On Wed, May 15, 2002 at 04:16:40PM +0700, Olivier Nicole wrote:
> > So, it says "this mail is probably spam" even though it scored -2.8!!
>
> When you use -t, you will get a repport in any case.
There is a bug with -e (or whatever the 'exit code' flag is) where it
exits nonzero for negative scor
On Wed, May 15, 2002 at 07:58:10PM -0600, Michael Moncur wrote:
>
> Since this sort of thing is becoming common, I've started using whitelist_to
> instead for things like PayPal and Ameritrade, using a special address for
> each. (I tell PayPal my address is [EMAIL PROTECTED], and then
> whitelis
I just tried to install SA. I found that the
header line:
From
becomes
rom
The leading F is gone. I read the FAQ and
added the -F1 option, but it still removed the leading F.
Any ideas?
Thanks.
On Fri, May 10, 2002 at 01:42:01AM -0700, Marc MERLIN wrote:
> I believe I've asked this before, but it's biting me too often and I haven't
> yet found an answer to this:
Ok, so I'll take the lack of answer as "yes this is known, no, no fix yet"
I'm willing to see if I can hack what I need in (i
Hi,
I found it a mess to prepare a list of the various rule description,
the first time I did the French translation.
Now that I make myself ready for a second translation, I found I had
to merge the English description, get the French existing one, and see
what is only new. Yuck!
So, I come up
On Wed, May 15, 2002 at 07:56:40PM -0700, Daniel Quinlan wrote:
...
| Another idea: what about a negative score for emails containing RFC
| 934 encapsulated messages?
|
| $ egrep -hi '^--* end.* -*-$' *[0-9] | count
| 7 --- End of forwarded message ---
| 8 --- end
Klaus Heinz <[EMAIL PROTECTED]> writes:
> a message I received was tagged with DATE_IN_FUTURE but the 'Date:'
> header was actually about a week in the past.
>
> The description of the rule is not as misleading as its name:
>
> 'Date: Differs by more than 4 days from current date'
>
> Should
Craig R Hughes <[EMAIL PROTECTED]> writes:
> How many have you seen? I suppose it's probably our fault; spammers
> are probably forging those domains precisely to bypass SA. It might
> well be time to remove 60_whitelist.cf
I doubt it.
Prior to SA, if I got an email from "[EMAIL PROTECTED]",
On Wednesday, May 15, 2002, at 11:48 AM, dman wrote:
> | :0:
> | * X-Spam-Level: **
> | /dev/null
>
> Are you sure this does what you think it does? I think this regex
> reads like this :
>
> 0 or more occurences of
Well, I typed it in, not copied and pasted. So yes, you need to escape
Dan> The NO_REAL_NAME is not too meaningful since it matches 423
Dan> messages with only 244 being spam...
This is one for which I suspect different people running the masses stuff
would get substantially different values, depending on their Internet
"circle of friends". I run a website
Theo Van Dinter <[EMAIL PROTECTED]> writes:
> Well, SA does that by (default) adding a -100 points to the message score.
> So this spam, listed as from "concord.net" in the header gets -100,
> then the actual spam scores brought it up to -67.
Yuck. How about moderating the whitelist modificatio
Craig R Hughes <[EMAIL PROTECTED]> writes:
> I'm pretty sure I have a high-res version of the SpamAssassin image
> thing with the rubber ninjas and stuff. I'll see if I can dig it up
> for T-shirt use.
Just don't make it one of those uncomfortable T-shirts where the front
is 90% covered by a hu
Vivek Khera <[EMAIL PROTECTED]> writes:
> I've had exactly 1 message in three years for which this missing
> boundary was not a SPAM (which seems to be some mailing list software
> that did that botching on an attachment). There doesn't seem to be a
> correlation with X-Mailer header, Does.
