On Wed, 6 Feb 2002, Uwe Willenbacher wrote:
> --On Wednesday, February 06, 2002 4:22 PM -0600 Dallas Engelken
> <[EMAIL PROTECTED]> wrote:
>
>
>
> > First of all, I run SA2.1.. here is my log output.
>
> Is 2.1 ready for production environments?
>
>
People have strange attitudes about version
On 6 Feb 2002, Craig Hughes wrote:
> Ok folks, I just made get_header in NoMailAudit case-insensitive,
> meaning that while capitalization of header names is preserved, rules
> will match case insensitively, so a rule like
Oooh, I love you. Looks OK so far.
--
Charlie Watts
[EMAIL PROTECTED]
F
On Wed, 06 Feb 2002, Craig Hughes wrote:
[...]
> Then all we need is a catchy nickname for my first release :)
SpamAssassin "Oh, my god!" 2.1
Especially after you find out whatever it was you managed to break in
it, which I always do on the first release of anything. Then I get
embarrassed. ;)
On Wed, 6 Feb 2002, rODbegbie wrote:
> I'm receiving an increasing number of Spams for porn sites hosted by
> splitrock.net which are operating on port 81 (see URLs below).
>
> 1) Anyone else getting them?
Nope. Er, at least in my case. ;)
> 2) Is anyone adverse to adding a rule to catch http
on 2/6/02 9:43 PM, Donald Greer at [EMAIL PROTECTED] wrote:
> Need to add the following to spamd to make the usernames appear
> correctly in the logs and perform SQL lookups when using the -x option
> and/or when the userids aren't in /etc/password:
>
> --- spamd.orig Tue Jan 29 11:19:17 2002
>
Need to add the following to spamd to make the usernames appear
correctly in the logs and perform SQL lookups when using the -x option
and/or when the userids aren't in /etc/password:
--- spamd.orig Tue Jan 29 11:19:17 2002
+++ spamd Tue Jan 29 11:19:24 2002
@@ -517,8 +517,9 @@
sub
on 2/6/02 6:29 PM, Uwe Willenbacher at [EMAIL PROTECTED] wrote:
> --On Wednesday, February 06, 2002 4:22 PM -0600 Dallas Engelken
> <[EMAIL PROTECTED]> wrote:
>
>
>
>> First of all, I run SA2.1.. here is my log output.
>
> Is 2.1 ready for production environments?
>
>
Depends what you mea
> > First of all, I run SA2.1.. here is my log output.
>
> Is 2.1 ready for production environments?
>
>From my numbers, it has been more acurate than 2.01. I run it on two low
priority production servers. Have had no problems.
Dallas
___
Spamassas
I recently installed SpamAssassin on a FreeBSD box running sendmail, and
using procmail as the MTA.
SpamAssassin seems to be doing ok, but it's not changing the subject line
of the email messages that score higher than the required_hits.
It does put the X-Spam-Status line in the message header
--On Wednesday, February 06, 2002 4:22 PM -0600 Dallas Engelken
<[EMAIL PROTECTED]> wrote:
> First of all, I run SA2.1.. here is my log output.
Is 2.1 ready for production environments?
>
> Feb 3 04:51:38 whitehat spamd[28483]: connection from
> localhost.localdomain [ 127.0.0.1 ] at p
Ok folks, I just made get_header in NoMailAudit case-insensitive,
meaning that while capitalization of header names is preserved, rules
will match case insensitively, so a rule like
header BAD_DATEDate ~= /three weeks ago last wednesday/
will now match all of the following:
Date: three week
On Wed, Feb 06, 2002 at 04:26:42PM -0800, Craig Hughes wrote:
> > body HAVEN_IP /64\.118\.7\.|66\.163\.36\./
> > describe HAVEN_IP Contains an IP used by spammers
> > score HAVEN_IP 3.0
>
> I think IP matching is best left to the RBL folks; we can just call out
> to them.
