Try Jennifer's chickenpox ruleset, it is geared to catch these. You can
find it at: http://www.emtinc.net/spamhammers.htm
Bill
---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integrat
+^~'\$*=\#|013467\(\)\[\]\{\}<>"][a-zA-Z]{2}(? at /usr/share/spamassassin/chickenpox.cf, rule J_CHICKENPOX_32, line 1.
Check for line wrapping, as chickenpox.cf contains some very log lines that
need to remain on a single line and not wrap.
Bill
-
-1mdk.src.rpm
-Bill Randle
[EMAIL PROTECTED]
---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http
> The most appropriate response would be to demand Microsoft fix
> their software.
That is about as effective as trying to catch your breath in a vacuum. :)
---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Too
location is. Both files are identical.
> I know bigevil list is being used because I can see them in the reports.
>
> Can you tell me which one is the correct location?
The one in /etc/mail/spamassassin will be used; the other one is
ignored. (I made the same mis
rg/spamassassin-2.62-1mdk.src.rpm
md5sum:
65d95956ead44c0f92e76700eb55c924
perl-Mail-SpamAssassin-2.62-1mdk.i586.rpm
2174632461453879253930e7190e3909 spamassassin-2.62-1mdk.i586.rpm
9e42f0f61608142167258060fb9ea44b spamassassin-tools-2.62-1mdk.i586.rpm
dd58ed97ef5e35929ede17d9a08b6a79 spamassassin-2.62-1mdk.src.rpm
> No Hosting Servers
> No Email Servers
> No FTP Servers
>
> Just consuming.
My mail and web server generates about 10-20MB of traffic per month and is a
far far more secure connection than my neighbor's connection which generates
100+MB of outbound traffic per day playing online multiplayer game
"|/usr/bin/sa-learn --spam --norebuild"
hamlearn: "|/usr/bin/sa-learn --ham --norebuild"
Other tools can be used as the imap client to grab the mail of the
exchange server, but
this was recommended in something I read and so far has been working fine.
-Bill
Wow, very nice Bob! Thanks for sharing this with the list. I'll give it a
try this next week and see how it goes.
Bill
- Original Message -
From: "Robert Menschel" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, January 11, 2004 3:31 PM
Subject: [
Check-out amavisd-new, it can invoke SA and, based on the result score,
apply any of several different options, including quarantining or discarding
the message.
Bill
- Original Message -
From: "Andrew Cranson" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sund
vism&href=http://www.lacerate.com
You also have MSN joining in as a late comer perhaps intending to take over
the spam url masking world.
http://g.msn.com/1SUenus/CT?http://www.2026.com/F/index.html
Maybe they hope to embrace and extend this technique also.
We would appreciate a response.
ile lives (typically
/etc/mail/spamassassin) then restart whatever app you use to call
spamassassin.
Bill
---
This SF.net email is sponsored by: Perforce Software.
Perforce is the Fast Software Configuration Management System offering
advanced bra
> Can Anybody tell me how to configure spamassassin on redhat
> 8.0/ sendmail
>
> With Regards,
> Sarvesh Singhal
>
> Abhikalak Consultants
> (Systems and Security Division)
> B-326, Sarita Vihar,
> New Delhi - 110 044
> Ph: +91 11 2695 2234-35
> web:www.abhikalak.com
Perhaps a good first step
Abused url
http://g.msn.com/1SUenus/CT?http://www.Nicole.name-williams.com/E/4156.html
my url
http://g.msn.com/1SUenus/CT?http://www.compu.net
Rule to catch.
uri MY_URI_REDIRECT2/http:\/\/g.msn.com\/1SUenus\/CT\?*/i
score MY_URI_REDIRECT2 4.0
describe M_URI_REDIRECT2 contains url o
- Original Message -
From: "Martin Radford" <[EMAIL PROTECTED]>
> At Thu Jan 1 00:53:48 2004, jennifer wrote:
>
> > Bill Landry contacted me with some nice edits on Chickenpox. More
> > punctuation included (in addition to "."), and the s
Chris, check the "uri BigEvilList_14" line, you have a couple of dots "." in
front of the escape character "\" instead of behind it. That's what's
causing the "Illegal octal digit" warning when you --lint the new BigEvil.cf
file.