>
>
On Wednesday, May 15, 2002, at 06:58 PM, Michael Moncur wrote:
> Since this sort of thing [forged return address from legitimate
> business]
> is becoming common, I've started using whitelist_to
> instead for things like PayPal and Ameritrade, using a special address
> for
> each. (I tell PayPa
>Sorry, two or three messages later in the spool I saw Craig's mention of the
>masses directory. My apologies for inferring that the term "genetic
>algorithm" might be misused. Seems like this is something that should be
>mentioned in the man pages, as it's a significant differentiator between S
> How many have you seen? I suppose it's probably our fault; spammers are
> probably forging those domains precisely to bypass SA. It might
> well be time to
> remove 60_whitelist.cf
The only one I've seen that might have been intended to deceive SA was one
with an @amazon.com address for no go
Skip> All this talk about a genetic algorithm makes me wonder, is it
Skip> trainable in the usual sense or is that not possible?
Sorry, two or three messages later in the spool I saw Craig's mention of the
masses directory. My apologies for inferring that the term "genetic
algorithm"
>The basis of the problems seems to be that sendmail won't send the full email
>across to spamc for whatever reason, at least on some platforms. Seems like it
>would be logical for the whole message to get sent, then to read the whole
Wouldn't it be rather spamass-milter that is not sending the
All this talk about a genetic algorithm makes me wonder, is it trainable in
the usual sense or is that not possible? I don't see "genetic" mentioned in
either the SA manpages or the code, which leads me to suspect the term is
being misused.
--
Skip Montanaro ([EMAIL PROTECTED] - http://www.moja
> Although I would prefer a way to bounce it (with spamassasin headers), on
> the off chance that there is ever legitimate mail with a spam score over 10.
>The only once I've ever seen was a sample sent to this list with a score
> of 39. Everything else over 8 has been spam.
Rather than bo
me> Using the -t flag I'm told the USER_IN_WHITELIST test contributed a
me> -100 to the hits. Unfortunately, I don't have any ebay.com
me> addresses (or glob patterns involving ebay.com) in my user_prefs
me> file.
Craig> How many have you seen? I suppose it's probably our f
>Date: Wed, 15 May 2002 19:21:44 -0500
>To: Ted Cabeen <[EMAIL PROTECTED]>
>From: [EMAIL PROTECTED]
>Subject: Re: [SAtalk] qmail-scanner-1.12 not calling spamc please help
>
>At 07:07 PM 05/15/02, you wrote:
>>-BEGIN PGP SIGNED MESSAGE-
>>Hash: SHA1
>>
>>Content-Type: text/plain; charset=
I changed them to be equal to each other so that you can go the other way too --
cancel a whitelist entry with a more specific blacklist. You can use multiple
WL/BL entries if you want to give extra +/- 100 bonuses, eg:
# I like my own domain
whitelist *@hughes-family.org
# Dad's always forward
What you describe is expected behavior. That's what the "auto" in
"autowhitelist" means. Any sender gets automatically added, and has the sum of
the scores of the messages they've sent, plus the number of messages tracked
over time. The AWL does not work in the same way the regular whitelist wo
Nix wrote:
N> On Wed, 15 May 2002, Michael Stenner said:
N> > Genetic Algorithm. Clever method for optimizing complicated
N> > mathematical systems.
N>
N> Or, rather, for searching large and irregularly defined spaces (spaces
N> that are too large or too complicated to search systematically).
O
If you change the global config file, you must restart the parent spamd process.
It reads the global config file once, at startup time.
Having said that, you should check out
http://bugzilla.spamassassin.org/
I thought there was a ticket in there already about having spamd notice config
file ch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Content-Type: text/plain; charset=us-ascii
In message <[EMAIL PROTECTED]>, AD writes:
>I've been banging my head for 4 days trying to figure this out and I've
>come to the end of my rope :(
>
>first line of qmail-scanner-queue.pl is set to #!/usr/bi
Hi,
What does your @scanner_array contain?
Mine would be my @scanner_array=("avp_scanner","spamassassin"); except that
I'm running just avp_scanner and spamassassin per domain.
