MAN, that's a lot of code for such a simple task. mine is just:
#!/bin/sh
# List of files to grab
files="
http://www.merchantsoverseas.com/wwwroot/gorilla/bigevil.cf
http://www.merchantsoverseas.com/wwwroot/gorilla/99_FVGT_Tripwire.cf
http://www.emtinc.ne
Paul Fielding wrote:
>
> I recently set up a shared database with spamtrap and hamtrap accounts, as per:
>
> http://www.stearns.org/doc/spamassassin-setup.current.html#autoreporting
>
> You can see the details of the procmail and local.cf files at the link above,
> but the sort story is that the
> Link in sig, it's late and I'm tired. If you don't know where to find
them
> by now, you must be under a rock (Or a Colts Fan ;) Go Pats!
...okaynow that hurt! We'll talk tomorrow.
J.
---
The SF.Net email is sponsored by EclipseCon
If you change the version number lines to all be the same number of
digits, the script given earlier today will report the update correctly
for example
# Version 1.00 Initial release
# Version 1.01 Avoid FPs with Forwards, Embedded images and PGP.
# Version 1.02 Avoid FPs with Yahoo Groups
#
"Yackley, Matt" wrote:
> > I would like to increase one of the built-in rule hit values.
> > Tnx - John
> >
>
> Hi John,
> The standard location is in /usr/share/spamassassin/50_scores.cf file,
> however any changes made to the file would be wiped out by an upgrade or
> re-install. The best way
Hello Pierre,
Saturday, January 17, 2004, 6:28:37 PM, you wrote:
PT> Bob,
PT> Thanks for the mass check. I don't have a big corpus handy,
PT> just what trickles through the gateway.
PT> There should be no problem with a few extra keywords; we could
PT> even squeeze "postmaster" in there for go
> -Original Message-
> From: Fred [mailto:[EMAIL PROTECTED]
> Sent: Saturday, January 17, 2004 3:54 PM
> To: [EMAIL PROTECTED]
> Cc: Spamassassin-Talk (E-mail)
> Subject: Re: [SAtalk] Image-ONLY e-mails not filtered?
>
>
> [EMAIL PROTECTED] wrote:
> > FYI -- I'm noticing SPAMs which con
I actually thawed out! And so did my car!! Yup, it actually FROZE while I
was driving around 80 mph! No damage at all! Oh happy day :) So everyone in
the cold go out and check your water/antifreeze ratio. And ALWAYS let your
car warm-up before driving like a mad person ;)
Anywho, like the subject
> -Original Message-
> From: Gary Funck [mailto:[EMAIL PROTECTED]
> Sent: Saturday, January 17, 2004 9:39 PM
> To: [EMAIL PROTECTED]
> Subject: [SAtalk] (OT) Spam Conference 2004 re-cap?
>
>
>
> >
> > There was an excellent presentation by John Graham-Cumming at the
> > 2004 Spam Confe
John Fleming wrote:
>
> I would like to increase one of the built-in rule hit values. Tnx - John
Do it in your .spamassassin/user_prefs file, or for site wide, local.cf
in your rules directory. Look in rules/50_scores.cf for the rules, and
scores to copy/paste, and change.
Bryan
> ---
I recently set up a shared database with spamtrap and hamtrap accounts, as per:
http://www.stearns.org/doc/spamassassin-setup.current.html#autoreporting
You can see the details of the procmail and local.cf files at the link above,
but the sort story is that the database is in /home/sharedspam/.s
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On
> Behalf Of John Fleming
> Sent: Saturday, January 17, 2004 8:47 PM
> To: [EMAIL PROTECTED]
> Subject: [SAtalk] Where are values kept for the built-in rules?
>
> I would like to increase one of the built-in
I would like to increase one of the built-in rule hit values. Tnx - John
---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in A
>
> There was an excellent presentation by John Graham-Cumming at the
> 2004 Spam Conference about this and how your experience is what most
> people find. The issue being that spammers don't know what tokens are
> considered hammy in your Bayes DB, so random dictionary words tend to fail
> very
Hello Fred, Thomas,
Saturday, January 17, 2004, 12:53:45 PM, you wrote:
>> FYI -- I'm noticing SPAMs which contain ONLY an image are not being
>> filtered at all. ...