Bill
- Orig
Subject: [SPAM 50.63] Would You Like to Save Tons on Health Care? lilly
Date: Tue, 28 Oct 2003 09:07:06 + (GMT)
---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up
27;s dynamic IP listings) dynamic IP
DNSBL. Some people considered it too aggressive (too likely to generate
false positives), so rather than import it into dnsbl.njabl.org, it was
added as a separate sub-zone so that those who wanted to use it could, and
those who d
> You say you believe you changed noting important, but apparently
> _something_ important was changed. What can you remember
> about settings you
> changed since it last worked?
One of the easily missed gotcha's is editing the file in windows notepad or
another unix-unaware editor. This insert
- Original Message -
From: "Theo Van Dinter" <[EMAIL PROTECTED]>
> On Sat, Dec 20, 2003 at 11:49:37AM -0800, Bill Landry wrote:
> > I was wondering if the SA developers are considering adding support
> for
> > "Sender Permitted From" (SPF) i
quite well.
Although it will take wide support to make SPF a really viable spam test, by
including native support for SPF in SA, this would certainly go a long way
in helping to make SPF a more widely adopted standard.
Thoughts?
Bill
---
This SF.ne
hanks,
Bill
---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up for IBM's
Free Linux Tutorials. Learn everything from the bash shell to sys admin.
Click now! http://ad
Comments and suggestions on this rule are appreciated.
full LOCAL_IEREDIR /[EMAIL PROTECTED](\/|htm|html|php|shtml)?/
score LOCAL_IEREDIR 150
describe LOCAL_IEREDIR Possible phishing/URL Masking attempt detected.
Bill Larson
Network Administrator
Compu-Net Enterprises
(931) 920-0043 or (877
http://[EMAIL PROTECTED]/malicious.html
http://[EMAIL PROTECTED]/malicious.html
returns http://www.trusted_site.com/ in the browser address line this can
be done with any website. It can also be done with a https site as well.
Any suggested rulesets for this one.
Bill Larson
Great!
How is this done. Where and how do I tell SA to not scan messages that have
the string *SPAM* in the subject line.
I am guessing that it goes in procmailrc, but what is the command / syntax
that does this?
Bill
--On Thursday, December 18, 2003 5:38 PM -0800 "XLNC Studios (Bill
hanks,
Bill
---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up for IBM's
Free Linux Tutorials. Learn everything from the bash shell to sys admin.
Click now! http://ad
.
Bill
- Original Message -
From: "Jeff Lasman" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, December 14, 2003 11:11 PM
Subject: [SAtalk] DCC ? Vipul's Razor? skip_rbl_checks?
> I'm using spamassassin version 2.55 with Exim version 4.24, as
out being held inadvertently as a possible FP, by applying
these very basic e-mail tests to reduce the overall score.
Thoughts and feedback appreciated...
Bill
---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expe
you want to make sure there are no problem, you can run:
spamassassin --lint.
Bill
- Original Message -
From: "Raquel Rice" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, December 14, 2003 11:06 PM
Subject: Custom Rules (was Re: [SAtalk] Clever spam (fir
nly punctuation make you
saw being used, or because you had problems when adding other punctuation
marks?
Bill
---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up for
set also.
Bill
- Original Message -
From: "Larry Starr" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, December 11, 2003 7:49 AM
Subject: [SAtalk] Detecting strings of Gibberish
> > I have noticed that many SPAM emails, end with seversl lin
It's pretty straight forward, just make sure that the config options point
to the correct directory and file locations for your setup. If you have
specific questions after you have done this, let me know.
Bill
- Original Message -
From: "Smart,Dan" <[EMAIL PROTE
environment than dccproc, since it does
not need to be instantiated for each message scanned.
Bill
- Original Message -
From: "Smart,Dan" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, December 10, 2003 7:57 AM
Subject: [SAtalk] Using dccifd instead of
server and would like to set up a spam
corpus for the new server. I have several thousand spams saved in an outlook
folder. Do I need to extract each of those spams from the report or can I
submit the encapsulated report message? Will SA strip the added
headers/encapsulation?
TIA,
Bill
o get around to reading my mail and doing it?
>
> If so, how.
I sure hope not, since auto-reporting invites lots of false reports. No
matter how accurate you think your spam rules are, human interaction is
still necessary to validate and confirm a message is actually spam before
r
> If you don't then you can expect exactly this type of
> activity from Mcafee.
>
> Considering that Spamassassin is now the "preferred" spam
> tool for ISPs, and getting some great press, they would be
> stupid not to take this logical step soon.
