Hi all!
I once had it, I think, but now it's gone:
What are the correct settings for having spamassassin defang *every*
spam
mail, so I can view the spam contents safely as text/plain in the body
of the mail.
I can manage to add the message as a text/plain attachement, but would
like to have the
Mike Loiterman <[EMAIL PROTECTED]> writes:
> That's where the problem was. I was always doing 'man
> Mail::SpamAssassin::Conf'. The old 2.5x series of manuals is still
> there when I use that command. I only get the new manuals when I do
> 'perldoc Mail::SpamAssassin::Conf'. Have a botched par
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Daniel Quinlan wrote:
> "Mike Loiterman" <[EMAIL PROTECTED]> writes:
>
>> Where are the latest Docs for the 2.6x sereis?
>
> They are only in the release candidates. run:
>
> man Mail::SpamAssassin::Conf
>
> or
>
> perldoc Mail::SpamAssassi
On Sunday 21 September 2003 03:31, Mike Shkolnik wrote:
> Any tips on how to auto-delete spam based on score without deleting all
> spam?
i belive http://www.mailscanner.info/ is for you on this :-)
---
This sf.net email is sponsored by:Think
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello Chr.,
Saturday, September 20, 2003, 1:25:37 PM, you wrote:
CvS> On Thu, Sep 18, 2003 at 05:47:36PM -0700, Robert Menschel wrote:
CvS> ...
RM>> something they want to teach SA about, they simply move or copy the
RM>> email to that webmail folder
Mark London wrote:
Does spamassassin simply total up the scores of all the tests which
are found to be valid for a message, or does it increase the score
based on whether a combination of tests exist?
Sometimes. SpamAssassin has both additive rules (each hit is worth a
set number of points)
Mark London wrote:
> Does spamassassin simply total up the scores of all the tests which
> are found to be valid for a message,
correct
> does spamassassin or another other software use
> this type of reasoning? Just curious, because I often get low spam
> scores for messages which are clearly s
On Sat, Sep 20, 2003 at 06:31:39PM -0700, Mike Shkolnik wrote:
> Any tips on how to auto-delete spam based on score without deleting all
> spam?
>
> Criteria:
> Mark anything scoring 5 or above as Spam. (already doing that)
> Delete anything scoring 15 or above FROM THE SERVER. (how?)
> Spam scori
Any tips on how to auto-delete spam based on score without deleting all
spam?
Criteria:
Mark anything scoring 5 or above as Spam. (already doing that)
Delete anything scoring 15 or above FROM THE SERVER. (how?)
Spam scoring 5 to 14 is still delivered to the desktop and moved to a
folder (already d
Does spamassassin simply total up the scores of all the tests which
are found to be valid for a message, or does it increase the score
based on whether a combination of tests exist? I.e. the likelihood
that a message is spam if it only tests positive for the GUARANTEE
test might only be someth
I'm currently poking around the docs and looking for a test that will
allow me to block all exe's ... I'm getting flooded today with virus
emails grr... I'm on a nix box so its not so much an issue but does it
up time on a dialup. I'm using a straight qmail/SA setup. If someone
could point me in th
That filters a lot more than just the worm.
The MDS_Swen_A will be true with only one of MDS_Swen_A_3,
MDS_Swen_A_6 or MDS_Swen_A_7 is true.
Now each of those ALONE already filter millions of legal mail
away that you might want to receive.
--
Carlo Wood <[EMAIL PROTECTED]>
---
On Saturday, Sep 20th 2003 at 18:31 -0700, quoth Mike Shkolnik:
=>Any tips on how to auto-delete spam based on score without deleting all
=>spam?
=>
=>Criteria:
=>Mark anything scoring 5 or above as Spam. (already doing that)
=>Delete anything scoring 15 or above FROM THE SERVER. (how?)
=>Spam sco
I found a posting in some newsgroup and modified the rules a bit. they
work for me very nice. here you go:
header MDS_Swen_A_0From=~
/(email|inet|internet|mail|microsoft|ms|net|network)/i
header MDS_Swen_A_1From=~ /(section|service|system)/i
header MDS_Sw
I'm about to switch from sendmail to qmail and I was wondering if
anyone could point me to a decent "how to" on configuring qmail and
spamassassin.
Thanks!
Mike-
Mornings: Evolution in action. Only the grumpy will survive.
-
Please note - D
"Mike Loiterman" <[EMAIL PROTECTED]> writes:
> Where are the latest Docs for the 2.6x sereis?
They are only in the release candidates. run:
man Mail::SpamAssassin::Conf
or
perldoc Mail::SpamAssassin::Conf
to read the configuration documentation if you have 2.60-rc6 installed.