F> Try this out for size, they are a few custom rules I have created myself.
F> # Catch Image ONLY spams!
F> rawbody __FVGT_rb_
Bob,
Thanks for the mass check. I don't have a big corpus handy, just what trickles
through the gateway.
There should be no problem with a few extra keywords; we could even squeeze
"postmaster" in there for good measure, though rules which line-wrap sometimes cause
grief for text downloads.
Hello Martin,
Saturday, January 17, 2004, 10:39:15 AM, you wrote:
MR> I've added the following rules to my local.cf:
MR> header L_MIME_BOUND_MANY_DIG Content-Type =~ /boundary=\"\d{19,}\"/
MR> describe L_MIME_BOUND_MANY_DIG MIME boundary contains lots of digits
MR> scoreL_MIME_BOUND_MA
Hello Pierre,
Saturday, January 17, 2004, 9:30:47 AM, you wrote:
PT> I made a rule that catches many of these bogus HTML tags, based
PT> on the fact that there are only three valid standalone tags of 9
PT> characters or more (according to the list at
PT> http://devedge.netscape.com/library/xref/2
On Sat, Jan 17, 2004 at 08:06:47PM -0500, Pedro Sam wrote:
> I keep on reading these concerned postings on so-called "bayes-posion" ... My
> personal experience is that *NONE* of these had managed to get through my
> well trained bayes database.
There was an excellent presentation by John Graham
On January 17, 2004 07:03 am, Chris Connell wrote:
> Hi Everyone,
>
> I read in a recent IT magazine about a new circulation of spam which
> contain a bunch of meaningless sentances (but with legitimate words) in the
> body of the mail (actually they are placed at the end) These spams are
> obvioul
On January 17, 2004 02:13 pm, Philip Mak wrote:
> PID USER PRI NI SIZE RSS SHARE STAT %CPU %MEM TIME COMMAND
> 616 pmak 15 0 719M 247M 928 R 3.3 24.6 7:42 spamassassin
>
> Any idea why SpamAssassin is using such a huge amount of memory? I'm
> running version 2.60 and th
>
> rules_du_jour is kind of neat, but I hope it's not going to drive up
> Chris & Jennifer's bandwidth bills or som 'em over a quota. :P
>
> Would it be possible to add a mirror or two? I've got a fairly empty
T1
> that could help out..
I think mine _should_ be okay, especially if it's staggere
On Sat, Jan 17, 2004 at 04:39:00PM -0800, Mitch (WebCob) wrote:
> Hey Theo - does this fix this bug as well?
>
> Don't see it updated in the bug list, so thought I'd check.
>
> http://bugzilla.spamassassin.org/show_bug.cgi?id=2906
Nope, that's a 2.70 milestone bug currently.
BTW: please don't
Hey Theo - does this fix this bug as well?
Don't see it updated in the bug list, so thought I'd check.
http://bugzilla.spamassassin.org/show_bug.cgi?id=2906
Thanks!
> -Original Message-
> From: [EMAIL PROTECTED]
> Summary of major changes since 2.61
> ---
On Wed, 14 Jan 2004 14:02:04 +0100, Cahya Wirawan wrote:
> find and sue everyone who misused their watermark. And for us they
> have rbl system we can use to check violator, but it works only
> after people get the spam and report it to them. it is not
[...]
> possible to sign every emails (se
rules_du_jour is kind of neat, but I hope it's not going to drive up
Chris & Jennifer's bandwidth bills or som 'em over a quota. :P
Would it be possible to add a mirror or two? I've got a fairly empty T1
that could help out..
-Jonathan
---
Th
SpamAssassin is a mail filter which uses advanced statistical
and heuristic tests to identify spam (also known as unsolicited
commercial/bulk email).
Downloading
---
Pick it up from:
http://SpamAssassin.org/released/Mail-SpamAssassin-2.62.tar.gz
http://SpamAssassin.org/released/Mail-
--On Saturday, January 17, 2004 3:54 PM -0600 Scott A Crosby
<[EMAIL PROTECTED]> wrote:
NTP taught this lesson of this mistake. Systems getting hundreds of
queries a minute that haven't run NTP in 13 years. And the linksys
DDOS attack on UWisc.
