John Holland,
who is the father o
> On Wed, Jan 30, 2002 at 05:41:25PM -0500, Dave Weiner wrote:
> > Check out my SA-user-admin, available from http://www.gallowglass.org
>
> Before I start to work on it, has anyone done the same for file based
> user_prefs yet? If not, I'll do my best to get something done soon, but
> god know
Hello,
I wonder if/how I should/could update the ponderations that are given
by the genetic algorithm.
I know little about GA, bt I think I remember (some 12 or 15 years
ago) that it needed quite big samples.
So I beleive I should keep all incoming messages, mark them as spam or
not spam and ru
On Wed, Jan 30, 2002 at 05:41:25PM -0500, Dave Weiner wrote:
> Check out my SA-user-admin, available from http://www.gallowglass.org
Before I start to work on it, has anyone done the same for file based
user_prefs yet? If not, I'll do my best to get something done soon, but
god know with my sche
> How about -t does a "test then undo" on the auto-whitelist?
Hi C -- still (just barely) reading mail ;)
Problem is that the AWL tests check to ensure that after 3 separate
invocations the AWL has been updated. so "test then undo" would
still not work.
BTW a related thing is that the tests sh
> I am currently working on a web interface for SA.
>
> Going to initially offer to my users (~150):
>required_hits
>terse_report
>auto_report_threshold
>whitelist_from
>blacklist_from
>
> Unlike the current devel PHP version (that works with MySQL and requires
> mod_auth_exter
This is now being tracked in bugzilla as an enhancement request:
http://bugzilla.spamassassin.org/show_bug.cgi?id=18
C
On Wed, 2002-01-30 at 13:33, Theo Van Dinter wrote:
On Wed, Jan 30, 2002 at 03:18:25PM -0600, Michael Geier wrote:
> Things I wish SA did:
>added "body-report"
On Wed, Jan 30, 2002 at 03:18:25PM -0600, Michael Geier wrote:
> Things I wish SA did:
>added "body-report" to HTML-only spam as seperate text/plain MIME
Actually, I think that the body report should always add itself as the
first text/plain MIME attachment, not just for HTML mail. It seems
I am currently working on a web interface for SA.
Going to initially offer to my users (~150):
required_hits
terse_report
auto_report_threshold
whitelist_from
blacklist_from
Unlike the current devel PHP version (that works with MySQL and requires
mod_auth_external), this will rew
> I'm trying to collect some interesting information for a magazine
> article on SA. I'm guessing we're up into the hundreds of thousands of
> users now (end users that is, not installed copies). Could those of you
> who have largish installations let me know how many users you service?
> Also,
I'm guessing jm got lazy and didn't implement the data constructor for NoMailAudit, only the stream-parsing one. I'll file a bugzilla bug on it and take a look.
C
On Wed, 2002-01-30 at 11:35, Nels Lindquist wrote:
On 30 Jan 2002 at 15:02, Justin Mason wrote:
> Kamil Kisiel said:
>
Okay, I think I was mistaken about lack of base64 decoding being the
problem.
Does SpamAssassin recurse over subparts in multipart messages? It
appears that for multipart messages of the form:
Headers (Content Type: multipart/alternative;)
|
---Part 1 (plain text)
(blank)
|
---Part 2 (ba
On 30 Jan 2002 at 15:02, Justin Mason wrote:
> Kamil Kisiel said:
>
> > My previous mail filter, written using SpamAssassin 1.5 and the
> > Mail::SpamAssassin:MyMailAudit module no longer works with SpamAssassin
> > 2.0. As far as I can tell, the MyMailAudit module has been removed from
> > Mail
I'm trying to collect some interesting information for a magazine article on SA. I'm guessing we're up into the hundreds of thousands of users now (end users that is, not installed copies). Could those of you who have largish installations let me know how many users you service? Also, any ot
On Tue, 29 Jan 2002 10:35:41 -0500
dman <[EMAIL PROTECTED]> wrote:
> Ok, as for not getting X-Spam-Status, take a (real) message in a file
> (call it "msg"). What does :
>
> $ cat msg | spamc -f | grep -i spam
>
> output? It should outupt the X-Spam headers and the SPAM: report (if
> there wa
>
> How would SA know which domains you service? Seems like a really hard
> problem unless you make big assumptions about how mail services are
> implemented at that location. Maybe this is a "feature" which could be
> implemented in documentation or something...
>
> C
>
I'm didn't mean to impl
How would SA know which domains you service? Seems like a really hard
problem unless you make big assumptions about how mail services are
implemented at that location. Maybe this is a "feature" which could be
implemented in documentation or something...