> I saw a
Drew Wymore <[EMAIL PROTECTED]> writes:
> I'm currently poking around the docs and looking for a test that will
> allow me to block all exe's ... I'm getting flooded today with virus
> emails grr... I'm on a nix box so its not so much an issue but does it
> up time on a dialup. I'm using a straigh
On Sat, Sep 20, 2003 at 10:05:30AM -0400, Bruce Pennypacker wrote:
> But the spamass-milter for sendmail DOES let you block e-mail if the SA
> score is high enough. Steven may not have been entirely clear about
> that,
Right. And the problem is that it sounded exactly like all the other times
On Fri, Sep 19, 2003 at 10:55:29AM +0300, Odhiambo Washington wrote:
> I installed 2.60rc5 yesterday (I had been running 2.60rc1) and since that time,
> I am seeing the following in the paniclog output of my MTA:
>
> 2003-09-19 10:46:27 1A0FyE-000NcV-Do spam acl condition: cannot parse spamd outpu
Greeting,
I just tried to install 2.60 via CPAN and all I get is 2.55. When will
2.60 rc5 be available from CPAN?
Regards,
Pete
Peter P. Benac, CCNA
Emacolet Networking Services, Inc
Providing Systems and Network Consulting, Training, Web Hosting Services
Phone: 919-847-1740 or 866-701-
Hello users,
I installed 2.60rc5 yesterday (I had been running 2.60rc1) and since that time,
I am seeing the following in the paniclog output of my MTA:
2003-09-19 10:46:27 1A0FyE-000NcV-Do spam acl condition: cannot parse spamd output
2003-09-19 10:46:27 1A0FyE-000NcV-Do spam acl condition: cann
On Saturday 20 September 2003 22:51 CET Alastair Battrick wrote:
> > > I'm having a problem installing SA 2.55
> >[...]
> I have now tried this using a non-root user and the same problem occurs
>
> Anybody any more suggestions?
Yes: Could you please have a try with SA 2.60-rc6 (stable enough for
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello Jefferson,
Wednesday, September 17, 2003, 8:54:09 PM, you wrote:
JC> ... is there a webmail system that incorporates sa-learn
JC> functionality? I.e. a system that has a button that I can click to
JC> say this is spam and it will be feed throug
Hi,
> I was just fiddling around and I entered a rule to catch some of the text in
> the MS Security Alert patch but it never seems to go over the threshold.
this is my ruleset.
rawbody SWEN_FNAMES
/(Patch516.exe|Q683158.exe|Q224439.exe)/
describeSWEN_FNAMES
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Where are the latest Docs for the 2.6x sereis?
I saw a mention in a post made to the list about something called:
'add_header all Report _REPORT_' for use in 2.6x. According to the
mail, this replaced 'always_add_header 1'.
I added add_header all
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello Don,
Saturday, September 20, 2003, 8:35:45 AM, you wrote:
DS> a. How do you folks deal with the learning curve for spamassassin
DS> ?... It's too very steep for a novice!
DS> b. If spamassassin is already on your providers' system, how does t
> > I'm having a problem installing SA 2.55
> >
> > The server is running Redhat 7.2 (I think) has 256Mb RAM and
> plenty of spare
> > disk space.
> >
> > When I go to cpan, I can get and make Mail::SpamAssassin no
> problems, but
> > when I 'make test' I get this:
>
> [snip..]
> > t/razor2.
On Thu, Sep 18, 2003 at 05:47:36PM -0700, Robert Menschel wrote:
...
> something they want to teach SA about, they simply move or copy the email
> to that webmail folder. I then have a cron job which scans these folders
> once an hour, and feeds any non-empty folders into sa-learn.
Isnt't this a
On Sat, 20 Sep 2003, Fred I-IS.COM wrote:
> I noticed a small difference, I don't know if this has something to do with
> it, but in the bottom message, with -7.7, where are the other SA headers?
> Like which tests fired?
the -7.7 was from spamd/spamc, and the only SA headers I get from that ar
At Fri Sep 19 01:59:54 2003, Peter P. Benac wrote:
>
> Greeting,
>
> I just tried to install 2.60 via CPAN and all I get is 2.55. When will
> 2.60 rc5 be available from CPAN?
I believe the developers have a policy of not submitting release
candidates to CPAN.
