The fact that Habeas are very litigious when it comes to protecting
their haiku doesn't alter the fact that is it intrinsically a very
abusable system. We're not talking about some trusted cryptographic
algorithm spoofed in an email header, the mark is a series of
easy-to-forge text which any spam
In my experience users find it a lot easier to create rules that catch
"*SPAM*" than "X-Spam-Header", etc. It's certainly a lot easier
from a Tech Support perspective explaining it on the phone. :)
The funny thing about that article is that he claims his "private email"
was altered, when
Realistically I think it is impossible to stop spam for good. The only
actual practical way of achieving this would be to somehow inhibit
(either technologically - removing Internet access, or via the
old-fashioned method - execution) spammers ability to .. well, spam.
SA, although brilliant, fac
I'm Linux SysAdmin at the company I work for, I always install
everything from source.
A colleague, a Windows SysAdmin, installs everything on his Linux boxes
from RPMs.
What does that tell you? :)
Although I like the concept behind RPMs, and they work well for vanilla
installations (like SA oddl
Hi,
Having upgraded to 2.60 I've noticed that every mail that passes the SA
threshold (5.0 on my setup) always has BAYES_99...
5.4 BAYES_99 BODY: Bayesian spam probability is 99 to
100%
[score: 1.]
..in the report. Prior to the upgrade I had a var
This was answered earlier on today by Daniel Quinlan. The long and
short of it is, RTFM. :)
(Read the README file, in particular the reference to Razor2.patch)
Daz
> -Original Message-
> From: Ben Goodwin [mailto:[EMAIL PROTECTED]
> Sent: 23 September 2003 13:16
> To: [EMAIL PROTECTED
Hi,
I've just upgraded my version of SpamAssassin (2.54) to the latest
version 2.60. Having feintly recalled some discussion on the list or
elsewhere about having to rebuild the Bayes database after this upgrade
I decided to make a backup of my existing Bayes files.
Upon restarting SpamAssassi
You sound like you're having to hold back on the flames Jim :)
Daz
> -Original Message-
> From: Jim [mailto:[EMAIL PROTECTED]
> Sent: 15 September 2003 14:23
> To: Spam Assassin
> Subject: Re: [SAtalk] X_OSIRU_OPEN_RELAY - Turn off check?
>
>
> On Mon, Sep 15, 2003 at 09:48:14AM +0100
> On Fri, Sep 05, 2003 at 01:25:38PM +0100, Darren Coleman wrote:
> > What's exactly the problem with Osirusoft at the moment
> then? Have they
> > actually "blacklisted the entire Internet" (accidentally?)
> or is that
> > just an overexaggeration?
>
What's exactly the problem with Osirusoft at the moment then? Have they
actually "blacklisted the entire Internet" (accidentally?) or is that
just an overexaggeration?
Should I be zero'ing all of their tests?
Daz
> -Original Message-
> From: Tom Meunier [mailto:[EMAIL PROTECTED]
> Sen
Hi,
The email has the phrase "erectile dysfunction", which also matches the
IMPOTENCE rule.
> 20_phrases.cf:body IMPOTENCE /\b(?:impotence
(?:problem|cure|solution)|Premature
> Ejaculation|erectile dysfunction)/i
Daz
> -Original Message-
> From: [EMAIL PROTECTED]
> [
It would be nice, although ultimately unworkable I guess, if SA could be
engineered to ignore anything which isn't humanly-visible in an email.
i.e. when spammers insert fake PGP signatures in tags to lower their score - SA should ignore it.
The problem with this, I guess, is that not only would
Agreed.
At the end of the day, as others have mentioned, these people should be given the
choice - they either put up with a word "PENIS" which is neither a swear word or a
vulgarity (how can anyone be offended by it is beyond me) or they don't get their
email filtered by SpamAssassin - simple.
I wrote a small quasi-solution to this a while back, a rule which
detected 1 pixel "invisible" images. Because generally speaking
spammers tend to use invisible 1 pixel images for tracking purposes (but
they dont want it to be visible on the email to dilute the spam) it
seems to cover most instanc
Hi,
The somewhat ironic (and deliciously comedic) fact about the hyperlink
that you posted was that it wrapped around in my Outlook window, with
the "be" of "unsubscribe" being cut off the end of the hyperlink, so
even that link wouldn't work :)
Daz
> -Original Message-
> From: Tom Meun
Dianne,
You need to speak to your email provider –
your ISP or hosting provider – they are the ones who are filtering your
email using the SpamAssassin software. No one on this mailing list has any
direct authority, influence or control over your email and how it is handled.
Kind
The one thing I don’t understand
about emails like these, is that if the person is intelligent enough to find
the mailinglist address to email – how is it that they don’t
realise that SA isn’t an all-encompassing filter for the Worlds email?
