Re: [SAtalk] e.g. whitelisting

Spyros Tsiolis wrote: For example whitelisting. Any examples on whitelisting messages that are marked as spam when they are not ? From what I understand from http://au.spamassassin.org/doc/Mail_SpamAssassin_Conf.html if you get legit messages as spam, you can configure in /etc/mail/spamassas

Re: [SAtalk] thank you guys

HolyMoly...69.27 seconds?! How'd you port SpamAssassin to run on a Commodore Vic-20? -JR BAHAHA... that ALMOST got me to spew coffee out my nose. --- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Developm

Re: [SAtalk] the list itself???

Whew... thought I maybe I offended or something --- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.ecli

[SAtalk] the list itself???

did I get booted off the list, no list traffic or is sourceforge down? I haven't gotten anything really since friday --- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the

Re: [SAtalk] doing a kind of "! whitelist_from_rcvd" possible ?

Matt Kettler wrote: At 04:56 PM 1/21/2004, you wrote: Hi SA offers the possibility of having a "smarter" whitelist which whitelists only if the sending relay is "related" to the sending email, like whitelist_from_rcvd [EMAIL PROTECTED] example.com is there a possibility to somehow do the oppos

Re: [SAtalk] Popcorn & Backhair have been combined into 1 Set

Jennifer Wheeler wrote: Hello spam peeps Adam Lopresto and I have recently begun working together on Chickenpox, and while working on that set, it occurred to him how to fix the limitations in Backhair, using similar ideas we're using in pox. This change in essence "combines" Backhair & Popcorn.

Re: [SAtalk] RulesDuJour; minor change

Chris Thielen wrote: On Wed, 2004-01-21 at 18:23, Erik Slooff wrote: Hi Chris, Small change for RulesDuJour: when sa is not in path lint will not succeed (line 313). Maybe you could add a variable that contains the path to sa in the settings? Erik Will do. Should have it up tomorrow, al

Re: [SAtalk] New Ruleset: EvilNumbers

and you can add these to your rules_du_jour by adding this Here are settings for evilnumber EVILNUMBERS=7; # Index of evilnumbers data into the arrays is 7 CF_URLS[7]="http://www.merchantsoverseas.com/wwwroot/gorilla/evilnumbers.cf";; CF_FILES[7]="evilnumbers.c

Re: [SAtalk] Re: Looking for comments on this rule: EMAIL in URL

humm.. didn't think of ^ thanks ack just shoot my copy and past cleanup. uri MY_EMAILINURL_1/https?:([EMAIL PROTECTED])/i This an be subject to a mild denial of service attack. You probably mean to use '[EMAIL PROTECTED]' and '[^.]' instead of '.' in a couple of places. Scott -

Re: [SAtalk] Looking for comments on this rule: EMAIL in URL

ack just shoot my copy and past cleanup. uri MY_EMAILINURL_1/https?:([EMAIL PROTECTED])/i Tim B wrote: because a lot of spam contains some email address in an embedded uri that I'm seeing. I threw together this rule: uri MY_EMAILINURL_1 /https?:([EMAIL PROTECTED])/i des

[SAtalk] Looking for comments on this rule: EMAIL in URL

because a lot of spam contains some email address in an embedded uri that I'm seeing. I threw together this rule: uri MY_EMAILINURL_1 /https?:([EMAIL PROTECTED])/i describe MY_EMAILINURL_1Contains what appears to be an Email Address in URL score MY_EMAILINURL_1 1.5

Re: [SAtalk] UPDATES Tripwire 1.16 and Bigevil 2.06k

If you change the version number lines to all be the same number of digits, the script given earlier today will report the update correctly for example # Version 1.00 Initial release # Version 1.01 Avoid FPs with Forwards, Embedded images and PGP. # Version 1.02 Avoid FPs with Yahoo Groups #

Re: [SAtalk] Acronym Update

ronoyms in the FAQ? They are quite well known acronyms, in the Open Source World. Try the Hacker's Dictionary when you encounter more. -- Met vriendelijke groet, Tim Stoop Random quote/fortune: The most common form of marriage proposal: "YOU'RE WHAT!?" -

[SAtalk] Books...