When 2.60 is released, I'm sur
On Sat, Sep 20, 2003 at 02:33:45PM -0400, [EMAIL PROTECTED] wrote:
> All email that is tagged/flagged as spam, will be sent to a specific email
> account on the mail server, not the mail gateway. Then, I can log in with
> the specified account on the mail server, and review the email that has
> bee
up wrote:
>> The last time this happened, the only way I could get sa-learn to start
>> working again was to remove _journal, _msgcount, _seen and _toks, which
>> presumably wipes out all existing bayes data. Is there a better way?
Abigail Marshall <[EMAIL PROTECTED]> writes:
> Same issue - on
I noticed a small difference, I don't know if this has something to do with
it, but in the bottom message, with -7.7, where are the other SA headers?
Like which tests fired?
Frederic Tarasevicius
Internet Information Services, Inc.
[EMAIL PROTECTED] wrote:
> I've been getting some spams coming
Hello everyone.
Well, after getting some great help from people on this board, I was able
to setup postfix ans spamassassin (running as spamd) to work together.
My current setup for SA and postfix is on a mail gateway. All email is
piped through SA and then back to postfix, THEN relayed to my int
Jack L. Stone wrote on Sat, 20 Sep 2003 10:08:51 -0500:
> Research has led me to believe that the "envelope from" is the most
> reliable source of the actual sender. I am prepared to be corrected
> though and would like to be.
>
However, in the case of a spamming virus or a spammer the sender
I've been getting some spams coming in with negative scores like this
-7.7, but when I run it through the spamassassin debugger, it comes out
with a modest postive score of 3.7. I'm not using any user prefs, either.
From [EMAIL PROTECTED] Fri Sep 19 23:36:23 2003
Return-Path: <[EMAIL PROTECTED]>
I know, I know, SA is not supposed to be used as a virus filter. Having
said that, it is an awesome tool for blocking unwanted e-mail. It so
happens that many viruses (notably the recent bogus MS update) are delivered
via unwanted e-mail.
I just wanted to say that at my site, I have fed the lite
On Sat, Sep 20, 2003 at 11:37:09AM -0400, Steven W. Orr wrote:
> SA does not block mail. It tags mail. Then you can do whatever you want
> with that tagging.
Precisely.
> By using spamass-milter you have the option of rejecting the
> message before reception completes. This way, the spammer kn
You can see some of the custom virus rules at www.exit0.us I don't believe
you will ever see them in releases of spamassassin. But you can always add
the ones that are custom written.
It just has to do with semantics. It is called Spamassassin, and that has to
be its main focus.
> -Original
On Sat, Sep 20, 2003 at 11:35:45AM -0400, Don Saklad wrote:
> b. If spamassassin is already on your providers' system, how does the novice user
>configure things not knowing how to write dotfiles?...
You might try encouraging them to set up a web interface for it. There are
some nice pre-writ
On Sat, Sep 20, 2003 at 11:23:32AM -0400, Larry Gilson wrote:
> However, not everyone
> uses Procmail. So for those who do not use an AV product and do not use
> Procmail, it is certainly reasonable to try to accomplish this with SA
> regardless of your configuration. Posting a request to see if
I installed SAproxy yesterday and use it for marking spam, then filter these
messages out with a simple filter in Outlook Express.
I looked at the faq, but didn´t find out how I could easily mark single
e-mail messages correctly, that has been downloaded with POP3 to Outlook
Express, but wrongly m
On Saturday, Sep 20th 2003 at 15:12 -, quoth Jim:
=>On Sat, Sep 20, 2003 at 10:05:42AM -0500, Jack L. Stone wrote:
=>> At the risk of being snapped at, I use apamass-milter to block at a certain
=>> spam threshhold. So, doesn't it get that score weight from SA.??? I'm
=>> blocking a huge a
Along this thread . . .
Not everyone uses an anti-virus package. I run a Postfix relay in front of
Exchange servers. I use Sybari AV on the Exchange side which allows me to
use up to 4 separate scan engines and apply in multiple locations of
transport. Each scan location allows for custom weigh
a. How do you folks deal with the learning curve for spamassassin ?... It's
too very steep for a novice!
b. If spamassassin is already on your providers' system, how does the novice user
configure things not knowing how to write dotfiles?...
.
At 02:41 PM 9.20.2003 +0200, Kristian Koehntopp wrote:
>
>Hi!
>
>I have analyzed the latest Swen wave, and it seems that I
>receive many mails from a very small set of machines.
