On Thu, 11 Dec 2003 10:50:16 -0500, Mitchell Baker
<[EMAIL PROTECTED]> posted to spamassassin-talk:
> What I want to do is skip an message that originates from our domain...
> I have the following in the /etc/procmailrcfile:
> :0:
> * [EMAIL PROTECTED]
> ${DEFAULT}
> # From system.rose-hulma
I have tracked down an issue with my SA installation that has been reported by others
on the list.
Basically large messages (one with multiple attachments in this case) being hung up by
SA. I just tried to send a 1 MB e-mail with
multiple message and pdf attachments. SA sat there for over 6 mi
[EMAIL PROTECTED] wrote:
> For many of these, one can observe that the "user name" in the From:
> header often also occurs in the Subject line. This could be a useful
> rule pattern, although there are bound to be false positives, so the
> score should be rather low.
>
> I don't know off-hand if t
On Thu, 11 Dec 2003 09:10:29 -0500, Adam Denenberg <[EMAIL PROTECTED]>
posted to spamassassin-talk:
> What i want to start is a Bayes Corpus Project. I would like to be
> able to allow people to submit confirmed ham and/or spam to a large
> bayes corpus repository (or maybe just spam) where p
On Thu, 11 Dec 2003 09:02:06 -0800, Evan Platt <[EMAIL PROTECTED]>
posted to spamassassin-talk:
> --On Thursday, December 11, 2003 2:46 PM -0300 Ceva
> <[EMAIL PROTECTED]> wrote:
>> Thanks for your help. One last doubt. As I understod, sendmail (
>> procmail )calls spamassassin, but this is don
The default is for spamd to spawn multiple processes. The -m flag is used
to limit the max number of processes that will be spawned.
Brian
-Original Message-
From: Pedro Sam [mailto:[EMAIL PROTECTED]
Sent: Thursday, December 11, 2003 1:29 PM
To: [EMAIL PROTECTED]
Subject: Re: [SAtalk] B
Updated regex from my friend:
uri CUSTOM_IE_URL_SPOOF /\x01\s*\@|&\#01\s*\@|\%01\s*\@/
He missed the %01 encoding.
-Original Message-
From: Ivar Snaaijer [mailto:[EMAIL PROTECTED]
Sent: Thursday, December 11, 2003 12:13 PM
To: [EMAIL PROTECTED]
Subject: Re: [SAtalk] Need
At 02:46 PM 12/11/03 -0300, Ceva wrote:
Thanks for your help. One last doubt. As I understod, sendmail (
procmail )calls spamassassin, but this is done automatic whem a start
spamassassin? Or I must make some configuration on sendmail?
You must configure your mail tools (ie: sendmail) to call SA.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello Graham,
Thursday, December 11, 2003, 7:21:52 AM, you wrote:
GB> I'm about to start training sa with spam and ham. Is it a good or
bad idea
GB> to use spam which has already been detected by sa's non-trained
tests, or is
GB> that a waste of time
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello Douglas,
Thursday, December 11, 2003, 8:58:29 AM, you wrote:
DK> Ok, now is there any way in the user_prefs file to turn on or off
a
DK> block of rules? For example, the rules that are in the
10_local.cf
DK> file on the site files.
There's no
FYI: Solved.
> This is the only rule that failes for me:
>
> rawbody W_B64_HALL =~ /Z3VlbnRoZXJAcnVkZXJzcG9ydC5kZQ/
> describe W_B64_H Listwashing token found in head - Base64
> score W_B64_H 1.0
I just have been informed that this little bug has been fixed. The rule
should read:
hea
If one had the capability to do so, would it not be more efficient to
use the domain list in an RHSBL? Granted that it uses a net lookup, but
if you secondary the zone on a localhost DNS server, I would think that
it would make it a lot easier for people to keep the file updated..
Don't get me
At 06:03 PM 12/11/2003, [EMAIL PROTECTED] wrote:
For example - I don't have an ASCII chart handy, but suppose %03 is also
non-printable -
http://[EMAIL PROTECTED]/exploit
/format/c
">Read this or risk legal action!!!
Um.. the exploit doesn't work if the character is escaped with a %.. it
only work
On Thu, 11 Dec 2003, Dan Tappin wrote:
[...]
