On Wed, 2004-01-28 at 02:00, Simon Byrnand wrote:
> Has anyone else noticed frequent timeouts with Razor2 ?
>
> I'm seeing timeouts nearly all the time from most of the Razor servers
> causing spamd to take 10 seconds instead of the usual 1 second or so...
> (I've also noticed more spam than usual
>he only problem so
>far is bounces containing the full, original virus message source aren't
>caught.
Yeah, what's up with that, anyway? What kind of moronic AV scanner bounces an
infected attachment instead of removing it?
Check out this interesting rant on Attrition.org:
http://www.attrit
On Wed, 21 Jan 2004 20:21:07 -0600, you wrote:
>I have
>never used it before so I was looking for some setup instructions etc.
Have you tried any of the fairly extensive documentation on the SpamAssassin
website? What, specifically, are you looking for help with?
--
>http://www.merchantsoverseas.com/wwwroot/gorilla/sa_rules.htm
Thanks for the great ruleset!
I just have one niggling little request (and this really applies to anyone who
produces public rulesets):
PLEASE include the download link (or some other referring link so we know where
it came from)
On Wed, 14 Jan 2004 21:05:05 -0500, you wrote:
>Running any type of "Server" is a violation of every consumer high speed
>access connection TOS.
I don't want to beat this off-topic dead horse any longer than anyone else, but
I do want to point out the very excellent consumer high speed service S
the
general consensus was that it was better to handle virus e-mail with an
anti-virus scanner rather than SA. Personally, I just disallow
executable attachments altogether (anything in the .exe, .pif, .vbs,
etc. range).
--
Frank Pineau
Hey, you know those Roman hackers? Man, were they I III III VII!
signature.asc
Description: This is a digitally signed message part
As a follow-up to my last post, is there a concise list of the RBL
checks that are enabled by default? When I do a debug, I note that it
does 10 tests, but it doesn't say which 10, and there are three times
that many defined in 20_dnsbl.
Thanks
--
Frank Pineau
Hey, you know those
r found any of this information
in the list archive, so I'm posting this message anyway in case someone
else can find it useful.
--
Frank Pineau
Hey, you know those Roman hackers? Man, were they I III III VII!
signature.asc
Description: This is a digitally signed message part
s
another man's treasure.
It's unfortunate, but that's how statistical analysis works. You have
to have a large sampling before any results can be standardized
(otherwise you get wildly skewed results), and since Bayes filters are
so personal, you can really only train it with your own mai
r/spamstats/36361/url_homepage/#spamstats
--
Frank Pineau
Hey, you know those Roman hackers? Man, were they I III III VII!
signature.asc
Description: This is a digitally signed message part
ps it's not that more
is getting through. I'd be interested to see his ham/spam ratio and to
know if it's changed any in the last few months.
--
Frank Pineau
Hey, you know those Roman hackers? Man, were they I III III VII!
signature.asc
Description: This is a digitally signed message part
On Mon, 2003-11-10 at 12:01, Evan Platt wrote:
>[EMAIL PROTECTED] t0 [EMAIL PROTECTED]
Maybe SA needs to run it once through a leet-speek filter? :-)
--
Frank Pineau
Hey, you know those Roman hackers? Man, were they I III III VII!
signature.asc
Description: This is a digitally sig
On Mon, 2003-11-10 at 10:58, Chris Santerre wrote:
>
> sips for every [EMAIL PROTECTED]@ spam you stop.
I don't get spam with that any more. Mine all comes advertising sildenafil citrate. :/
signature.asc
Description: This is a digitally signed message part
So, I get this message in my inbox this morning. Unless I'm totally misreading
the headers, it appears that it actually is from oem-cd.biz. A quick google on
the address reveals it to be yet another marketing firm. This one touts
"You Can Stop Cold Calling Business Prospects & Battling Voice Ma
On Sat, 8 Nov 2003 16:01:04 -, you wrote:
>Surely it has to resolve to *something* - the NS records have gone as
>well.
bl.spamcop.net works just fine, but contains only ns-records
because its a delegated zone.
$ dig bl.spamcop.net ns
$ dig 2.0.0.127.bl.spamcop.net any
--
On Sat, 08 Nov 2003 09:10:20 -0500, you wrote:
>you are correct, it doesn't resolve for me either
>
>Mark wrote:
>> Is it just me, or is bl.spamcop.net gone? I am no longer able to get a DNS
>> resolution for it.