Exactly my point! I have had dealing with thei
> X-Spam-Status: No, hits=1.5 required=5.0
> tests=BAYES_50,BIZ_TLD,CASHCASHCASH,
> DNS_FROM_RFCI_DSN,HTML_FONTCOLOR_BLUE,HTML_FONT_BIG,
> HTML_FONT_INVISIBLE,HTML_MESSAGE autolearn=no version=2.60
The message was not spammy enough to trigger SA. Your bayes gave it a
neutral value
> > Yep, it was trademarked by Deersoft, and now owned by
> McAfee following
> > their acquisition of Deersoft.
>
>
> Crap! I hope McAfee does not get the idea to start licensing
> SA. That would suck!
Now that the name SpamAssassin is getting to be known as the premier product
on the market
Title: Message
Please
search the archives or RTFM, this subjesct has been covered dozens of
times.
-Original Message-From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Mike DSent: Monday, December 08, 2003 12:09 PMTo:
[EMAIL PROTECTED]Subject: [SAtalk] Del
IMHO, the best way to handle html mail is bit-bucket the message and send a
note to the sender that html messages are not accepted by the server and
include a link on how to kill html in their mailer.
---
This SF.net email is sponsored by: IBM
Title: Message
It
would be easy to set up a procmail rule to move all tagged spam into a folder on
the SA machine however this is a very dangerous thing to do as falsely tagged
mail (FP) will never be delivered and the recipient has no way to recover the
mail. It is much better to just tag t
t); if it's less than that, no
headers will be added
5. in amavisd.conf, set $log_level = 2 for more logging. This should
show both SPAM and SPAM-TAG in the mail log file. This will help
verify spam is detected and tagged at the requested level.
-Bill
---
0_scores.cf:score FORGED_OUTLOOK_HTML 1.101 1.101
1.100 1.000
/usr/share/spamassassin/50_scores.cf:score FORGED_OUTLOOK_TAGS 1.101 1.101
1.001 1.001
will be ignored if you set different scores for these tests in your local.cf
file.
Bill
---
This
> What if we were to setup some kind of automatic update script
> that would wget the latest version of the file every evening?
> That way we would all be up to date all the time. To that
> end, we could even setup a little web-based app whereby a
> coalition of we vigilantes could add spammy
I just got this virus message that appears to have come from sourceforge.
Did anyone else get this or did my antivirus FP on me?
---snip-
The virus checker has found potentially malicious code in a mail by
[EMAIL PROTECTED] Delivery has been stopped.
The recipient(s) for
>
> I've read numerous antispam articles, and NONE have given SA justice.
>
I think the main reason for the poor reporting of SA is mainly due to the
fact that every one of the reviews has been done by a company that has an
agenda. That agenda being, collecting advertising funding from commercia
On Mon, Nov 24, 2003 at 06:17:54AM -0800, James Nonya wrote:
> I'm running Slackware 8.1 which comes with perl 5.6.1. I've been
> running spamd just fine since 2.55 was released. I compile and
> install SA 2.60 and all goes well. When I try to start spamd here's
> what I get:
>
> Insecure direc
> And now for the real world.
>
> only 50 or less users:
>
> Brightmail$ 2,998 for 2 years
> FrontBridge $ 2,700 for 2 years
> Postini $ 2,700 for 2 years
> ProofPoint$ 2,000 for 2 years
> SpamAssassin $ 3,100 for 2 years
>
That assumes that the small co
Sounds like you forgot to restart spamd after your change.
---
This SF. Net email is sponsored by: GoToMyPC
GoToMyPC is the fast, easy and secure way to access your computer from
any Web browser or wireless device. Click here to Try it Free!
ht
> I don't know whether this is possible at SourceForge, but if
> it is, it might make sense to turn on these settings once in a while.
Would it be possible for SF to release the entire subscription list to
someone, say the list admin, who could then generate the "mailing run"
locally? That might
yet to see a spam message anywhere close to that
large so its a safe thing to do. Hope this helps.
Bill
---
This SF.Net email sponsored by: ApacheCon 2003,
16-19 November in Las Vegas. Learn firsthand the latest
developments in Apache, PHP
> Hi folks.
>
> I have exim4, exiscan and spamassassin 2.60
> It works great, but not always.
>
> Normaly SA does not report any errors, warings etc.
> I use debian version (testing).