Hey does anyone know if there are any spamassassin books comming out? --- This SF.net email is sponsored by: Perforce Software. Perforce is the Fast Software Configuration Management System offering advanced branching capabilities and atomic

Re: [SAtalk] [OT and long] Port Blocking

This is why I beleive ISPs who have a restriction should publish their address blocks which are NOT supposed to be sending mail directly out. It then becomes the recipient mail domain's responsibility if they choose to block on the information published. In your small ISP case, you would not pu

Re: [SAtalk] Spamwriter

It's well known that filtering is *only* useful for keeping one's inbox uncluttered; it does nothing to interdict the flow of crap from upstream. You want to put a serious dent in spam? IDP broadband providers that give their customers direct access to port 25 on remote systems by default. Spam fro

Re: [SAtalk] New Ruleset Available!!! TRIPWIRE! You don't want to miss this o ne!

Excellent News! Chris Santerre wrote: Ladies and Gentlemen, Not since eating popcorn covered in backhair in the weeds have I been so excited about a ruleset. Fred, along with the rule writers consortium, has developed a new ruleset called Tripwire. Much testing has gone into this set. I

RE: [SAtalk] Info about 'banned cd'

rules than searching for something that may set off false postitives, based on the information that was presented at the time. Tim Donahue --- This SF.net email is sponsored by: Perforce Software. Perforce is the Fast Software Configura

Re: [SAtalk] habeus

that's exactly what I started doing a few weeks agao. I want to send enough habeas to enforce their copyrights :) jenni baier wrote: I guess we can all start putting together a "habeas corpus" On Sun, 11 Jan 2004, Jack Gostl wrote: I must have gotten 20 of these in the last three hours! I'm

Re: [SAtalk] OT: My REALY REALY Crazy idea!! ahahahahahah

How many do think would end up with an overly outgoing well blessed healthy abit thin gorilla with a huge desire to descramble tv while becoming financially secure and well insured Chris Santerre wrote: Ok, this one is out in left field but I think it would make spam fun. The idea jumped i

Re: [SAtalk] OT: My REALY REALY Crazy idea!! ahahahahahah

Op vrijdag 9 januari 2004 23:34, schreef Chris Santerre: > Tamogachi Gorilla Spam!!! > (Watch someone market this and make millions.) > Tamogachi Gorilla Spam (tm.) Patent pending...blah blah lol.. Hey! That was my idea :P~ -- Met vriendelijke groet, Tim Stoop Random quot

Re: [SAtalk] handling spamc failures...

Kris Deugau wrote: With your method of making sure mail gets scanned, mail will slowly build up in the queue until the server runs out of disk space, the MTA can't process the queue because it's too big, or SA's memory usage triggers the Linux kernel OOM process killer. (Exactly which happens fir

[SAtalk] Update on SQL-ization of AWL, Bayes, etc.?

ution that could be used in an "email-farm", where only virtual accounts exist? Thanks in advance for your reply and status-update ;-) -- Met vriendelijke groet, Tim Stoop Random quote/fortune: War is an equal opportunity destroyer. -

[SAtalk] handling spamc failures...

I think we all have our favorite ways of calling spamc/spamassassin, and one of my biggest concerns is that spamd will die for some obscure reason and mail will stop getting scanned, or I'll be restarting spamd and a flood mail suddendly comes in. Well this is how I finally settled into my co

Re: [SAtalk] spamd -m and a good number....

thanks! that's exactly what I needed to know! Robert Lacroix wrote: from the spamd documentation: "-m number, --max-children=number Specify a maximum number of children to spawn. Spamd will wait until another child finishes before forking again. Meanwhile, incoming connections will be queue

[SAtalk] spamd -m and a good number....

the spamd -m commandline option for max child processes... is that per spamc call? for instance if I use: spamd -d -m10 -x -u filter and I run 50 instances of spamc, does that mean that all 50 call of the spamc process get 10 spamd child processes for a total of up to 500 spamd child processes?

