Sorry that I posted my original message to razor-users. I meant to
post to spamassassin-talk. Here's the relevant discussion.
Originally I wrote:
kc> I can get procmail to work with spamassassin with this in the
kc> procmailrc file:
kc>
kc> :0fw
kc> | /usr/bin/spamassassin -P
kc>
Well I promissed it. Even if I am a couple of release too late. Below
is (for SA 2.01) a file describing the rules in French.
If one would componse a diff between version 2.01 and 2.20 I could add
the new rules.
Olivier
- file 30_text_fr.cf ---
lang fr describe 25FREEMEGS_URL Expres
Duncan Findlay wrote:
> On Wed, Mar 27, 2002 at 01:35:28PM -0800, Matthew Cline wrote:
>
>>On Wednesday 27 March 2002 01:47 am, you wrote:
>>
>>
>>>We're a £100m company (an ISP, and yes we're growing, not struggling),
>>>and SA is at the very heart of our anti-spam technology. Trust me - we
>>>w
Daniel Pittman wrote:
> On Wed, 27 Mar 2002, Matt Sergeant wrote:
>
>>Michael Moncur wrote:
>
>
> [...]
>
>
>>Anything using src=cid: should be treated very suspiciously as a
>>virus. That's what you've been sent (Either Klez or BadTrans - not
>>sure without seeing the subject of the email).
>In many ways, yes. They have a round-the-clock team watching honeypots
>for new outbreaks and updating rules accordingly. SA is much more
>retroactive than that.
Some (including me) are considering a round-the-wolrd team to satisfy
the round-the-clock problem (in other issues like intercontine
On Thursday 28 March 2002 02:12 am, Olivier Nicole wrote:
> >In many ways, yes. They have a round-the-clock team watching honeypots
> >for new outbreaks and updating rules accordingly. SA is much more
> >retroactive than that.
> Some (including me) are considering a round-the-wolrd team to satisf
Olivier Nicole wrote:
>>In many ways, yes. They have a round-the-clock team watching honeypots
>>for new outbreaks and updating rules accordingly. SA is much more
>>retroactive than that.
>
>
> Some (including me) are considering a round-the-wolrd team to satisfy
> the round-the-clock problem
> But it's not like we can do
> round-the-clock CVS checkins to spamassassin itself.
Why not? At least for the list, it would just be a matter of having a
few ppl trusted to check-in some rules.
Olviier
___
Spamassassin-talk mailing list
[EMAIL PROTE
Olivier Nicole wrote:
>>But it's not like we can do
>>round-the-clock CVS checkins to spamassassin itself.
>
>
> Why not? At least for the list, it would just be a matter of having a
> few ppl trusted to check-in some rules.
Trust me - you wouldn't want some of our engineers writing regexps th
On Thu, 28 Mar 2002, Olivier Nicole wrote:
> I don't see it as a problem of freedom of speech, but at a problem of
> pointing finger at some companies saying "those are bad guys".
>
> We know they are, but as soon as you publish their name/IP/URL there
> is a risk for you as the one pointing at t
> -Original Message-
> From: Theo Van Dinter [mailto:[EMAIL PROTECTED]]
> Sent: 27 March 2002 15:27
> To: Tony Hoyle
> Cc: 'Sidney Markowitz'; [EMAIL PROTECTED]
> Subject: Re: [SAtalk] ORBZ reborn as DSBL [Was: Freedom of Press /
> Speech / Junk Mail (yah right)]
>
>
>
> This is an open
>If push ever came to shove, these Red Lists
>could even be posted on an alternative site, to take the heat off SA and
>its developers.
Exactelly what I was saying :)
Olivier
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourcefor
Has anyone ever considered setting up a CVS site for the RULES only ?
That might be worth it... a CVS update with a script that allowed us to
rollback to a previous rule level, but all the while maintaining the
newest set of rules for the whole kit-n-kaboodle of spam/mers
-Or
http://www.bbspot.com/News/2002/03/block.html
MS don't say it, but to anyone who knows the details it's pretty obvious
they're reselling brightmail.
Fun times ahead.
Matt.
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourcefor
I think it's a joke:
"BBspot is a satirical news and comedy source and meant to be funny. If
you are easily offended, gullible or don't have a sense of humor we
suggest you go elsewhere"
Just to be safe I searched around and couldn't find any other reference
about it.
Either way, fun times ar
Hello, Tony:
For a recipent this is not an issue. For a single business/organization
it's not an issue. For an ISP who lets his accounts decide for themselves
what goes into their spools, it's not an issue.