IIRC, bl.spamcop.net isn't supposed to resolve. Try running an RBL query
agai
tomers, the PTR record is always like that whether it's
fixed or dynamic and doesn't change unless the customer specifically
requests the RR (which they frequently don't).
--
Frank Pineau
This is my sig. There are many like it, but this one is mine.
signature.asc
Description: This is a digitally signed message part
development version. 2.60 is the
latest release. Frankly, if you can't figure out where the
documentation is, you should probably not try to run a development
release anyway.
--
Frank Pineau
This is my sig. There are many like it, but this one is mine.
signature.asc
Description: This is a
On Tue, 14 Oct 2003 15:46:10 -0700 (PDT), you wrote:
>had one slip through:
>
>X-Spam-Status: No, hits=3.3 required=5.0
>tests=BAYES_80,HTML_70_80,HTML_FONT_BIG,HTML_FONT_COLOR_BLUE,
> HTML_FONT_COLOR_GRAY,HTML_FONT_COLOR_RED,
> HTML_FONT_FACE_ODD,MIME_HTML_ONLY,M
-inventing the wheel...
--
Frank Pineau
This is my sig. There are many like it, but this one is mine.
signature.asc
Description: This is a digitally signed message part
On Tue, 2003-10-07 at 10:55, Frederic Goudal wrote:
> >anybody want to put in their $.02 to bayes over NFS.
>
> I do, it works. Or maybe I don't see the problem.
Among other things, NFS has been known to have file-locking issues. This can cause
problems with multiple processes accessing the DB
ome to geek heaven.
> http://thinkgeek.com/sf
> ___
> Spamassassin-talk mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
--
Frank Pineau
This is my sig. There are many like it, but this one is mine.
signature.asc
Description: This is a digitally signed message part
0 in 2.60. You're gonna need a much lower
score than -90.0 to counteract it... ;-)
--
Frank Pineau
This is my sig. There are many like it, but this one is mine.
signature.asc
Description: This is a digitally signed message part
On Wed, 2003-10-01 at 13:26, Your Own ISP .com wrote:
> Since there seems to be a ton of activity on this list and near zero
> to do with SA on Windows, I have created list specific to SpamAssassin
> on W32 platforms.
>
>
>
> I searched for this first but did not find anything. I would love to
On Thu, 25 Sep 2003 11:05:53 -0400 (EDT), you wrote:
>I've been toying with the idea for a while now that one could use
>a script similar to your excellent template to generate tcpwrappers
>entries to deny access in the same fashion. I do not know for sure if,
>given a choice between your suggest
On Fri, 26 Sep 2003 08:15:40 +0100, you wrote:
>depends on the RBL I guess, there might be an argument for doing that with
>something like spews, or cc specific ones as they probably don't change that
>much hour to hour, but with something like spamcop you'd have no chance as
>it changes all the t
I disagree for a couple of reasons, most of which have already been
discussed on this list. Auto-deleting spam is a bad idea anyway because
there's always a risk you'll delete a false-positive. Mainly, though, SA
has to fit so many different environments (not just *nix, either,
remember). It's n
Sweet. Exactly what I needed. Thanks.
On Fri, 12 Sep 2003, Fred I-IS.COM wrote:
> See this page:
> http://www.exit0.us/index.php/CustomRBLs
>
---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_
Is there any way to make SA check other RBL's? Ever since the demise of
Osirusoft, I've been using my own RBL zone file on my DNS server, but I'd
like to have SA check it as well.
---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek
On Fri, 29 Aug 2003, Dragoncrest wrote:
>
> You'd figure by now that they'd get
> the message that neither they nor their garbage is wanted. But obviously not.
As long as people continue to respond to their spam by sending them money,
then what message are they expected to get? That spamming
On Sun, 29 Jun 2003 11:50:59 -0400, you wrote:
>I know this isn't a new thing necessarily in the internet world, but its
>new for me. Lately in the past week I've gotten 3 or 4 bounces that came
>from spammers. Apparently they set it up so that a legit (or maybe not
>legit) mail server bounces
>This one got through, but I wonder if "Serious Candidates Only" should be
>given some points.
I just give HTML-only mail like 200 points.
---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Port
On Tue, 17 Jun 2003, Benjamin A. Shelton wrote:
> > Nerd alert: Maybe auto-whitelisting was enabled (producing negative
> scoreds)?