Re: [SAtalk] Multiple CF Files & Performance

Evans Martin wrote: I recently split out my CF file into multiple files. Ex. whitelist.cf, blacklist.cf, bigevil.cf, evilrules.cf, etc. Will this noticably degrade system performance? Thanks, Evans Martin I've not notice any performance decrease due to having multiple cf files, and afaik, spamd

Re: [SAtalk] False positives

schafer wrote: To Spamassassin: My publication is double-opted in by 15,000 families with children with autism. We are routinely victimized by incompetent software like spamassassin because of false positives. This is just as intolerable as > spam. It is worse than spam because it victimizes t

Re: [SAtalk] downside to sa-learn and extra headers...

Matt Kettler wrote: At 07:52 AM 12/23/2003, Tim B wrote: I want to feed ham into sa-learn every night. However when I get the ham i'm going to have a bunch more received headers and extra Microsoft SMTP headers because of the way it's going to be send to me. What's the downs

[SAtalk] downside to sa-learn and extra headers...

Howdy All, I want to feed ham into sa-learn every night. However when I get the ham i'm going to have a bunch more received headers and extra Microsoft SMTP headers because of the way it's going to be send to me. What's the downside to learning ham with these extra headers? I know I can use

Re: [SAtalk] IE redirect rule

Tim B wrote: Bill Larson wrote: http://www.dslreports.com/shownews/36402 http://www.enterpriseitplanet.com/security/news/article.php/3288771 http://www.secunia.com/advisories/10395/ Microsoft Knowledge Base Article - 833786: http://support.microsoft.com/?id=833786 In this exploit using: http

Re: [SAtalk] IE redirect rule

Bill Larson wrote: http://www.dslreports.com/shownews/36402 http://www.enterpriseitplanet.com/security/news/article.php/3288771 http://www.secunia.com/advisories/10395/ Microsoft Knowledge Base Article - 833786: http://support.microsoft.com/?id=833786 In this exploit using: http://[EMAIL PROTECTED

Re: [SAtalk] required_hits = 5.x ???

Theo Van Dinter wrote: On Thu, Dec 18, 2003 at 11:01:22PM -0500, Tim B wrote: I don't think I've seen this covered ever. can required_hits = 5.5? yes. the documentation (and code) specifies 5.0 as the default. integers are used just for simplicity, but floats are allowed. Ok g

[SAtalk] required_hits = 5.x ???

I don't think I've seen this covered ever. can required_hits = 5.5? everywhere points to a whole number, like 5, or 6 ect ect. --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills.

Re: [SAtalk] daily / weekly reports

Jens, Thanks for this handy piece of code. Jens Madsen wrote: Hack away, -- cat Report_spam.pl #!/usr/bin/perl -w #-***

Re: [SAtalk] Domain DNS Blacklists

Matt Kettler wrote: At 09:06 AM 12/16/03 -0500, Tim B wrote: this should work. may need a little tweeking. header RCVD_SECSAGE_RBL eval:check_rbl('SECSAGE', 'blackhole.securitysage.com.') describe RCVD_SECSAGE_RBL SECSAGE: listed in Security Sage's RBL score RCVD

Re: [SAtalk] Domain DNS Blacklists

Mark Lowes wrote: Afternoon all, I've had a dig through the archives and wiki for a definitive answer with no success. Is it currently possible to use DNS based domain blacklists at the moment in SA? (such as http://www.securitysage.com/guides/postfix_uce_rhsbl.html) thanks Mark Yes th

Re: [SAtalk] Interesting service...