>
> As I say it work ok, but when remote server send to me from
> mail-daemon
> (zmailer) (mail with HTML and a
I'll say. I have mine set at 4, which I have found (for my setup) is pretty
near perfect, even though it is lower than the default setting of 5.
William L. Polhemus, Jr. P.E.
Polhemus Engineering Company
Katy, Texas USA
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
I added this to my Sendmail configuration a couple of weeks back, and I have
been amazed at how much SPAM has been rejected as a result.
I prefer to have Sendmail reject it at the get-go, rather than have it come
all the way through to SA.
William L. Polhemus, Jr. P.E.
Polhemus Engineering Compan
> I want to block those selling [EMAIL PROTECTED]@, asian porn, and such
> un-wanted material, which represents about 50% of the traffic
> (pure guess). There will be some spam that will then be
> easaly downloaded by our customers and then filtered.
Again, I feel deleting ANY mail addressed to
> The intention is to disallow any adsl, dial-up or
> dynamic/static address on such lines to send any mail to this
> server. I will have a separated smtp server for my customers... ;)
Bad, bad, bad idea!!!
There are many many people running home networks in dynamic space who send
their mail th
This sounds like my earlier problem trying to sa-learn "large" mailboxes.
Others here commented that it "must be a hardware problem," but my box is
fairly new with very decent components (built from scratch by me but with
"good" MB and memory, etc.) and nothing else I do, including using X, gives
Simple solution
1.Spamassassins reads in the message
2. It then stores the original message in two variables
3. In the second variable remove all punctuation, spaces, special encoded
characters, foreign language characters, html including html comments, and
other methods used for obscufaction.
4.
On Thu, 2003-11-06 at 11:49, Evan Platt wrote:
> --On Wednesday, November 05, 2003 10:29 PM -0500 Bill Baker
> <[EMAIL PROTECTED]> wrote:
>
> > I received 3 identical spams from the same e-mail address that did not
> > get classified as spam. I tried to do a sa-
I received 3 identical spams from the same e-mail address that did not
get classified as spam. I tried to do a sa-learn --spam on the message,
and it said it learned from 1 message, but when I tried to filter the
message again, the Bayesian filter says that the spam probability is 0
to 1%. I even
I found a rule to check for white on white text to spot possible spam.
However, I am finding that spammers are not including the body color as
white since the email client background default color is white. Thanks.
How could you write the following rule to give the email a score if ,
was missing
lly out of your spam
filtering.
SA_OPTOUT_FILENAME="$HOME/.optout.spamassassin"
:0
* ? test ! -f $SA_OPTOUT_FILENAME
{
:0fw
* < 256000
| spamc
}
Bill Larson
Network Administrator
Compu-Net Enterprises
---
Definitely SPAM, and of a particularly nasty sort. Somehow someone is
snagging emails off the archive or some other way, and fabricating these
replies.
Bad business.
William L. Polhemus, Jr. P.E.
Polhemus Engineering Company
Katy, Texas USA
-Original Message-
From: [EMAIL PROTECTED]
[mai
I am running SA 2.60 installed from the RPMs on Red Hat 9,
on an AMD 2100+ based system with a half-gig of RAM.
This has now happened for the second time. Before when it
happened, about two weeks ago, I figured it was just a coincidence. Now, I’m
positive that it’s SA-LEARN that is the
>
> Do you really think it would be a problem if we found more
> than 3 instances of in each email to mark it as spam?
> Maybe I could just score it lower per instance, say .2
>
> There were 58 instances of in this email and 63
> instances of .
>
A test that counted .1 per instance in a me
It isn't SA you want, it's procmail. The formail tool in the procmail
package will do anything like this that you want.
William L. Polhemus, Jr. P.E.
Polhemus Engineering Company
Katy, Texas USA
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Gerhard
Hofm
am.
William L. Polhemus, Jr. P.E.
Polhemus Engineering Company
Katy, Texas USA
-Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Martin
Radford
Sent: Tuesday, October 28, 2003 2:23 PM
To: Bill Polhemus
Cc: [EMAIL PROTECTED]
Subject: Re: [SAtalk] Auto-Learn
At Tue
I use Sendmail with SA, but I do use procmail.
Do you not have access to the ability to install packages on your server?
Otherwise, you’re going to have to
use the Spamass milter, which means you’ve STILL got installation to do.