Proper use of DNS should deal with this. The supplie
On Sat, 17 Jan 2004 10:15:02 -0700, [EMAIL PROTECTED] (Bob Proulx) writes:
> Chris Thielen wrote:
> > "Rules De Jour": An automated way to keep up with the latest rulesets.
> > http://www.exit0.us/index.php/RulesDeJour
>
> # Get latest SpamAssassin rules. Runs at 4:28AM every day.
> 28 4 * *
On Sat, 2004-01-17 at 11:15, Bob Proulx wrote:
> If this script becomes popular then there will be an impulse spike on
> the servers at that time (within each timezone) every day. This has
> been known to create problems in other similar cases. Better to
> randomize a delay to make sure that thes
[EMAIL PROTECTED] wrote:
> FYI -- I'm noticing SPAMs which contain ONLY an image are not being
> filtered at all. Specifically, the HTML message only contains simple
> open/close BODY and HTML tags with just the IMG SRC tag in the middle
> - which in turn loads a spam-related promotion from somewhe
Hi Everyone,
I read in a recent IT magazine about a new circulation of spam which contain a bunch
of meaningless sentances (but with legitimate words) in the body of the mail (actually
they are placed at the end) These spams are obvioulsy designed to confuse spam
filtering software and were re
Hello, I've recently installed SpamAssassin with Exim 3, and I've noticed
that I'm getting a lot of "Message is Frozen" error messages.
The reason is I get spam sent to my domain with an invalid local address and
it goes through SpamAssassain first, but then it doesn't seem to check if
the local
PID USER PRI NI SIZE RSS SHARE STAT %CPU %MEM TIME COMMAND
616 pmak 15 0 719M 247M 928 R 3.3 24.6 7:42 spamassassin
Any idea why SpamAssassin is using such a huge amount of memory? I'm
running version 2.60 and this seems to happen a lot.
-
>
> You could use formail/procmail,
>
> formail -s procmail sa_learn.rc < mbox | sa-learn
>
> where sa_learn.rc might appear as follows:
>
>
> LOGFILE=$HOME/sa_learn.log # While debugging
> VERBOSE=yes# """"
> LOGABSTRACT=yes# """"
> SENDMAIL=
At Thu Jan 15 08:49:37 2004, =?Windows-1252?Q?S=F6nke_Ruempler?= wrote:
>
> hi list,
>
> I wonder if i can to something against these spam messages:
I've picked out the following, which are common to other similar
messages I've seen:
> Content-Type: multipart/alternative;
> boundary="3
> From: Barton L. Phillips
> Sent: Saturday, January 17, 2004 9:28 AM
>
> I am using Mozilla and when I delete a message it is marked:
> Status: RO
> X-Status: D
>
> When I run sa-learn the deleted messages are learned. I can "compact
> this folder" but I sometimes forget. Is there a way to ha
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Saturday 17 January 2004 05:44, Hylton Conacher (ZR1HPC) wrote:
> Hi all,
>
> My SPAM has reached an unprecedented level ie up to 50% SPAM and so I
> have decided to install and investigate SA. I have been a member of the
> mailing list for a littl
At Wed Jan 14 14:13:27 2004, Sally Denhart wrote:
[Apologies to the list if this has been anwswered already -- I've
checked in the archives and can't see a reply to this. I'm a couple
of days behind with my mail.]
> I just installed Spam Assassin 2.61 on my Solaris 7 box. It
> interfaces with
Hi all,
My SPAM has reached an unprecedented level ie up to 50% SPAM and so I
have decided to install and investigate SA. I have been a member of the
mailing list for a little while and have read the presentations on the
www.spamassassin.org site but I am still partially lost on how SA works.
I kn
At Wed Jan 14 17:54:19 2004, Todd Seeleman wrote:
>
> Greetings,
>
> I'm running spamd/spamc v 2.55 on a Compaq DS20 running Tru64 UNIX v
> 5.1b. It processes ~ 5,500 pieces of email per day. Every week or so the
> system slows to a point where I must reboot. I believe I've eliminated all
I made a rule that catches many of these bogus HTML tags, based on the fact that there
are only three valid standalone tags of 9 characters or more (according to the list at
http://devedge.netscape.com/library/xref/2001/html-element/ ):
# check for invalid HTML tags of 9 characters or more
rawb
I am using Mozilla and when I delete a message it is marked:
Status: RO
X-Status: D
When I run sa-learn the deleted messages are learned. I can "compact
this folder" but I sometimes forget. Is there a way to have sa-learn not
look at X-Status: D messages, or do I have to write a perl front end?