Fred wrote: Tim B wrote: Hey I stumbled over this little gem of a marketeer, looks like they claim they can bypass any spamfilter. Anyone familiar with this group? onlinemarketingpros.net That's funny, their website says in business since 1997, but their whois shows different (10 day

[SAtalk] Interesting service...

Hey I stumbled over this little gem of a marketeer, looks like they claim they can bypass any spamfilter. Anyone familiar with this group? onlinemarketingpros.net --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert

Re: [SAtalk] New to SA

Rachel E. Hewitt wrote: New to SA and unix. I am using SA 2.6 with Guinevere and GW 6. It is helping a lot. I have spent about 3 hours looking through the archives of this list and have not found the answer yeta couple questions: 1. if using the spamassassin --lint at the command prompt and it

Re: [SAtalk] Postfix - procmail - spamassassin config

Daniel Kaliel wrote: Hey At least once a week our server hangs. I can't figure this out. It seems to be hanging when spamassassin is working on large emails. Here is how I have it setup and where I am confused. My confusion lies in this. If I use the mailbox_command field in postfix do I need

Re: [SAtalk] Rules Modification /Content Filtering Results

<--- snip > My Question/Concerns Does anybody have any ideas about how this would affect the bayesian learning system? If i suddenly changed my mind about liking porn one day and decided to block all porn, would I need to clear out my bayesian learning database so that it would begin t

Re: [SAtalk] Site-wide opt-op

Thanks, is amavisd-new linked from the Spamassassin homepage? Tim - Original Message - From: "Alain Fauconnet" <[EMAIL PROTECTED]> To: "Tim Johnson" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, November 27, 2003 10:11 PM Subject: Re

[SAtalk] Site-wide opt-op

% of the users will not have accounts anyway).Tim Johnson  

RE: [SAtalk] Bounce all but whitelist

it in with the way you want it to. tm Tim Merkel wrote: > I have a client who wishes to only allow mail into his inbox that is > explicitly allowed via his white list. Yahoo currently allows you to do > this (which is where they got the idea). > > I currently host multiple domains u

[SAtalk] Bounce all but white list

'postfixfilter' to check the userpref table in MySQL before calling spamc. Has anybody has success with this. Can anyone think of a better solution for this? Thanks in advance for your help! Tim Merkel #/etc/postfix/main.cf (a

[SAtalk] Bounce all but whitelist

'postfixfilter' to check the userpref table in MySQL before calling spamc. Has anybody has success with this. Can anyone think of a better solution for this? Thanks in advance for your help! Tim Merkel #/etc/postfix/main.cf (a

[SAtalk] Another question re: Spam Assassin and SQL

Hello I think I figured something out, and I just want to confirm: Am I correct in understanding now that the SQL user preferences system only works when you run Spam Assassin through Procmail? Can it be set up to run from the Spamass-Milter? Thanks. Tim

RE: [SAtalk] MAPS RBL+ in Spam Assassin

I think this is because Sendmail checks the current peer's IP address against the RBL, and SA scans all the Received: headers in the e-mail for matches. Tim -Original Message- From: Bill Polhemus [mailto:[EMAIL PROTECTED] Sent: Friday, November 07, 2003 10:39 AM To: 'Gustafso

[SAtalk] MAPS RBL+ in Spam Assassin

Hello I am new to Spam Assassin. I see that it checks e-mail against the MAPS databases, but that it does not appear to check the RBL+ database. Is there some way for me to add this check to the list? Thanks. Tim --- This SF.net email is

[SAtalk] Question Re: SpamAssassin Port on FreeBSD 4.9

rver' as the README file in the SQL folder says it should. Am I doing something wrong? Can someone please clue me in as to what I might be missing? Thanks. Tim --- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.n

Re: [SAtalk] 5.0 spampoints

Jeffrey Schilperoord wrote: What is the easyest way to change the 5.0 spampoints to a higher level ? greetings Jeffrey Schilperoord in your /etc/mail/spamassassin/local.cf file add/change the line required_hits 5 to whatever you want it to be. --

Re: [SAtalk] incorectly identified trusted host

David B Funk wrote: On Tue, 7 Oct 2003, Tim B wrote: Yes I have.. that was the first thing I tried... it still thinks when there's just one other host that the host is trusted. Havn't seen that one, sounds like a true bug. I guess I will open a bugzilla request then.

