Doug Crompton wrote:
DC> spam are the ones that would respond. Can we forward this junk to our US
DC> representitives or somewhere else where it is noticed?
Amusing concept. I suggest:
:0fw
|spamc
:0
* ^X-Spam-Status: Yes
! [EMAIL PROTECTED],[EMAIL PROTECTED],[EMAIL PROTECTED]
Amend of cours
On Wed, 24 Apr 2002 02:34:22 -0400 (EDT)
"Doug Crompton" <[EMAIL PROTECTED]> wrote:
> Is there a way to just select a type to not score - like dialup?
If you're not interested in doing rbl lookups at all you can just
disable them in local.cf.
local.cf:
skip_rbl_checks 1
--
Lars Hansson
On Tue, 23 Apr 2002, Sidney Markowitz wrote:
>
> In this case, the rule RCVD_IN_OSIRUSOFT_COM has a score of 2.0
> points, which will be added to just about any mail sent by an AOL
> dialup user. Some people would agree with having any AOL user start
> out with a 2 point disadvantage. But if you
"Doug Crompton" <[EMAIL PROTECTED]> asked:
> What can I tell this person to do differently to avoid this?
> When you say it is a known address from where spam was sent
> (dialup) do you mean the dialup account of the original AOL user?
Here is what relays.osirusoft.com has to say when I look up t
On Tue, 23 Apr 2002, Bart Schaefer wrote:
>
> > I assume this person has an AOL account and sent mail from Yahoo.
>
> They sent mail from their home PC using an AOL dialup to connect to the
> Internet and with their user agent's idea of the sender's address set to
> be a Yahoo! account. That
On Tue, 23 Apr 2002, Doug Crompton wrote:
> The following message (headers below) was tagged as spam. It is not. What
> I don't understand is why does it say yahoo.com is a forged address and
> via a tagged relay?
As for the tagged relay, nslookup says:
Name:44.114.135.172.relays.osirusoft.
The following message (headers below) was tagged as spam. It is not. What
I don't understand is why does it say yahoo.com is a forged address and
via a tagged relay?
I assume this person has an AOL account and sent mail from Yahoo.
>From [EMAIL PROTECTED] Tue Apr 23 23:13:39 2002
Received: from
I'm pretty sure (though I'd need to check the code to make sure sure) that
black/whitelists are cummulative. In other words, you could have those rules
below in addition to your regular white/blacklists and you'd be fine; the only
difference is blacklisting will now be worth 100 instead of 10 (wh
Heh! Thanks!
I'll have to give that one a bit of a thought to think if I want to
apply that. Sort of overrides my ability to setup a blacklist, which
I've yet to have any need of...
Ken
On Tue, 2002-04-23 at 17:18, Craig R Hughes wrote:
> Ken Causey wrote:
>
> KC> I would still like to reque
Ken Causey wrote:
KC> I would still like to request a wish list item to be able to set it to
KC> auto-whitelist all local email. The rule testing for this would need to
KC> be somewhat complex as it would need to examine the Recieved headers to
KC> indeed confirm that it was a locally delivered
Oops! The MANIFEST file was out of date, and wasn't including the _de.cf in the
distribution, as well as a few other rules files for internationalization. I've
fixed that in CVS. To get the german working in 2.20, you can just copy the
*_de.cf files from the CVS rules directory, and put them in
That'd be helpful Klaus. I tend to read this list fairly frequently, but not
always at times when I can easily to CVS commits. If you post patches to
bugzilla, and then assign the ticket to me ([EMAIL PROTECTED]) I'll be a
whole heck of a lot more likely to commit the changes to CVS.
Thanks,
C
On Tue, 23 Apr 2002, joost witteveen wrote:
> I wanted something free (GPL or similar), and preferably not written
> in Java (as is OpenAntiVirus, the only package mentioned on freshmeat
> that does have its on ruleset).
If you use sendmail definitely grab mimedefang.
http://www.roaringpenguin.c
Theo Van Dinter wrote:
> This one came through 2.20 fairly clean... :(
Your mail triggered my rules NIGERIAN_SCAM_7 and US_DOLLARS_4. I had
proposed those some days ago on this list.
Maybe I should try to find my way through the jungle of Bugzilla and
submit them there as well.
ciao
Klaus
I figure this was meant for the list ... :)
- Forwarded message from Chuck Wolber <[EMAIL PROTECTED]> -
Date: Tue, 23 Apr 2002 10:57:45 -0700 (PDT)
From: Chuck Wolber <[EMAIL PROTECTED]>
To: Theo Van Dinter <[EMAIL PROTECTED]>
Subject: Re: [SAtalk] New NIGERIAN rule needed?
And here is
>
> I wanted something free (GPL or similar), and preferably not written
> in Java (as is OpenAntiVirus, the only package mentioned on freshmeat
> that does have its on ruleset).
>
> SPAM: email sent by an infected human.
> Virus: email sent by the infected combination human/computer.