Without the ability to install stuff on
your server,
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Martin
Radford
Sent: Tuesday, October 28, 2003 2:23 PM
To: Bill Polhemus
Cc: [EMAIL PROTECTED]
Subject: Re: [SAtalk] Auto-Learn
"autolearn=no" indicates that this particular message was not learned
fr
How can I know for sure if Auto-Learn is functioning
correctly?
It does seem to be working for SOME messages but the headers
in many of them say:
X-Spam-Status: … autolearn=no
William L. Polhemus, Jr. P.E.
Polhemus Engineering Company
Katy, Texas USA
Yes. In fact, I have a .procmailrc file that uses the ${HOME} variable among
other "generics", and can be put in the HOME directory of any user. That way
the user can also add their own recipes if they like.
Oh, and I also have a /etc/procmail file that has some "site-wide" recipes
(it adds stuff
IIRC, it should be
Sa-learn --spam --mbox kill
William L. Polhemus, Jr. P.E.
Polhemus Engineering Company
Katy, Texas USA
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Joseph
P. Wetstein
Sent: Thursday, October 23, 2003 7:56 AM
To: [EMAIL PROTECTED]
> i use postfix with sa and procmail to delivier the mails
> local to the outlook 2000 clients. my problem now is: how can
> i report a false negative from an outlook client to sa? in
> the faq i've seen the the posibility to forward the message with
>
> > (double-click to open the mail in its
#9 Donghuan Plaza, Dong Zhong Street
address: East District, Beijing, China (100027)
country: CN
phone:+86-10-6418-5885
fax-no: +86-10-64182174
e-mail: [EMAIL PROTECTED]
nic-hdl: JM97-AP
mnt-by: MAINT-CNNIC-AP
changed: [EMAIL PROTECTED] 20020819
sour
Let me guess: You're hiring hit men to track down and eliminate, not just
the Spam, but the Spammers themselves!
Then, you're going to invest in genetic research that will find the "Spammer
gene" and provide an inoculation for all the children in the world, to
eradicate any possibility that they w
I do it using a procmail recipe, such as:
=BEGIN PROCMAIL RECIPE==
:0
* ^X-Spam-Status: Yes
{
# Mails with a score of 15 or higher are almost certainly spam (with 0.05%
# false positives according to rules/STATISTICS.txt). Let's delete them
# completely.
:0:
* ^X-Spam-Level
Yes.
William L. Polhemus, Jr. P.E.
Polhemus Engineering Company
Katy, Texas USA
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thomas
Kinghorn
Sent: Tuesday, October 21, 2003 6:50 AM
To: Spamassassin-Talk (E-mail)
Subject: [SAtalk] custom rules >> local.
I cannot speak as an expert on this score, but my understanding is that a
"combination" of such Bayesian databases would likely do more harm than good
because the residual spam corpus that would get through the general SA
filtering would be very specific to the recipient.
That is, combining databa
the obvious fact is that I have no idea how to do it.
:)
You don't say what version of SA you are running, but if it's 2.60, sorbs is
already defined as a SA DNSBL test. See:
/usr/share/spamassassin/20_dnsbl_tests.cf
Bill
--
ick
Morris
Sent: Saturday, October 18, 2003 3:18 PM
To: Bill Polhemus
Cc: [EMAIL PROTECTED]
Subject: Re: [SAtalk] "Insecure dependency in sysopen"
Bill Polhemus wrote:
> I realize this is a Perl problem, but can anyone help me diagnose
> this? I know next to NOTHING about Per
I realize this is a Perl problem, but can anyone help me
diagnose this? I know next to NOTHING about Perl.
The following is an error message I get when attempting to run
SA from an email alias under Sendmail:
- Transcript of session follows -
Insecure dependency in sy
. Polhemus, Jr.
P.E.
Polhemus Engineering Company
Katy, Texas USA
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Bill Polhemus
Sent: Friday, October
17, 2003 6:26 PM
To:
[EMAIL PROTECTED]
Subject: [SAtalk] HELP: Can't
Invoke SA From Sendmail
I have wanted to set up a “spam trap” for some
time. First, I created an account, called “spamtest,” on my system.
Then, I went to Usenet and posted a ton of “test” messages to every
newsgroup I could think of (mostly the pr0n ones) where the address would be
harvested, and tried using the
This one got through. Can we figure out how and why?
Notice purposeful misspellings as obfuscations.
William L. Polhemus, Jr. P.E.