[SAtalk] incorectly identified trusted host

Problem in spamassassin 2.60 -- trusted relay There seems there might be a glitch in the detection of trusted relays which is causing RBL checks to be bypassed. Is there a way to bypass the autodetection of trusted relays and use only ones specified in a .cf file? I searched bugzilla and didn'

Re: [SAtalk] If you use DCC w/SA please read

So since I really don't know anything about the iptables firewall on my mail server do you more details so I can check to make sure that this is set correctly? Dave Lugo wrote: Howdy all, It's been noticed that more mid-sized sites are using the DCC with SA. This is potentially very cool, a

Re: [SAtalk] SA and tagging/removing

[EMAIL PROTECTED] wrote: OK, fine, you have persuaded me. So I have one question: how can I delete the message, when we use qmail and for local delivery we use the qmail-local? We run the SA after the AMAVIS + antivirus (both written in the .qmail file, because these programs must be turn off/o

Re: [SAtalk] Exim x Spamassassin x Aliases x user preferences

_before_ the one that does spamchecking then the message will be sa-checked for each user separately, each time with their own prefs. If you have the directors in reversed order, it's checked only once with the global prefs. grts Tim ---

Re: [SAtalk] URL filtering

nt to SA. Hope that helps! Tim -- Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028 [EMAIL PROTECTED] | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr "If it ain't broke, then you're not trying hard enough!" --Red Green -

[SAtalk] Chucking by attachment name

Has anyone devised a plan to chuck all the email with attachments matching a list of known viral names? Like thank_you/pif ...etc.. Using procmail/SA2.55 --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://think

Re: [SAtalk] defining the min/max score per test

Mark C wrote: Hi, I have spamassassin installed on my debian woody e-mail server, out of the box it works generally ok, except for a few false alerts, which is why this mail comes in, I wish to allow each use to setup their own user_prefs file, I have sucsessfully implimented this, but I'm having

[SAtalk] Re: SA rejection

atic: I have to go into a folder, set a label on messages for rejection and then apply a filter. The rate of false positives has been so slow (ie zero so far as I know, until now) that I'd got sloppy in scanning them. I'll consider this a wake-up call. Tim ---

Re: [SAtalk] SA Score in Subject Line???

Here is how I do it - these lines are in /etc/mail/spamassassin/local.cf on my system # Whether to change the subject of suspected spam rewrite_subject 1 # Text to prepend to subject if rewrite_subject is used subject_tag [SPAM-Score-_HITS_] jpf wrote: Is there someway tha

[SAtalk] Spam Filter Comparisons

Hi, Thought you all might be interested in this artical on freshmeat.net: http://freshmeat.net/articles/view/964/ Later-- Tim -- Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028 [EMAIL PROTECTED] | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr "If it ain't broke, then

[SAtalk] Weird behavior with SA 2.60 rc1

#x27;t see anything out of the ordinary. I even had one user switch back to running spamassassin (the standalone version) instead of spamc (the client-daemon version), but it made no difference. So I've reverted back to SA 2.55. Anyone else see this behavior? Tim Buck * Information Tec

[SAtalk] Women: Revolutionary Climax Product Will Astonish You (fwd)

Another got through: -- Forwarded message -- Return-Path: <[EMAIL PROTECTED]> Delivered-To: [EMAIL PROTECTED] Received: from localhost (localhost.localdomain [127.0.0.1]) by localhost.localdomain (Postfix) with ESMTP id A43606A711 for <[EMAIL PROTECTED]>; Tue, 19 Au

