At 15:34 -0700 26/06/03, Will Yardley wrote:
> That's why my question might be an easy one: I would like
spamassassin to ignore mail that was already checked (based on the
X-Spam header for example). I went through the different cf files
without finding anything.
Is there a configuration opti
Benjamin A. Shelton wrote on Sat, 28 Jun 2003 16:29:37 -0600:
> Personally, I have a real problem with someone complaining about *free*
> software, but from my experience, those who pay the least tend to
> complain the loudest.
It's not complaints about free software, it's complaints about a se
Steve Phariss wrote on Sat, 28 Jun 2003 23:00:50 -0700:
> http://www.domainsforpeople.com
>
Since they seem to be holding on for this name, I use this test for them:
body SPAM_URL_11 /domainsforpeople/i
score SPAM_URL_11 100.0
I also have a much less agressive scoring for this test:
u
On Sat, Jun 28, 2003 at 04:29:37PM -0600, Benjamin A. Shelton wrote:
> That's exactly what I was concerned about, Tony: Where does it stop?
The real poblem will be: 'it never stops'. As long as people do
react irrationally on rational Questions and as long as the
'what I avoid to see can't anger
Somehow that seems really complex. Perhaps there could be an option not to
display the rule names at all, just the descriptions, which can easily be
overridden in local.cf. That way users aren't bothered with the technical
stuff at all, and you can get it to display whatever you want. (This is w
This one got through, but I wonder if "Serious Candidates Only" should be
given some points.
Thanks
Steve
From - Sun Jun 29 11:00:12 2003
X-Mozilla-Status: 0001
X-Mozilla-Status2:
Return-Path: <[EMAIL PROTECTED]>
Received: from si64719.com ([218.52.79.31])
by home.geekster.com (8.12.1/8.1
On Fri, 2003-06-27 at 23:41, Ernest W. Lessenger wrote:
> At 03:14 PM 6/27/2003 -0600, you wrote:
> > > I'd like to appeal to the SA collective to change the name of the
> > > PENIS_ENLARGE tests to something a little more innocuous. Apparently
> >
> >Your company could always ask for a refund...
>
On Sun, 2003-06-29 at 11:36, Chr. von Stuckrad wrote:
> On Sat, Jun 28, 2003 at 04:29:37PM -0600, Benjamin A. Shelton wrote:
> > That's exactly what I was concerned about, Tony: Where does it stop?
>
> The real poblem will be: 'it never stops'. As long as people do
> react irrationally on ration
>This one got through, but I wonder if "Serious Candidates Only" should be
>given some points.
I just give HTML-only mail like 200 points.
---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Port
I know this isn't a new thing necessarily in the internet world, but its
new for me. Lately in the past week I've gotten 3 or 4 bounces that came
from spammers. Apparently they set it up so that a legit (or maybe not
legit) mail server bounces back the full email to the recipients. This is
ge
On Sun, 29 Jun 2003 11:50:59 -0400, you wrote:
>I know this isn't a new thing necessarily in the internet world, but its
>new for me. Lately in the past week I've gotten 3 or 4 bounces that came
>from spammers. Apparently they set it up so that a legit (or maybe not
>legit) mail server bounces
Aside from the known "Invalid Date" errors, I'm
getting the following on a Mandrake 9.0 system:
t/spamd_utf8 Not
found: flag = X-Spam-Flag: YES# Failed test 2 in t/SATest.pm at line
367 Not found: status =
X-Spam-Status: Yes, hits=# Failed test 3 in t/SATest.pm
And it seems that the provider (a
University?) either didn't explain what's going on or didn't get thru to
them, so he forwarded the request to this list instead of wondering if this
is really something worthwhile and productive to ask for. I guess it would
make a could starter for a discussi
I have seen the same stuff..
Almost all of the bounces are coming fron ISP's
that never would allow SPAM..
/Sqm
> I know this isn't a new thing necessarily in the internet world, but its
> new for me. Lately in the past week I've gotten 3 or 4 bounces that came
> from spammers. Apparently the
The email you included ins't spam, its SOBIG.e.
Jerry
http://www.syslog.org
- Original Message -
From: "Michael Long" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, June 29, 2003 11:50 AM
Subject: [SAtalk] Spammers using bounces and encoding
I know this isn't a new thing nece
I am new to spamassassin, and tried to figure this out by myself, but
unfortunately failed.
I am trying to use spamassassin with razor enabled, but running
spamassassin -tD < sample-spam.txt always shows:
debug: Razor2 is available
debug: Razor2 is available
debug: entering helper-app run mode
ra
I
am new to spamassassin, and tried to figure this out
by myself, but unfortunately failed.