Daz
-Original Message-
From
Title: Message
The
"one pixel image tracker" rule that I posted some time ago would've caught this
as well.
Daz
-Original Message-From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: 27
May 2003 15:16To: [EMAIL PROTECTED]Cc:
[EMAIL PROTECTED]Subject: Re: [SAtalk]
Hi,
I received two identical emails to two different email addresses in the
space of a few minutes that are both covered by a single instance of
SpamAssassin, and one of them was deemed to be spam, and the other not.
This in it of itself wouldn't be a massive issue were it not for the fact
that th
On that note, is there a de facto way for uninstalling old versions of
SpamAssassin? I have been using "make uninstall" in the old version
directory but it reports this method as depreciated.
Daz
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:spamassassin-talk-admin@;lists.sour
Very good point made there :)
I would assume that an RBL score would have to be arbitrary, based on
general reports of false positives etc. I can't really see how it can be
GA derived since, as you say, it would depend entirely on whatever IPs
happened to be in the database when the test was run
Hi,
Having received several complaints from customers this morning I was shocked
to discover that several of our mail servers are blacklisted on
relays.osirusoft.com and spews.relays.osirusoft.com. Further investigation
showed that not only is our entire block of IPs (20 or so Class Cs) listed,
Good thinking :)
Dunno how I missed that.
Daz
> -Original Message-
> From: Tony L. Svanstrom [mailto:[EMAIL PROTECTED]]
> Sent: 10 July 2002 17:20
> To: Darren Coleman
> Cc: Ryan Cleary; [EMAIL PROTECTED]; David B.
> Bitton
> Subject: RE: [SAtalk] Disable Porn F
This is such a special case that it would probably be the wrong thing to
do to insert additional rules into the public distribution of SA just to
take account of this. Easiest solution is just to zero the rules or, if
this isn't acceptable, write your own regexps to handle the cases you've
mentio
Hi,
You could just set all the PORN_* scores to 0.0 in your relevant user
prefs. files.
Daz
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of David
> B. Bitton
> Sent: 10 July 2002 13:48
> To: [EMAIL PROTECTED]
> Subject: [SAtalk] Disable Porn Filte
Its supported in the latest CVS version, but not in the current stable
release - 2.31.
Presumably you can expect it to be supported in 2.40.
Daz
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Marko
> Asplund
> Sent: 04 July 2002 15:56
> To: [EMAIL
Ah, thanks for the clarification :) I will amend my RAZOR_CHECK score accordingly.
(And apologies for the HTML mail :( )
Daz
> -Original Message-
> From: Matt Sergeant [mailto:[EMAIL PROTECTED]]
> Sent: 26 June 2002 10:15
> To: Darren Coleman
> Cc: [EMAIL PROTECTED
Hi,
I found this faintly comical but nevertheless it does seem to be a bit of an anomoly.
Is it correct that Microsoft's Outlook test message is marked as spam in Razor? (I
happen to beef up the RAZOR_CHECK score more than SA default config because I was
under the assumption it was a fool-pro
I can second this.
Your message also received a score of 8.6 on my config (which is pretty
much standard).
Daz
> -Original Message-
> From: [EMAIL PROTECTED]
[mailto:spamassassin-
> [EMAIL PROTECTED]] On Behalf Of Derrick 'dman' Hudson
> Sent: 22 June 2002 05:11
> To: [EMAIL PROTECTED]
Matthew Cline
> Sent: 21 June 2002 00:10
> To: [EMAIL PROTECTED]
> Subject: Re: [SAtalk] New porn rule
>
> On Thursday 20 June 2002 07:28 am, Darren Coleman wrote:
> > body PORN_15
> > /\b(?:horse?s|snake?s|eel?s|dog(?:gy)?s)[ -]?fuck(?:ing)|cum[ -
> ]?shot?
In most cases these EXEs are caught by virus scanners under the "Trojan"
category.
Daz
> -Original Message-
> From: [EMAIL PROTECTED]
[mailto:spamassassin-
> [EMAIL PROTECTED]] On Behalf Of Richie Laager
> Sent: 04 May 2002 14:00
> To: Daniel Pittman
> Cc: [EMAIL PROTECTED]
> Subject: Re
possesses a digital id and uses it when
sending an email, that should surely be worth some kind of negative
value even if it isn't much.
Daz
> -Original Message-
> From: dman [mailto:[EMAIL PROTECTED]]
> Sent: 03 May 2002 01:53
> To: Darren Coleman
> Subject: Re: [SAtalk]
I would've presumed that SpamAssassin would give a score (presumably
negative) for MIME attachments, in particular digitally signed messages.
I can't imagine many spammers going to the trouble of digitally signing
email.. :)
Daz
___
H
subscribe
smime.p7s
Description: application/pkcs7-signature
subscribe
smime.p7s
Description: application/pkcs7-signature
35 matches
Mail list logo