>
>I am about to modify my spamd in a way that it maintains a list
>(a dbm actually) of IP-numbers it received spam from
> -Original Message-
> From: Steven W. Orr
> Also, if anyone else would like to take a stab at a recipe
> for what I'm describing I'd still be grateful. I'm getting about
> 10/hour of these things. I keep on running them all through sa-
> learn but that doesn't help because they don't
On Sat, Sep 20, 2003 at 10:05:42AM -0500, Jack L. Stone wrote:
> At the risk of being snapped at, I use apamass-milter to block at a certain
> spam threshhold. So, doesn't it get that score weight from SA.??? I'm
> blocking a huge amount of spams with spamass-milter this way. That stops
> them
At 01:35 PM 9.20.2003 +, Jim wrote:
>On Sat, Sep 20, 2003 at 09:30:27AM -0400, Steven W. Orr wrote:
>> So what I was asking for was a rule to add to my local.cf which would
>> recognize the fact that the remaining elements of the virus that're
>> getting through contain a MIME attachment of t
On Sat, Sep 20, 2003 at 10:03:09AM -0400, Bruce Pennypacker wrote:
> also block obvious spam if the SA score is extremely high. It's a
> feature of the spamass-milter for sendmail.
That's fine, but that wasn't what he asked about explicitly; and he can't
expect everyone to run and look up how sp
Steven W. Orr wrote:
On Saturday, Sep 20th 2003 at 03:47 -, quoth Jim:
=>On Fri, Sep 19, 2003 at 10:56:19PM -0400, Steven W. Orr wrote:
=>> No. I'm running sendmail with spamass-milter. I don not want to do it in
=>> procmail or postfix. I want to do it in SA.
=>
=>Then you either don't yet u
Jim wrote:
On Sat, Sep 20, 2003 at 09:30:27AM -0400, Steven W. Orr wrote:
So what I was asking for was a rule to add to my local.cf which would
recognize the fact that the remaining elements of the virus that're
getting through contain a MIME attachment of type Application/X-MSDOWNLOAD
and the
On Sat, Sep 20, 2003 at 09:30:27AM -0400, Steven W. Orr wrote:
> So what I was asking for was a rule to add to my local.cf which would
> recognize the fact that the remaining elements of the virus that're
> getting through contain a MIME attachment of type Application/X-MSDOWNLOAD
> and the file
On Saturday, Sep 20th 2003 at 03:47 -, quoth Jim:
=>On Fri, Sep 19, 2003 at 10:56:19PM -0400, Steven W. Orr wrote:
=>> No. I'm running sendmail with spamass-milter. I don not want to do it in
=>> procmail or postfix. I want to do it in SA.
=>
=>Then you either don't yet understand what SA is
Hi!
I have analyzed the latest Swen wave, and it seems that I
receive many mails from a very small set of machines.
I am about to modify my spamd in a way that it maintains a list
(a dbm actually) of IP-numbers it received spam from as well as
the time_t the spam was being received. I also plan
On Fri, 19 Sep 2003, Steven W. Orr wrote:
> But I don't want to block with a procmail rule. I want to block it with an
> SA rule. In fact, I don't even use procmail. I use spamass-milter. I want
> all my spam to be rejected before it gets in.
I realize this isn't what you asked for, but this is t
At Fri Sep 19 22:49:39 2003, Carl R. Friend wrote:
> body UNMONITORED_EMAIL /unmonitored e-mail address/i
> describe UNMONITORED_EMAIL States that the address is not monitored
>
> score UNMONITORED_EMAIL 3.7
>
>Yes, I know that the 3.7 for "UNMONITORED_EMAIL" seems a we
At Thu Sep 18 15:03:43 2003, Chris Santerre wrote:
>
> I believe it was too big for SA to scan. But if it did, there are some spam
> signs below.
>
...
> > Received: from [66.254.7.10] by 209.83.8.50 with ESMTP id
>
> I always wondered why SA didn't have an eval to see that the IPs didn't
> m
Hi,
> I know I should be using an anti-virus, but it should still work, no?
>
> Well, here's my rule. It looks simple enough to me:
>
> body IAW_GENERAL19_RULE /latest version of security/i
> score IAW_GENERAL19_RULE 20.0
> describe IAW_GENERAL19_RULE This is the GENERAL 19 Rule
>
> I bump
On Thu, 18 Sep 2003, Christopher Tarricone wrote:
> I am going to be setting up a q-mail ³proxy² server in between the Internet
> and one of my Exchange servers. I am using qmail and qmail-scanner to handle
> viruses and I have other mail server that simply use q-mail, courier, SA and
> QSS. There
SpamTalk <[EMAIL PROTECTED]> writes:
> quoting from //www.techweb.com/wire/story/TWB20030918S0012
>
> "The Rating program is available for free to major Internet service
> providers and web-based email providers, but, no deals have been reached"
>
> I am not sure if Net56 qualifies as "major", b
61 matches
Mail list logo