Sorry, I guess I was
On Wed, 2002-02-06 at 16:16, Daniel Rogers wrote:
> Here's a couple rules I wrote to help catch stuff that was making it
> through. The scores are my own made-up numbers
>
> body INCREASE_EJACULATION /increase ejaculation/i
> describe INCREASE_EJACULATION Why would I want to do that?
where do these rules go?
On Wed, 6 Feb 2002 16:16:31 -0800
Daniel Rogers <[EMAIL PROTECTED]> wrote:
> Here's a couple rules I wrote to help catch stuff that was making it
> through. The scores are my own made-up numbers
>
> body INCREASE_EJACULATION /increase ejaculation/i
> describ
Here's a couple rules I wrote to help catch stuff that was making it
through. The scores are my own made-up numbers
body INCREASE_EJACULATION /increase ejaculation/i
describe INCREASE_EJACULATION Why would I want to do that?
score INCREASE_EJACULATION 4.0
body HAVEN_IP /64\.118\.7\.
On 6 Feb 2002, Craig Hughes wrote:
> > b) (preferred) get the "To" address logged
>
> To get that logged, you'll need to have spamd process the message as
> that user I think, which means removing the '-u' flags from both command
> lines. What it's logging is really not who the To: is to, but ra
Craig,
Sorry for being confusing. Amazon is in the rule 60, the same as Yahoo
that was discussed earlier (added by JM as a test?) and trigering the
whitelist test.
OK, I think I will remove the set of rules, there is no reason that SA
comes with a preconfigured whitelist.
Olivier
>Yeah, I thin
Yeah, I think amazon is a question of personal taste whether you want
their mail or not. I would recommend a site-specific rule on that, or a
per-user one if you're multi-user. Personally, about 50% of what they
send is what I'd call "vaguely solicited" and the other 50% is stuff I
want to get.
Hello,
I got some spam delivered from amazon and it went thru because
amazon.com is in rule 60.
I know I never subscrib to anything at amazon. I even think I never
went to their pages (but wouldn't swear it). So it IS spam, as it is
fully unscolicited.
Olivier
> Correct me if I'm wrong, but Ya
Following up to my own mail, of course the question becomes "which To:
person do I log? Or should I use someone from the Cc: line?"
So I think this is probably best left as is -- just logging the user
that spamd knows about, not trying to figure anything out from the
message itself.
C
On Wed,
> Yeah, I'm not sure why, but the PORN_3 rule wants 3 naughty words on a
> single line before it'll trigger. Can anyone think of a reason why it
> shouldn't be just one occurrence?
The problem is that some of the words in the list can be used in quite
innocent contexts (Amateur, Teen and Webcam
> I am using spamd and spamc in my set up and I find following somewhat
> strange: I get lots of syslog messages with following content:
>
> Feb 6 13:53:58 server spamd[16597]: connection from localhost [ 127.0.0.1
> ] at port 20506
> Feb 6 13:54:00 server spamd[17335]: clean message for (unknow
On Wed, 2002-02-06 at 14:04, Uwe Willenbacher wrote:
>
> Feb 6 13:53:58 server spamd[16597]: connection from localhost [ 127.0.0.1
> ] at port 20506
> Feb 6 13:54:00 server spamd[17335]: clean message for (unknown):87 in 2
> seconds.
> Feb 6 13:56:57 server spamd[16597]: connection from lo
Hi all,
I am using spamd and spamc in my set up and I find following somewhat
strange: I get lots of syslog messages with following content:
Feb 6 13:53:58 server spamd[16597]: connection from localhost [ 127.0.0.1
] at port 20506
Feb 6 13:54:00 server spamd[17335]: clean message for (unknow
Hey guys, I don't follow SpamAssassin development, so please don't yell
if this is out of form or has been discussed, but I've written a perl
script which collects addresses from auto-whitelist and generates a
pine-compatable addressbook.. This gives you functionality similar to
mozilla's colle
I'm receiving an increasing number of Spams for porn sites hosted by
splitrock.net which are operating on port 81 (see URLs below).
1) Anyone else getting them?
