On Wed, 21 Jan 2004, Matt Kettler wrote:
> At 10:41 PM 1/20/04 -0600, C. Bensend wrote:
> >Is the problem that I'm _forwarding_ the tagged emails from one host
> >to the other? I don't have the capability to bounce, I can only forward.
>
> A forwarded message is a brand new message. That bran
On Mon, 26 Jan 2004, Paul Diaguila wrote:
> No Bayes db yet, but I would think the one rule would score it a 5
>
> Paul
>
> Covington, Chris wrote:
>
> >Your Bayes must be hosed if what you think is spam gets BAYES_00.
> >
> >Chris
[snip..]
> >Greetings
> >
> >Using SA Ver. 2.63 with Mimedefan
On Fri, 23 Jan 2004, Smart,Dan wrote:
> Humm
>
> This command works every time from command line, but not passed as a param
> from SA_RESTART.
> "postfix stop ; sleep 15 ; /etc/init.d/spamassassin restart ; postfix start"
>
> It runs the postfix stop and then quits. Any idea why? I can creat
> |-Original Message-
> |From: Evan Platt [mailto:[EMAIL PROTECTED]
> |Sent: Wednesday, January 21, 2004 15:03
> |To: SpamAssassin
> |Subject: Re: [SAtalk] How to stop this kind of stuff?
Real easy, this is a predictable spamhaus, "Empire Towers"
Go check the records on this outfit at http
On Wed, 21 Jan 2004 [EMAIL PROTECTED] wrote:
> I want to be able to take an email message that may contain MIME and HTML
> and to strip it down to basically nothing but text. (I know that
> SpamAssassin already does this in large part so that it can analyze the
> message properly.) So I'm not actu
On Fri, 23 Jan 2004, Thomas Kinghorn wrote:
> Below are the headers & I have attached the mail.
>
> These are getting worse.
>
> To top it off, SA learned it as HAM.
>
> If anyone knows of any rules that could work on these mails, It would be
> greatly appreciated.
>
> Thanks All.
> Regards
> Tom
On Thu, 22 Jan 2004, Peter McGarvey wrote:
> Greetings all,
>
> I have a mailserver which handles all my incomming and outgoing mail.
>
> Outgoing mail (stuff I send) is passed to the server via ASMTP.
> Incomming mail (stuff sent to me) comes in via SMTP. There is
> absolutely no way my server w
On Wed, 21 Jan 2004, Justin Mason wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>
> Will McCutcheon writes:
> >I am running SpamAssassin 2.61 with Sendmail 8.12.8 using Procmail 3.22.
[snip..]
> >A's IP as being in an RBL of dynamic IP's, despite my setting in
> >/etc/mail/spamassassi
On Tue, 20 Jan 2004, Charles Gregory wrote:
> Right now, there would be no statistics, because the text obfu has just
> started. But as a side note, we don't have the disk space to run Bayes for
> all our users though I'm getting awfully tempted to talk the boss into
> an extra disk or two. So
On Tue, 20 Jan 2004, Sean McCrohan wrote:
[snip..]
> The problem is that the moderation request the list sends to me gets
> wrapped in MIME, and SA (as currently installed) doesn't do a very good
> job of analyzing it, in part because there's a set of instructions stuck
> on the front that are the
On Tue, 20 Jan 2004, Terry Shows wrote:
> Maybe it is good for -16, but in every case I looked at that passed thought
> with habeas set, none of them set the violator, and every single one was
> flagrantly spam.
[snip..]
>
> The way it is now, it is just another header that can be added by a spamm
> --On Friday, January 16, 2004 12:13:21 -0600 Carl Chipman
> <[EMAIL PROTECTED]> wrote:
>
> > For the new people on the list, I was wondering what the following
> > acronyms mean:
> >
> > LART
> Luser Attitiude Readjustment Tool
> Reporting the offending user to <[EMAIL PROTECTED]>
> > UBE/UCE
> U
On Fri, 16 Jan 2004, Ross Vandegrift wrote:
> On Thu, Jan 15, 2004 at 02:20:16AM -0600, David B Funk wrote:
> > If you SMTP reject the spam, it never hits your queue, so no problem
> > with the garbage piling up and no bombarding poor innocent 'joe-job'
> > victims.