> bayes_auto_expire 1
> bayes_learn_to_journal 0
>
> My maillog still shows 'permission denied' errors on the /var/root/.spamassassin
> folder. When I run sa-learn (as root) my bayes
> files are created in /var/root/.spamassassin/ but as user
On December 11, 2003 06:00 pm, Dan Tappin wrote:
> After setting-up spamassassin, RTFM and monitoring the list I am still very
> confused about the correct way to set-up and run spamassassin with bays
> (sa-learn).
>
> The basics:
>
> I am running Post.Office as a MTA on OS X client 10.2.8. Post.O
At 02:16 PM 12/11/2003, Satya wrote:
Okay, it seems to me that blocking because someone is in a dynablock
is the same class as blocking because the email comes from .ru or East
Asia or is in the wrong langauge. I guess I'll just start blocking all
email from Earthlink (I don't know anyone there), S
This may be redundant to the existing rule:
2.4 HTTP_ESCAPED_HOST URI: Uses %-escapes inside a URL's hostname
> -Original Message-
> From: Larry Gilson [mailto:[EMAIL PROTECTED]
> Sent: Thursday, December 11, 2003 11:47 AM
> To: 'Fred'; Spamassassin-Talk (E-mail)
> Subject: RE: [SAtal
It'll need to be a little more general than that. The way I read the
vulnerability, any non-printing character will cause the bug, not just %01.
Also, it doesn't have to immediately precede the @ - anywhere before the @
will do.
For example - I don't have an ASCII chart handy, but suppose %03 is
On Thu, 11 Dec 2003, Evan Platt wrote:
> I haven't seen a IM spam in.. MONTHS. AOL, MSN, Yahoo OR ICQ.
I hadn't gotten any in a while, but I got about 6 AOL IM spams yesterday.
==
Chris Candreva -- [EMAIL PROTECTED] -- (914) 967-7816
WestN
On Thu, 11 Dec 2003, Aaron Levitt wrote:
[...]
> check_for_content_type_just_html and check_for_bad_dialup_ips. I
> verified that the PerMsgStatus was loaded, but I'm not sure where to go
> from here. This is running SA 2.5x.
>
> Any suggestions would be greatly appreciated!
did you updating /us
On Dec 11, 2003 at 13:05, Ryan Moore wrote:
>Their database isn't wrong, as the IP is listed as being in a dialup
>range, which would appear to be accurate by my guess. I would think that
Okay, it seems to me that blocking because someone is in a dynablock
is the same class as blocking because th
on 12/11/03 1:08 PM, Jonathan Vanasco at [EMAIL PROTECTED]
wrote:
> Maybe its an ichat only thing -- because everyone i know running iChat
> gets 10+ AOL IM spams a day. I'm averaging 15.
I have not gotten a single one. Guess I am lucky :-)
---
At 01:12 PM 12/11/2003, Aaron Levitt wrote:
Greets everyone-
Digging a bit more, I unpacked some ancient tarballs for my collection.
You're using parts of code from SA version 2.31, or older, not SA 2.55.
The code you're getting errors on exists in versions 1.5, 2.0, 2.01,
2.10,2.11, 2.20, 2.30,
I can tell ya were SA would be wonderful... is on cell phones. The amount
of spam pouring into our corporate cell phones makes the email/text
messaging virtually unusable. And I get complaints about it all the time
because the message indicators are always one and it takes forever to weed
through
I used to get spams with the native Aol messenger, got trillian and
haven't had a problem (I checked "only allow buddies in my list" to send
me messages, this seems to have solved the problem, the same goes for
ICQ, don't use yahoo or msn, so can't help you there.
Thanks,
James
-Original
What is the safest way to resolve this 2.61 install error? Can I safely use
--force? What is the purpose of perllocal.pod?
[EMAIL PROTECTED] i386]# rpm -Uvh --test spama*.rpm perl-Mail*
Preparing...### [100%]
file
/usr/lib/perl5/site_
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ivar Snaaijer writes:
>Fred wrote:
>
>>Hello,
>>I am out the door on my way to work but we need a rule for a new IE exploit
>>just released,
>>Visit this page, the exploit is harmless but to the spoofer, it's man's best
>>friend.
>>
>>http://www.zapth
Yep, I found it in the source of 2.31 in the 20_head_tests.cf. I
somehow still had the older cf after I upgraded to 2.52. I copied the
head_tests.cf from the 2.52 source in place of the old one and
everything seems to be groovy now.
