-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tuesday 23 December 2003 14:50, Shane Wegner wrote:
> I currently have spamd set up to maintain separate
> configuration data for each [EMAIL PROTECTED] on the system via
> spamd running as its own user with the following options.
> -d -u spamd -x -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tuesday 23 December 2003 19:00, Wendel, Jesse wrote:
> Yes - except that when I look at the logs from my production server, which
you can see in my original email, they're also serving up emails from
127.0.0.1 - but the email is coming from extern
On Sat, 2003-12-20 at 11:11, Jeff Koch wrote:
> Hi,
>
> We've been burned a few times by spammers getting into our servers to send
> out spam. Does anyone know (or can provide a reference) for how SA could be
> integrated into qmail to examine outgoing emails?
>
> Thanks.
>
Modify your tcp.sm
I've noticed the same thing in my logs; no matter where spamc was run
from, the entry in the spam servers' logs shows a connecting address of
of 127.0.0.1
I have to believe this is a quirk in the internal processing of spamd?
Rubin
On Tue, 2003-12-23 at 22:00, Wendel, Jesse wrote:
> > -Origi
> -Original Message-
> From: Douglas Kirkland [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, December 23, 2003 6:42 PM
> To: [EMAIL PROTECTED]
> Subject: Re: [SAtalk] SpamAssassin only working on 127.0.0.1 & not on
> external mail
>
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tuesday 23 December 2003 17:26, Wendel, Jesse wrote:
> And then today, when I went back through all of my maillog's on the test
box, spamd has never worked except for mail coming from the test box itself.
Anything coming from outside is NOT analy
Hi Everyone,
I have SpamAssassin up and running both in test and in production. In production,
everything is fine. In test, not so much. I originally thought Test was broken just
since the changes I made yesterday, but the deeper I look, it appears test has been
broken all along.
Red Hat
The ruleset name _was_ her idea 8^)
I can see that my post could seem a little odd taken out of context, so
let me clarify:
Jenn's Backhair *ruleset* will help with the bogus html tags. I know
nothing about Jenn's backhair.
I must confess that I do, however, occasionally find myself pondering
(am
"Philip Ross" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> I am trying to move some SpamAssassin 2.60 databases from a Red Hat 7.1
> machine to a Debian Woody machine running SpamAssassin 2.61.
>
> What is my best route for moving the databases from the Red Hat machine to
> the Deb
Matt Kettler wrote:
At 07:52 AM 12/23/2003, Tim B wrote:
I want to feed ham into sa-learn every night. However when I get the
ham i'm going to have a bunch more received headers and extra
Microsoft SMTP headers because of the way it's going to be send to
me. What's the downside to learning ha
--On Tuesday, December 23, 2003 5:56 PM -0500 Rubin Bennett
<[EMAIL PROTECTED]> wrote:
> Jennifer's Backhair rules.
That sentence could be taken the wrong way... :)
Evan
---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an
On Tue, 23 Dec 2003, Greg Webster wrote:
> We're getting a TON of these, all of similar format.
>
>
> href="http://www.mdv678.com?rid=1098";> src="http://www.whosout.com/c2.gif"; border=0>
>
>
> The '2rdxveiyf7a8' and 'srz4f4qaLBUw' some random string of characters
> in the same place all the t
Jennifer's Backhair rules. Google for backhair.cf.
Rubin
On Tue, 2003-12-23 at 16:48, Timothy Donahue wrote:
> The script worked great... Now if only I could figure out how to block
> these stupid emails...
>
> Is there a way to look for a phrase like "Banned CD" or "Free Cable"
> that has tho
I do this here using fetchmail.
I created public folders on the Exchange system for people to drop Spam, Ham
and False-Positives into.
Create three aliases on your gateway that point to sa-learn, for sendmail
these will work
spamforget: |"/usr/local/bin/sa-learn --no-rebuild --forget"
spaml
The script worked great... Now if only I could figure out how to block
these stupid emails...
Is there a way to look for a phrase like "Banned CD" or "Free Cable"
that has those stupid fake HTML tags in the middle of words?
I have tried body checks (which get fooled by those stupid tags as far
a
On Tue, Dec 23, 2003 at 02:19:21PM -0700, Anthony Martinez
carved this out of pure phosphors:
> On Tue, Dec 23, 2003 at 01:13:46PM -0800, George
> carved this out of pure phosphors:
> > Hello list!
> >
> > Can someone show me a rule for detecting an empty subject line?
> >
> > I've "searched an
At 04:13 PM 12/23/2003, George wrote:
Can someone show me a rule for detecting an empty subject line?
I've "searched and tried" just about everythign under the sun.
header LOCAL_EMPTY_SUBJECT Subject !~ /\w/
Of course, that will merely detect a subject with no alphanumerics or
underscores. A sub
Have you tried:
header BLANK_SUBJECT Subject =~ /^$/
That should do it.
Brian
-Original Message-
From: George [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 23, 2003 4:14 PM
To: [EMAIL PROTECTED]
Subject: [SAtalk] no content in the subject
Hello list!