Chris Thielen wrote:
> "Rules De Jour": An automated way to keep up with the latest rulesets.
> http://www.exit0.us/index.php/RulesDeJour
# Get latest SpamAssassin rules. Runs at 4:28AM every day.
28 4 * * * /root/bin/rules_de_jour
If this script becomes p
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On
> Behalf Of Scott Harris
> Sent: Thursday, January 15, 2004 2:05 PM
> To: [EMAIL PROTECTED]
> Subject: [SAtalk] Problems running begevil and tripwire together
>
> I think I've narrowed it down to this by try
On Sat, 17 Jan 2004, Martin Radford wrote:
> At Sat Jan 17 13:53:50 2004, Carl R. Friend wrote:
>
> > The version in my case is 2.60 with a custom ruleset of my own
> > called 20040105_00. 2.60 handles this image-spam. Here's the
> > header generated from a test of your message and some dumm
At Sat Jan 17 13:53:50 2004, Carl R. Friend wrote:
> The version in my case is 2.60 with a custom ruleset of my own
> called 20040105_00. 2.60 handles this image-spam. Here's the
> header generated from a test of your message and some dummy
> headers presented to spamssassin:
This isn't a very
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Sent: Friday, January 16, 2004 8:08 PM
> To: [EMAIL PROTECTED]
> Subject: [SAtalk] Image-ONLY e-mails not filtered?
>
>
> FYI -- I'm noticing SPAMs which contain ONLY an image are not
> being filtered
> at all.
On Sat, 17 Jan 2004, snowchyld wrote:
> how does one go about setting up an SMTPReject wrt SA ?
> are there docs for sendmail/exim/qmail etc ?
>
> i would love to 5xx say spam above certain threshold with a rude message ^_^
For Sendmail, take a look at spamass-milter. Unfortunately, you
w
On Fri, 16 Jan 2004 [EMAIL PROTECTED] wrote:
> Sorry I don't know the product version as I didn't install this, but it's
> one of the more recent releases.
The headers will tell you:
X-Spam-Checker-Version: SpamAssassin 2.60-crf_2.60_20040105_00
(1.212-2003-09-23-exp) on scanner.e
On January 16, 2004 12:55 pm, Rich Puhek wrote:
> I use a slightly different approach.
>
> I filter my emails into 4 different IMAP folders: slightly-spammy,
> somewhat-spammy, pretty-spammy, and very spammy. The filtering is based
> on increasing number of SA hits (actually the X-Spam-Level: heade
On January 16, 2004 03:56 pm, Charles Gregory wrote:
> On Fri, 16 Jan 2004, Pedro Sam wrote:
> > Here's another analogy, I leave my legally owned and licensed firearm
> > in plain view in the fore mentioned car. Robbers then proceed to
> > steal my big ass gun and rob a bank ... well, you see whe
how does one go about setting up an SMTPReject wrt SA ?
are there docs for sendmail/exim/qmail etc ?
i would love to 5xx say spam above certain threshold with a rude message ^_^
thanks in advance
- Original Message -
From: "Bart Schaefer" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent
Luser Attitude Readjustment Tool = LART = big stick to hit stupid users with
UCE/UBE unsolicited Bulk/commercial email.
Trying typing LART or UCE into google, not really to do with SA at all.
Pete
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of
jean-chri
More Generally you can use : labs.google.com
On Fri, Jan 16, 2004 at 12:13:21PM -0600, Carl Chipman wrote:
> For the new people on the list, I was wondering what the following acronyms
> mean:
>
> LART
> UBE/UCE
>
> Are the acronoyms in the FAQ?
>
> Carl Chipman
> Nomadics, Inc.
> [EMAIL
"Rules De Jour": An automated way to keep up with the latest rulesets.
http://www.exit0.us/index.php/RulesDeJour
--
Chris Thielen
Easily generate SpamAssassin rules to catch obfuscated spam phrases:
http://www.sandgnat.com/cmos/
---
The SF.N
56 matches
Mail list logo
