On Fri, 30 Jan 2004, Jennifer Wheeler wrote:
> > 'Bigevil.cf' -- never once seen in ham.
> > 'Maybeevil.cf' -- a small number of hits in ham
Here's a suggestion:
Rather than try to filter into two files, leave Bigevil as-is. Place
questionable domains that appear in Bigevil into another file (I
On Fri, 16 Jan 2004, Ross Vandegrift wrote:
> On Thu, Jan 15, 2004 at 02:20:16AM -0600, David B Funk wrote:
> > If you SMTP reject the spam, it never hits your queue, so no problem
> > with the garbage piling up and no bombarding poor innocent 'joe-job'
> > victims. It's better than auto-deleting
On Thu, 15 Jan 2004, Dallas L. Engelken wrote:
> IMHO... i still think
>
> rawbody __PGP_BEGIN /^-BEGIN PGP (MESSAGE|SIGNATURE)-$/
> rawbody __PGP_END /^-END PGP (MESSAGE|SIGNATURE)-$/
Actually the intent of my suggested change was that all t
On Wed, 14 Jan 2004, Greg Cirino - Cirelle Enterprises wrote:
> Running any type of "Server" is a violation of every consumer high speed
> access connection TOS.
That's a rather sweeping statement.
> Call it what you want, but if it serves, it's a Server
"Serving" normally means "answers incomi
On Wed, 14 Jan 2004, Greg Cirino - Cirelle Enterprises wrote:
> 40 bucks a month does not make you an ISP.
>
> No Hosting Servers
> No Email Servers
> No FTP Servers
>
> Just consuming.
Making a direct outbound connection on port 25 is not "running an email
server", any more than making a direc
On Wed, 14 Jan 2004, Bob Rosenberg wrote:
> >(Expect to see a lot more spam with the date set 30 days in the past.)
>
> But wouldn't the Received Headers which show REAL timestamps show
> intent to evade the law by BackDating the Message and thus provide
> evidence for enforcement under the law
On Wed, 14 Jan 2004, Chris Santerre wrote:
> > After installing the tripwire rules I see the following in my
> > Exim paniclog
> > (I'm using exiscan):
> > 2004-01-14 11:50:37 1Agr2C-0008RG-UP string_sprintf expansion
> > was longer
> > than 8192
If _all_ the tripwire (v 1.13) rules were hit, t
On Wed, 14 Jan 2004, Josh Endries wrote:
> Rut roh!
>
> I just received an encrypted email from a coworker and this is what SA
> gave me. It got slammed with tripwire rules (it isn't supposed to,
> right?).
In off-list mail I've suggested an improved (I feel) regex for tripwire
which Chris says
On Wed, 14 Jan 2004, Jonathan Nichols wrote:
> Did the CAN-SPAM act really take away a citizen's right to sue spammers?
No. It just took away the right to sue under certain state laws that make
explicit reference to commercial email. Actions are still possible under
other sorts of laws.
> I'd
We just received a message that was accidentally (?) passed through
something called SmiteSpam.
http://www.smitespam.com/
Here's an excerpt from the message body:
X-SpamDetect-Info: - Start SmiteSpam results ---
X-SpamDetect-Info: This message may be spam. This me
On Mon, 12 Jan 2004, David A. Carter wrote:
> What does concern me is how SpamAssassin should deal with Habeas marks,
> which clearly *is* on-topic. Specifically, should SpamAssassin
> auto-learn Habeas-marked messages as ham, as it does today?
This is no different than the question "Should SpamA
On Mon, 12 Jan 2004, Theo Van Dinter wrote:
> "why does habeas get a score of -8 in SA by default" is on topic, "why
> do the habeas people think their business model is going to work" isn't.
How about "Why do the SA developers (who assigned a score of -8) think the
Habeas business model is going
I saw a posting go by suggesting that any message claiming to be CAN-SPAM
compliant (hmm, is that rule going to hit _this_ message just because I'm
discussing it?) must automatically be spam.