> Worm: emai
On Tue, 23 Apr 2002, joost witteveen wrote:
> I wanted something free (GPL or similar), and preferably not written
> in Java (as is OpenAntiVirus, the only package mentioned on freshmeat
> that does have its on ruleset).
I've you're using procmail, there are several antivirus filters floating
ar
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tuesday 23 Apr 2002 5:39 pm, joost witteveen wrote:
> > Try freshmeat as a good source of such modules, btw.
>
> I tried it, but in the first 20 results (sorted by popularity),
> I only found wrappers that allow me to use non-free libraries/sites
>
On Tue, 2002-04-23 at 12:39, joost witteveen wrote:
> I wanted something free (GPL or similar), and preferably not written
> in Java (as is OpenAntiVirus, the only package mentioned on freshmeat
> that does have its on ruleset).
>
There is a perl virus scanner (File::Scan) which would be fairly
> > I'm sure the goal of the message is to make me write a .bat
> > file (the same message appears in .exe, .pif, ... variants),
> > that I then later execute.
> >
> > So, I wonder, why didn't the message hit any spamassassin rule?
>
> Because it's a virus, not spam. There are several ways of int
*sigh*
I could have sworn that I did indeed restart spamd. But just to be
sure, after getting this message I made sure that spamd stopped and
started from scratch. I had to wait for another error to come through,
but once it did, it was clear that the whitelist applied. Thanks for
the sanity c
> "SH" == Sean Harding <[EMAIL PROTECTED]> writes:
SH> Are there mail clients that automatically uudecode stuff so that this would
SH> show as a normal message? Or are they just hoping that people will manually
SH> decode it to see what it is?
My rule of thumb is this: if there's something s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tuesday 23 Apr 2002 4:16 pm, joost witteveen wrote:
> Well, OK I'm sure there is a rule that catches
> files like .bat .pif .exe .com, but anyway, I'm getting
>
> a lot of messages like:
> > Received: from unknown (HELO inje.iskon.hr) ([213.191.128
Well, OK I'm sure there is a rule that catches
files like .bat .pif .exe .com, but anyway, I'm getting
a lot of messages like:
> Received: from unknown (HELO inje.iskon.hr) ([213.191.128.16]) (envelope-sender
><[EMAIL PROTECTED]>)
> [...]
> X-Spam-Status: No, hits=0.5 required=5.6 tests=LARGE_HE
Sean Harding wrote:
>I don't know if this is a new trick, but it's a new one on me. I got a
>couple of uuencoded spams today. By uuencoding, they manage to bypass any
>body text filters. In this case, they were caught by other rules.
>
>Are there mail clients that automatically uudecode stuff so
On Tue, Apr 23, 2002 at 09:51:27AM -0500, Ken Causey wrote:
> However! I need to be able to whitelist at least selected local email
> addresses, if not the entire category. It doesn't appear that I can do
> so. I've added
>
> whitelist_from postmaster
>
> but it doesn't appear to be having an
I don't know if this is a new trick, but it's a new one on me. I got a
couple of uuencoded spams today. By uuencoding, they manage to bypass any
body text filters. In this case, they were caught by other rules.
Are there mail clients that automatically uudecode stuff so that this would
show as a
I'm having a problem with locally delivered email. First of all, it
triggers FROM_MALFORMED, which is relatively highly scored. At first I
thought this was a bug, but then I read through a related bug entry and
decided that the logic for this rule is probably valid, so I'm willing
to let this go
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tuesday 23 Apr 2002 3:31 pm, Vivek Khera wrote:
> Unfortunately, to do this, Net::SMTP::Server::Client needs to be
> modified, and the author of that module hasn't decided how to do that
> yet... So it is a bit of surgery for now, and I've not yet
> "DP" == Daniel Pittman <[EMAIL PROTECTED]> writes:
DP> spamproxyd accepts email via SMTP, runs it through SpamAssassin and then
DP> forwards the result via SMTP to another SMTP listener.
I've looked over the code to spamproxyd and there is a gaping hole in
it that will lose your mail if so
This one came through 2.20 fairly clean... :(
--
Randomly Generated Tagline:
There is, however, a strange, musty smell in the air that reminds me of
something...hmm...yes...I've got it...there's a VMS nearby, or I'm a Blit.
-- Larry Wall in Configure from the perl distribution
Hi there,
how can I activate/setup the german translation with comes with the new
2.20 release? It seems that the translation is only covered by the CVS
...
Regards,
Simon
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.
On Mon, 22 Apr 2002, Onie Camara wrote:
> I've got a different setup without any users on my postfix. It's a
> relay server. So no local delivery. I hope it's still possible.
If you read the FILTER_README that came with Postfix then it will
rapidly become clear to you that this, in fact, is compl
On Mon, 22 Apr 2002, Mark Lucas wrote:
[...rewritten to conform to RFC822...]
> "Daniel Pittman" <[EMAIL PROTECTED]> wrote:
>
>> On Mon, 22 Apr 2002, Onie Camara wrote:
>> > I heard lot of good things about spam assassin. My postfix is
>> > configured as a relay server. Can I use spamassasin fo
34 matches
Mail list logo