Can someone show me
On Tue, Dec 23, 2003 at 01:13:46PM -0800, George
carved this out of pure phosphors:
> Hello list!
>
> Can someone show me a rule for detecting an empty subject line?
>
> I've "searched and tried" just about everythign under the sun.
header EMPTYSUBJECT Subject =~ ^$
describe EMPTYSUBJECT Empty
Hello list!
Can someone show me a rule for detecting an empty subject line?
I've "searched and tried" just about everythign under the sun.
thanks
George
---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or
Try this recent thread:
http://marc.theaimsgroup.com/?t=107208359200023&r=1&w=2
> From: Greg Webster
> Sent: Tuesday, December 23, 2003 12:05 PM
> To: [EMAIL PROTECTED]
> Subject: [SAtalk] Single image spams with random info
>
>
> We're getting a TON of these, all of similar format.
>
>
> hr
We're getting a TON of these, all of similar format.
http://www.mdv678.com?rid=1098";>http://www.whosout.com/c2.gif"; border=0>
The '2rdxveiyf7a8' and 'srz4f4qaLBUw' some random string of characters
in the same place all the time. The domains are completely random it
appears - sometimes with wo
sorry i missed this in 20_dnsbl_tests.cf
header RCVD_IN_NJABL_DIALUP eval:check_rbl('njabl-notfirsthop',
'dnsbl.njabl.org.', '127.0.0.3')
describe RCVD_IN_NJABL_DIALUP NJABL: dialup sender did non-local SMTP
tflags RCVD_IN_NJABL_DIALUP net
On Tue, 2003-12-23 at 14:45, Adam Denenberg w
i found this
http://www.dnsbl.njabl.org/use.html
but also note this comment
Our dnsbl can also be used to tag potential spam messages (letting
individual users decide what action to take) using Spamassassin. After
you have Spamassassin properly installed, add the following to your
local.cf, p
> -Original Message-
> From: Timothy Donahue [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, December 23, 2003 12:36 PM
> To: [EMAIL PROTECTED]
> Subject: [SAtalk] sa-learn from Exchange 2000
>
> How can I process messages from our exchange server as spam?
> I have a whole bunch of messages
- Original Message -
From: "Mike Grau" <[EMAIL PROTECTED]>
> Can someone tell me if, using SA 2.61, the
> NJABL test for dialup "dnsbl.njabl.org" is correct
> or should we be using "dynablock.njabl.org"?
You can use either or both. This from a recent update message from NJABL:
For anyo
How can I process messages from our exchange server as spam? I have a
whole bunch of messages that I have collected, that I would like to scan
that have come through our SA filter recently. Most of them have a
bunch of random words that were inserted at the end of the message.
Does anyone have a
>> At 02:50 PM 12/12/2003, Dan Tappin wrote:
>> >Here is a custom rule for a PayPal spoof virus that is going around. I
>> >can't get this to trigger a hit in SA. I have linted my
>> >rules and my config files are being loaded properly.
Dan,
Can you post your rule?
I would like to see what you
Dear all,
I have install SpamAssassin 2.61 and using spamd/spamc with mysql to store
user_pref,
I have store some custom rule for different user in mysql
but at debug log it show
Failed to parse line in SpamAssassin configuration, skipping: header
TEST_SPAM
Do anyone experience this problem ?
pl
"if a second message came in before the first was totally processed, a
second scanning request could be made. would that cause a problem?"
I defintitely have this and it doesn't cause any problem, since spamd
spawns n (changeable via spamd -m n)) chield processes that allow
parallel processing.
Th
Hello.
Can someone tell me if, using SA 2.61, the
NJABL test for dialup "dnsbl.njabl.org" is correct
or should we be using "dynablock.njabl.org"?
Instead of this:
header RCVD_IN_NJABL_DIALUP eval:check_rbl('njabl-notfirsthop',
'dnsbl.njabl.org.', '127.0.0.3')
describe RCVD_IN_NJABL_DIALUP N
Hello.
Can someone tell me if, using SA 2.61, the
NJABL test for dialup "dnsbl.njabl.org" is correct
or should we be using "dynablock.njabl.org"?
Instead of this:
header RCVD_IN_NJABL_DIALUP eval:check_rbl('njabl-notfirsthop',
'dnsbl.njabl.org.', '127.0.0.3')
describe RCVD_IN_NJABL_DIALUP
I am having the same problem with winspamc. I
changed my script to check every return of winspamc against something like
"if size = 0 then send "input_message" instead of "temp_file"". That sends the
message unchecked instead of completely empty. But I doubt it has something do
to with mail
> What version of SpamAssassin?
2.61
> Could the problem possibly be more than one messages trying to be scanned
> at the same time?
yes, I think that could happen. my mail software is calling an external
batch file which creates a separate instance of each scanning batch file for
each message t
The world is right again. :) Thanks much!