This may not be a good assumption.
One of the (possibly unintended) effects of the law is that ALL commer
On Fri, 19 Dec 2003, Justin Mason wrote:
> S877 is the CAN-SPAM act.
One of the interesting provisions of CAN-SPAM is that it distinguishes
"commercial" email, but does not distinguish "bulk" email.
That means that even single email messages between private parties must
comply with the CAN-SPAM
On Fri, 5 Dec 2003, Satya wrote:
> On Dec 5, 2003 at 08:46, [EMAIL PROTECTED] wrote:
>
> >Adding insult to injury, Procmail won't cope if the first character of
> >a regular expression is a backslash, so we have to add a set of parens
> >to protect +that+ as well.
> >
> > * ^Subject: (\*\*\*\*\*
On Thu, 4 Dec 2003, Chris Santerre wrote:
> OK I have issues:
>
> > promotion.entertainment.com (70)
> > a1524.g.akmaitech.net (82)
> > and service.bfast.com (150)
>
> Up until now, no one has really done anything with hosts. This is kind
> of the first instance where it will make a large impact
On Thu, 4 Dec 2003, Mark Muller wrote:
> promotion.entertainment.com (70)
> a1524.g.akmaitech.net (82)
> and service.bfast.com (150)
>
> Personally, I'll be whitelisting ticketmaster rather than removing
> akmaitech :P I hate those guys.
I presume you mean "akamaitech". What have you got agains
On Tue, 2 Dec 2003, Rich H. wrote:
> This is a copy of the logs:
Looks like you may have edited the .procmailrc on a Windows machine and
ended up with Windows-style line endings on the added lines (that is, both
a carriage-return and a linefeed). Procmail only understands Unix line
endings (line
On Sat, 29 Nov 2003, mairhtin wrote:
> procmail: Extraneous locallockfile ignored
That's coming from this line:
> :0:
The trailing colon means to use a lockfile, but your action (i.e., nested
recipes enclosed in braces) doesn't provide procmail with a filename that
it can use as the basis for a
On Tue, 25 Nov 2003, Frederick M Avolio wrote:
> http://marc.theaimsgroup.com/?l=spamassassin-talk&m=106883816809749&w=2
>
> The error was:
>
> Nov 14 11:02:12 lh spamd[17078]: Use of uninitialized value in open at
> /usr/lib/perl5/site_perl/5.6.1/Mail/SpamAssassin/TextCat.pm line 63.
This may
On Thu, 20 Nov 2003, Daniel Kaliel wrote:
> :0
> *
> ! [EMAIL PROTECTED]
You don't need the "*" line there. No conditions is the same as an empty
condition.
> Does not deliver the email to the email on the server, instead fires
> everything off to there blackberry.
Right, a forwarded message i
On Mon, 17 Nov 2003, Brian Godette wrote:
> On Monday 17 November 2003 11:22 am, Bart Schaefer wrote:
> > :0 c : $HOME/.sa$LOCKEXT
> > * ^X-Spam-Checker-Version:.*-$SAVERSION
> > * ^X-Spam-Status: Yes.*autolearn=ham
> > | sa-learn --forget
>
> There's one
On Mon, 17 Nov 2003, Brian Godette wrote:
> > X-Spam-Status: Yes, hits=6.0 required=5.0 tests=BAYES_99 autolearn=ham
> > version=2.60
>
> In my opinion this is an annoying flaw in 2.6 as any spam that doesn't
> hit any of the standard rules is learned as ham, if the default
> auto-learn t
On Sat, 8 Nov 2003, Colin A. Bartlett wrote:
> Today I received my first spam to the honeypot address I setup about 3
> weeks ago (bgates at colinabartlett dot com). This is an address I never
> used before and sent only to the aforementioned "unsubscribe" links.