On Wed, 14 Jan 2004, Jonathan Nichols wrote:
> Did the CAN-SPAM act really take away a citizen's right to sue spammers?
> I'd like to write to this marketing company and have them provide me
> with absolute proof that I signed up for *anything* at all. (they won't
> be able to) I think the whole "
On 15 Jan 2004, Rocky Olsen wrote:
> I too would greatly appreciate any information - as we have 9 boxes
> doing Spam scanning. Anyone tried this?
>
>
> On Thu, 2004-01-15 at 13:31, Mike Jackson wrote:
> > If you have multiple SA filtering boxes, is it safe to NFS-mount a partition
> > with a syst
On Wed, 14 Jan 2004, Christopher Tarricone wrote:
> The permissions on my bayes_journal and bayes_toks files keep changing. Has
> anyone else encoutered this problem?
[snip..]
> I look in /usr/share/spamassassin/db/ and behold! The permissions are:
>
> [EMAIL PROTECTED] db]# ll
> total 23012
> -rw
On Wed, 14 Jan 2004, Matt Kettler wrote:
> At 09:56 AM 1/15/04 +0545, Pankaj wrote:
> >I feel I am being a bit misunderstood. I simply need to configure my MX to
> >have SpamAssassin running.I do not need any antivirus .
> >How do I do it ? Running RedHat Linux 8.1 and Sendmail 8.12.10 in it.
>
[s
On Tue, 13 Jan 2004, Rich Puhek wrote:
[snip..]
> Be patient. Use additional rules/tools to catch the latest spammers
> (clue: most come from spam zombie processes). Report the Habeas
> violators (more $$$ out of the spammers pockets!). Let's keep the Habeas
> marks as a tempting target for the sp
On Tue, 13 Jan 2004, Justin Mason wrote:
> David B Funk writes:
> >
> >I can see two different ways to handle this, either make SA more
> >flexible and decode the bastardized QP so normal rules will hit
> >or write a rule that hits such bastardized QP coding as a spam
On Mon, 12 Jan 2004, Larry Starr wrote:
> Just noticed a message with an encoded URL, that misses, the "BIZ_TLD" rule,
> etc.
>
> The message body contains:
> http://gf=2eclearmath=2ebiz/jsimp/index=2ehtml";> face=3d"arial">scored this way=2e
> http://K=2eclearmath=2ebiz/images/js02=2ejpg"; bord
On Tue, 13 Jan 2004, Mail Monitor wrote:
> Hi,
>
> We have installed SA 2.6 on linux RH 9.0 on a mail
> gateway. The total mail transaction/day through this
> server is 75,000 and spam mails caught by SA is around
> 10-15%. But spam mails are still getting through, we
> have not implemented razor,
On Tue, 13 Jan 2004, Mitch (WebCob) wrote:
> I thought there was a patch that added the score to the headers... then you
> didn't have to go looking - has anyone seen it lately?
>
> m/
Depending upon how you have SA integrated into your mail system,
it may only require a change to your 'local.cf'
On Mon, 12 Jan 2004, Mike Carlson wrote:
> Right now I am using spamass-milter to send all the email into spamassassin
> but I would like to implement a deletion process where the email gets deleted
> if it gets certain score. As it stands I cannot do that right now with my
> setup.
Read the docu
On Fri, 9 Jan 2004, Steve Thomas wrote:
> Yay. Yet another a-hole blatantly disregarding the various WHOIS directorys' terms
> of use and raping it for marketing purposes. Gee, I can't wait to get three more
> copies of the same spam for every domain I own...