Regards,
Rick
- Original Message -
From: "AD" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday,
I've been banging my head for 4 days trying to figure this out and I've
come to the end of my rope :(
I have qmail-1.03 running on RedHat 7.2, perl v5.6.1.
I am running qmail-scanner-queue because suidperl is not implemented.
here are the file permissions:
qmail-scanner-queue.pl -rwxr-xr-x (0
On Wednesday, May 15, 2002, at 07:24 PM, Bryan Fullerton wrote:
> +lmtp.sendmail(sender, recipient, checked_data)
> +except smtplib.SMTPDataError, errors:
> +elif errors.smtp_code/100 == 4:
> +sys.exit(75)
> +else:
> +ra
On Wednesday, May 8, 2002, at 07:57 PM, Daniel Pittman wrote:
> Yup. Postfix respects the standard system return codes, so returning one
> of those should just do the right thing. You need to detect the problem,
> of course, and return the right code.
Ok, how about this. Seems to be working for
A user of just sent in the complaint to our support queue:
> Someone made the white- and blacklist values the same in the
> default spamassassin settings. This is BAD! You want a whitelist
> value to be WAY bigger than a blacklist value so you override
> the blacklist for specific email address!
I couldn't find these previously so I ended up making my own. They appear
to work okay but I have not heavily tested them (and the scores are a
little arbitary). FYI the different 127.1.x.x values RBL+ uses correspond to:
127.1.0.1 RBL
127.1.0.2 DUL
127.1.0.3
I know something like this was discussed here a few days ago.. but I didn't
see a resolution to the problem.
I've been using spamassassin for a while now.. and I love it.. removed all
of my procmail spam recipes..
Anyway.. as soon as I switched to spamd/spamc my auto-whitelist.db, which
SHOULD
On Wed, May 15, 2002 at 03:41:01PM -0500, David T-G wrote:
> % Razor wants all spam that is VERIFIED BY A HUMAN to be spam.* So yes,
>
> So even if SA says that it racks up an 11.7 I should send it in, either
> 'cuz I got it at all or 'cuz the SA razor test (is there one?) didn't
> catch it. Ho
On Wed, 15 May 2002, Michael Stenner said:
> Genetic Algorithm. Clever method for optimizing complicated
> mathematical systems.
Or, rather, for searching large and irregularly defined spaces (spaces
that are too large or too complicated to search systematically).
--
`There are not words enoug
Check out the /masses directory in the distribution. It has all that stuff in
there, and a README which I think is more or less up to date.
C
David T-G wrote:
DT> Hi, all --
DT>
DT> In trying to learn what the GA is as well as lurking and now trying to
DT> fine-tune my rule evaluation and thre
If I want to alter something in the sitewide config file (eg, turn on
terse reporting globally), and I'm using spamd/spamc plugged into Exim,
do I need to completely restart spamd daemon to re-read the config file,
or can I just send it a HUP?
The docs say a child proc is fired off for every s
Michael --
...and then Michael Stenner said...
%
% On Wed, May 15, 2002 at 03:12:17PM -0500, David T-G wrote:
% >
...
% > by tracking them down a la spamcop? When do I need to report something
% > and when not?
%
% Razor wants all spam that is VERIFIED BY A HUMAN to be spam.* So yes,
So eve
On Wed, 2002-05-15 at 16:13, Craig R Hughes wrote:
> Justin has a link on the CREDITS page of the spamassassin.org website to the
> rubber ninja homepage. I think it might be down though. I've seen rubber ninja
> pictures elsewhere too -- most notably on the ninjaburger homepage I think.
>
Also
On Wed, May 15, 2002 at 03:12:17PM -0500, David T-G wrote:
> In a somewhat related vein, I have another question... I just got the
> Nigerian Fraud scam in a note that came through a mailing list. I don't
> know if I should submit this to the razor because
>
> - SA caught it (11.7)
> - it came
Justin has a link on the CREDITS page of the spamassassin.org website to the
rubber ninja homepage. I think it might be down though. I've seen rubber ninja
pictures elsewhere too -- most notably on the ninjaburger homepage I think.