> It's pretty safe to say now that
On Fri, 7 Nov 2003, Robert Menschel wrote:
> So you'd be suggesting something like:
>
> body T_SAMPLE /(?:word1|word2|word3|word4|word5)/i
> describe T_SAMPLE Message has medical words frequently used in spam
> score T_SAMPLE 0.5
> accum T_SAMPLEA ( T_SAMPLE > 5 )
> score T_S
On Fri, 7 Nov 2003, Justin Mason wrote:
> BTW, SpamAssassin originally started with accumulating rules. But I took
> it out, as it meant a long hammy mail had a much higher chance of FP'ing,
> due to containing more text.
>
> I'd be worried that accumulating hits would reintroduce the same
> pro
Found in a Nov. 1 posting to the SpamCop discussion list:
SpamCop now implements "pre-emptive" blocking of hosts. This is based on
non-SUBE points (mail volume) alone, and is not related to complaints. If
a host has no mail volume within the past 7 days except for a 1 day or
less period where
On Wed, 5 Nov 2003, Chris Santerre wrote:
> All have a tracking header, but name changed:
> Kel-Tracking:
> The key is it they ALL ended with "==>"
That looks like base64, if you drop the < and >. Running it through
"mmencode -b -u" gives "[EMAIL PROTECTED]", how surprising.
The "=" signs are
On Sun, 26 Oct 2003, Dan Kohn wrote:
> debug: executable for dccproc was found at /home/dankohn/bin/dccproc
>
> Could someone please tell me why razor triggers in the former but not
> the latter?
You're sure the PATH contains $HOME/bin when procmail is invoked by
sendmail?
--
On Mon, 13 Oct 2003, Jack Gostl wrote:
> > Given that spammers are now using hijacked machines as HTTP proxy servers,
> > you're more likely to DDOS several dozen poor schmucks' home cable modem
>
> No... I think you missed something here. If the spam was hawking the "ABC
> Corp. wrinkle removal
On Mon, 13 Oct 2003, Jack Gostl wrote:
> By the way, there is an interesting article on "fighting back" by Paul
> Graham called "Filters That Fight Back."
>
> http://www.paulgraham.com/ffb.html
>
> He basically suggests culling URLs from spam and kicking off something
> like wget to retri
On Fri, 10 Oct 2003, Luis HernĂ¡n Otegui wrote:
> Hi, does anyone have any ideas about how to create a shortcut in PINE
AFAIK there's no such thing as a shortcut in Pine.
> to remove spam headers from a message? Also, it would be great if this
> shortcut could pipe the results to sa-learn, so the
On Mon, 6 Oct 2003, David M. Carney wrote:
> I've only had spamassassin installed and operating for about 2 days.
>
> I don't normally get a lot of spam, but it only seems to be stopping
> about half of all the spams that hit my mailbox.
About half the spam I got overnight was stopped only becau
On Thu, 2 Oct 2003, John Biggs wrote:
> I'm torn: I like Spamassassin and I like ASK (Active Spam Killer). Has
> anyone been able to filter spam through SpamAssassin first and then hit
> a CR system like ASK for extra protection?
Pet peeve time ...
C/R systems employ what's called "cost shifting
On Tue, 30 Sep 2003, Smart,Dan wrote:
> For whatever reason, SA does not think I have any ham. Yet when I run
> sa-learn --ham I get:
>
> debug: Failed to parse line in SpamAssassin configuration, skipping:
> timelog_path /tmp/satiming
That worries me a little. I think it'll stop SA from rea
On Mon, 29 Sep 2003, Jack Gostl wrote:
> That new Bayes algorithm is mighty touchy. So far its tagged four real
> messages with a BAYES_99, three of them today alone. In just five days
> it has had twice the false positives that 2.55 had in four months.
I speculate that if your Bayes database was
On Sat, 27 Sep 2003, Mark Edwards wrote:
> Sep 27 15:15:50 lilbuddy spamd[47851]: server hit by SIGHUP, restarting
>
> spamd dies shortly thereafter.
