Matthew Davis said the following on 01/12/02 22:18:
* Michael Bell ([EMAIL PROTECTED]) wrote:
Agreed. I think it's worthless too. Just wanted to bring up the
topic, so we could all be prepared for newbies asking the question.
Now we have a thread to point to
Here's an example of their substan
Hi all,
Just got a message through with the following headers. The message (which
was spam) was not even processed by spamd even if log indicates it was sent
for filtering.
Can anybody help me understand what is going on here? FreeBSD/Postfix
1.1.11/SA 2.43
Thanks,
Per olof
Headers:
X-Pers
At 07:41 12/2/2002 -0500, Mike Burger wrote:
Do you have a size threshold set? I believe that 2.43 has a setting that
won't scan a message over a certain file size, and this message was around
340K. It might have been too big, and SA might have skipped it due to its
size.
On Mon, 2 Dec 2002, Pe
Michael Bell said:
> A fair statement as to what it is good for,yes. It could be used for
> bayesian body stuff - dunno how that's stacked up in your tests
> (which I notice do include most headers) - but it's pretty limited
> otherwise.
well, bayesish stuff does *much* better when it's allowed
Per olof Ljungmark said:
> Yes, as several pointed out, that was the problem. This spammer sends the
> entire catalogue as a pdf, did a spamc -s 1048576 to fix.
interestingly it was a real person sending mail from a real desktop
machine - one of those rare "one to one" spams that are hard to
tel
Daniel Quinlan said:
> > I'd really like to see a blacklist_to option somewhere, or some other
> > way of automatically tagging a given destination as indicating 99.99%
> > probable spam.
>
> Here's what I do:
>
> header LOCAL_BAD_ADDRESSEnvelope-To =~ /foo\@bar\.com/i
> describe LOCAL_
spamc by default doesn't process huge messages over 250k in size. This
message was 340k.
see man spamc:
-s max_size
Set the maximum message size which will be sent to spamd -- any
bigger than this threshold and the message will be returned
unprocessed. No
On Mon, Dec 02, 2002 at 12:23:04PM +0100, Per olof Ljungmark wrote:
> Just got a message through with the following headers. The message (which
> was spam) was not even processed by spamd even if log indicates it was sent
> for filtering.
>
> Dec 2 11:12:47 bebop postfix/qmgr[74304]: 43DB0142D7
Do you have a size threshold set? I believe that 2.43 has a setting that
won't scan a message over a certain file size, and this message was around
340K. It might have been too big, and SA might have skipped it due to its
size.
On Mon, 2 Dec 2002, Per olof Ljungmark wrote:
>
> Hi all,
>
>
I also removed the guage option and now i'm getting a flat graph...
how are you all monitoring spam activity ?
- Original Message -
From: "Thomas Hurst" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, October 13, 2002 12:35 AM
Subject: Re: [SAtalk] spamd log to mrtg
: * Jon
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hey,
Here's a tid bit of info for a problem I encountered when I 1st setup
Spamassassin that was breaking it.
What was happening from the content length mismatch no email was
being checked properly against spamd. Instead of performing a check
agains
Ok, looks like nobody responded to this, but it was a holiday weekend in
the US, so that is not too surprising..
At any rate, could you be a bit more specific about what you want to try to
do here?
SpamAssassin is not, and never has been, a database of spam messages, and
it sounds (vaguely) li
On Mon, Dec 02, 2002 at 11:46:26AM -0800, Ryan Clark wrote:
> Security Violations
> =-=-=-=-=-=-=-=-=-=
> Nov 28 05:44:11 example_server spamd[7474]: bad protocol: header
> error: (Content-length mismatch: 1255 vs. 1241)
That's an error that shouldn't be happening; something must be wrong
with y
We're running a spam quarantine so I just have procmail call a script that
just adds to a number in a text file (make sure to lock the file). I also
track the top twenty spammed addresses and "Highest Score" (Usually in the
50's). Then there is a cron job that runs that uploads the stats to a
cen
On Mon, 2 Dec 2002, Duncan Findlay wrote:
> On Mon, Dec 02, 2002 at 11:46:26AM -0800, Ryan Clark wrote:
> > Security Violations
> > =-=-=-=-=-=-=-=-=-=
> > Nov 28 05:44:11 example_server spamd[7474]: bad protocol: header
> > error: (Content-length mismatch: 1255 vs. 1241)
>
> That's an error th
| http://mark.cervarich.com/gb2312.spam.txt
| contains 3 sample spams that get by spamassassin every time.
I got scores of 10.7, 9.7 and 9.8 respectively for those three messages
using 2.43.
| Although I'd love it if someone told me how to stop this kind of spam
| using spamassassin.
All three
On Mon, Dec 02, 2002 at 11:46:38PM +1100, zenn wrote:
> I also removed the guage option and now i'm getting a flat graph...
That could mean that MRTG isn't getting numbers; by default, it will use
the last value it logged if it can't get new values.
> how are you all monitoring spam activity ?
f
Steve, the point you are missing is that my spamassassin "gives up"
before it even scores it because of the Content Length Mismatch:
Dec 2 14:02:03 ns spamd[10870]: connection from localhost [127.0.0.1] at port9497
Dec 2 14:02:03 ns spamd[10930]: info: setuid to xxx succeeded
Dec 2 14:02:03 ns
I'm sure I plastered this on the lists a while back (forgive the repost)
but...I have an e-mail toaster how-to that talks about setting up MRTG to
monitor e-mail traffic, spam counts, etc. You can check it out at:
http://www.jerfu.com/toaster
> On Mon, Dec 02, 2002 at 11:46:38PM +1100, zenn
Mark R. Cervarich said:
> On Mon, 2 Dec 2002, Duncan Findlay wrote:
>
> > On Mon, Dec 02, 2002 at 11:46:26AM -0800, Ryan Clark wrote:
> > > Security Violations
> > > =-=-=-=-=-=-=-=-=-=
> > > Nov 28 05:44:11 example_server spamd[7474]: bad protocol: header
> > > error: (Content-length mismatch: 1
Mark R. Cervarich said:
> > are you guys using Razor 2.21 or 2.22? I think that was outputting
> > some noise on STDOUT which could be breaking spamc.
>
> I just upgraded to 2.22 and now it works great!!!
> (I'm not sure which version I was running before)
OK, that's it then -- anyone else seei
On Mon, 2 Dec 2002, Justin Mason wrote:
>
> Mark R. Cervarich said:
> > On Mon, 2 Dec 2002, Duncan Findlay wrote:
> >
> > > On Mon, Dec 02, 2002 at 11:46:26AM -0800, Ryan Clark wrote:
> > > > Security Violations
> > > > =-=-=-=-=-=-=-=-=-=
> > > > Nov 28 05:44:11 example_server spamd[7474]: bad
Need to get spamassassin working system-wide with:
qmail (with the qmail-queue patch)
tcpserver
maildrop
sqwebmail (w/ vpopmail, but no virtual users)
All the docs I could find (including the archives to this list) say to use
qmail-scanner to use spamassassin with qmail. However, qmail-scanner
23 matches
Mail list logo