For an ISP who filters on the MTA side rejecting email based on *his*
site-wide prefer
On Thu, Mar 28, 2002 at 11:44:50AM -, Tony Hoyle wrote:
> That's not what is says on the site:
>
> "DSBL is the Distributed Sender Boycott List, it publishes the IP addresses
> of hosts which have sent email to listme (at) dsbl (dot) org. Do not send
> email to that address, or your mail serv
Michael,
I really like the concept. I thought Outlook had limited mail filtering
ability though, namely that it could only sort by From, To, Subject, and
not additional headers. Perhaps I am thinking of outlook express.
Is there a procmail recipe that will sort spam in a users inbox (li
On Thu, 28 Mar 2002, Michael Moncur wrote:
> Here's a revised version of the procmail stuff I use to add X-message-flag
> headers with spam reports so that Outlook can view them.
According to a discussion on the procmail list, using the X-message-flag
header in this way depends on something tha
On Thu, Mar 28, 2002 at 02:01:49PM +, Matt Sergeant wrote:
> http://www.bbspot.com/News/2002/03/block.html
>
> MS don't say it, but to anyone who knows the details it's pretty obvious
> they're reselling brightmail.
>
> Fun times ahead.
You were snookered by a satire piece. For shame, doc
Scott Doty wrote:
> On Thu, Mar 28, 2002 at 02:01:49PM +, Matt Sergeant wrote:
>
>>http://www.bbspot.com/News/2002/03/block.html
>>
>>MS don't say it, but to anyone who knows the details it's pretty obvious
>>they're reselling brightmail.
>>
>>Fun times ahead.
>
>
> You were snookered by a
I use that headerchangingthingie, when I check my spam-box it helps me find
out what was tagged as spam and that AS missed.
/t
On Thu, 28 Mar 2002 the voices made Charlie Watts write:
> On Thu, 28 Mar 2002, Ian Briggs wrote:
>
> > Just to be on the safe side, though, can I suggest so
On Thu, 28 Mar 2002, Smith, Rick wrote:
> Has anyone ever considered setting up a CVS site for the RULES only ?
>
> That might be worth it... a CVS update with a script that allowed us to
> rollback to a previous rule level, but all the while maintaining the
> newest set of rules for the whole k
Why not submit for volunteers to mirror a spam DB that SA checks against once
every twelve hours. Twelve hours to me is very acceptable versus doing manual
updates when I think about it :-)
Tyler.
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
On Thu, 28 Mar 2002, Ian Briggs wrote:
> Just to be on the safe side, though, can I suggest some small
> alterations to the default tags:
> (1) Change the subject line tag from "SPAM" to "POSSIBLE UNSOLICITED
> COMMERCIAL MAIL".
Some of the spam I get is -not- *commercial* mail. Just random wei
> According to a discussion on the procmail list, using the X-message-flag
> header in this way depends on something that the server does, not just on
> using Outlook. E.g., there was mention of the message being marked as
> flagged by an IMAP server.
>
> Can you verify that X-message-flag should
Looks like some of the issues raised here are being addressed by DSBL:
http://dsbl.org/faq-help.html
Note that now it mentions a "cookie" featuring in the test mail, so they can
have some kind of "trust" of who's sending the message to listme, and two
blacklists -- One for "confirmed" sources, on
I'll throw my 2-cents in and let y'all know I have the same problem
Gene Ruebsamen wrote:
> Quoting Olivier Nicole <[EMAIL PROTECTED]>:
>
>
>>>when I run spamc < sample-spam.txt > spam.out
>>>spamc seems to work; however, when I receive an incoming mail message, I
>>
>>get
>>
>>Does it work or
> I really like the concept. I thought Outlook had limited mail filtering
> ability though, namely that it could only sort by From, To, Subject, and
> not additional headers. Perhaps I am thinking of outlook express.
Outlook 2000, at least, can sort by anything. If you include a field in a
I'm running a base debian stable box and just installed the
spamassassin yesterday via source. for some reason when I perform
an /etc/init.d/sysklogd restart on the box the spamd process dies
about 30 seconds later. Is that normal? I've tried running the
daemon in the foreground, watching the proc
http://zdnet.com.com/2100-1106-868653.html
Dan.
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
On Thu, Mar 28, 2002 at 09:08:43AM -0700, Charlie Watts wrote:
| On Thu, 28 Mar 2002, Ian Briggs wrote:
|
| > Just to be on the safe side, though, can I suggest some small
| > alterations to the default tags:
| > (1) Change the subject line tag from "SPAM" to "POSSIBLE UNSOLICITED
| > COMMERCIAL
On Thu, Mar 28, 2002 at 09:02:50AM -0600, Brian wrote:
| Is there a procmail recipe that will sort spam in a users inbox (like on
| the unix server) so that users using pine etc can have that same
| functionaality?