Happens to me, too, with perl 5.005. Works fine with 5.6.1 on another
machine.
---
This sf
On Fri, 26 Sep 2003, Justin Mason wrote:
> 2. in the -r command line, use -p to tell it to read that prefs file.
> If you really want more ways to speed this up, I'd suggest using the
> Mail::SpamAssassin object directly, reusing it for several methods as
> Theo's "handlespam.txt" script does.
D
See the attachment to bugzilla # 2508. It came in with a very low score
because the header (the entire header, not just a particular field) was
mangled, so most of what would have been header spamsign showed up in the
body, and the base64'd body content didn't get decoded.
My question is, should
On Wed, 24 Sep 2003, Steve Simitzis wrote:
> like i said in my original mail, in 2.55, the file 20_compensate.cf
> contained numerous checks for false positives, including checks for
> yahoo groups. in 2.60, there are only three lines.
Hardwired compensations are too easily discovered and forged
On Thu, 25 Sep 2003, Matt Kettler wrote:
> score FORGED_HOTMAIL_RCVD2 0.051 0 1.884 2.499
>
> Notice that in both set0 and set1, it's less that 0.1. Thus the email
> scores less that 0.1 when evaluated for autolearning.
Perhaps it would be a good idea to take the difference between the score
wi
On Wed, 24 Sep 2003, Matt Kettler wrote:
> The message must be _exactly_ the same as it originally was, headers and
> all. Even very subtle changes can cause the bayes engine to learn things
> you might not expect. You want it to learn about ham and spam, not about
> forwarded message formats.
On Wed, 24 Sep 2003, Vivek Khera wrote:
> All CPAN does it automatically fetch, extract, make, test, and install
> the module and any listed dependencies.
That's not _quite_ all. It may also have stored system configuration
defaults, like a non-standard PREFIX or the value of UNINST etc., which
On Wed, 2 Jan 2002, Trevor Rhodes wrote:
> While installing I get the following error. Anyone have any clue as to why
> and what I can do?
You could try resetting your system clock. Your mail had a Date: header
of January 2, 2002.
---
This
On Tue, 23 Sep 2003, Chris Tatro wrote:
> Can anyone please help me on this?
I presume you've run "spamassassin -D --lint" ?
---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_
On Tue, 23 Sep 2003 [EMAIL PROTECTED] wrote:
> I thought I'd join the CPAN bandwagon and install SA with it. To my
> horror, it installed perl 5.8 (I use 5.005) and all the mods.
This was a bug in the CPAN modules themselves, prior to CPAN v1.63 or so
(I forget exactly). Following the recommend
On Tue, 23 Sep 2003, Landy wrote:
> ihave same problem and it was fine in 2.55
>
> problem began with 2.6
I think that's just coincidence. The tests are exactly the same in both.
---
This sf.net email is sponsored by:ThinkGeek
Welcome to ge
On Tue, 23 Sep 2003, Malte S. Stretz wrote:
> But it seems like some of those .EXEs have different "magic" bytes. This
> works for me:
> /^TV[qp]QAA[MI]EAA[A8]A/
>
> You can change this in EvalTests.pm, line 2413.
For a lot of people it'd probably be easier to edit local.cf to insert:
ra
On Tue, 16 Sep 2003, Tom Meunier wrote:
> WTF is Verisign doing anyway? Deciding the Internet is their own
> private toy?
Making a grab for cash:
Back-of-the-envelope calculations suggest that VeriSign could create
revenue of $1m per day for itself and partners if it could convert
On Sun, 7 Sep 2003, Steven W. Orr wrote:
> If someone sends *me* a copy of Sobig:F I catch it as spam just fine.
> But if it's sent to listaddr, then it comes in with no processing from
> SA. What I want is to say that *all* incoming mail needs to go through
> SA.