>
> I beg your pardon. I sometimes have the tendency to completely ignore the
> obvious :-p
>
Nonsense. I told you why it had a sudden increase in negative score
On Sun, 15 Jun 2003 21:56:20 -0600, you wrote:
>I don't mean to drag this too far off-topic, but I'm a little curious.
>What happened about two-thirds
>of the way after 02/01 that increased the distribution of negatively
>scoring spam?
SA 2.5x ;-)
---
On 15 Jun 2003 19:40:03 -0700, you wrote:
>I'm cleaning up the code for both for a full release. If you want to
>check out the graphs from spamrrd though, you can go to
>
>http://spamaps.org/spamrrd/
I like it. Another respondant mentioned graphing the scores as well. Someone
else on this list
On Mon, 09 Jun 2003 17:25:40 -0700, you wrote:
>They do? Really? I ordered a T1 circuit from them on the 2nd of this
>month and they told me that they don't delegate reverse DNS to
>customers. =/
I find that *very* surprising. Residential customers, at least, have a HOWTO
on speakeasy's webs
On Mon, 9 Jun 2003 19:19:32 -0400, you wrote:
>Yes. Speakeasy are the most sweet, lovely and clueful people ever to do the
>ISP thang. They dole out static IPs (and even, as I discovered to my
>delight last week, let you set your own reverse DNS on them), encourage
>sharing your wireless access,
On Mon, 2 Jun 2003, Britton wrote:
> Under pine, I first turn full headers on, then use '|' to pipe message to
> sa-learn --(spam or ham) --no-rebuild --single. Until now, I have been
How are you using '|' from within pine?
---
This SF.net
On Fri, 30 May 2003, Justin Mason wrote:
>
> The mail is getting to the list. Repeatedly. However, nobody's replying
> because *we're busy* ;)
You're *supposed* to be devoting every waking second to SA development.
If you feel the need to eat, we can probably rig some kind of an IV or
someth
On Fri, 30 May 2003, Keoki Kalune wrote:
> TAKE ME OFF THIS SITE, KNOW ONE KNOW WHO OR HOW I GOT THIS BUT IT IS
> DISRUPTING BY BUSINESS. I WANT SOME ONE TO CONTACT ME ASAP
>
> Keoki Kalune
> Executive Vice President
Nice. Executive VP and (s)he can't even form a coherent sentence. I
won't
On Fri, 7 Feb 2003, Steve Thomas wrote:
> |
Since my users all POP their mail (and therefore don't have access to the
server SA is on), I'd be happier with a way for them to train SA
themselves by, say, forwarding spam (and/or) non-spam to a special
"training" email account that will then train the filter without the
admin's help. Anyone do
On Fri, 1 Nov 2002 10:18:06 -0800, you wrote:
>Where can I find an older version of SpamAssassin? I'm looking for a
>2.3x version. My false negative rate on 2.43 is through the roof.
Same download link as on the website, just change the version number.
On Wed, 30 Oct 2002 16:25:22 -0800, you wrote:
>now thats funny! :) You mean someone likes SpamAssassin?
I thought it was funny that you have to give them 5+ more email addresses to get
clues about who sent you the note.
"Help us spread more spam and we'll tell you about someone else who spre
On 29 Oct 2002 09:41:08 -0500, you wrote:
>
>Won't this get overwritten with the next upgrade they install? Is there
>a more elegant solution (local.cf or some such thing)?
Welcome to the wonderful world of custom mods. :-)
---
This sf.net e
On Sun, 27 Oct 2002 19:52:08 +0100, you wrote:
>Gustave Eiffel wrote:
>
>> On RedHat 8.0 running SA through procmail site-wide ( using sendmail
>> as MTA )I want to add virus filtering as well.
>>
>> What is the easiest way to add this? It looks like Amavis is a
>> popular choice
>> but it apear
On Fri, 25 Oct 2002 13:04:04 -0700, you wrote:
>C'est un international mondial, Monsieur Pineau. ;-)
Not in *my* neck of the woods. Darn foreigners. :-)
---
This sf.net email is sponsored by: Influence the future
of Java(TM) technology. Jo
On Fri, 25 Oct 2002 14:42:52 -0500, you wrote:
>Be very careful with a procmail recipe, and the answer is yes.
>
>#start by deleting the highest spamtag value
>:0
>* ^X-Spam-Level: \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*
>/dev/null
>
>#flag everything else, but deliver it (this happens without an
What's the deal with http://www.spamassassin.org/tests.html being half
english/half french?