Thanks for the quick response!
-=Aaron
-Original Messag
On December 10, 2003 12:35 pm, Dimitar Haralanov wrote:
> Hi, I was trying to find any information on batching messages with
> spamc and could not find anything so I am asking the list:
> Is it possible to batch multiple files with spamc? In other words
> instead of redirecting messages
At 01:12 PM 12/11/2003, Aaron Levitt wrote:
Greets everyone-
Um, your SA install appears to be badly corrupted, or based on some VERY
ancient version (older than 2.43).
Re-install from scratch.
"check_for_from_to_equivalence" appears to be no part of SA 2.43, 2.44,
2.50, 2.52, 2.53, 2.54, 2.55,
[ Cc: to the detoken rules maintainer ]
> However, seems there are issues with the full-address detoken rules and
> SA 2.61 (using Perl v5.8.0). Any ideas?
>
> # spamassassin --lint
> Failed to compile body SpamAssassin tests, skipping:
> (Bareword "ALL" not allowed while "strict subs" in
Evan Platt <[EMAIL PROTECTED]> wrote:
> Yahoo IM? AOL IM? ICQ IM? MSN IM?
All of the above would be good, but AOL seems the worst.
> I haven't seen a IM spam in.. MONTHS. AOL, MSN, Yahoo OR ICQ.
I had gone almost 2 years without one, but in the last 2 weeks, I've
started getting 3-4 / day.
Fwi
At 01:02 PM 12/11/2003, Rob Mangiafico wrote:
So, it seems the DYNABLOCK check will hit for any email sent from a PC on
dialup/cable/dsl that uses an SMTP server for their domain and the
destination is on the same server as the SMTP server. Just trying to fully
understand the 2.6 point rule before
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Rob Mangiafico writes:
>> >Email thru our server from home PC:
>> >---
>> >Received: from fico (ct-nrwch-cuda1-xxx.nwchct.adelphia.net
>> >[68.170.14x.4x])
>> > by lexiconn.serverhost.net (8.11.6/8.11.6) with ESMTP id
>> >hBB0Wcp23535
>> >
Fred wrote:
Hello,
I am out the door on my way to work but we need a rule for a new IE exploit
just released,
Visit this page, the exploit is harmless but to the spoofer, it's man's best
friend.
http://www.zapthedingbat.com/security/ex01/vun1.htm
I think this should be put in the next SA release!
On Thu, 11 Dec 2003 08:42:16 -0800, "Gary Funck" <[EMAIL PROTECTED]> writes:
> >
> > > One implementation might be to convert the rewrite rules into an
> > > equivalent flex description, and let flex generate the automaton in
> > > C. Compile the C, and build a Perl binding to it.
>
> Scott repl
At 12:42 PM 12/11/2003, Chris Barnes wrote:
I got a false positive this morning, where it looks like the main
culprit was bad information in SORBS and RJABL. The sender is a local
Earthlink customer.
Any idea on how to get the SORBS & RJABL databases fixed?
Those lists that fired off are dial-up
AOL IM
Maybe its an ichat only thing -- because everyone i know running iChat
gets 10+ AOL IM spams a day. I'm averaging 15.
On Dec 11, 2003, at 1:00 PM, Evan Platt wrote:
--On Thursday, December 11, 2003 12:52 PM -0500 Jonathan Vanasco
<[EMAIL PROTECTED]> wrote:
Anyone think of trying to do
Greets everyone-
I was just recently updating some rules and I ran spamassassin --lint as
per the instructions. This was the first time I had ever run it and got
the following errors:
Failed to run FROM_AND_TO_SAME SpamAssassin test, skipping:
(Can't locate object method "check_for_from_
Their database isn't wrong, as the IP is listed as being in a dialup
range, which would appear to be accurate by my guess. I would think that
the default rulesets are setup in such a way that it wouldn't catch that
sort of hit, since they did relay through the ISP's server, perhaps
someone else
At 12:06 PM 12/11/2003, Rob Mangiafico wrote:
ok. For example, we are a web host, and I often email from my home PC on a
cable modem utilizing the mailserver of our own dedicated server in our
datacenter. If I do that, my email trips the dynablock check in SA. The
header you mentioned before was on
> On Thu, 11 Dec 2003, Matt Kettler wrote:
> > At 11:52 AM 12/11/2003, Rob Mangiafico wrote:
> > >ok, this one makes sense. I guess dynablock will hit on anyone who emails
> > >from their mail program and has the smtp server set to their hosted server
> > >instead of the ISP's mailserver. Will prob
--On Thursday, December 11, 2003 12:52 PM -0500 Jonathan Vanasco
<[EMAIL PROTECTED]> wrote:
>
> Anyone think of trying to do this yet? Hijacking ims and routing them
> through SA... I get way too many spam ims every day.