In the user's home directory put a .procmailrc. Include a recipe like :
:0
Ok, no it really bothers me that I can't seem to get it to work.
Let me explain what happens.
If I do a: spamassassin < [any mailfile, the sample-spam.txt for example]
evetything seems to work. The mail gets sent to my mailbox and the
"X-Spam-Status:..." is set and if its a spam, the *SPAM**
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi folks
I am trying to setup spamassassin in conjection with Exim on a spare box
that will do virus scanning and spam checking prior to forwarding the mail
onwards to the main exim setup and users.
Howver I cannot see any example of how to do this
On Thu, 2002-03-28 at 15:58, dman wrote:
> On Thu, Mar 28, 2002 at 09:08:43AM -0700, Charlie Watts wrote:
> |
> | Some of the spam I get is -not- *commercial* mail. Just random weird bulk
> | spam nonsense. And "UNSOLICITED MAIL" is shorter. :-)
> |
> | I'm curious if most SA users are using Sub
On Thu, Mar 28, 2002 at 10:04:43PM +0100, Stefan Fredriksson wrote:
> :0w
It should be :0fw
The 'f' tells procmail to filtering the mail through spamassassin. Right
now, the output goes to /dev/null.
> [ I had to remove the "f" because it messed up my From field and
> corrupted the mailbox ]
well yeah, I do that but thats not going to sort the mail in that dir. I
didn't know if there was a way for formail to open the box and re-order
the messages.
Brian
On Thu, 28 Mar 2002, dman wrote:
> On Thu, Mar 28, 2002 at 09:02:50AM -0600, Brian wrote:
>
> | Is there a procmail recipe
On Thu, 2002-03-28 at 13:05, dman wrote:
> In the user's home directory put a .procmailrc. Include a recipe like :
>
> :0
> * ^X-Spam-Flag:
> spam/
>
>
> (no lockfile used because maildir doesn't have that problem)
That works, but it's better to use the maildir program explicitly, like:
:0
*
On Thu, 28 Mar 2002, dman wrote:
> On Thu, Mar 28, 2002 at 09:08:43AM -0700, Charlie Watts wrote:
> | On Thu, 28 Mar 2002, Ian Briggs wrote:
> |
> | I'm curious if most SA users are using Subject: rewriting or not.
>
> I kinda use it. I mean, it's turned on, but I only see that subject
> when I
On Wed, Mar 27, 2002 at 10:55:43PM -0800, Craig R Hughes wrote:
> Beware of XXX-teens of all-XXX-all-the-time or something though.
>
Check out this porn?
--
Duncan Findlay
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourc
On Thu, 28 Mar 2002, Charlie Watts wrote:
> On Thu, 28 Mar 2002, Smith, Rick wrote:
>
> > Has anyone ever considered setting up a CVS site for the RULES only ?
> >
> > That might be worth it... a CVS update with a script that allowed us to
> > rollback to a previous rule level, but all the while
On Thu, Mar 28, 2002 at 04:32:40PM -0500, Theo Van Dinter wrote:
| On Thu, Mar 28, 2002 at 10:04:43PM +0100, Stefan Fredriksson wrote:
| > :0w
|
| It should be :0fw
|
| The 'f' tells procmail to filtering the mail through spamassassin. Right
| now, the output goes to /dev/null.
|
| > [ I had t
On Thu, Mar 28, 2002 at 09:16:45PM +, Sean Rima wrote:
| I am trying to setup spamassassin in conjection with Exim on a spare box
| that will do virus scanning and spam checking prior to forwarding the mail
| onwards to the main exim setup and users.
|
| Howver I cannot see any example of
On Thu, Mar 28, 2002 at 01:43:31PM -0800, Ben Jackson wrote:
| On Thu, 2002-03-28 at 13:05, dman wrote:
| > In the user's home directory put a .procmailrc. Include a recipe like :
| >
| > :0
| > * ^X-Spam-Flag:
| > spam/
| >
| >
| > (no lockfile used because maildir doesn't have that problem)
On Thu, Mar 28, 2002 at 03:34:11PM -0600, Brian wrote:
|
| well yeah, I do that but thats not going to sort the mail in that dir.
Right. It will sort new mail that arrives on procmail's stdin.
| I didn't know if there was a way for formail to open the box and
| re-order the messages.
