On Tue, Oct 14, 2003 at 03:25:14PM -0500, David B Funk wrote:
> 2) Virus/worm hijacked PCs. We're seeing lots of PCs on cable modems
> that have "remote control" trojan/worms on them that are being
> used by spammers as open proxies (for both SMTP & HTTP).
> So you may be able to
On Tue, 14 Oct 2003, Chris Santerre wrote:
> OK, you all know I got the nasty email. You all know that my 'evilrules' has
> to do with spam hosts. The ones that host the images. Well this seems to be
> the way to attack the spammers.
>
[snip..]
> Since many spammers are resorting to image spam, I
On Tue, 14 Oct 2003, Colin A. Bartlett wrote:
> If we start putting the squeeze on the image hosts, do you think that
> spammers will then just start to embed the images within their email?
> Certainly the bandwidth requirements become more costly then, but it doesn't
> seem like that would be a ha
Chris Santerre Sent: Tuesday, October 14, 2003 2:09 PM
> OK, you all know I got the nasty email. You all know that my 'evilrules'
has
> to do with spam hosts. The ones that host the images. Well this seems to
be
> the way to attack the spammers.
If we start putting the squeeze on the image hosts,
At 11:15 AM 8/28/2003 -0500, David Dyer-Bennet wrote:
I seem to be looking incoming spam up in razor okay (I sometimes see
hits on those rules in the reports). But when I send a spam into
spamassassin --report, I always get an error that it was "unable" to
report to Razor. In debug mode it's stil
Hello,
On Thursday 21 August 2003 16:42, Landy wrote:
> [EMAIL PROTECTED]:~> spamassassin -r < Mail/virustrack
> razor2 report failed: No such file or directory Razor2 report requires
> authentication at
> /usr/lib/perl5/site_perl/5.8.0/Mail/SpamAssassin/Reporter.pm line 99.
> Warning, unable to
> You can create the configuration directory with automatically generated user
> ID / password by using 'razor-admin -create' under the same user ID that you
> also use for 'spamassassin -r'.
thanks
---
This SF.net email is sponsored by:
On Wed, Aug 20, 2003 at 04:49:00AM +0300, landy wrote:
> where do i report ips that send spam
To the connection provider that has control over the IP.
Use the whois tool to determine that. Whois info isn't
always up-to-date (also take a look at abuse.net), reporting
the IP where spam was sent mig
At 00:17 28/07/2003 -0600, Chad Leigh -- Shire.Net LLC wrote:
On Monday, Jul 28, 2003, at 00:03 US/Mountain, Justin Mason wrote:
Chad Leigh -- Shire.Net LLC writes:
On Friday, Jul 25, 2003, at 12:55 US/Mountain, Justin Mason wrote:
However, I have heard that spamcop's reporting tool will do a de
On Monday, Jul 28, 2003, at 00:03 US/Mountain, Justin Mason wrote:
Chad Leigh -- Shire.Net LLC writes:
On Friday, Jul 25, 2003, at 12:55 US/Mountain, Justin Mason wrote:
However, I have heard that spamcop's reporting tool will do a decent
job of it;
Not in my experience. We got blacklisted becau
Chad Leigh -- Shire.Net LLC writes:
> On Friday, Jul 25, 2003, at 12:55 US/Mountain, Justin Mason wrote:
>
> > However, I have heard that spamcop's reporting tool will do a decent
> > job of it;
>
> Not in my experience. We got blacklisted because a user on one of our
> mailing lists got infect
Justin Mason writes:
[...autoreporting]
Whoa -- that's a 2 day delay on posts to the SpamAssassin-talk list.
not good :(
--j.
---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Fo
On Friday, Jul 25, 2003, at 12:55 US/Mountain, Justin Mason wrote:
However, I have heard that spamcop's reporting tool will do a decent
job
of it;
Not in my experience. We got blacklisted because a user on one of our
mailing lists got infected with a virus that sent something that got
tagged a
AFAIK, this is what a spamcop report does.
With the bonus that the spam source might be added to spamcop's RBL.