Yahoo IM? AOL IM? ICQ IM? MSN IM?
I haven't seen a IM spam in.. MONTHS. A
Anyone think of trying to do this yet? Hijacking ims and routing them
through SA... I get way too many spam ims every day.
---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sig
Bill Landry said:
> Hmmm, Jennifer was hosting her excellent rules at
> http://spamhammers.nxtek.net, but the site appears to be inaccessible
> right
> now. You can also fine them at
Jennifer moved her rulesets to:
http://www.emtinc.net/spamhammers.htm
--
Chris Thielen
Easily generate SpamAss
[ Cc: to the detoken rules maintainer ]
On Thu, 2003-12-11 at 17:17, Tom Meunier wrote:
> http://www.wot.no-ip.com/cgi-bin/detoken.pl
>
> Most of the gibberish I see is encoded tracking information. I plugged
> in my domain name to the little script thingy, saved the .cf file, and
> it catches '
I got a false positive this morning, where it looks like the main
culprit was bad information in SORBS and RJABL. The sender is a local
Earthlink customer.
Any idea on how to get the SORBS & RJABL databases fixed?
* *
Received: from sdn-ap-015dcwashp0233.dialsprint.net ([63.188.144.233]
Hi to all,
i write to know if some one have thinked a solution for the problem of the
definition of the tests inside the mysql database, becouse i have the same
problem. I have to define the rules in the local.cf too and after i can
override the score in the database.
Thanks to all,
Bye,
MArece
On Wed, 10 Dec 2003 09:35:22 -0800
Dimitar Haralanov <[EMAIL PROTECTED]> wrote:
> Hi, I was trying to find any information on batching messages
> with
> spamc and could not find anything so I am asking the list:
> Is it possible to batch multiple files with spamc? In other
>
Isn't dynablock off line as of 12/1/3??
---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up for IBM's
Free Linux Tutorials. Learn everything from the bash shell to sys admi
Matt Kettler wrote:
At 11:46 AM 12/11/2003, Per olof Ljungmark wrote:
amavisd is running chroot'ed
/usr/local/libdata/perl5/site_perl/i386-openbsd/Net/DNS/RR/.pm
exists on the system.
But does it exist relative to the root of the chroot?
No, but OTOH none of the Perl stuff does.
The error
On Thu, 11 Dec 2003, Matt Kettler wrote:
> At 11:52 AM 12/11/2003, Rob Mangiafico wrote:
> >ok, this one makes sense. I guess dynablock will hit on anyone who emails
> >from their mail program and has the smtp server set to their hosted server
> >instead of the ISP's mailserver. Will probably hit o
--On Thursday, December 11, 2003 2:46 PM -0300 Ceva
<[EMAIL PROTECTED]> wrote:
> Thanks for your help. One last doubt. As I understod, sendmail (
> procmail )calls spamassassin, but this is done automatic whem a start
> spamassassin? Or I must make some configuration on sendmail?
Nope, you need
At 11:46 AM 12/11/2003, Per olof Ljungmark wrote:
amavisd is running chroot'ed
/usr/local/libdata/perl5/site_perl/i386-openbsd/Net/DNS/RR/.pm exists
on the system.
But does it exist relative to the root of the chroot?
---
This SF.net emai
At 11:52 AM 12/11/2003, Rob Mangiafico wrote:
ok, this one makes sense. I guess dynablock will hit on anyone who emails
from their mail program and has the smtp server set to their hosted server
instead of the ISP's mailserver. Will probably hit on very high % of hams
as well, since most people wit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wednesday 10 December 2003 10:53, Bret Miller wrote:
> > I am pulling my example off the following url.