Can I c
On Thu, Mar 28, 2002 at 04:24:46PM -0500, Jason Kohles wrote:
| On Thu, 2002-03-28 at 15:58, dman wrote:
| > On Thu, Mar 28, 2002 at 09:08:43AM -0700, Charlie Watts wrote:
| > |
| > | Some of the spam I get is -not- *commercial* mail. Just random weird bulk
| > | spam nonsense. And "UNSOLICITED M
Hi,
I'm using version 2.11 of SpamAssassin. Since I have a very low-usage
MTA, I decided to create a system-wide /etc/procmailrc file, as follows:
:0 fw
| spamassassin -P
My /etc/mail/spamassassin/local.cf looks like this:
rewrite_subject 0
report_header1
use_terse_report 1
defang_mime
On Thu, Mar 28, 2002 at 04:35:08PM -0600, Shayne Hardesty wrote:
| On Thu, 28 Mar 2002, Charlie Watts wrote:
|
| > On Thu, 28 Mar 2002, Smith, Rick wrote:
| >
| > > Has anyone ever considered setting up a CVS site for the RULES only ?
| > >
| > > That might be worth it... a CVS update with a scr
Ok, we solved the problem offlist; he added some extra logging to his
.procmailrc and it turned out to be a path-problem.
/Tony
--
Per scientiam ad libertatem. ©1999-2002 [EMAIL PROTECTED]
-- Random URL (7/10):
http://www.macslash.org/ > When http://apple.slashdot.org/ isn't enough.
-
Maybe it's me, but I detect a bit of overprotectiveness being introduced
on the list...
On Thu, Mar 28, 2002 at 01:42:13AM +, Ian Briggs wrote:
> Just to be on the safe side, though, can I suggest some small alterations
> to the default tags:
> (1) Change the subject line tag from "SPAM" to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi dman!
On Thu, 28 Mar 2002, dman wrote:
> On Thu, Mar 28, 2002 at 09:16:45PM +, Sean Rima wrote:
>
> | I am trying to setup spamassassin in conjection with Exim on a spare box
> | that will do virus scanning and spam checking prior to forwar
Minutes ago a spam arrived. SA flagged it, but the only test it
triggered was BUGGY_CGI. This explains why the GA gave it such a high
score. Merely looking at the From: and Subject: headers is enough for
me to know it is obviously spam.
From: [EMAIL PROTECTED] ()
Subject: Free Webcams
On Thursday 28 March 2002 04:10 pm, dman wrote:
> Minutes ago a spam arrived. SA flagged it, but the only test it
> triggered was BUGGY_CGI. This explains why the GA gave it such a high
> score. Merely looking at the From: and Subject: headers is enough for
> me to know it is obviously spam.
>
On Thu, Mar 28, 2002 at 04:17:34PM -0800, Matthew Cline wrote:
| On Thursday 28 March 2002 04:10 pm, dman wrote:
| > Minutes ago a spam arrived. SA flagged it, but the only test it
| > triggered was BUGGY_CGI. This explains why the GA gave it such a high
| > score. Merely looking at the From: a
Ok, you saw my post about www.agn-e.com having formmail.pl (v 1.6 no
less) on their web server. The first Recieved: header in the spam
gives webserver.agn-e.net as the hostname.
So I'm trying to exploit the script to make the site blacklist itself
at dsbl.org. I found a form on the site with t
Stefan,
> :0w
> | /home/stefan/bin/SpamAssassin/spamassassin -P -c
> /home/stefan/bin/SpamAssassin/rules
Of course you did not put a newline between -c and /home/...
And if I understand procmailrc (which I don't) if you use spamassassin
-P, then you must use a "f" in your receipt (ie, if you
Go find that script on the web and you'll see that you can make it send to any
address at all; the script will show you what values to use.
/t
PS it is possible that this is an updated version that isn't that easy, but,
hey, gotta try to find out...
On Thu, 28 Mar 2002 the voices made
For all debugging purposes, I suggest one runs spamd without the -d,
and maybe with -D to see debug information onf screen.
The running as root message is just a warning, not an error, and
should not prevent spamc/d to tag the message (it can prevent it to
create user preferences, for that purooi
> However, if I
>use telnet and try to GET or POST it, I'm told it doesn't exist.
Humm, I suspect a HTTP protocol version problem.
When you telnet, do you specify any HTTP version on the GET command?
Olivier
___
Spamassassin-talk mailing list
[EMAIL
On Fri, Mar 29, 2002 at 10:13:59AM +0700, Olivier Nicole wrote:
| > However, if I
| >use telnet and try to GET or POST it, I'm told it doesn't exist.
|
| Humm, I suspect a HTTP protocol version problem.