IMO, it would be a good addition to sa to have spamassassin -R report
to spamcop too. (Maybe a Net::Spam::Spamcop.pm would help ;)
[]'s
Raul Dias
Em Sex, 2003-07-25 às 13:50, [EMAIL
Matt Kettler writes:
>That and SA might not be able to accurately determine what IP needs to be
>reported.. (ie: is your first MX the most recent, or the second most recent
>received: line? is one of them forged to make it appear that a message went
>to your secondary MX, then to the primary an
At 12:24 PM 7/25/2003 -0500, mikea wrote:
Bad idea, I think.
Certainly you should not mail the whois contacts using an automated
tool, and I think it is not entirely wise to mail other mailboxes
using such a tool if there is no human in the loop.
Well, this part of your argument against it is so
double traffic. eek. didn't think of that.
since it would be a sitewide application though, it could just run
nightly and report cumulative amounts.
the real thing that i want to accomplish, is alerting bandwidth
providers of the activity.
whether its an abusive customer or an insecure box
On Fri, Jul 25, 2003 at 12:50:02PM -0400, [EMAIL PROTECTED] wrote:
> i dont know how useful this would be, but i was thinking of a spam
> reporting tool that did the following:
> sends a message to root/webmaster/whatever of the mailing ip
> traceroutes the ip, and finds the location f
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
If most spam comes from a few servers... wouldn't this create a massive
DOS against those servers? Then again... that would stop spam wouldn't
it?
One problem I see with the approach is that it would double the traffic on
the web.
One thing I lik
On Thu, Jun 12, 2003 at 08:54:35AM -0400, Charles wrote:
> From: "Pamela lloyd" <[EMAIL PROTECTED]>
> Date: Wed, 11, Jun 2003 22:11:37 +
> To: [EMAIL PROTECTED]
> Subject: Assistance
> MIME-Version: 1.0
> Content-Type: text/plain
> X-Spam-Index: 1055362464
> X-Spam-Status: Yes, hits=12.9 required=
> Sorry, what's the purpose of that?
>
>
> Kai
Probably to let us all know that SpamAssasin works just fine :-)
Other than that, I'm not sure *grins*
Benjamin
---
This SF.NET email is sponsored by: eBay
Great deals on office technology --
Sorry, what's the purpose of that?
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
IE-Center: http://ie5.de & http://msie.winware.org
---
This SF.NET email is sponsored by: eBay
G
Theo Van Dinter wrote on Sat, 31 May 2003 15:56:26 -0400:
> http://www.kluge.net/~felicity/random/handlespam.txt
>
Thanks, I found it and the other scripts in that directory.
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
IE-Center:
On Sun, Jun 01, 2003 at 10:52:56AM +0100, Chris Evans wrote:
> to something like:
> my $fromAddr = [EMAIL PROTECTED];# what address for reporting
>
> Crude but would probably work for me.
That's the message header From, not the envelope From. Completely different.
> could be added to the bl
On Thu, May 29, 2003 at 11:49:05PM +0100, Jim Ford wrote:
> reports (to [EMAIL PROTECTED]) are getting bounced with the error 'Domain of
> sender address does not exist', with my own local 'domain' and login name
> quoted. I suspect this is a sendmail issue and as I don't have a clue how to
> fix i
On Sat, May 31, 2003 at 05:31:32PM +0200, Kai Schaetzl wrote:
> can you give a URL? I must have overlooked it getting mentioned anywhere.
I usually mention it on the list occasionally.
http://www.kluge.net/~felicity/random/handlespam.txt
Basically it'll take an mbox file and run each message thr
Jim Ford wrote on Thu, 29 May 2003 23:49:05 +0100:
> Theo Van Dinter's Handlespam
>
can you give a URL? I must have overlooked it getting mentioned anywhere.
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
IE-Center: http://ie5.de & h
> "JB" == Johan Barelds <[EMAIL PROTECTED]> writes:
JB> Hi all,
JB> I want to *automaticly* report every spam message found with razor.
JB> As i understood the way to do it is by the command "spamassassin -r <
JB> spammail".
This is a *VERY BAD IDEA*. You *will* end up reporting some mailin
Right...if you want to batch report, use "razor-report".
On Wed, 18 Dec 2002, Theo Van Dinter wrote:
> On Tue, Dec 17, 2002 at 09:10:23PM -0800, Jerry Gaiser wrote:
> > Currently all my spam messages are being dumped into a single file. Can
> > I report spam to razor by passing the whole spam fil
On Tue, Dec 17, 2002 at 09:10:23PM -0800, Jerry Gaiser wrote:
> Currently all my spam messages are being dumped into a single file. Can
> I report spam to razor by passing the whole spam file - i.e.