> >
> > http://www.merchantsoverseas.com/wwwroot/gorilla/bigevil.cf
> >
> > I have setup the following rule in my user_prefs file.
> >
> > uri
> >Email thru our server from home PC:
> >---
> >Received: from fico (ct-nrwch-cuda1-xxx.nwchct.adelphia.net
> >[68.170.14x.4x])
> > by lexiconn.serverhost.net (8.11.6/8.11.6) with ESMTP id
> >hBB0Wcp23535
> > for <[EMAIL PROTECTED]>; Wed, 10 Dec 2003 19:32:38 -0500
> >From: "LexiCo
I'm trying to do the mass-check corpus cleanup.
I'm assuming that the mass-check-results-to-mbox, mboxget, and
extract-message-from-mbox are used to help in this process.
Can someone tell me how to run these? Is there anything that needs to be
passed?
<>
| -Original Message-
| Fro
Thanks for your help. One last doubt. As I understod, sendmail (
procmail )calls spamassassin, but this is done automatic whem a start
spamassassin? Or I must make some configuration on sendmail?
$ spamassassin < some_email_file.txt
Is "some_email_file.txt" a rule file?
thanks in advance one mo
I'm having trouble with a newly installed server.
OpenBSD 3.4 GENERIC#0 i386
amavisd-new latest stable
clamav latest stable
SA 2.61
Net::DNS 0.42
amavisd is running chroot'ed
/usr/local/libdata/perl5/site_perl/i386-openbsd/Net/DNS/RR/.pm
exists on the system.
Not all mails will trigger the
>
> > One implementation might be to convert the rewrite rules into an
> > equivalent flex description, and let flex generate the automaton in
> > C. Compile the C, and build a Perl binding to it.
Scott replied:
> I considered that and did a prototype (which was useful for
> performance estimate
--On Thursday, December 11, 2003 9:22 AM -0500 "Billy A. Pumphrey"
<[EMAIL PROTECTED]> wrote:
> Any help on this is appreciated. I know its blocking it there because
> when I took it down it came through. I do not know how to look at
> anything on spamassassin either, I'm new to it. So some t
Hmmm, Jennifer was hosting her excellent rules at
http://spamhammers.nxtek.net, but the site appears to be inaccessible right
now. You can also fine them at
http://www.merchantsoverseas.com/wwwroot/gorilla/sa_rules.htm, listed as:
popcorn.cf, backhair.cf, and weeds.cf. There may be a combined set
At 10:21 AM 12/11/2003, Graham Borland wrote:
I'm about to start training sa with spam and ham. Is it a good or bad idea
to use spam which has already been detected by sa's non-trained tests, or is
that a waste of time? Should I only train it with spam which is currently
managing to slip through?
W
At 10:57 AM 12/11/2003, Smart,Dan wrote:
How do you get mass-check to use your local "custom" rules in local.cf and
other .cf files?
I usually run mass check from within the masses sub-dir of an unzipped SA
tarball directory. It will automatically use ../rules/*.cf instead of
/usr/share/spamass
At 10:04 AM 12/11/2003, Rob Mangiafico wrote:
After upgrading to 2.61, we re-enabled the DYNABLOCK RBL checks. They
still seem to hit on emails that I do not believe should be matching
DYNABLOCK IP's. Here are a few headers they hit on:
Email thru our server from home PC:
---
Received: from fico
Are you sure the earthlink servers don't have another name prepended?
eg mail server name = mail1.earthlink.com, therefore it would be
[EMAIL PROTECTED]
tm.
Billy A. Pumphrey wrote:
I added a few entries in the local.cf to let all earthlink email come
through hopefully but it didn’t work. Her
http://www.wot.no-ip.com/cgi-bin/detoken.pl
Most of the gibberish I see is encoded tracking information. I plugged
in my domain name to the little script thingy, saved the .cf file, and
it catches 'em like crazy.
-tom
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROT
On Wed, 2003-12-10 at 23:38, David B Funk wrote:
> Just try completely removing those bayes_toks & bayes_seen files
> and do a 'sa-learn --rebuild'. It should take that bayes_journal file
> and use its data to create a new database.
Good to go, I think...
[EMAIL PROTECTED]:~/.spamassassin$ rm ba
Help!
