Hi Chris,
>What you're describing also happens to me. My question is,
>what happens when you open the message that you've moved
>to the public folder with an IMAP client? Does it maintain
>the full email headers in the IMAP client? For the 3 of us,
>Outlook still shows the full headers but
Hi Thomas,
This is actually one of the questions addressed quite frequently on the list;
have a look at the list archives and you'll find a lot of interesting
information.
Using SA with Outlook and/or exchange can be quite "interesting", here's what
I've been doing with different setups:
Exchang
Hi Chris,
>Tony et al. I guess I'll let the cat out of the bag. Tom Meunier
>discovered the M$-known issue. The problem is
>http://support.microsoft.com/?id=817809 which is basically that public
>folders' emails are treated as PR_MESSAGE_CLASS IPM.Note instead of
>IPM.Post.
>Those of you who d
Hi Chris,
>make it through with IMAP. However, if an email is moved to or from a
>Public Folder with Outlook (regardless of whether or not the public
>folder is mail-enabled), then its headers get truncated.
I can not confirm that. I'm using outlook 2000-SR1 (9.0.0.5414) + exchange
server 2000
Hi Jeff,
> OK, then the question still begs an answer . . . how do I get the stuff out
of Outlook and into sa-learn???
read the archives, there's been lots of discussions on this and quite a few
suggestions:
* if you've got a central exchange server:
Create public folders, have users mov
Hi Phil,
>I've setup 2 mailboxes to use for sa-learn. When I or anyone else
>forwards mail into either the spam or nonspam mailboxes, does it matter
>if a ton of the messages will be from me, and they will have
>the subject prefaced by "FW:"? I would think either of those things would
really
>thr
Hi Mark,
>{root} % /usr/local/sa/bin/sa-learn --spam --mbox -D /tmp/spam.txt
>...
>debug: Initialising learner
>Learned from 0 messages.
At a guess it's trying to learn from a file called "-D" now. try moving the
-D parameter.
Bye, Martin
---
Hi Mike,
>I suspect that what we are seeing is some form of syn requests
>from sendmail??
>
>For example, I am now receiving the same sort of activity from
>another jp site:
>Jul 9 09:00:34 www kernel: Asia2 IN=eth0 OUT=
>MAC=00:d0:09:3d:69:81:00:04:5a:ef:5e:1d:08:00 SRC=202.12.30.137
>DST=192
Hi Tony,
>You should get the buggers (Windows Virus specialists like ...
Naah I can give you better than that:
> We, Cybersite, have detected the W32/[EMAIL PROTECTED] virus that appears
> to have come from your mail server. It was sent in
> an attachment your_details.zip, from [EMAIL PROTECT
>I am using sendmail with cyrus-imap.
>for the filtering I am using sieve which comes with cyrus-imap.
>So my local deliver mailer is cyrus.
>Procmail is not used in the chain of operations when new mail
>is arriving.
>
>Can I use spamassassin for spam filtering without using procmail ?
Yes you c
>> I think it's not a good idea to use forwarded mails as a source for
>> "learning". Somewhere in the SA's documentation indicates this issue.
>
>Yes, we are not forwarding, we are redirecting. But I realize
>that is
>not a good way. redirect/resend/bounce is where the mail is
>resent in
>
> I'll profess some degree of ignorance about PGP signatures, but
>does it matter if it's valid or not? Couldn't a spammer generate a
>perfectly valid PGP signature and use it in their messages to get the
>lower score?
Depends on how you define "valid": if it's just syntactical correctness
Hi Gary,
>Ok, so the obvious question is how does one then pull the
>message out? I mean, I know I've seen references to using
>forward as an attachment as the way to preserve the headers,
>but I don't think I've seen any indication anywhere on
>exactly how to deal with it from that point to
Hi Jack,
>This is becoming a regular thing. A fake PGP signature buried
>inside HTML
>followed by a string of random words clearly aimed at tripping up the
>Bayes algorithms. Its becoming a daily event. See below.
Yep, I've been seein these for quite some time now;What I'm seeing is:
- spam in
Hi MAtt,
>>MK> This is an oft-requested item, but AFAIK it is simply impossible.
>>
>>It should be possible...
>Not with outlook :)
>It is theoreticaly possible with the right mailsystem, but Outlook just
>isn't such a tool.