This probably means that your ma
On Sat, 6 Sep 2003, Bob Apthorpe wrote:
> I use:
>
> :0fw: spamc.lock
> * !^X-spam-status:[ ]*Yes
> * < 10
> | /usr/bin/spamc -d localhost -p 783 -u apthorpe
>
> The lock file (the ': spamc.lock' part of ':0fw: spamc.lock') keeps you
> from invoking more than one spamc at a time to keep
On Wed, 3 Sep 2003, Larry Gilson wrote:
> It appears that even though spamc aborts the attempted spamd connection
> after 3 retries, it will not produce a non-zero exit code. Is it my
> recipe or spamc?
It's spamc. From the manual page:
-f Cause spamc to safe-failover if it can't conn
On Thu, 4 Sep 2003, Dave Kliczbor wrote:
> The mechanism I use to determine in which folder the mail will be stored
> is simple: maildrop (a tool similar to procmail) looks for the
> X-Spam-Level header and sorts the mail according to that header into the
> IMAP folders. So the final score counts.
On Tue, 2 Sep 2003, Larry Gilson wrote:
> > > :0fw
> > > * !^Subject:.*SAtalk
> > > | spamc -u "$LOGNAME"
> > >
> > > SCANNED=$?
> > >
> > > :0 Efw
> > > * SCANNED ?? ^^0^^
> > > | spamassassin -a
> >
> > I'm pretty sure that wouldn't work. The E causes the second
> > to always be skipped unl
On Tue, 2 Sep 2003, Ron Gilbert wrote:
> I guess my complaint is that I would have rather it started working and
> been somewhat useless (like POPFile did), or provide much better
> feedback on it's status.
SpamAssassin's ethos has always been that a few false negatives are better
than even one
On Sat, 30 Aug 2003, Forrest Aldrich wrote:
> OT question: I've recently been seeing these types of entries in my
> mail log (sendmail 8.12.9+SA-2.55+SA-Milter) which I can't explain.
The latest SourceForge user newsletter says:
... Now every email that is sent through our
mail servers, eithe
On Fri, 29 Aug 2003, Andreas Kotowicz wrote:
> seems like I had to update HTML-Parser to version 3.31. now it works.
> but I still get one error messages during make test:
>
>
> t/spamd.ok
> t/spamd_allow_user_rules. Found anti-pattern:
> redefined_errors_in_spamd_log = redef
On 27 Aug 2003, K Old wrote:
> Why is it called a "joe-job"?
http://www.everything2.com/index.pl?node=Joe%20Job
---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
__
On Wed, 27 Aug 2003, Rick Macdougall wrote:
> Patrick Morris wrote:
>
> > That has got to be the single funniest piece of spam I've seen in a long
> > time. :)
> >
> > jherschel wrote:
> >
> >> -Original Message-
> >> *From:* Tyler Madison [mailto:[EMAIL PROTECTED]
> >> *Sent:* Wednesd
On Wed, 27 Aug 2003, 'Carlo Wood' wrote:
> List of mailers of mails with msg-id without domain:
>
> X-Mailer: Z-Mail (3.2.3 08feb96 MediaMail)
I haven't looked at the source in a while, but I'm almost certain this is
simply because IRIX's gethostname() doesn't return a FQDN, at least in
that vi
On Tue, 26 Aug 2003, Dave Stern - Former Rocket Scientist wrote:
> > > :0:
> > > * !^X-Spam-Status:.*USER_IN_WHITELIST
> > > $MAILDIR/rejects
> > >
> > >
> > > X-Spam-Status: No, hits=-93.4 required=5.0
> > > tests=BASE64_ENC_TEXT,BAYES_60,HTML_40_50,MIME_HTML_ONLY,
> > > RE
On Tue, 26 Aug 2003, Chris Santerre wrote:
> > -Original Message-
> > From: Larry Gilson [mailto:[EMAIL PROTECTED]
> > Sent: Tuesday, August 26, 2003 12:58 AM
> >
> > Do you have a feel for the number of rules that would need to be
> > in user_prefs to have a significant impact on perform
On Tue, 26 Aug 2003, Dave Stern - Former Rocket Scientist wrote:
> :0:
> * !^X-Spam-Status:.*USER_IN_WHITELIST
> $MAILDIR/rejects
>
>
> X-Spam-Status: No, hits=-93.4 required=5.0
> tests=BASE64_ENC_TEXT,BAYES_60,HTML_40_50,MIME_HTML_ONLY,
> RECEIVED_IDENT_CACHEFLOW,USER_IN
On Mon, 25 Aug 2003, Ryan Moore wrote:
> I got an email that made it by spamassassin with virtually no hits,
> which looks like it used some wierd mime technique to get through
> spamassassin. [...]