[SAtalk] Dear Kc8hr, GET YOUR FREE! $101 bucks AND GET BACK YOUR FULL DEPOSITNOW! (fwd)

Hi Guys, Real creativity here. . . Later-- Tim -- Forwarded message -- Return-Path: <[EMAIL PROTECTED]> Delivered-To: [EMAIL PROTECTED] Received: from localhost (localhost.localdomain [127.0.0.1]) by localhost.localdomain (Postfix) with ESMTP id 2B9B56A72B

Re: [SAtalk] How to whitelist these lists so that Bayes doesn't getconfused?

I am on several lists. Good Luck, Tim -- Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028 [EMAIL PROTECTED] | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr "If it ain't broke, then you're not trying hard enough!" --Red Green ---

[SAtalk] bqtW Powerful DVD copy software. nhmW Now you can save your favoritemovies. (fwd)

Hi Guys, Here is another one that sneaked past SpamAssassin. Tim -- Forwarded message -- Return-Path: <[EMAIL PROTECTED]> Delivered-To: [EMAIL PROTECTED] Received: from localhost (localhost.localdomain [127.0.0.1]) by localhost.localdomain (Postfix) with ES

[SAtalk] Wired Article

Hi Guys, Thought you might enjoy this article on Wired: http://www.wired.com/news/culture/0,1284,59859,00.html I enjoy wading through each morning's batch of spam looking for high scores too. Later-- Tim -- Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028 [EMAIL PROT

Re: [SAtalk] WHITELIST QUESTION

ould do it: whitelist_from [EMAIL PROTECTED] Later-- Tim -- Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028 [EMAIL PROTECTED] | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr "If it ain't broke, then you're not trying hard enough!" --Red Green ---

Re: [SAtalk] What are the rules for whitelist_from file-glob-stylepatterns?

OTECTED] I have not tried using more than one wildcard per line. Good Luck! Tim -- Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028 [EMAIL PROTECTED] | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr "If it ain't broke, then you

Re: [SAtalk] whitelist not working?!?

On Tue, 29 Jul 2003, Bonny wrote: > Hello all! > > In my ./spamassassin/user_prefs I put: > > whitelist_from@tuttinudi.com Try: whitelist_from [EMAIL PROTECTED] Later-- Tim -- Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028 [EMAIL PROTECTED] | Yahoo:

Re: [SAtalk] How to "whitelist" an address?

owing format: whitelist_from Later-- Tim -- Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028 [EMAIL PROTECTED] | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr "If it ain't broke, then you're not trying hard enough!" --Red Green -

Re: [SAtalk] Changing global scores for tests

Hi Henry, On Sat, 19 Jul 2003, Henry Van Styn wrote: > Hi! > > I want to increase the value of the test VIAGRA from 0.0 to 5.0 site > wide. How do I do this? Try adding this line to user_prefs: score VIAGRA5.0 -- Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028 [EMAIL PROTECTED]

[SAtalk] +$B6KHk>pJs;o(B + (fwd)

Hi Guys, (B (BHere is another sneaky one. It is entirely in Japanese, so I have set the (Bfollowing in my user_prefs: (B (B# Languages--rejects non-English spam (Bok_languages en (Bok_locales en (B (BLater-- (BTim (B (B-- Forwarded message -- (BReturn-Path: <[EMAIL PRO

Re: [SAtalk] OT - Spamstats problem.

here is a version that only needs the spamd logs http://mailhost.bccwebhosting.com/mrtg/sstats.tar.gz it creates part of the stats on this page http://mailhost.bccwebhosting.com/mrtg/ Jim Ford wrote: Hi, I'm trying spamstats, but there seems to be insufficient logging for it to return meaningfu

[SAtalk] Business Proposal (fwd)