Awww, Gee, I thought that he was be
On Fri, 9 Jan 2004, David B Funk wrote:
> Oh Joy, another abusable URI redirector. Saw this in a
> recent spam:
>
> http://www.google.com/url?q=http://cardtraffic.com
>
> Proposed rule:
>
> uri L_URI_REDIR3/http:\/\/www\.google\.com\/url?q=http:/i
> descr
Oh Joy, another abusable URI redirector. Saw this in a
recent spam:
http://www.google.com/url?q=http://cardtraffic.com
Proposed rule:
uri L_URI_REDIR3/http:\/\/www\.google\.com\/url?q=http:/i
describe L_URI_REDIR3 open URI redirector #3
score L_URI_REDIR3 1.5
Dave
--
Dave Fun
On Thu, 8 Jan 2004, Douglas Kirkland wrote:
> On Thursday 08 January 2004 09:32, Ceva wrote:
> > hi everybody,
> > does sendmail and spamassassin must be on the same machine, or they can be
> on diferent machines?
>
> They can be on different machines. You will have to call spamassassin with
> sp
On Wed, 7 Jan 2004 [EMAIL PROTECTED] wrote:
> This is a followup to my previous mail about a problem we are seeing at
> $DAYJOB and it is getting serious.
>
> After we upgraded to SA 2.61 as was suggested by this list we had a
> mail-machine crash again when spamd expanded beyond all available
> m
On Mon, 5 Jan 2004, SAtalk Mail User wrote:
> Hello all,
>
> I am needing some assistance in regards to the output below, I have added what
> I think should get parsed out of the bigevil.cf file in /etc/mail/spamassassin
> directory.
>
> Added for testing ---
> uri BigEvilList_193 /\b(?:hotmail)\.
On Mon, 5 Jan 2004, Ed Kasky wrote:
> At 08:56 AM Monday, 1/5/2004, Tom Meunier wrote -=>
>
> With bigevil.cf in /etc/mail/spamassassin, all I see that remotely relates
> to the file is the following:
>
> spamd[22495]: debug: using "/usr/share/spamassassin" for default rules dir
> spamd[22495]
On Sun, 4 Jan 2004, oj wrote:
> Hello,
>
> Recentry i have had problem with spam that consist of html and one image only.
> The image is fetched from different domains each time. The domains have one
> thing in common though. They are all registered by the same registry:
>Whois Server: whois.p
On Mon, 29 Dec 2003, Chris Santerre wrote:
> Anywho, I have been checking lots of these against RBLs and many show up in
> sorbes and such. Spam didn't come from these places, only images hosted
> there. I was wondering if possibly in the future, SA could check the URI
> links against RBLs? They a
On Mon, 29 Dec 2003, Peter Kiem wrote:
> Hi David,
>
> > So you either need to change your rule to match the header from address or
> > code it to look for the envelope from address.
>
> What is the rule for matching envelope from address?
That is mail system dependent, as there is no standard re
On Mon, 29 Dec 2003, Peter Kiem wrote:
> >> Preferably not as if someone does forge it, then the mail goes straight
> >> through...
> >
> > Isn't that what whitelist_from_rcvd is for? man Mail::SpamAssassin::Conf
>
> The point is I *DON'T* want to whitelist. I wanted just to lower the SA
> score
On Mon, 29 Dec 2003, Peter Kiem wrote:
> Hi,
>
> I'm trying to add local rules to allow certain senders that always get
> caught by SA to lower their scores and give them a better chance of
> getting through.
>
> The rule I added was
> header LOCAL_GOOD_SENDER_11 From =~ /[EMAIL PROTECTED]/
> scor
On Tue, 23 Dec 2003, Greg Webster wrote:
> We're getting a TON of these, all of similar format.
>
>
> href="http://www.mdv678.com?rid=1098";> src="http://www.whosout.com/c2.gif"; border=0>
>
>
> The '2rdxveiyf7a8' and 'srz4f4qaLBUw' some random string of characters
> in the same place all the t
On Sat, 20 Dec 2003, Gary Smith wrote:
> So we implemented SA some time ago because our clients were getting too much spam.
> Lately we have found that several html marked up emails have been getting marked as
> spam. These ones are clearly fp's.
>
> Some of the domains include Morningstar.com
On Thu, 18 Dec 2003, mairhtin wrote:
> I am getting a new flood of spam that appears not to be even selling anything, but
> merely trying to get through the filters.
> Could they be trying to "learn" from this? I don't see how, but someone suggested
> as much.