>
> Is it valid to specify a different boundary in the mime header (when not
> attaching a rfc
On Sun, 24 Aug 2003, Gary Funck wrote:
> # Otherwise, just test an excerpt, and deliver spam
> # directly into big-spam.mbox.
> :0E:
> * ! ?(head -c 7500; echo ""; tail -c 7500) | spamassassin -e
> big-spam.mbox
Even that won't work, because "head -c 7500" will consume the entire
message so "tail
On Fri, 22 Aug 2003, Chris Santerre wrote:
> opps sorry, this was typoed by my big fingers:
>
> header MY_HEADER_TAG6 List-Unsubscribe =~ /^\/i
>
> Ah that's better :-)
Er, that's a standard RFC2369 mailing list header, which the RFC
recommends should contain a mailto: URL. Why are you ta
On Wed, 20 Aug 2003, Jim wrote:
> I've been getting these once in a while, they just seem to have random
> words in them.. no sales pitch that I can see. And they are always
> different sets of words.
The random words are meant as a Bayes-buster. If you look at the raw HTML
content, you'll see
On Tue, 12 Aug 2003, Louis LeBlanc wrote:
> On 08/12/03 01:12 PM, [EMAIL PROTECTED] sat at the `puter and typed:
> >
> > Would it be wise to sa-learn that message as ham?
>
> Nope.
Eh? Of course it would be wise to learn the message as ham. The more
data the classifier has, the more accurate
On Tue, 12 Aug 2003, Louis LeBlanc wrote:
> > Ideally you'd train [SA's Bayesian] on every message you receive.
>
> That particular message will almost certainly never pass through his
> system again, so why use the content to train bayes?
If that argument was valid, you'd never train Bayes on h
On Mon, 11 Aug 2003, Support wrote:
> For example, the Date doesn't seem to be 6-12 hours before the
> Received: dates; it looks OK to me.
> Received: from metromaster.physics.campus.edu
> (metromaster.physics.campus.edu [1.1.16.30])
> by scud.iquest.campus.edu (8.11.6/8.11.6) with ESMTP id
On Mon, 4 Aug 2003, Florian Effenberger wrote:
> Is there an option within procmail to filter out headers? So I could do
> it via procmail instead of modifying the code...
:0 fhw
| formail -I X-Spam-Checker-Version:
---
This SF.Net email spon
PR2 was on Jun 28. I figured there'd have been a release (or at least a
PR3) by the time I got back from vacation, but apparently not. I scanned
back through a few weeks of the sa-dev archives without seeing anything
about this. What's the status?
-
On Tue, 15 Jul 2003, Steven W. Orr wrote:
> I want a recipe for /etc/procmailrc which conditionally runs a message
> through spamc *only* if it hasn't already been processed by SA. I want
> to use the X-Spam-Status and/or the X-Spam-Flag headers.
Use the version_tag directive in /etc/mail/spamass
On Thu, 3 Jul 2003, Kai Schaetzl wrote:
> Rick Beebe wrote on Thu, 03 Jul 2003 15:58:49 -0400:
>
> > They were legitimate email messages which, for whatever
> > reason, failed the PENIS_ENLARGE test.
>
> Simple solution: if that is true, submit it as a bug.