2) Is anyone adverse to adding a rule to catch http://.*:81/ into
SpamAssassin?
3) Shouldn't these be getting points for being fully
On Wed, Feb 06, 2002 at 12:34:00PM -0500, rODbegbie wrote:
> rules/60_whitelist.cf in CVS includes the line:
>
> whitelist_from *@yahoo-inc.com
>
> It's a site-wide default.
That's a general problem with wildcard (and auto) whitelists:
Only because it's a legitimate mailing list doesn't mean
On Tue, Feb 05, 2002 at 01:18:06PM -0800, Craig Hughes wrote:
> Well, you're right, the RFC2822 header change stuff might cause leading
> spaces to no longer be on the front of header values, but for the
> Message-Id line you quoted,
> "<[EMAIL PROTECTED]>" does match
> the regex in the rule, and
Yes, I think you're correct rOD, and that's no doubt why Jeremy added
it. I'll add mypoints.com also. Ed, your user can almost certainly
follow the unsubscribe info in the message to successfully unsubscribe
with no adverse effects -- I doubt that yahoo would fail to honor the
request.
C
On We
Looks like jm added yahoo-inc and a few others after a list email from
Jeremy Zawodny dated 12/8/01 and 12/10/01, subject "Testing for named
addressee". So Jeremy, maybe you can say why it's in the list?
C
On Wed, 2002-02-06 at 09:34, CertaintyTech - Ed Henderson wrote:
> I finally found the wh
Correct me if I'm wrong, but Yahoo Delivers is an opt-in mailing list.
Since that isn't technically Spam (it fails on the U of UBE), there should
be no reason for SpamAssassin to stop it. I've had to add a whitelist entry
for "mypoints.com" mail on my server, as it was also opt-in. Perhaps
somet
I finally found the whitelist_from entry in the sitewide
/usr/share/spamassassin/60_whitelist.cf file (didn't know that it existed).
For some reason *@yahoo-inc.com is listed there. Any reason why this was
included?
Thanks,
Ed.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[
rules/60_whitelist.cf in CVS includes the line:
whitelist_from *@yahoo-inc.com
It's a site-wide default.
rOD.
--
I think I'm in love.
Probably just hungry.
- Original Message -
From: "CertaintyTech - Ed Henderson" <[EMAIL PROTECTED]>
To: "satalk" <[EMAIL PROTECTED]>
Sent: Wednesday,
Here are my whitelist_from entries in my /etc/mail/spamassassin/local.cf
file:
whitelist_from [EMAIL PROTECTED]
whitelist_from *@ebay.com
whitelist_from *@presidentialprayerteam.org
whitelist_from *@Christianbook.com
whitelist_from [EMAIL PROTECTED]
whi
on 2/6/02 7:14 AM, [EMAIL PROTECTED] at [EMAIL PROTECTED]
wrote:
> howdy hi,
heidi ho
> I put certain whitelist_from 's in the
> "/usr/local/lib/perl5/site_perl/5.005/spamassassin.prefs" on spamd.machine
> but they aren't getting picked up. I tried dropping the -x flag on spamd to
Yeah, part o
For some reason this message gets tagged by the USER_IN_WHITELIST test. I
do not have the From or To in my whitelist. I do not use autowhitelist and
have no whitelist_from defined for any yahoo.com addresses. I am using the
stable v2.01. Any ideas? This is the second message today that was ta
I'm seeing a few (not many) false positives with empty To: headers, mostly
it's RFP's and things like that where everything goes in the BCC. I'm
wondering if the To: checks aren't a bit over zealous, for example I get:
To: is empty
To: has a malformed address
Missing To: header
All matching for
howdy hi,
I am using SpamAssassin 1.5 (which is awesome!).
I am using spamd on one machine ("spamd.machine") that has a relatively low
load with
/usr/local/bin/spamd -A 127.0.0.1,spamc.machine -x -L -d -udaemon
and am sending requests to it via (from machine "spamc.machine")
/usr/local/bin/s
38 matches
Mail list logo