We are running running SA 2.6 with Postfix. in Mandrake 9.2. This
server acts as a spam filter that forwards mail to an actual mail server
on another machine. Everything works well (filtering, tagging and
forwarding) except for one thing - every sender of email to us gets a
copy of the
On Thu, 11 Dec 2003 09:49:48 -0600, Larry Starr <[EMAIL PROTECTED]> writes:
> I have noticed that many SPAM emails, end with seversl lines of gibberish,
> such as:
>
> lvwpdfobv qkviylqr qlmwacbc hpimhdty
> mdmrkb lvivhdc xovwul wpcxeqj
> lhaxomaje vrucjj ybxegs
>
>
> Has any
On Thu, 11 Dec 2003 07:31:10 -0800, "Gary Funck" <[EMAIL PROTECTED]> writes:
> > The major catch with this particular implementation is that it cannot
> > deal with nondeterministic transformations. What this means is that
> > any consequent for a substitute rule must be a single character. ( '4
How do you get mass-check to use your local "custom" rules in local.cf and
other .cf files?
TIA
<>
---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up for IBM's
Free Lin
What I want to do is skip an message that originates from our domain...
I have the following in the /etc/procmailrcfile:
:0:
* [EMAIL PROTECTED]
${DEFAULT}
# From system.rose-hulman.edu
:0:
* [EMAIL PROTECTED]
${DEFAULT}
#
This seems to work most of the time we when certain messages have
rose-hul
I have noticed that many SPAM emails, end with seversl lines of gibberish,
such as:
lvwpdfobv qkviylqr qlmwacbc hpimhdty
mdmrkb lvivhdc xovwul wpcxeqj
lhaxomaje vrucjj ybxegs
Has anyone developed a rule that can detect this sort of thing? Perhaps a
check for consecuti
Hello,
I am out the door on my way to work but we need a rule for a new IE exploit
just released,
Visit this page, the exploit is harmless but to the spoofer, it's man's best
friend.
http://www.zapthedingbat.com/security/ex01/vun1.htm
I think this should be put in the next SA release!!
---
> -Original Message-
> From: Scott A Crosby
> Sent: Thursday, December 11, 2003 6:49 AM
[...]
>
> The major catch with this particular implementation is that it cannot
> deal with nondeterministic transformations. What this means is that
> any consequent for a substitute rule must be a si
I'm about to start training sa with spam and ham. Is it a good or bad idea
to use spam which has already been detected by sa's non-trained tests, or is
that a waste of time? Should I only train it with spam which is currently
managing to slip through?
--
Graham Borland
How do I tell what has been tagged as spam?
Thank You
Billy Pumphrey
-Original Message-
From: Fred [mailto:[EMAIL PROTECTED]
Sent: Thursday, December 11, 2003 9:49 AM
To: Billy A. Pumphrey; [EMAIL PROTECTED]
Subject: Re: [SAtalk] Problem getting mail from earthlink
- Original Messa
I know this has been discussed before and many people said to use bayes for
this but it'd really be nice to have an "Automatic IP Blacklist" for SA.
AWL takes this too far as spammers just use random e-mail address in the
from.
Bayes takes everything into consideration and does too much for what I
After upgrading to 2.61, we re-enabled the DYNABLOCK RBL checks. They
still seem to hit on emails that I do not believe should be matching
DYNABLOCK IP's. Here are a few headers they hit on:
cgiemail email
---
Received: (from [EMAIL PROTECTED])
by lexiconn.serverhost.net (8.11.6/8.11.6)
well ham is very site dependant (point taken especially with security
reasons), so i dont think sending ham will really be something that can
be accomplished very easily so i think sticking to spam only would be
best. By only sending spam, i would hope to achieve a large spam corpus
that someone c
Helloo.
FP Notice.
FP forwarded to me this morning on an ebay "Bid Confirmed" notice.
BigEvilList_133 contains "pics.ebaystatic.com" which is in the source of
the "bid confirmed" emails from ebay auctions. It pushed it to 8.34; we
tag at 7.0. Other custom rules contributed 0.7 to the score, d
On 11 Dec 2003 08:11:43 +0200, [EMAIL PROTECTED] writes:
> Getting back on topic, the problem with a stepwise normalization of
> the message is that you sort of assume that transformations are
> applied consistently and mechanically. What would be really neat would
> be to have an automaton which
- Original Message -
From: Billy A. Pumphrey
I know its blocking it there because when I took it down it came through.