That doesn't necessarily help. See
On Wed, 2 Jul 2003, Jim Ford wrote:
> If spam with eg 'penis enlargement' is
> slipping through as has previously been mentioned
No, spam in that format is not what has previously been mentioned.
The format that has been mentioned is
pengarbageis
which I speculate SA is translating to "pengar
(Is this still "OT"?)
On Wed, 2 Jul 2003, Kai Schaetzl wrote:
> > The only way to extract the text as the viewer would see it is to use
> > the renderer of the viewer's mail client [impossible, given that SA
> > generally runs before the message is even delivered]
>
> Well, I think one can do th
On Wed, 2 Jul 2003, Bill wrote:
> What I dont understand is why you guys dont just pass html messages thru
> the rendering core of Mozilla
Possibly because Mozilla isn't written in Perl?
Possibly because SA already has its own HTML renderer through which the
messages are passed?
> and extract t
On Wed, 25 Jun 2003, Will Yardley wrote:
> If I do: |sa-learn --spam
> from within mutt or Pine, it seems to just sit there.
It needs --single as well.
In pine what you want to do is
| to get to the pipe prompt
^W (ctrl-w) to select RAW
On Sat, 7 Jun 2003, Jim Ford wrote:
> Now I've got SA working well (thanks NG!), I'd really like to do
> something to hit or at least cause some inconvenience to spammers,
> rather than just passively dump spam. Devin Carraway's Sugarplum spam
> poisoner look an interesting option, does anyone use
On Fri, 6 Jun 2003, Matt Kettler wrote:
> Fair enough.. Did you try this same test using the command-line SA, or does
> this problem only show up for incoming mail?
Ah, there it is: "ps" shows that spamd got started up with -L.
Sorry for the red herring.
-
On Fri, 6 Jun 2003, Matt Kettler wrote:
> I think it was either Theo Van Dinter or Tony Svanstrom that once
> pointed out that any spamtrap listed on a website needs to be closely
> monitored, as some mailviruses for some reason will wind up extracting
> email addresses from websites and inadverte
On Fri, 6 Jun 2003, Matt Kettler wrote:
> At 09:10 AM 6/6/2003 -0700, Bart Schaefer wrote:
> >Before I file a bugzilla about this ...
> >
> >debug: Score set 3 chosen.
> >
> >That means SA thinks network tests are not in use, but as the trace
> >continues
Before I file a bugzilla about this ...
debug: Score set 3 chosen.
That means SA thinks network tests are not in use, but as the trace
continues after the scoreset is already chosen I find ...
debug: Initialising learner
debug: is Net::DNS::Resolver available? yes
debug: trying (3) nytimes.com.
On 5 Jun 2003, Robin Lynn Frank wrote:
> The purpose of language is to communicate. Ambiguity is not
> communication.
Humans resolve ambiguity in communication all the time. In this case the
point was to resolve the ambiguity with the least paranoid interpretation.
Cf. "Enough with the conspi
On Thu, 5 Jun 2003, Alan Leghart wrote:
> OK. So how about the unanswered post from earlier today?
>
> --On Wednesday, June 4, 2003 11:07 AM -0400 [EMAIL PROTECTED] wrote:
>
> > When I send e-mail to some people using spamassassin it gets flagged as
> > spam with the Forged-MUA-Outlook fl
On Mon, 2 Jun 2003, Britton wrote:
> Under pine, I first turn full headers on, then use '|' to pipe message to
> sa-learn --(spam or ham) --no-rebuild --single. Until now, I have been
> using the SHOWN text, but I just noticed that pine can also send RAW text.
You should send the RAW text; sa-l
On 28 May 2003, guenther wrote:
> How can I tell SA to not remember them as candidates for negative AWL?
Does
spamassassin --remove-from-whitelist < spam
not do what you want?
---
This SF.net email is sponsored by: ObjectStore.
If f
On Tue, 25 Mar 2003, Matt Kettler wrote:
> ... any spammer smart enough to look at the SA scores will also be smart
> enough to run his emails through SA as a test and discover the
> deception.