Hi Guys, These Nigerian scammers are really getting creative. This one scored 1.1! Tim -- Forwarded message -- Return-Path: <[EMAIL PROTECTED]> Delivered-To: [EMAIL PROTECTED] Received: from localhost (localhost.localdomain [127.0.0.1]) by localhost.localdomain (P

Re: [SAtalk] OT - spamassassin - mailserver recommendations - passthruto exchange after scan

this sounds exactly like what I need - what version of linux are you running it on? can you give me more details on the setup and configuration Thanks! alan premselaar wrote: >On 7/17/03 10:46 PM, "Tim Litwiller" <[EMAIL PROTECTED]> wrote: > > > >>I h

[SAtalk] OT - spamassassin - mailserver recommendations - passthru to exchangeafter scan

I have been running mail servers for several of our clients with spamassassin for several months. Now a client that has an exchange server want to clean up thier email but pass the mail thru to the exchange server. I have seen several discussions the lead me to believe that this is not an un

Re: [SAtalk] The best ANTl-SPAM software for you, Kc8hr! Ibr gUHQLfFpfDl...? (fwd)

6K dialup connection, and network checks can be very time-consuming. I would rather have a large whitelist. Actually, I get very few 'false positives'--haven't had one since upgrading to 2.60 Thanks, Tim -- Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028 [EMAIL PROTECTED]

[SAtalk] The best ANTl-SPAM software for you, Kc8hr!Ibr gUHQ LfFpfDl...? (fwd)

Looks like we have some competition. ;-) Tim -- Forwarded message -- Received: from localhost [127.0.0.1] by localhost.localdomain with SpamAssassin (2.60-cvs 1.193-2003-06-13-exp); Mon, 14 Jul 2003 10:44:32 -0400 From: [EMAIL PROTECTED] To: Kc8hr <[EM

[SAtalk] Sneaky Spam: Provicial federal funds (fwd)

Hi Guys, Here's one that came in under the radar. I have no idea how I got on this list as I live in the U.S. Tim -- Forwarded message -- Return-Path: <[EMAIL PROTECTED]> Delivered-To: [EMAIL PROTECTED] Received: from localhost (localhost.localdomain [127.0.0.1])

Re: [SAtalk] procmail.log changes???

is in your .procmailrc: SHELL=/bin/sh PATH=$PATH PMDIR=$HOME/Procmail LOGFILE=$PMDIR/log MAILDIR=$HOME/mail VERBOSE=yes The "VERBOSE=yes" should give you just about everything you want to know. Just watch out that the log doesn't get too big--it will, real quick! Later-- Tim -- Timot

[SAtalk] Oops, was Re: Gang Bang Model Photo Shoot... (fwd)

Hi Again I figured out why the spam made it through. It was addressed to one of my alternative e-mail addresses, which was white_listed, but isn't anymore. Sorry to add to the noise level! Tim On Thu, 3 Jul 2003, Tim wrote: > Hi Guys, > > Here's another one that sneaked b

[SAtalk] Gang Bang Model Photo Shoot... (fwd)

Hi Guys, Here's another one that sneaked by SpamAssassin 2.60-cvs. Question: The header mentions "autolearn=no". . .I thought autolearn was "on" by default? Thanks, Tim -- Forwarded message -- Return-Path: <[EMAIL PROTECTED]> Delivered-To: [

Re: [SAtalk] mrtg

http://mailhost.bccwebhosting.com/mrtg/ the mrtg part is some perl scripts parsing the spamassassin and amavis logs then since I was pasring thru those files anyways I decided to grab the users names and make make some more interesting items for the page. I'm still adjusting the scripts etc. i

Re: going OT: --- Re: [SAtalk] Spammers sneaking lower Bayes scores

:) Tony Earnshaw wrote: Tim Litwiller wrote: --- This SF.Net email is sponsored by: INetU Attention Web Developers & Consultants: Become An INetU Hosting Partner. Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commis

going OT: --- Re: [SAtalk] Spammers sneaking lower Bayes scores

It is best to be politically correct nowadays. this attitude is a big part of what is wrong with the world these days! It is infinately better to say it how it is or how you see it than to attempt to be politically correct. That doesn't mean you can't be nice when you say what you really thi