> 'spamassassin -r < wholefile' or do I need to break out each spam email?
It only accepts a single
Additional question on 'spamassassin -r'
Currently all my spam messages are being dumped into a single file. Can
I report spam to razor by passing the whole spam file - i.e.
'spamassassin -r < wholefile' or do I need to break out each spam email?
--
Jerry Gaiser in North Plains, Oregon USA (Zone
I actually asked the same question a while ago.
I got an answer, but decided it was not really a good idea. The problem
is that you might wind up reporting false positives, instead.
The best idea is to send any found spam to a separate file, go through it
to delete any false positives, and the
On Wed, Dec 18, 2002 at 05:19:48AM +0100, Johan Barelds wrote:
> I want to *automaticly* report every spam message found with razor.
> As i understood the way to do it is by the command "spamassassin -r <
> spammail".
Please please please, DON'T DO THIS! There've been very lengthy threads
about
[EMAIL PROTECTED] said:
> Could someone remind me where I can report FPs to? These would be
> messages scored over 5 that aren't spam. I had an interesting one last
> night. :)
batch them up, then mail a mbox-format file, compressed, to me.
Ditto for FNs, if you're bothered.
Please don't both
nesday, July 24, 2002 9:30 AM
|To: Olivier Nicole
|Cc: [EMAIL PROTECTED]
|Subject: RE: [SAtalk] Reporting
|
|
|Olivier:
|Looked at your Procmail script
|What comes before the recipe:
|
|:0fwE
|| /usr/local/bin/spamc -u $LOGNAME
|
|The "E" flag says run of preceding recipe condition
s Procmail not natively handle this correctly?
<>
|-Original Message-
|From: Olivier Nicole [mailto:[EMAIL PROTECTED]]
|Sent: Tuesday, July 23, 2002 8:44 PM
|To: [EMAIL PROTECTED]
|Cc: [EMAIL PROTECTED]
|Subject: Re: [SAtalk] Reporting
|
|
|>I currently have spam being fi
>I currently have spam being filtered for about 50 users via spamd.
>Works perfectly! However, is there anyone out there providing reports
>to their users about what was filetered? Maybe just something like
>date/time, From, and subject?
Yup! You can check: http://www.cs.ait.ac.th/laboratory/em
Actually, I sort the spam to another mail folder, but they do not see
it. I ran in a testing mode with simple ***spam*** tagging on their
mail for 3 months with very few errors (99.2% accuracy).
My goal is to provide them with a listing of the mail that was sorted
to another folder. This wou
On Tue, 23 Jul 2002 the voices made Joel Epstein write:
> I currently have spam being filtered for about 50 users via spamd.
> Works perfectly! However, is there anyone out there providing reports
> to their users about what was filetered? Maybe just something like
> date/time, From, and subjec
Jim Scott wrote:
JS> 1. Since I am now using spamassassin and it is now putting all the messages
JS> tagged as spam in a folder called caught spam. How can I then use the
JS> spamassassin -r to report all messages in that mbox file? I assume that if I
JS> use spamassassin -r < caughtspam it will
On Tue, Apr 16, 2002 at 08:09:41AM -0500, dman wrote:
> Configure your mailserver to not filter those messages through SA.
> That's the only way to do it reliably because, as Craig said, any
> other means of determining the source of a message can easily be
> forged.
Indeed. The next release of Q
> CW> And conversely, it would be nice if SA would assume that e-mails coming
> CW> from your own mailserver were not spam. Many of my majordomo subscription
> CW> messages are being marked as spam (not too big an issue since we're moving
> CW> to mailman at some point).
>
> Not wise -- spammers
On Mon, Apr 15, 2002 at 01:48:56PM -0700, Chuck Wolber wrote:
|
|
| > > 2. Although SA seems to be doing a good job, a few spam still get
| > > through every day. I've been reporting these to spamcop all along,
| > > but is there anywhere else I should be reporting them?
|
| And conversely, it
Chuck Wolber wrote:
CW> And conversely, it would be nice if SA would assume that e-mails coming
CW> from your own mailserver were not spam. Many of my majordomo subscription
CW> messages are being marked as spam (not too big an issue since we're moving
CW> to mailman at some point).