>
> Here's a copy of the spam mail
On Fri, 12 Dec 2003, J. S. Greenfield wrote:
> I've been experimenting with configuration of spamassassin for sitewide
> use (in particular, using spamassassin 2.60 with sa-exim 3.1 and exim
> 4.30, under Solaris 8), and for the life of me, I can't seem to get
> bayesian classification and autolea
On Wed, 10 Dec 2003, AthlonRob wrote:
> > Just for S&G, try doing a 'sa-learn --dump magic' and see if it
> > likes what it sees. If you cannot even --dump magic then it's
> > truly corrupted, no repair, just delete and start fresh.
>
> I got some funky output:
>
> [EMAIL PROTECTED]:~/.spamassassi
On Wed, 10 Dec 2003, AthlonRob wrote:
> On Wed, 2003-12-10 at 19:50, Adam Denenberg wrote:
> > in the same directory as the bayes DB files.
>
> Unfortunately, there are no .lock files in that directory.
>
> [EMAIL PROTECTED]:~/.spamassassin$ sa-learn --rebuild -DD
> debug: Final PATH set to: /usr
On Wed, 10 Dec 2003, Matt Kettler wrote:
> At 02:08 PM 12/10/2003, Justin wrote:
> >So that's how check_rbl and check_rbl_sub work? I always wondered about
> >that. So what happens if an IP exists in two subzones at the same time?
>
> With SORBS, it's done by returning multiple results for a sin
On Wed, 10 Dec 2003, Gary Funck wrote:
> > It might be convenient to view each these transformations as
> > operating on the output of the previous. I think you were.
> > By doing so, it avoids replicating the description of the
> > previous phase.
>
> I meant to add the following sugested additio
On Wed, 10 Dec 2003, Ryan Lumsden wrote:
> Hi all.
>
> how do I get spamd to log to a diffrent file besides messages and mail.log.
>
> I am up2date with sa and I am running debian woody, any body have any ideas.
>
> Thanks in advance.
>
> Ryan
Yes, look at the man pages for syslogd and spamd. Not
On Tue, 9 Dec 2003, Thomas Shoaf (PromoStep) wrote:
>
> The answer to your question, Gary... We are an incentives marketing firm
> with an affiliate element. Our members can send virtual promotions from
> their account to friends, family, colleagues, etc; however, some email
> services such as Ho
On Tue, 9 Dec 2003, Thomas Shoaf (PromoStep) wrote:
> As for correcting the items listed in my original post, I am looking for an
> example of the correct content that should be included in the content of the
> HTML message relating to such items appearing in the Content Analysis when
> checked th
On Tue, 9 Dec 2003, Jack Gostl wrote:
> I sent you the error message, I'm pretty sure there was no user associated
> with it. There were tens of thousands of those errors in the log. I'm not
> sure how to pinpoint the culprit. I guess I'll have to go to each user and
> rebuild their database.
Ye
On Mon, 8 Dec 2003, Jack Gostl wrote:
> > My bet is that your Bayes database got trashed.
>
> Possible, but which database? We have many users all with their own? Also,
> if its a trashed Bayes db, why does the message go away when I restart
> spamd?
Which ever database it was looking at when it
On Mon, 8 Dec 2003 [EMAIL PROTECTED] wrote:
> We've got SA 2.60 running on a Solaris 8 box with SunONE Messaging
> Server. It is doing spam scanning for all our users (~7000). In
> order to keep the system as speedy as possible, I've configured the
> bayes journal to sit on /tmp which is a memor
On Mon, 8 Dec 2003, Jack Gostl wrote:
>
> My logs are flooded with the following message:
>
> Dec 8 16:55:39 argos spamd[83414]: Use of uninitialized value in numeric
> eq (==) at /usr/local/lib/perl5/site_perl/5.6.1/Mail/SpamAssassin/BayesStore.pm
> line 1437.
>
> This is intermittent and starte
On 8 Dec 2003, Scott A Crosby wrote:
> On Mon, 08 Dec 2003 16:43:15 -0500, Matt Kettler <[EMAIL PROTECTED]> writes:
>
> > Or *, to catch more than one obfuscating character..