I
am trying to use spamassassin with razor enabled, but
running spamassassin -tD
< sample-spam.txt always shows:
debug:
Razor2 is available
debug:
Razor2 is available
debug:
entering helper
In my case i have seen aprox 5000 bounces from mailservers
around the world during the last week bouncing back to my mailserver..
The sending address in the mail that bounced is still
<[EMAIL PROTECTED]> where "someuser" changes all the time..
"someuser" does not exist at all..
Would that still h
Anyone know what Spamassassin is testing to trip the BUGGY_CGI sensor?
Is there a web site that lists the tests of each of the default
settings? I could only find lists of the default scores and descriptions
(even on the spamassasin.org site).
The message I get is:
BUGGY_CGI (2.8 points)
SOBIG.e has been very very active, so the volume wouldn't suprise me. There
hasn't been much released about how it chooses its recipients and senders,
but the concensus is that at least the sender is randomly constructed from
parts of email addresses it collects. The attachement name is what real
Kai,
I would put the tests in local.cf right? I am running non-root user.
steve
- Original Message -
From: "Kai Schaetzl" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, June 29, 2003 3:31 AM
Subject: Re: [SAtalk] New Domain spam
> Steve Phariss wrote on Sat, 28 Jun 2003 2
At Sun Jun 29 20:17:50 2003, Spam Sucks wrote:
>
> Anyone know what Spamassassin is testing to trip the BUGGY_CGI sensor?
> Is there a web site that lists the tests of each of the default
I find it easiest to simply look in the source code.
> settings? I could only find lists of the default scor
Hi all,
I've been running 2.60-pr1 since this morning (thanks to Theo for his
speedy assistance with a Perl 5.005-related bug). I've noticed that
nearly all the spams I've had so far have come up with BAYES_99 and
that the probability is given as 1.000.
With 2.55 I didn't get BAYES_99 as often (
At 12:17 PM 6/29/03 -0700, Spam Sucks wrote:
Anyone know what Spamassassin is testing to trip the BUGGY_CGI sensor?
Is there a web site that lists the tests of each of the default
settings? I could only find lists of the default scores and descriptions
(even on the spamassasin.org site).
The messag
Or in ~/.spamassassin/user_prefs
--
Thomas Cameron, RHCE, CNE, MCSE, MCT
Cameron Technical Services, Inc.
http://www.camerontech.com/
(512) 454-3200
- Original Message -
From: "Steve Phariss" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, June 29, 2003 2:18 PM
Subject: Re: [SAta
Spam Sucks wrote on Sun, 29 Jun 2003 12:17:50 -0700:
> I am using a very simple and standard FormMail form on my website and
> forms sent to me from my own web site are getting marked as spam!
>
You shouldn't use that one! Really.
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive
Steve Phariss wrote on Sun, 29 Jun 2003 12:18:44 -0700:
> I would put the tests in local.cf right? I am running non-root user.
>
Yes, if that is readable by that user.
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
IE-Center: http:
At 09:53 27/06/03 -0400, Matt Kettler wrote:
At 11:27 AM 6/27/03 +1200, Simon Byrnand wrote:
Shouldn't it be possible to simply check for the presence of spamassassin
markup before calling it a second time ??
No, because that's easily abused by spammers.. all they have to do is add
a spamassassin
Hi,
On Sun, 29 Jun 2003 12:17:50 -0700 "Spam Sucks" <[EMAIL PROTECTED]>
wrote:
> Anyone know what Spamassassin is testing to trip the BUGGY_CGI sensor?
> Is there a web site that lists the tests of each of the default
> settings? I could only find lists of the default scores and descriptions
> (e
Then what should I be using? The latest FormMail from Matt's script
archive is not an open relay when properly configured (which it is).
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kai
Schaetzl
Sent: Sunday, June 29, 2003 2:31 PM
To: [EMAIL PROTECTED]
At 12:10 27/06/03 -0500, Steve Halligan wrote:
People, please configure your virus scanners not to reply to the sender.
Most viri these days are spoofing the sender anyway.
-steve
I was just thinking about sending a complaint (not a nasty one) to the
postmaster address of each of these rampant vir
At 13:59 27/06/03 -0400, Theo Van Dinter wrote:
On Fri, Jun 27, 2003 at 05:31:23PM +0200, Kai Schaetzl wrote:
> Then I went to http://spamassassin.org/devel/ to get the new PR-1 release,
> since I couldn't get any CVS stuff and saw that there's now a file which
> seems to be the final. Downloaded,
Or is it a pork- (pig) based wholesome non-kosher non-halal goody?