Polhemus Engineering Company
Katy, Texas USA
-Begin Included Message-
16121g11n4m06a8a53594548b10126vx
291uqs7rz3xo63jl8w5ie14f3q3c3770The stoicism which
she
I always use the SRPMs when they are available.
However, I have never attempted to build SRPMS myself. Is this difficult to
do?
William L. Polhemus, Jr. P.E.
Polhemus Engineering Company
Katy, Texas USA
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dav
Well, a follow-up:
I figgered out that I probably had to “remake”
and “remake install”, etc.
Which I then proceeded to do, and then *BOOM!* I get a “compile error”
on Razor2.
Bear in mind that I had no problem
installing it before. Further bear in mind that I even erased the who
Okay, so I applied the patch as shown at:
http://spamassassin.taint.org/faq/index.cgi?req=show&file=faq02.006.htp
But I get the following message, STILL:
razor2 check skipped: No such file or directory Insecure
dependency in open while running with -T switch at
/usr/lib/perl5/s
] SA-LEARN
(SA 2.60) "Segmentation Fault"
-->
Maybe you can
make the spam corpus available on a web page so other people can test if it segfaults
on their machine too ?
JS
-Message
d'origine-
De :
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] De la part de Bill Po
Running SA 2.60, I am seeing the following in my procmail
logs:
razor2 check skipped: No such file or directory Insecure
dependency in open
while running with -T switch at
/usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi/Razor2/Client/Config.pm
line 414, line 1.
Can any
I noticed that if I try to feed SA-LEARN a mailbox full of
SPAM, it now “craps out” claiming “segmentation fault.”
Anyone have any ideas?
William L. Polhemus, Jr. P.E.
Polhemus Engineering Company
Katy, Texas USA
<>
I think this thing about RH "dropping" their boxed sets is really, really
overblown. They will continue to make updates available, and they will
release new distributions. You just won't be buying them in stores.
William L. Polhemus, Jr. P.E.
Polhemus Engineering Company
Katy, Texas USA
-Orig
I implemented some of the rules others have posted on this
list regarding “obfuscating text”. Now that I am running SA 2.60, I
note that I’m getting the following error message.
Failed to compile body SpamAssassin tests, skipping:
(Bareword "i" not allowed while
"strict subs" i
I am no rule coder, so I was wondering if anyone has a rule to catch
spammers that hide their url in their email. Here is an example of what it
getting through my spam filters:
href="http://wewillneed.com/c/
05;ron.html?farrow=elrlnm"
It looks to me that a rule that find's http://, &, and number
Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Keith C.
Ivey
Sent: Monday, October 13, 2003 9:27 PM
To: [EMAIL PROTECTED]
Subject: Re: [SAtalk] More HTML Obfuscation: This One Made It Through
Bill Polhemus <[EMAIL PROTECTED]> wrote:
> They use the
> spu
I really would prefer to implement something as complex as SA through the
RPMs on my Red Hat 9 system. So far, they are only up to SA 2.55. That has
worked fine up until recently, when the HTML obfuscation has begun cropping
up. Perhaps 2.60 can fix that.
Any idea when those will be available?
Wi
Here's another one from a batch of several that have gotten through SA 2.55
over the last several days. They use the spurious HTML tags to break up the
text and get it through the Bayesian filter.
I'm running these through every time I get one--and luckily, there've only
been about one or two per
> Kinda makes you wonder where the world is heading when more
> email is junk than legitimate :/
>
I see the email world heading towards secure email. A world where you cannot
send an email until/unless your mailer software has a key installed that
validates all mail leaving your site. If you re
On Friday, October 10, 2003, at 07:30 PM, Matt Kettler wrote:
At 05:03 PM 10/10/03 -0700, Bill Shupp wrote:
How do I setup SpamAssassin to query only bl.spamcop.net, and set a
very high score for that? I'm using spamd with vpopmail support.
Go to /usr/share/spamassassin. look th
Hello,
How do I setup SpamAssassin to query only bl.spamcop.net, and set a
very high score for that? I'm using spamd with vpopmail support.
Thanks,
Bill Shupp
---
This SF.net email is sponsored by: SF.net Giveback Program.
SourceForg
-- Message Text -
Here's one that I got today, that slipped through (the first in over a
week). Not sure why SA 2.55 didn't get it:
-- Forwarded message --
Date: Fri, 10 Oct 2003 11:23:22 -0400
From: Thomas <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: )US D-oct
1 - 100 of 187 matches
Mail list logo