> >
> > ie: V...i..a.gr..a
> >
> > As I suggested in my email, there's lots of combinations that spammers
> > can do to avo
On Mon, 8 Dec 2003, Matt Kettler wrote:
> At 10:54 AM 12/8/2003, Christopher X. Candreva wrote:
>
> >I just opened a Bugzilla report for this:
> >
> >http://bugzilla.spamassassin.org/show_bug.cgi?id=2817
> >(SA 2.60, Solaris, perl 5.6.1)
>
> For the moment, I'd suggest a rule like this one that I
On Sat, 6 Dec 2003, Lukreme wrote:
> spamd[33762]: Cannot open bayes databases
> /home/user/.spamassassin/bayes_* R/O: tie failed: Permission denied
> spamd[33762]: processing message
> <[EMAIL PROTECTED]> for kremels:5003.
> spamd[33762]: clean message (0.8/5.0) for user:5003 in 0.2 seconds,
> 55
On Thu, 4 Dec 2003, Kenneth Porter wrote:
> I'm getting a bunch of these. Are these just intended to poison Bayes DB's?
> What's the sender's objective?
>
> Forwarded Message
> Return-Path: <[EMAIL PROTECTED]>
> Received: from 212.199.108.10.forward.012.net.il
> (212.199.
On Thu, 4 Dec 2003, Scott Harris wrote:
> Because I don't have sourceforge whitelisted, 6 of the last 20 messages to
> the list were labeled as spam.
>
> Rules that hit were:
>
> 3.0 BigEvilList_70 BODY: Generated BigEvilList_70
> 3.0 BigEvilList_150BODY: Generated BigEvilList_15
On Thu, 4 Dec 2003, Pete Henshall wrote:
> Hi dan, list,
>
> > I think it's simply a function of load. The first system gets the bulk of
> the mail thoughput. You can see that the > erratic loads
> > tail off over the weekend. It's wierd. I have tried disabling RBL, bayes
> and even removing al
On Thu, 4 Dec 2003, Cheryl L. Southard wrote:
> Hi All,
>
> I've got two spamd processes that just wont go away. They've been
> running for well over 11 hours and are taking up 100% of my cpu.
> I've run "truss " but it doesn't report anything. The same
> user, coincidentally, is the recipient o
On Wed, 3 Dec 2003, Fred I-IS.COM wrote:
> Just a minor correction,
>
> try this:
>
> header__BLOCKTOFFICEOUTTo =~ /[EMAIL PROTECTED]/i
> header__BLOCKFOFFICEOUTFrom =~ /[EMAIL PROTECTED]/i
> metaBLOCK_MY_OFFICE(__BLOCKTOFFICEOUT && !__BLOCKFOFFICEOUT)
> describeBLOCK
On Thu, 4 Dec 2003, Matt Kettler wrote:
> header RCVD_IN_MY_BNBLeval:check_rbl ('blue','bl.blueshore.net.')
> describe RCVD_IN_MY_BNBL Listed by bl.blueshore.net
> tflags RCVD_IN_MY_BNBLnet
> score RCVD_IN_MY_BNBL 5.0
>
> Technicaly I don't think the tf
On Thu, 4 Dec 2003, Richard Bewley wrote:
> Hi,
>
> Now, I have the following:
> header RCVD_IN_MY_BNBLeval:check_rbl('bl', 'bl.blueshore.net.',
> '2')
> describe RCVD_IN_MY_BNBL Listed by bl.blueshore.net
> tflags RCVD_IN_MY_BNBLnet
> score RCVD_IN_MY_BNBL
On Tue, 2 Dec 2003, Chris Santerre wrote:
> BIG HUGE NEWS
>
> A major breakthrough has taken place
>
> ALL EVILRULES FILES HAVE BEEN COMBINED!! 2622 domains into 178 rules!!!
> Ramdon/tracking hosts tags removed!
>
> They only increase spamd memory by 1 meg!!! 1 meg!