Not wise --
> > 2. Although SA seems to be doing a good job, a few spam still get
> > through every day. I've been reporting these to spamcop all along,
> > but is there anywhere else I should be reporting them?
And conversely, it would be nice if SA would assume that e-mails coming
from your own mailser
On Sat, Apr 13, 2002 at 06:51:35AM +0200, Tony L. Svanstrom wrote:
> Just to point out the blatantly obvious to most, nobody should use
> this system-wide without changing the lines to include some simple
> rudimentary per-user password... unless you want one user to be
> able to cause another use
> :0
> * ^Subject: user_prefs update
> * !^X-Loop: ${USER}@domain.com
> * !^FROM_DAEMON
> {
> :0bc:
> | mv -f $USERPREFS $USERPREFS.old && cat - > $USERPREFS
>
> :0fhW
> | formail -I "Subject: user_prefs retrieve"
> }
Just to point out the blatantly obvious to most, nobod
On Fri, 12 Apr 2002 the voices made Theo Van Dinter write:
> Ok, here's the version I just put in place at work. It seems to work
> from the tests I've run, but let me know if it needs any work. :)
Wouldn't hurt to add some security before we all start updating your files...
:-)
/Tony
On Fri, Apr 12, 2002 at 04:48:55PM -0400, Theo Van Dinter wrote:
> Not really a SpamAssassin issue, but ... The procmailex man page has
> half of this for the most part:
>
> I should probably write up a proper version of this for work -- SA is
> installed, but there's no access to the home direc
On Fri, 12 Apr 2002, Adam Rice wrote:
>
> 2. Although SA seems to be doing a good job, a few spam still get
> through every day. I've been reporting these to spamcop all along,
> but is there anywhere else I should be reporting them?
i also really would like to have an easy automated way to rep
On Fri, 12 Apr 2002, Theo Van Dinter wrote:
> :0b
> * ^Subject: user_prefs update
> * !^X-Loop: [EMAIL PROTECTED]
> * !^FROM_DAEMON
> | mv -f $USERPREFS $USERPREFS.old && cat - > $USERPREFS
That recipe should be using a local lock file, e.g.
:0b: $USERPREFS.$LOCKEXT
_
On Fri, Apr 12, 2002 at 03:13:31PM -0500, Adam Rice wrote:
> 1. More a suggestion than question: As an end-user, it would be nice
> if I could add to my user_prefs file by sending myself an e-mail
> message that got munched by procmail. Perhaps something with a
> subject line consisting of "spa
On Tue, Mar 26, 2002 at 10:31:00PM -0600, dman wrote:
> On Wed, Mar 27, 2002 at 04:25:42AM +0100, martin f krafft wrote:
> | [please keep cc'ing me on replies]
> |
> | also sprach Duncan Findlay <[EMAIL PROTECTED]> [2002.03.26.2358 +0100]:
> | > Report a Debian bug or a bugzilla bug (http://bugzi
On Wed, Mar 27, 2002 at 04:25:42AM +0100, martin f krafft wrote:
| [please keep cc'ing me on replies]
|
| also sprach Duncan Findlay <[EMAIL PROTECTED]> [2002.03.26.2358 +0100]:
| > Report a Debian bug or a bugzilla bug (http://bugzilla.spamassassin.org),
| > and I'll definitely look into it. Ple
[please keep cc'ing me on replies]
also sprach Duncan Findlay <[EMAIL PROTECTED]> [2002.03.26.2358 +0100]:
> Report a Debian bug or a bugzilla bug (http://bugzilla.spamassassin.org),
> and I'll definitely look into it. Please be sure to include the version of
> Razor you are using.
yeeehaa, razo
Report a Debian bug or a bugzilla bug (http://bugzilla.spamassassin.org),
and I'll definitely look into it. Please be sure to include the version of
Razor you are using.
On Tue, Mar 26, 2002 at 12:59:41PM +0100, martin f krafft wrote:
> to test this, i saved two spam messages, one with spamassass
Ok, I just patched spamd (not yet in CVS but will be in minutes) to log
some extra info -- now it'll dump not just whether each message is spam,
but also the score and threshold. It should henceforth be trivial to
just parse the log files to extract how messages were scored, even
broken down
Sorry for the typo...