C
Nick Fisher wrote:
NF> While your at it is there a single R
Hi, again --
In a somewhat related vein, I have another question... I just got the
Nigerian Fraud scam in a note that came through a mailing list. I don't
know if I should submit this to the razor because
- SA caught it (11.7)
- it came through a list and I don't want to poison them
- I don't
Hi, all --
In trying to learn what the GA is as well as lurking and now trying to
fine-tune my rule evaluation and threshold, I wonder if I can submit my
own pool of what I consider spam and what I don't to the same process
that generates those nice summary listings. Is such a handy tool
availab
While your at it is there a single Rubber Ninja somewhere that we could use
for an Icon?
Nick
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Craig
> R Hughes
> Sent: Wednesday, May 15, 2002 3:48 PM
> To: Michael Stenner
> Cc: [EMAIL PROTEC
I'm pretty sure I have a high-res version of the SpamAssassin image thing with
the rubber ninjas and stuff. I'll see if I can dig it up for T-shirt use.
C
Michael Stenner wrote:
MS> On Wed, May 15, 2002 at 03:34:47PM -0400, Bryan Fullerton wrote:
MS> > One of my users who really, really likes
On Wed, May 15, 2002 at 03:34:47PM -0400, Bryan Fullerton wrote:
> One of my users who really, really likes SA was wondering if there are
> t-shirts available. :)
Are you familiar with cafepress.com ?
I'm sure the main SA guys wouldn't mind if there were t-shirts sold.
They could even set up th
One of my users who really, really likes SA was wondering if there are
t-shirts available. :)
Bryan
--
Bryan Fullerton http://bryanfullerton.com/
Core Competence uunet.ca!gts!cspace!bryanf
Samurai Consulting Inc.
Powered by Boredom
_
How are ppl doing this? I'm using Postfix+content_filter -> cyrus myself,
but for Per User Preferences to work, you have to do it at the delivery
end of things, so using Postfix' content_filter wouldn't work ... and I
don't think that spamass-milter would either, since, again, that is
before the
Thanks Craig,
I'll try the MIMEDefang and see what happens
Jim
--
On 2002.05.15 14:09 Craig R Hughes wrote:
> Though I've never used sendmail/milter myself, from observing the
> comments
> flying back and forth on this list about using spamass-milter I think
> the answer
> is one of a few
sorry that procmail recipe should have been
:0 ifW
* ! ^X-Spam-Status: Yes #to avoid running more than once
| spamc || exit 75
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
Hello,
I have checked the FAQ and docs but have been unable to find the answer to
this question in more detail. The question is why is -f no longer able to
be turned off as stated in Changes doc, spamc.c and man spamc?
If spamd dies, I'd like to defer delivery until it is started back up and
no
Though I've never used sendmail/milter myself, from observing the comments
flying back and forth on this list about using spamass-milter I think the answer
is one of a few things:
1. Use MIMEDefang as a front end for SpamAssassin instead of spamass-milter.
MIMEDefang apparently works, spamass-mil
The updated AWL in 2.20 will probably fix this problem for you, since AWL no
longer gives a fixed score -ve bonus.
C
Theo Van Dinter wrote:
TVD> From: "April" <[EMAIL PROTECTED]>
TVD> X-Spam-Status: No, hits=-95.5 required=10.0
TVD>
tests=MAY_BE_FORGED,GREAT_OFFER,CLICK_BELOW,OPT_IN,EMAIL_MARK
David T-G wrote:
DT> Ah! Thanks [to both of you, so far.] Now I will search for that
DT> parameter so I can see what docs I have overlooked :-)
man Mail::SpamAssassin::Conf
C
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sou
On Wed, 2002-05-15 at 08:26, LuKreme wrote:
> :0:
> * X-Spam-Level: **
> /dev/null
Doesn't that have to be
* X-Spam-Level: \*\*\*\*\*\*\*\*\*\*
in regexp syntax?