C
on 1/30/02 6:33 AM, CertaintyTech - Ed
on 1/29/02 10:56 PM, Jason Haar at [EMAIL PROTECTED] wrote:
> "spamc -h" states:
>
> Usage: spamc [-d host] [-p port] [-c] [-f] [-h]
> -c: check only - print score/threshold and exit code set to 0 if message is
> not spam, 1 if spam
> ...
>
> That sounds like the addition of the feature request
How about -t does a "test then undo" on the auto-whitelist?
C
on 1/29/02 8:08 PM, Justin Mason at [EMAIL PROTECTED] wrote:
>
> Justin Mason said:
>> Greg Ward said:
>>
>>> I think his suggestion was right on: don't update the auto-whitelist in
>>> testing mode.
>>
>> yeah, I agree. Must imp
on 1/29/02 7:14 PM, Duncan Findlay at [EMAIL PROTECTED] wrote:
> On Tue, Jan 29, 2002 at 09:23:56PM -0500, dman wrote:
>> Wow. I wonder what the cause is ... probably CPU due to heavy regex
>
> I'm guessing RAM is the limiting factor. It's a PI/100 w/ 40 MB RAM.
>
RAM is more likely -- my ~1
I like the idea of the multi-level thing, but instead of "filing" the
message in folders (making SA an MDA?) I think it'd be better implemented by
sticking alternate tags in the X-Spam-Status header such as:
0-5: X-Spam-Status: No
5-15: X-Spam-Status: Yes, Maybe
15-30: X-Spam-Status: Yes, Prob
>
> I currently have a qmail+qmailscanner+sophos antivirus setup on
> redhat. How
> do I integrate spamassassin? Their website doesn't have any docs with that
> combination.
>
> -Nelson
>
The setup you are describing is exactly like mine (except different OS). If
you download the latest Q-S v1.1
> On Wed, Jan 30, 2002 at 10:38:12AM -0500, Chin, Nelson wrote:
> > I currently have a qmail+qmailscanner+sophos antivirus setup on redhat.
How
> > do I integrate spamassassin? Their website doesn't have any docs with
that
> > combination.
>
> it's pretty easy: use this patch for spamassassin, and
On Wed, Jan 30, 2002 at 10:38:12AM -0500, Chin, Nelson wrote:
> I currently have a qmail+qmailscanner+sophos antivirus setup on redhat. How
> do I integrate spamassassin? Their website doesn't have any docs with that
> combination.
it's pretty easy: use this patch for spamassassin, and start the
I currently have a qmail+qmailscanner+sophos antivirus setup on redhat. How
do I integrate spamassassin? Their website doesn't have any docs with that
combination.
-Nelson
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.n
> BTW: I agree with the sentiment about virus scanners vs spam. In
> Qmail-Scanner, the SpamAssassin support merely tags the messages as spam -
> it doesn't quarantine them like it does for viruses. Still too many false
> alerts I'm afraid - a lot of my Email from root cronjobs gets caught! ;-)
>
> At least on my systems, spamc is called in the .qmail-default
> file, which only
> is called when the mail is delivered locally (and in my case, is
> delivered
> through the standard mechanism (not an alias). I haven't heard of spamc
> being run earlier in the delivery queue.
>
> Regards,
> And
From: "Duncan Findlay" <[EMAIL PROTECTED]>
> On Tue, Jan 29, 2002 at 09:23:56PM -0500, dman wrote:
> > | Yes. I am. I think it would take an hour after I start my computer
is I
> > | used spamassassin -p, rather than 20 minutes :-)
> >
> > Wow. I wonder what the cause is ... probably CPU due
From: "Justin Mason" <[EMAIL PROTECTED]>
> NoMailAudit is essentially a 100% compatible reimplementation of M:A which
> (a) does not require M:A or any of the other modules it requires, and (b)
> fixes some bugs that M:A has (cf. the (unusable ;) list archives for more
> details); specifically,
From: "dman" <[EMAIL PROTECTED]>
> On Tue, Jan 29, 2002 at 02:58:56PM -0500, Mike Coughlan wrote:
>
> | > Has anybody created a rule for the MyParty virus? It is trapped by
our
> | > virus scanner, but it would be nice to have a rule in SA to catch it.
>
> | Maybe this is an old philpsophical d
From: "Donald Greer" <[EMAIL PROTECTED]>
> Matt Sergeant said:
> >Finally, if you do:
> >
> >$VERSION = '2.1_0';
> >
> >Then CPAN treats it as a beta, and won't install it - it'll do that
> with >any
> >version with an underscore in the distribution name (note that this
> can >be
> >diffe
49 matches
Mail list logo