I meant to say: "I can get that with the -t option"
Matt said:
> Aha.
>
> I cant get that with the spamassassin -t option.
>
> However, Im using MailScanner to call SpamAssassin. Alas, there is no
> way for the X-Spam-Status header to appear in the email. The only time
Aha.
I cant get that with the spamassassin -t option.
However, Im using MailScanner to call SpamAssassin. Alas, there is no way
for the X-Spam-Status header to appear in the email. The only time the
hits number shows up is if the "required level" is reached.
So there is no way to track these
Aha.
I cant get that with the spamassassin -t option.
However, Im using MailScanner to call SpamAssassin. Alas, there is no way
for the X-Spam-Status header to appear in the email. The only time the
hits number shows up is if the "required level" is reached.
So there is no way to track these
On Fri, Feb 22, 2002 at 04:52:00PM -0500, Matt wrote:
> Does Spam Assassin report the score (in the email or maillog) even if the
> message is not tagged as spam?
It's in the message. Non-spam, such as the message I'm responding to, has a
X-Spam-Status line as such:
X-Spam-Status: No, hits=-2.0
Question:
Does Spam Assassin report the score (in the email or maillog) even if the
message is not tagged as spam?
Im using MailScanner to call Spam Assassin and I only see the score if it
is reported as a spam message.
Theo Van Dinter said:
> On Fri, Feb 22, 2002 at 03:18:54PM -0600, Mark Ro
On Fri, Feb 22, 2002 at 03:18:54PM -0600, Mark Roedel wrote:
> One of these days I'll get annoyed enough with it to write something
> more elegant in Perl to do the same thing in a single pass through the
> logfile, but for now it gets the job done.
I spent a few minutes this afternoon writing up
> -Original Message-
> From: Joel Epstein [mailto:[EMAIL PROTECTED]]
> Sent: Friday, February 22, 2002 12:30 PM
> To: [EMAIL PROTECTED]
> Subject: [SAtalk] Reporting
>
>
> Are there any reporting features built into or supplied with
> SA? While I have no issue writing them myself, I w
Doh! Yes of course -- I forgot about adding info to the report. I'll
do that now.
C
On Thu, 2002-02-21 at 02:16, Michael Moncur wrote:
> I've just been toying with the new auto-whitelist and was convinced it wasn't
> working for a while because the spam reporting is a bit confusing. Case in
>
dman said:
> Do you want the SA tags stripped first?
> IOW, should I use
>
> "spamassassin -d | /usr/sbin/exim SpamAssassin-sightings@lists.
> sf.net"
this is best, FWIW.
--j.
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourc
On Tue, Jan 29, 2002 at 03:36:06PM +1100, Justin Mason wrote:
|
| Daniel Pittman said:
|
| > Hi. I noticed on the website for SpamAssassin, which is a very nice
| > tool, that there is a mailing list for SPAM that was not caught to be
| > sent to for analysis.
| > What I am not sure of is how,
> ''bounce'' or ''redistribute'' it, as forwards are very hard to
> de-forward-ize -- the format is different for each MUA :(
Wouldn't it be easy to set up something that would process mail that is
forwarded as a MIME attachment? That preserves the headers even better
than bouncing and is someth
Daniel Pittman said:
> Hi. I noticed on the website for SpamAssassin, which is a very nice
> tool, that there is a mailing list for SPAM that was not caught to be
> sent to for analysis.
> What I am not sure of is how, exactly, I should be forwarding this mail.
''bounce'' or ''redistribute'' i
On Tue, Jan 29, 2002 at 10:44:38AM +1100, Daniel Pittman wrote:
> What I am not sure of is how, exactly, I should be forwarding this mail.
>
> Do I send it as an RFC 822 attachment or what?
I subscribed to the list for about 2 hours, figuring that it would be about
heuristics to better find like
On Sat, 2002-01-26 at 21:01, Gene Ruebsamen wrote:
> The users on my mail server are accessing their e-mail remotely via IMAP
> or POP3 using an MUA such as Evolution or Outlook. Now, has anyone
> figured out a way to report spam via a remote MUA? It would involve
> running spammassasin -r remot
71 matches
Mail list logo