> Although I would prefer a way to bounce it (with spamassasin headers), on
> the off chance that there is ever legitimate
How many have you seen? I suppose it's probably our fault; spammers are
probably forging those domains precisely to bypass SA. It might well be time to
remove 60_whitelist.cf
C
Michael Moncur wrote:
MM> >Using the -t flag I'm told the USER_IN_WHITELIST test contributed a -100 to
MM> >the hits
Gilles Nedostoupof wrote:
GN> May 15 11:08:28 john spamd[19938]: server killed by SIGTERM, shutting down
GN> May 15 11:08:28 john spamd[19938]: SIGPIPE received - reopening log socket
GN> May 15 11:08:28 john spamd[19869]: server killed by SIGTERM, shutting down
GN> May 15 11:08:28 john spamd[198
Hi, all --
So now that I have spam happily marked, and am starting to get to know
where my threshold lies (or whether I should whitelist certain senders),
I also have bona fide spam that I can report.
When I pipe a message, or some messages, through spamassassin -r I get no
output. Is it suppos
-t always generates a report -- it's sort of a debugging option. -P won't
generate a report unless the threshold is exceeded.
C
Simon Detheridge wrote:
SD> Hi,
SD>
SD> I was running spamassassin fine for a couple of days, and then noticed
SD> stupidly large numbers of emails getting tagged as
Yup, spamd also has a -D flag -- don't use -d if you're using -D though, or
it'll detach from the terminal and you won't see much! Just start spamd from
the command line in the same way it's normally started, except remove -d and add
-D
Given that spamassassin is looking in the right places thou
On Wed, May 15, 2002 at 09:26:50AM -0600, LuKreme wrote:
| On Tuesday, May 14, 2002, at 08:24 PM, Sidney Markowitz wrote:
| >On Tue, 2002-05-14 at 18:28, Ron Carter wrote:
| >
| > :0:
| > * ^X-Spam-Status: Yes
| > /dev/null
| >}
| >
| >I agree with Theo that piping to /dev/null is not a good idea
> On Tuesday, May 14, 2002, at 08:24 PM, Sidney Markowitz wrote:
> > On Tue, 2002-05-14 at 18:28, Ron Carter wrote:
> >
> > :0:
> > * ^X-Spam-Status: Yes
> > /dev/null
> > }
> >
> > I agree with Theo that piping to /dev/null is not a good idea because
> > spamassassin is
> > not perfect.
>
>
Speaking of dying.
We have been seeing a problem with spamc/spamd just getting
HUNG on both Solaris-2.8 and Redhat-7.2
I have already applied the patch for spamc hangs due to
large message size (although that's never been what hangs things)
so that's not what's going on here.
In a n
I am also noticing that our spamd process is dying, and
yet email (and SPAM) is passed through (unchecked).
So... perhaps these are related. I think I need to stabilize spamd
first.>>> [EMAIL PROTECTED] 05/14/02 12:14PM >>>
There have been reports of this happening when DCC checking is turn
Andrew Kohlsmith wrote:
>>test FROM_EGROUPS ok
>>[EMAIL PROTECTED]
>>test FROM_EGROUPS fail [EMAIL PROTECTED]
>>
>>(note: always write tests ;-)
>
>
> What are these tests?
They are run by the test suite when you type "make test". They can be
used to make sure your regexps match what y
Comments says: give negative score, but mail from Majordomo is scored with ~
1.3
grep -i majordomo *
20_body_tests.cf:# strange pattern because otherwise it matches the std.
majordomo line
20_head_tests.cf:# give a negative score to Majordomo results.
20_head_tests.cf:header MAJORDOMO
> test FROM_EGROUPS ok
> [EMAIL PROTECTED]
> test FROM_EGROUPS fail [EMAIL PROTECTED]
>
> (note: always write tests ;-)
What are these tests?
Regards,
Andrew
___
Have big pipes? SourceForge.net is looking for download mirrors.