---
This sf.net email is sponsored by: Influence the future
of Java(TM) technology. Join the Java Community
Process(SM) (JCP(SM)) program now.
http://ads
On Wed, 23 Oct 2002 14:42:25 -0700, you wrote:
>Use the milter interface with amavis. The instructions are in the file
>README.milter of the amavis distribution. I've got it running on three
>servers with sophos a/v, and it works like a charm.
Thank you, that's what I was looking for!
FP
---
Hopefully an easy one. I'm using SA with sendmail and procmail. SA is being
called via procmail recipes for individual users, rather than sitewide via a
milter.
I'd like to use amavis to scan all incoming mail, but the amavis instructions
say to replace procmail.
What's the best (read: "easiest
On Wed, 23 Oct 2002 09:32:21 -0400, you wrote:
>Hey Folks..
>
>What kind of rule would be needed to best filter out spam which is mostly
>HTML based? I remember something being posted here about this, but I think I
>accidentally deleted the post..
>
>Much thanks.. Doug
From http://www.spamassa
On Tue, 22 Oct 2002 10:18:38 -0500 (CDT), you wrote:
>Both contain "goldfish" in the subject, one is just plain "goldfish"
>and one is "Fw: goldfish".
>
>Both come from hotmail addresses.
>
>Both have attachments, one is application/octet-stream, one is
>audio/x-midi.
>
>Both say:
>
> Hi Dear
>
On Mon, 21 Oct 2002 15:03:50 -0500 (CDT), you wrote:
>This is a bad choice for a port IMHO. Frankly every firewall I set up
>(and have seen up close) blocks tcp/udp 1-19. Those services have no
>purpose on the Internet at large IMHO. They are plagued with security
>issues and under-maintained s
On Thu, 17 Oct 2002 12:16:15 -0400, you wrote:
>Updraded to 2.43 yesterday on a debian pilot. Everything seems to be working fine.
>Not doing anything funky that I can think of. But this message came through today.
>Says score is 5.6 out of 5 and plenty of tests show, but the X-Spam-Level he
>so /etc/mail/spamassassin/yourlocal.cf would do fine.
>
Personally, I put all my customizations into local_.cf. It's a file
that's not part of the distribution, is not going to get overwritten, and since
it's a .cf, it still gets read.
I used to use local.cf, but when that got overwritten twic
>Ideally, I'd like to just get razor working, but it's given me so many problems
>(vis a vis the old Net::Ping error) that it's hardly worth my time any more.
Swt. Finally got razor fixed. What a PITA.
---
This sf.net email is sponsore
On Mon, 14 Oct 2002 12:21:49 -0400, you wrote:
>If it can load the perl module, it considers Razor to be available.
>Are you sure you removed them? ;)
>
I've since found the module(s). Apparently, I only removed *some* of Razor.
>You can disable any test by setting the score to 0 BTW.
Ah, I wa
Ok, can't find anything in the SA archives. How do I stop SA from doing a razor
check? I've tried uninstalling the razor perl modules, but when recompiling SA,
it still seems to find it, so I'm not even sure what makes it think razor is
there.
--
On Thu, 10 Oct 2002 19:05:42 -0400, you wrote:
>Someone at 207.44.141.140 is sending out spam via the Windows messaging
>service. Is it time for SA for Firewalls. ;-)
No, it's just (*way* past) time to stop using Windows Messaging Service. :-)
--
On Wed, 9 Oct 2002 13:32:37 -0700, you wrote:
>What would be accomplished by its listening on 0.0.0.0? What would be the
>downside of doing so?
Seems to me that in a system with multiple mail servers, you could do all the
spam checking on a single box. Though why you would have multiple mail
On Tue, 8 Oct 2002 14:37:57 -0700, you wrote:
>| 0xD5.0xEF.0x8F.0x9D
>
>resolves to www.amsterdamcash.com (213.239.143.157)
>
>It scares me to think that spammers might be starting to evolve into having
>the same intelligence level as a human.
This trick's been going on for years, but this is th
On 08 Oct 2002 13:01:34 -0500, you wrote:
>Would anyone be interested in a script that pipes spamd data into mrtg
>to be graphed?
Yes. I already graph inbound and outbound mail to MRTG. A spam one would be
nice, too.
---
This sf.net email
63 matches
Mail list logo