>
> You read corre
On Tue, 2 Dec 2003, Robert Menschel wrote:
> headerRM_hx_from exists:From
> describe RM_hx_from From header found
> score RM_hx_from 0.001
> meta RM_hn_from !RM_hx_from
> describe RM_hn_from From header not found
> score RM_hn_from 1.00
>
> The first rule tests for the exi
On Thu, 27 Nov 2003, Martin Lyberg wrote:
> Hi,
>
> I want to whitelist the SA mailinglist. Is this the right way to do it:
>
> whitelist_from_rcvd [EMAIL PROTECTED] sourceforge.net
>
> Thanks in advance
>
> / Martin
Almost,
whitelist_from_rcvd [EMAIL PROTECTED] sourceforge.net
will work PROV
On Wed, 26 Nov 2003, Matt Kettler wrote:
> At 11:10 PM 11/26/03 +, Alan Munday wrote:
> >If I lint with this in the SaUriCustomRules
> >
> >uri MY_YAHOO_BOUNCED /http:\/\/srd\.yahoo\.com\/drst\/.*\*
> >http:\/\/
> >describe MY_YAHOO_BOUNCED Trying to hide real URL through Yahoo re
On Wed, 26 Nov 2003, German Staltari wrote:
> On Wed, 26 Nov 2003 14:30:02 -0500, JC <[EMAIL PROTECTED]> wrote:
>
> > I'm going to guess that you are running spamassassin as an unprivliged
> > user... Based on that, I would like to suggest that you run spamd and
> > spamc
> > on a port higher than
On Wed, 26 Nov 2003, alan premselaar wrote:
> I've recently noticed something I think is a little strange but I'd
> like to confirm it with the list.
>
> My bayes database seems excessively large at 967M:
>
> -rw-rw-rw-1 defang defang61k Nov 26 16:34 bayes_journal
> -rw-rw-rw-1 d
On Tue, 25 Nov 2003, Yevgeniy Miretskiy wrote:
> Hello,
>
> sa-learn stopped learning messages. Debugging shows that it can
> successfully tie Bayes db, extracts tokens, etc, but never actually
> writes data to the database.
>
> I had a db corruption issue some time ago, so, this could very
> wel
On Tue, 25 Nov 2003, Nick Tong wrote:
> If so is this possible on a windows platform?
>
> Nick Tong
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Nick
> Tong
> Sent: 25 November 2003 17:12
> To: [EMAIL PROTECTED]
> Subject: [SAtalk] SpamScore che
On Tue, 25 Nov 2003, Robert Menschel wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hello Aaron,
>
> Tuesday, November 25, 2003, 8:58:58 AM, you wrote:
>
> AY> ... Recently I started getting a lot of false positives with SA 2.60.
> AY> I noticed that all my mail was getting a bayesi
On Tue, 25 Nov 2003, Brian Knittel wrote:
> Hi,
>
> Is there a way to inhibit auto-learning when any specific rule
> is matched? I noted that the auto-whitelist filters inhibit auto-
> learning, but can this be extended to arbitrary other rules?
>
> I'm my network's postmaster and I get nondeliver
On Mon, 24 Nov 2003, Chris Cook wrote:
> Hello,
> We are currently using Spamassassin + sendmail + spamass-milter to tag
> our mail, but we would like to not have outgoing mail scanned. lda and
> outgoing mail are on the same box. I have tried to just use
> spamassassin+procmail but the lo
On Fri, 21 Nov 2003, Gorm Jensen wrote:
> I run sa-learn as root using SA 2.55 and 2.6 on two redhat systems.
> Both systems run spamd and call spamc from procmail with -u user1 (or
> user2). Because there are only two users, each system has a common
> bayes database with file access permitted to
On Fri, 21 Nov 2003, Dan Tappin wrote:
> I have recently installed SA 2.60 from the source code on OS X along side Tenon's
> Post.Office mail server. This was a manual
> upgrade from the Tenon supplied SA 2.55 release to be used with their supplied SA
> 'plug-in'. All is well and e-mail is bei
> From: Gorm Jensen [mailto:[EMAIL PROTECTED]
> Sent: Friday, November 21, 2003 12:04 PM
>
> I run sa-learn as root using SA 2.55 and 2.6 on two redhat systems.