>It _might_ be possible for them to do a "pop without delete" trick a
Hi Bill,
>I was wondering how to set up a spam address that would accept
>forwarded
>messages from users and feed them into SA for learning as
>spam. Is there an
>easy way to do this? Is SA smart enough to know not to
>blacklist the sender
>of the forwarded message and to only analyze the forwa
Hi Marek,
> As most of you know Outlook doesn't forward headers when you forward an
> e-mail (and with newer Outlook 2002+, you can't even resend with headers
> intact). Therefore Outlook is a bad tool in traning SA.
Yep, definitely lousy. Depending on your setup and Number of users, there's a
c
Hi Gordon
> The rationale for spamassassin's behaviour is, I think, the fear that
> in unsupervised mode it will go off track. Perhaps there should be a user
> flag "supervised/unsupervised" that determines whether or not the same
> criteria are used for filtering and learning. In "supervised" m
Hi Martin,
> I tried to change the subject in the mails , but this wont work. I used the
> options:
How is spamassassin called? if you're using mimedefang to call spamassassin,
SA can't make any changes to the messages - you'll have to change the subject
from mimedefang after getting the DA resul
Hi Matthew,
>I recently got SpamAssassin 2.55 running with MIMEDefang. I'd like to
>temporarily (say over a weekend), send mail marked as spam to
>a spam mailbox
Here's what I used in /etc/mail/mimedefang-filter to get a seed corpus:
warning: you definitely should check the resulting mailbox be
Hi Tom,
>Drag & drop it into a public folder, hit the public folder from your
>Spamassassin machine using IMAP, save it as an MBOX on your SA machine,
>learn it from there.
Sorry, all clients are currently using POP3; there's no exchange server and
no public folders. getting all useres to setup
Hi David,
>> Using bayes in a windows/outlook environment without central exchange
>> server, it's rather difficult to get at spam/ham messages for
>> learning.
>>
>
>Outlook is rather convoluted, but can be done. Open the message in its
>own window, rather then viewing in the preview window. Ac
Using bayes in a windows/outlook environment without central exchange server,
it's rather difficult to get at spam/ham messages for learning.
Forwarding the spam/ham messages to seperate accounts local to the mail
scanner system as attachments looks like the only viable method at least the
origina
Hi Bryan
> Given that auto_learn is working, is it still worthwhile to
> run true-positives (spam) and true-negatives (hams) through
> sa-learn, as the INSTALL document says you should do?
Yes, it makes sense: auto-earn is quite conservative wrt to the messages it
actually trains from. This mea
Hi daniel,
> > I don't see much point in tagging spam and then delivering
> > it anyway. The spammers still got their message through.
> > So what if it's in a special little folder all its own?
>
> The problem with this approach is that SpamAssassin is a heuristic
> system. I have had a number
> I use a second milter that looks at headers - if it finds
> "*SPAM* it bounces the message and archives a copy
> of the message. I also use it to bounce messages with
> attached ".exe" or other undesirable attachments.
>
> I don't see much point in tagging spam and then delivering
> i
Hi Michael
> > How would you, for example, propose to catch a polymorphic
> executable
> > virus? Our code catches these using a disassembler and
> examining the code
> > to see if it tries to do something malicious.
>
> I don't really care what the code is trying to do. I would be happy
> to
Hi,
I've noticed that there's a couple of settings that can only be changed on the command
line/perl function call, but not in the config file - why?
local_checks_only
dont_report_to_razor
also the -a flag for spamassassin (autowhitelist) doesn't seem to have a config - file
equivalent.
esp.
Hi Jeffrey,
> I don't want to run Spamassassin for all users in every domain (i.e.,
> spamproxyd). I also would prefer that Sendmail do it's MTA
> job. The key here is, I want to be able to easily configure the
> Spamassassin service for multiple virtual domains, and I want it to
> be as effi
Hi,
spammers are obviously trying to evade SA rules, have a look at this as an example:
If you wish to be "r e m o v e d" -of f our - l-i- s-t,
ple ase em ail [EMAIL PROTECTED]
or a
Hi Casey,
> I'm using MimeDefang with SpamAssassin and it is working very
> well. My
> question is this: how do I go about configuring which RBL services for
> SpamAssassin to use? Does the SpamAssassin RBL functionality
> work if I'm using MimeDefang?
If you're using default settings: No, i
31 matches
Mail list logo