SA does not block e-mail, it only identifies mail as ham or spam, something
else in your system must be doing the blocking!
Frederic Tarasevicius
Internet Information
Adam Denenberg wrote:
> SA List,
>
> What i want to start is a Bayes Corpus Project. I would like to be
> able to allow people to submit confirmed ham and/or spam to a large
> bayes corpus repository (or maybe just spam) where people could then
> download (or somehow do an sa-learn remotely) to
At 11:48 AM 12/11/03 -0300, Ceva wrote:
I a new user of spamassassin, so I have some doubts. I installed
spamassassin at a server running FreeBSD 4.9 and sendmail. I want to know
how spamassassin works.
Simple.. SA exists as a mail filter.. programs call it, feed it mail, it
runs some rules agai
On December 11, 2003 09:10 am, Adam Denenberg wrote:
> SA List,
>
> I am writing for feedback about a new project i would like to start
> and would love feedback/help from the excellent community that has been
> built here on the SA lists.
>
> What i want to start is a Bayes Corpus Project. I w
At 09:10 AM 12/11/03 -0500, Adam Denenberg wrote:
SA List,
What i want to start is a Bayes Corpus Project. I would like to be
able to allow people to submit confirmed ham and/or spam to a large
bayes corpus repository (or maybe just spam) where people could then
download (or somehow do an sa-le
What would differentiate the proposed public corpus from the public
corpus at http://www.spamassassin.org/publiccorpus/?
-tom
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On
> Behalf Of Adam Denenberg
> Sent: Thursday, December 11, 2003 8:10 AM
> To: [EMAI
I added a few entries in the local.cf
to let all earthlink email come through hopefully but it didn’t
work. Here is what is in there:
whitelist_from_rcvd
[EMAIL PROTECTED] earthlink.net
whitelist_from_rcvd
[EMAIL PROTECTED] earthlink.com
Any help on this is appreciated. I know its b
SA List,
I am writing for feedback about a new project i would like to start
and would love feedback/help from the excellent community that has been
built here on the SA lists.
What i want to start is a Bayes Corpus Project. I would like to be
able to allow people to submit confirmed ham and
Sorry to reply to myself but I found the problem
I had a tainted directory in my path. I was watching the running processes
during the make test run and noticed that spamd started and died almost
immediately, and I recalled something about 2.61 using taint checks as a
default, so I checked all the
Having major problems building SA 2.61. All dependant and optional modules
are installed and up to date.
Make works fine but when I make test:
# Failed test 3 in t/spamd_hup.t at line 35
# t/spamd_hup.t line 35 is: ok (-e $pid_file);
# Failed test 4 in t/spamd_hup.t at line 37
# t/spamd_hup.t li
Hi everibody,
I a new user of spamassassin, so I have some
doubts. I installed spamassassin at a server running FreeBSD 4.9 and sendmail. I
want to know how spamassassin works. Exmaple: Should I tell something at
local.cf to spamassassin to work with sendmail? Someone can send me a
local.cf
Evan Platt wrote:
> Josh Endries wrote:
> > I get a lot of postmaster emails, and I'm trying to whitelist them so
> > they aren't marked as spam.
>
> How are you calling SpamAssassin? Why not just (assuming you're using
> procmail), create a procmail rule?
Agreed. I use something like this.
:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Bob Apthorpe writes:
>Hi,
>
>After spending tireless minutes directing people to the SA-Talk
>archives[1], I can't seem to get at them. Does
>http://sourceforge.net/mailarchive/forum.php?forum=spamassassin-talk
>work, and if not, is there a better pla
On Wed, 10 Dec 2003, AthlonRob wrote:
> > Just for S&G, try doing a 'sa-learn --dump magic' and see if it
> > likes what it sees. If you cannot even --dump magic then it's
> > truly corrupted, no repair, just delete and start fresh.
>
> I got some funky output:
>
> [EMAIL PROTECTED]:~/.spamassassi
stan wrote:
>
> On Wed, Dec 10, 2003 at 01:22:23AM -0500, Bryan Hoover wrote:
> > stan wrote:
> > > Yes, I just erviewd the firewall config. It will pass all trafic
> > > originating on the innsied. I see that may not be a good general case, but
> > > it should be OK here (Small home network).
> >
99 matches
Mail list logo