> Both systems run spamd and call spamc from procmail with -u user1 (or
> user2). Because there are only two users, each system has a com
On Thu, 20 Nov 2003, Carlos Jorge Santos wrote:
> Thanks a lot for your answer.
>
> The problem now is that SpamAssassin (spamc to be more precise) is
> called by Qmail-Scanner, which in turn adds this headers to emails:
>
> Received: from [EMAIL PROTECTED] by mail.host-services.com by
> uid 101 w
On Thu, 20 Nov 2003, Josh Dayberry wrote:
> I would appreciate any help that can be offered to me. I was using spamd and spamc,
> and everything was working fine. For some reason I upgraded spamassassin to the
> newest version and now spamd and spamc won't run the dcc and pyzor tests. If I us
On Wed, 19 Nov 2003, Robert Davidson wrote:
>
> Hi everyone,
>
> I set up a SpamAssassin system for a company but they alerted me to a
> problem today.
>
> They have content filtering rules to stop people from abusing their
> employees. Basically any e-mails with naughty words are given 50 points
On Wed, 19 Nov 2003, Marc Steuer wrote:
> Hi list members,
>
> I want to score messages from [SAtalk] with a negative score so examples
> posted to the list won't be tagged as spam. This is my first venture into
> regex and I've tried:
>
> header MY_SATALK Subject =~ /\[SAtal
On Wed, 19 Nov 2003, Bryan Hoover wrote:
> The reason I mention it - aside from being pleased - is to point out
> that it appears the problem was either the old spambouncer headers, or
> forgetting, wasn't (the latter being what I started out suspecting,
> until I discovered the spambouncer header
On Wed, 19 Nov 2003, Chris Santerre wrote:
> LOL, the only reason I recognise the name Larry Wall is because of Theo's
> sigs! :)
> I guess I need to go but that book and help support the man.
>
> --Chris Santerre
Mumble Mumble, kids these days, no respect for their elders.
OK, mandatory homewor
On Wed, 19 Nov 2003, Chris Santerre wrote:
> Thanks, I got it now. I updated my evilrules last night, and they tested
> great overnight! I shall post them shortly. This should speed them up
> greatly for everyone! Would this help even more?
>
> /?:\bsomedomain\.com\b/i
>
> would the addition of th
On Tue, 18 Nov 2003, Øystein Halvorsen wrote:
> Our only MTA for externally received email is sendmail, which again
> forwards user emails to an internal exchange server. In fact, we have
> tried this out, and it works quite nicely (at least our local users are
> delighted). In order to make spa
On Tue, 18 Nov 2003, Charles Gregory wrote:
>
> Hello,
>
> Lately on several e-mails from the list, I've been seeing an error message
> in my Pine mail program that says:
> [Error: Formatting error: Non-hexadecimal character in QP encoding]
>
> More importantly, the message is *truncated* in the
On Tue, 18 Nov 2003, Chris Santerre wrote:
> > > uri WLS_URI_1 /^http:.*\b0-go.org\b/i
>
> Regex confusion on my part! '\b' is bounding, but I thought that meant bound
> by space??? wouldn't this above regex _NOT_ hit :
>
> http://stuff.0-go.org/stuff
>
> Isn't it looking for:
> http://stuff.
On Tue, 18 Nov 2003, William Stearns wrote:
> > anchoring with \b = fast
>
> OK, cool. As I'm doing full domains, I'll change:
> uri WLS_URI_1 /0-go.org/i
> to
> uri WLS_URI_1 /\b0-go.org\b/i
> in the next version.
Also escape that '.' so that it's taken as a litt
On Mon, 17 Nov 2003, Justin Mason wrote:
> BTW, given that a URI DB cannot use regular expressions, or patterns,
> would this really be useful?
>
> Basically with a DB you only gain efficiency when looking up exact
> strings. So for this to be useful against URIs, you'd have to pick out
> *just*
On Mon, 17 Nov 2003, Martin McWhorter wrote:
I am having a problem with whitelist_from_rcvd not working.