On Wed, May 15, 2002 at 11:45:11AM -0400, Theo Van Dinter wrote:
> For me:
> SPAM: Content analysis details: (5.6 hits, 5 required)
Oops. That was on your actual message. The real results against the
attached message was:
SPAM: Content analysis details: (7 hits, 5 required)
SPAM: Hit! (1.3
> This one did the same thing. The from address on this one is
> [EMAIL PROTECTED]
For me:
SPAM: Content analysis details: (5.6 hits, 5 required)
SPAM: Hit! (-0.1 points) Subject: ends in a question mark
SPAM: Hit! (1.4 points) BODY: Trying to offer you something
SPAM: Hit! (1.5 points) BODY
On Wed, May 15, 2002 at 08:24:10AM -0700, Jim Scott wrote:
> Yes I have concord.net whitelisted. Why would that effect it?
> I was under the impression that would just keep email that
> is addressed from @concord.net users from being detected as spam.
Well, SA does that by (default) adding a -10
On Tuesday, May 14, 2002, at 08:24 PM, Sidney Markowitz wrote:
> On Tue, 2002-05-14 at 18:28, Ron Carter wrote:
>
> :0:
> * ^X-Spam-Status: Yes
> /dev/null
> }
>
> I agree with Theo that piping to /dev/null is not a good idea because
> spamassassin is
> not perfect.
I have
:0:
* X-Spam-Level
I read email with VM in XEmacs, and every once in a while it complains
about bothced MIME like this:
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Subject: Learn How To Grow Your Portfolio
9806Dl5
Date: Wed, 15 May 2002 11:40:15 -0700
final =_NextP
Worked fine on my end. Sored at 39.7.
Your's shows: USER_IN_WHITELIST
Which is probably -100 which would explain the score you got.
On Wednesday, May 15, 2002, at 08:18 AM, Jim Scott wrote:
> SPAM: Start SpamAssassin
> results --
> SPAM: This mail is
On Wed, May 15, 2002 at 09:38:48AM -0500, Skip Montanaro wrote:
> What logs? I had the same problem and just switched back to running
> spamassassin directly.
syslog. If spamd is running, it should be logging to syslog. If running
spamc doesn't add any headers to the message, spamc either 1) c
On Wed, May 15, 2002 at 07:18:43AM -0700, Jim Scott wrote:
> Definately something wrong with this one.
The Spam Status line shows "USER_IN_WHITELIST", which would explain
the heavy negative scoring. Do you have "concord.net" whitelisted in
user_prefs or local.cf?
--
Randomly Generated Tagl
>> The process just doesn't run (no scoring, etc.)
Theo> Are you running spamd? What do the logs say?
What logs? I had the same problem and just switched back to running
spamassassin directly.
___
Have big pipes? SourceForg
Definately something wrong with this one.
Jim
--- Begin Message ---
Title: Is your laser printer costing you more than you thought
Is your laser printer, copier, fax, or Inkjet printer
costing you more than you thought? Perhaps we can help !!We can save
you up to 70% on toner cartrid
Jason, et al --
...and then Jason Kohles said...
%
% On Wed, 2002-05-15 at 09:33, David T-G wrote:
% >
...
% > 1) What is the "GA" in GA scores?
% >
% Genetic Algorithm.
Ahhh... Hokay; thanks.
%
% > 2) Can I have spam tagged only in the headers (preferably with the
% >analysis include
Theo --
...and then Theo Van Dinter said...
%
% On Wed, May 15, 2002 at 08:15:28AM -0500, David T-G wrote:
% > % -body ONE_TIME_MAILING
/this\b.{0,20}\b(?:one|1).time\b.{0,20}\b(?:mail|offer)/i
% > % +body ONE_TIME_MAILING
/this\b.{0,20}\b(?:one|1).time\b.{0,20}\b(?:(?:e-
On Wed, May 15, 2002 at 08:15:28AM -0500, David T-G wrote:
> % -body ONE_TIME_MAILING
>/this\b.{0,20}\b(?:one|1).time\b.{0,20}\b(?:mail|offer)/i
> % +body ONE_TIME_MAILING
>/this\b.{0,20}\b(?:one|1).time\b.{0,20}\b(?:(?:e-?)?mail|offer)/i
>
> 1) I'm no regexp guru, so
On Wed, 2002-05-15 at 09:33, David T-G wrote:
> Hi, all --
>
> I'm sure that both of these are obvious to you guys, but I just haven't
> figured them out.