[SAtalk] 2.60

Hi, SpamAssassin 2.60 works fine here. Thanks, Tim -- Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028 [EMAIL PROTECTED] | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr "If it ain't broke, then you're not trying hard enoug

Re: [SAtalk] can't make install if personal

=~/etc && \ > make install INST_PREFIX=~/usr INST_SYSCONFDIR=~/etc > > please somebody tell me how to make install in $HOME!? > > You are trying to write to /usr/local/lib/perl ... but I want to write > to my home dir, am I "SOL"?! Make sure you give the

Re: [SAtalk] Sneaky Spam: Your PC's Hard Drive (fwd)

Hi Tony, On Thu, 19 Jun 2003, Tony Earnshaw wrote: > Tim wrote: > > > This guy sneaked past SpamAssassin 2.55. I only use the address for > > Yahoogroups subscriptions, so that must have been where the spammer got > > it. I did [not] "opt in" for anything.

Re: [SAtalk] As seen on ...

e ... Try setting: required_hits 2 It works for me, and I get very few errors. Good Luck! Tim -- Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028 [EMAIL PROTECTED] | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr "If it ain't broke, then you're

[SAtalk] Sneaky Spam: Your PC's Hard Drive (fwd)

Hi, This guy sneaked past SpamAssassin 2.55. I only use the address for Yahoogroups subscriptions, so that must have been where the spammer got it. I did [not] "opt in" for anything. Later-- Tim -- Forwarded message -- Return-Path: <[EMAIL PROTECTED]> Deli

Re: [SAtalk] Kinda OT maybe. SA install/update...

installed it in my home directory, following the directions in the INSTALL file. I wanted to see how the program works and be able to play with it without having to su to root to edit config files. I have learned a great deal about how everything works this way. Thanks, Tim -- Timothy J. S

Re: [SAtalk] The lowest rates are online! (fwd)

r me. No, but I do have a rather extensive white_list. :-) I would rather white-list an address than let a creative spam get through. Later-- Tim -- Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028 [EMAIL PROTECTED] | Yahoo: kc8hr| http://www.wwnet.net/~kc8hr "If it ain'

Re: [SAtalk] Cool regexp GUI

Thanks, I've been looking for something like that on and off for a long time. Justin Mason wrote: for UNIX and windows. very cool: http://weitz.de/regex-coach/ --- This SF.net email is sponsored by: Etnus, makers of TotalView, The be

Re: [SAtalk] SAproxy

I am looking at the saproxy I donwloaded from the bloomba site. Open the configuration , click on host mape look / read thru the information that is there, then make a new line at the bottom 818 = mail.myisp.com:110 where mail.myisp.com is the mail server you are trying to connect to then in y

[SAtalk] Checking the validity of from against another header

Hi all I'm currently adding a header field which contains the enevelope from email address. I was wondering if there was a way to write a rule where I could check this header against the from header field? Spamassassin 2.55 Postfix 1.11 Procmail/formail in use. I add the header: X-Enve-sender

Re: [SAtalk] Maybe Spam?

Yes, this would be a major pain on a large rollout. Tyler Hardison wrote: -Original Message- From: Tim Litwiller [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 03, 2003 10:41 AM Cc: [EMAIL PROTECTED] Subject: Re: [SAtalk] Maybe Spam? If you are using outlook as your mail client you might

Re: [SAtalk] Maybe Spam?

If you are using outlook as your mail client you might want to look at spambayes http://starship.python.net/crew/mhammond/spambayes I have been using it along with SA for several weeks and am very happy with it. Tyler Hardison wrote: I just wanted to throw an idea out there in case there might

  1   2   >