Could be. I might have to use a real http library instead of a raw
socket.
| When you telne
On Thu, 28 Mar 2002 08:35:38 +0700 (ICT)
"Olivier Nicole" <[EMAIL PROTECTED]> wrote:
> But for many CEO's who have been in business all their life, something
> you are not paying for has no value. And the more you are paying, the
> best it is supposed to be.
Sad but true. If it cost money it MUS
On Fri, Mar 29, 2002 at 03:56:25AM +0100, Tony L. Svanstrom wrote:
|
| Go find that script on the web and you'll see that you can make it
| send to any address at all; the script will show you what values to
| use.
Precisely. But if the httpd gives back a 404, you can't do anything
with it.
|
On Fri, Mar 29, 2002 at 10:13:59AM +0700, Olivier Nicole wrote:
> > However, if I
> >use telnet and try to GET or POST it, I'm told it doesn't exist.
>
> Humm, I suspect a HTTP protocol version problem.
> When you telnet, do you specify any HTTP version on the GET command?
I did a quick search a
> So I'm trying to exploit the script to make the site blacklist itself
> at dsbl.org. I found a form on the site with the action as
> "/cgi-bin/formmail.cgi". If I use 'wget' on that full URL, I get a
> web page back that says "formmail 1.6 by Matt Wright". However, if I
> use telnet and try t
I have:
VERBOSE=yes
LOGABSTRACT=all
LOGFILE=/var/log/procmail/procmaillog.`date +%m-%d-%y`
:0fw
| spamc -u $LOGNAME
in my /etc/procmailrc file and then this in my main procmail log:
procmail: Executing "spamc,-u,{user_name}"
procmail: [8286] Thu Mar 28 22:58:05 2002
procmail: Assigning
"PATH=/
On Thu, Mar 28, 2002 at 08:57:12PM -0700, Michael Moncur wrote:
> If anyone's worried about legal action against SpamAssassin, this is probably
> just the sort of post that we should keep off this list...
Why? This isn't SA trying to send mail through the server? It's not even an
exploit since
oh yeah, and this in my main log when the mailbox is accessed:
Mar 28 22:58:55 bacon imapd[8163]: Fatal mailbox error user={user_name}
host={a_host} [{an_ip}] mbx=/var/spool/mail/{user_name}: Unexpected changes to
mailbox (try restarting): Return-Path: I have:
>
> VERBOSE=yes
> LOGABSTRACT=al
The Governor of Florida, a spammer? I wonder if that's against the law
there...
http://www.sptimes.com/2002/03/28/State/Bush_side_scores_McBr.shtml
--
http://www.pricegrabber.com | Dog is my co-pilot.
__
"dman" <[EMAIL PROTECTED]> said:
> So I'm trying to exploit the script to make the site blacklist
> itself at dsbl.org. I found a form on the site with the action
> as "/cgi-bin/formmail.cgi".
It's easy enough to find the details of the exploits of formmail.cgi version 1.9 and
less using a Googl
On Thu, 28 Mar 2002, Matt Sergeant wrote:
> Daniel Pittman wrote:
>> On Wed, 27 Mar 2002, Matt Sergeant wrote:
>>
>>>Michael Moncur wrote:
>> [...]
>>
>>>Anything using src=cid: should be treated very suspiciously as a
>>>virus. That's what you've been sent (Either Klez or BadTrans - not
>>>sure w
> (I don't know HTTP that well, just enough to issue a v1.0 GET
Try:
telnet www.agn-e.com 80
GET /cgi-bin/formmail.cgi 80
Host: www.agn-e.com
It works. (took me some time to figure out the syntax of the Host:
header and it is not documented)
Olivier
__
goh yeah, and this in my main log when the mailbox is accessed:
>
> Mar 28 22:58:55 bacon imapd[8163]: Fatal mailbox error user={user_name}
> host={a_host} [{an_ip}] mbx=/var/spool/mail/{user_name}: Unexpected changes to
> mailbox (try restarting): Return-Path: Jeffrey J. Bacon wrote:
> > I ha
On Fri, Mar 29, 2002 at 02:01:56PM +0700, Olivier Nicole wrote:
| > (I don't know HTTP that well, just enough to issue a v1.0 GET
|
| Try:
|
| telnet www.agn-e.com 80
| GET /cgi-bin/formmail.cgi 80
| Host: www.agn-e.com
|
| It works.
Cool, it does.
| (took me some time to figure out the synt
74 matches
Mail list logo