>
> 1) What is the "GA" in GA scores?
>
Genetic Algorithm.
> 2) Can I have spam tagged only in the headers (preferably with the
>analys
On Wed, May 15, 2002 at 08:33:56AM -0500, David T-G wrote:
> 1) What is the "GA" in GA scores?
Genetic Algorithm. Clever method for optimizing complicated
mathematical systems. Lots of info can be found online (once ou know
what to search on).
>
> 2) Can I have spam tagged only in the headers
Hi, all --
I'm sure that both of these are obvious to you guys, but I just haven't
figured them out.
1) What is the "GA" in GA scores?
2) Can I have spam tagged only in the headers (preferably with the
analysis included somehow as, say, X-SPAM: headers) instead of having
the report and an
Seems to me that coming up with rules to match on multiple received
lines would be the key... Although it's still forgeable you can probably
do quite a bit of analysis on it, such as it having to go through two of
ebays servers for an ebay email, and the dates/etc.
These rules could be even more
Theo, et al --
...and then Theo Van Dinter said...
%
% On Mon, May 13, 2002 at 08:20:27AM -0700, Bart Schaefer wrote:
% > Is it time to update the ONE_TIME_MAILING rule?
% >
% > This is a one time email. You will never receive email from us again.
%
% How about:
%
% -body ONE_TIME_MAILING
On Wed, May 15, 2002 at 11:38:02AM +0200, Gilles Nedostoupof wrote:
> > Here's the patch I dreamed up. If there are no objections, I'll
> > submit this with a bug report.
> > I've tested it here and it certainly solves my problem.
> I'm sorry but this is not solving my problem, I've patched sp
Hi again, all --
One more followup in this thread with a summary and what I hope is a
useful contribution or two...
...and then Michael Stenner said...
%
% On Mon, May 13, 2002 at 02:37:45PM -0500, David T-G wrote:
% >
% > I downloaded v2.20 and unpacked it and read the docs, but nothing point
> I think the 60_whitelist.cf file really needs to go away. Forged
> @ebay.com,
> @paypal.com, and @amazon.com addresses are becoming all too common in
> spam...
Or maybe there's a way to whitelist on Received: headers rather than From:
headers? I know these can be forged too, but I doubt spammer
On Wed, 15 May 2002, Olivier Nicole wrote:
> This is a completely unrelated topic, but is there a mailing list for
> sendmail?
the comp.mail.sendmail newsgroup tends to be a pretty good place for
technical advice
you might check www.sendmail.org for email lists
Miles
>Using the -t flag I'm told the USER_IN_WHITELIST test contributed a -100 to
>the hits. Unfortunately, I don't have any ebay.com addresses (or glob
>patterns involving ebay.com) in my user_prefs file.
I think the 60_whitelist.cf file really needs to go away. Forged @ebay.com,
@paypal.com, and @a
>Here's the patch I dreamed up. If there are no objections, I'll submit
this with a bug report.
>I've tested it here and it certainly solves my problem.
I'm sorry but this is not solving my problem, I've patched spamd/spamd.raw,
recompiled SA.
When I do a /etc/rc.d/init.d/syslog restart ; spa
> So, it says "this mail is probably spam" even though it scored -2.8!!
When you use -t, you will get a repport in any case.
If you run the same message through SA without the -t, it will not be
flagged as possible spam.
Olivier
___
Hi,
I was running spamassassin fine for a couple of days, and then noticed
stupidly large numbers of emails getting tagged as spam, regardless of their
score. I tried running "spamassassin -t < sample-nonspam.txt" and it
generated the following:
SPAM: Start SpamAssassin resu
94 matches
Mail list logo