I have Spamassassin running on a redhat 9 box with sendmail 8.12.8 as
our companies gateway MTA. I have MIMEdefang running as well, but with
the Spamassassin portion of the defang.conf comment
On Mon, 17 Nov 2003, Eduardo Alfonso wrote:
> Hi
>
> I've been trying to configure SpamAssasin to check for the existence of the user on
> the local machine that is
> trying to send the message and I couldn't find how to do this.
>
> Is it possible ??
>
> Thanx
>
> I'm using sendmail MTA in a Re
On Sat, 15 Nov 2003, Carl R. Friend wrote:
>On Sat, 15 Nov 2003, David B Funk wrote:
> >
> > I've been thinking about that exact topic. The Bayes engine
> > already parses and tokenizes hostnames from URIs (the UD: tokens).
> > If there were a hash DB made wi
On Sat, 15 Nov 2003, Matthias Fuhrmann wrote:
>
> Hello,
>
> on my system i get many idling spamd childs, which wont die by itself.
> this happens from time to time, if machines load gets higher by other
> processes. eg. mimedefang kills its idling childs after a while; is this a
> possible future
On Thu, 13 Nov 2003, MIKE YRABEDRA wrote:
>
> I have found that spamd will not use razor on my system because of
> permissions. Is it safe to run spamd as root?
Mike,
spamd will not run as root, it is a security risk.
If you start it as root and you do not tell it who you want to run as
(IE leave
On Thu, 13 Nov 2003, MIKE YRABEDRA wrote:
> on 11/13/03 6:07 PM, Chip Paswater at [EMAIL PROTECTED] wrote:
>
> > Have you gotten razor working by itself?
>
> Yes, it works fine. I have just never been able to use it with spamd??
OK, next test spamassassin+razor.
When logged in as your 'spamd' us
On Thu, 13 Nov 2003 [EMAIL PROTECTED] wrote:
>
> Hi,
>
> I'm trying to optimize my MIMEDefang milter and reject the whole message even
> before it is received and scanned with SpamAssassin. My question is:
> Is there a function in Mail::Spamassassin perl module which I can use to
> determine if sp
On Fri, 14 Nov 2003, Carl R. Friend wrote:
>For the assembled group -- is it possible to do a DB lookup,
> either in an eval() or some other mechanism, in a "uri" rule?
> If we could do a DB lookup on URIs (or, more properly, the
> domain portion of URIs) I think that'd be a win (at, of course
On Fri, 14 Nov 2003, Bob Amen wrote:
>
> We've been seeing a problem with spamd that happens at random times.
> Occasionally, a spamd thread will spin, clocking up CPU time and never
> finish. This causes other spamd processes to hang and eventually all
> memory and swap is used up by multip
On Thu, 13 Nov 2003, MIKE YRABEDRA wrote:
>
>
> I have been trying to get razor to work with spamd.
>
> I know it works with ./spamassassin --lint -D
>
> It also works with CGPSA (calls SA directly).
>
> But it does not want to work with spamd?
>
> Where are some places I can look , things I can t
On Wed, 12 Nov 2003, Matt Kettler wrote:
> At 01:38 PM 11/12/2003, Scott Antonivich wrote:
> >but can attachments be tagged as spam per user? If
> >so, what do I need to place in this users config file?
>
> You'd have to create a custom rule to look for mime boundaries..
>
> However, to do it per-
On Tue, 11 Nov 2003, Larry Gilson wrote:
> The preferred method is any way you prefer. ;) That is really an honest
> answer. Everyone has their own preferred method and a lot of times it
> depends on your specific situation. Some people will pipe to a filter shell
> script, Procmail, maildrop,
On Sat, 8 Nov 2003, Terry Milnes wrote:
> The bayes filtering works great, but the typical user is not going to
> want to jump through what he would consider the huge obstacles to train
> a corpus. Furthermore implementing bayes on a system that incorporates
> thousands of users can be a daunting
On Mon, 10 Nov 2003 [EMAIL PROTECTED] wrote:
> eManager Notification *
>
> The following mail was blocked since it contains sensitive content.
Love the stupid -PC- double-talk here. Gee, what was the content
sensitive to? (is it sensitve to light, heat, shock...)
1 - 100 of 167 matches
Mail list logo