> -Original Message-
> From: Matt Kettler [mailto:[EMAIL PROTECTED]
> Sent: Monday, December 22, 2003 5:48 PM
> To: Jennifer Fountain; [EMAIL PROTECTED]
> Subject: Re: [SAtalk] FW: VJ, the world from
>
>
> At 05:32 PM 12/22/2003, Jennifer Founta
if you are using the spamassassin milter, you can specify that ip or
network to bypass spam assassin.
Dennis
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Theo
Van Dinter
Sent: Friday, December 19, 2003 8:38 PM
To: Ricki
Cc: [EMAIL PROTECTED]
Subject: R
Hi,
I am having the same problem with winspamc. I
changed my script to check every return of winspamc against something like
"if size = 0 then send "input_message" instead of "temp_file"". That sends the
message unchecked instead of completely empty. But I doubt it has something do
to with
Is there a comprehensive list of products that use SA?
I see the comments at: http://www.spamassassin.org/where.html
That state:
Where SpamAssassin Is Used
This Page Is Obsolete!
Since the number of products that support SpamAssassin(tm) have massively
increased, I'm now tracking this data on th
--On Tuesday, December 23, 2003 10:52 AM -0500 "Frank M. Cook"
<[EMAIL PROTECTED]> wrote:
>
> I'm having a problem with blank messages. Sometimes the source only
> shows a return path. I think it may be a spamassassin issue. I'm using
> winspamc and the guys on their forum suggested the proble
> -Original Message-
> From: Muhannad Tamemi [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, December 23, 2003 10:42 AM
> To: Yackley, Matt
> Cc: [EMAIL PROTECTED]
> Subject: RE: [SAtalk] could not locate your pod2man program
>
> dear all hi again ,
>
> kindly note i installed and configur
At 10:52 AM 12/23/2003, Frank M. Cook wrote:
I'm having a problem with blank messages. Sometimes the source only shows
a return path. I think it may be a spamassassin issue. I'm using
winspamc and the guys on their forum suggested the problem might be caused
by checking messages that have alr
dear all hi again ,
kindly note i installed and configured spamassassin on linux red hat 9 ...
but how can i know it is working ?? is there a test method ???
i hope am writing in plain txt now
thanks
From: "Yackley, Matt" <[EMAIL PROTECTED]>
To: "Muhannad Tamemi" <[EMAIL PROTECTED]>
CC: <[EMA
I'm having a problem with blank messages.
Sometimes the source only shows a return path. I think it may be a
spamassassin issue. I'm using winspamc and the guys on their forum
suggested the problem might be caused by checking messages that have already
been checked such as forwarded messa
At 10:28 AM 12/23/2003, tobi wrote:
Use of uninitialized value in numeric gt (>) at
/usr/lib/perl5/5.6.1/i386-linux/DB_File.pm line 270.
Learned from 3 message(s) (45 message(s) examined).
Has anybody seen something like this before? I already tried to delete
the bayes data files but same result. O
Spamassassins,
I installed spamassassin yesterday so be gentle!
I'm just wondering why I get a 30 second delay in spamd ...
Dec 23 14:57:53 iris spamd[3909]: debug: Razor2 results: spam? 0
highest cf score: 0
Dec 23 14:57:53 iris spamd[3909]: debug: DCC is not available: dccproc
not found
Dec 2
Hi all!
When running "sa-learn --spam --mbox Spam" sa-learn replies with that:
Use of uninitialized value in numeric gt (>) at
/usr/lib/perl5/5.6.1/i386-linux/DB_File.pm line 270.
Use of uninitialized value in numeric gt (>) at
/usr/lib/perl5/5.6.1/i386-linux/DB_File.pm line 270.
Use of uninitiali
At 07:52 AM 12/23/2003, Tim B wrote:
I want to feed ham into sa-learn every night. However when I get the ham
i'm going to have a bunch more received headers and extra Microsoft SMTP
headers because of the way it's going to be send to me. What's the
downside to learning ham with these extra he
Hi again Sam
[snip and paste...reordering your original post]
> So to restate the second part of my original request,
> Is there a method to modify the score as a function
> of the number of hits of the same rule?
Easier to answer this way. Sorry, I wasn't feeling wordy yesterday and
thought the
Howdy All,
I want to feed ham into sa-learn every night. However when I get the
ham i'm going to have a bunch more received headers and extra Microsoft
SMTP headers because of the way it's going to be send to me. What's the
downside to learning ham with these extra headers?
I know I can use
This was covered only yesterday... please search before you post!
Rubin
On Tue, 2003-12-23 at 03:47, Ian Duncalf wrote:
> I am testing spamassassin on a test server at the moment but I am looking at
> deploying it onto a machine with 128 meg of ram in the future.
> The new rules have cut down the
I am testing spamassassin on a test server at the moment but I am looking at
deploying it onto a machine with 128 meg of ram in the future.
The new rules have cut down the amount of spam overnight considerably.
At the moment it is only serving 3 e-mail accounts and traffic is not too
bad.
The end g
51 matches
Mail list logo