Yeah, I thought about that, but it was still fun to speculate.
-
On Tue, 11 Mar 2003, Simon Byrnand wrote:
> However, by default spamc won't pass messages bigger than 256KB through
> to spamd for scanning, and it is recommended to configure procmail to
> not even bother calling spamc if the message is bigger than 256KB.
>
> Has any one devised a way of getting
On Wed, 26 Feb 2003, Rob Mangiafico wrote:
> How is everyone finding the effectiveness of 2.50 vs. 2.43/4 without the
> use of a tweaked Bayes filter? Better? Worse? The same?
I've had one false positive (caused by new non-Bayes rules, and not
salvaged by Bayes training) and two false negatives,
On Fri, 31 Jan 2003, Greg Cirino wrote:
> |
> | On January 1st 2002, the European countries began
>
> what you have below as well as bogus closing tags example:
> or or... well you get the idea, does not
> get checked.
>
> I imagine a private rule (derived from the OBFUS...ENT rule) would
>
On 31 Jan 2003, Tony Earnshaw wrote:
> This joker/subscriber set off my automatic smtp 550 mail refusal system
> [...]
> I've gzipped his offending mail and attached it, so that people can see
> *why* it was refused (it got 9.1 points, trigger is 5.0).
A 5.0 trigger is much too low (IMO) for gen
On Thu, 23 Jan 2003, Josh Trutwin wrote:
> http://spam-die.sourceforge.net/
>
> I was curious if people think this is an effective way to stop spammers
> from snatching your e-mail?
This idea has been around for a very long time (search for "wpoison", and
you'll find references back to 1997 or e
On Fri, 17 Jan 2003, Roman Katzer wrote:
> How about having SA 'render' the mail and have it work on the rendered
> version? This way, things like those comments simply wouldn't matter.
I'm 90% certain that SA already does this, and I'm surprised that nobody
else has pointed that out (which is wh
On Thu, 16 Jan 2003, John Madden wrote:
> > Exactly. The mail has a hotmail from address, but nothing in the
> > Received headers says it came from hotmail, so it gets flagged.
>
> I believe the logic is hosed there, then. There's nothing wrong with
> announcing that your email address is @hotm
On Sat, 21 Dec 2002, Justin Mason wrote:
> some list-sending sites now use per-recipient Message-Ids, From
> addresses, Errors-To addresses, etc., and send 1 mail per recipient, in
> order to figure out which recipient is bouncing.
>
> There's also something called VERP, which I think is related,
I'm pretty sure the "scramble-message-id" feature is intended to prevent
harvest spammers from mistaking your message-id for an email address.
-- Forwarded message --
Message-id:
Date: Tue, 10 Dec 2002 09:40:49 + (GMT)
From: Nancy McGough <[EMAIL PROTECTED]>
To: Procmail Mail
On Thu, 14 Nov 2002, Michael Stenner wrote:
> On Thu, Nov 14, 2002 at 10:41:27AM -0800, Bart Schaefer wrote:
> > Nope. Spamc specifically MUST NOT be a setuid executable. Rather, at
> > run time it must be able to execute the setuid() [or seteuid()] system
> > call, w
On Thu, 14 Nov 2002, Michael Stenner wrote:
> On Thu, Nov 14, 2002 at 08:19:56AM -0800, Bart Schaefer wrote:
> > (1) Require the existence of a special pseudo-user to which spamc must
> > setuid before it will pass the -u username to spamd. (-U option?)
> >
> > (2)
On Wed, 30 Oct 2002, Michael Stenner wrote:
> This is all great, but we're a little concerned about the fact that a
> modified spamc can be used to do mildly nasty things to other people
> by telling spamd it's someone else.
On Thu, 14 Nov 2002, Theo Van Dinter wrote:
> I still don't see the pur
1 - 100 of 361 matches
Mail list logo