I didn't visit the sit yet. But Sylvie seems sweet to me. I never
solicited her attention - but the latter seems honorable. Like the
"let's all not eat dogs" site from the Philippines a while ago, which
one of us regarded as bei
Hi,
On Fri, 27 Jun 2003 17:47:01 -0700 Patrick Murphy <[EMAIL PROTECTED]> wrote:
> I am a new subscriber. I am attempting to setup SpamAssassin running on
> Solaris 8 with sendmail ( 8.1.2 I think ). Does anyone know of a good
> reference site or paper that describes or walks through the process
Thanks Bob! You read my mind!
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mad
Martian
Sent: Sunday, June 29, 2003 3:00 PM
To: [EMAIL PROTECTED]
Subject: RE: [SAtalk] BUGGY_CGI?
Then what should I be using? The latest FormMail from Matt's script
archi
Ok, I switched to NMS FormMail version 3.08c1 and I get the same
BUGGY_CGI result. Is there some configuration I need to tweak? Here are
my variables:
$DEBUGGING = 1;
$emulate_matts_code= 0;
$secure= 1;
$allow_empty_ref = 1;
$max_recipients= 5;
$mailprog
Good news - my server admin added allow_user_rules to the local.cf file
(I don't have access) and my rules now work (from user_prefs). Now I
just have to solve that darn buggy_cgi thing.
Thanks,
-Mike
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Matt
On Mon, Jun 30, 2003 at 10:05:30AM +1200, Simon Byrnand wrote:
> Ah good...so maybe there is still time to look at the false positives with
> Outlook netfolder updates ? :)
sorry. we're past the rule change time. just bug fixes now.
--
Randomly Generated Tagline:
"You ripped his arm off.
Ye
Date: Mon, 30 Jun 2003 11:17:25 +1200
To: Theo Van Dinter <[EMAIL PROTECTED]>
From: Simon Byrnand <[EMAIL PROTECTED]>
Subject: Re: [SAtalk] 2.60 final and CVS
Cc: [EMAIL PROTECTED]
At 19:08 29/06/03 -0400, Theo Van Dinter wrote:
On Mon, Jun 30, 2003 at 10:05:30AM +1200, Simon Byrnand wrote:
> Ah g
At 19:08 29/06/03 -0400, Theo Van Dinter wrote:
On Mon, Jun 30, 2003 at 10:05:30AM
+1200, Simon Byrnand wrote:
> Ah good...so maybe there is still time to look at the false
positives with
> Outlook netfolder updates ? :)
sorry. we're past the rule change time. just bug fixes
now.
:-(
Pity...
While I'm waiting for procmail mailing list posting privileges or
something, I might as well ask here.
Might I combine this .procmailrc,
:0:
* ^X-Spamdealer-Status: Big
Mail/big-possible-spam/
:0:
* ^X-Spam-Level: \*\*\*\*\*\*\*\*\*\*\*\*\*\*\* <--PS: no shorter way?
Mail/almost-certainly-spam/
On Mon, Jun 30, 2003 at 11:17:25AM +1200, Simon Byrnand wrote:
> to trigger on netfolder updates. Is this not considered a bug, considering
> how high the scores of those two tests are ? The combined score is 7.1
> which is above our conservative default of 7.0
Well, any rule changes are ver
At 19:50 29/06/03 -0400, Theo Van Dinter wrote:
On Mon, Jun 30, 2003 at 11:17:25AM +1200, Simon Byrnand wrote:
> to trigger on netfolder updates. Is this not considered a bug, considering
> how high the scores of those two tests are ? The combined score is 7.1
> which is above our conservative defa
On Sun, Jun 29, 2003 at 12:08:43PM -0400, Jay Levitt wrote:
> A search of the sa-talk archives shows that people have occasionally seen this in
> past versions, but nobody's ever responded to them. Any ideas, anyone?
known issue, fixed in 2.60 pr2 (note: it's not an release candidate
yet ...)
b
Martin Radford writes:
>I've been running 2.60-pr1 since this morning (thanks to Theo for his
>speedy assistance with a Perl 5.005-related bug). I've noticed that
>nearly all the spams I've had so far have come up with BAYES_99 and
>that the probability is given as 1.000.
>
>With 2.55 I didn't ge
Simon Byrnand writes:
>At 19:50 29/06/03 -0400, Theo Van Dinter wrote:
>>On Mon, Jun 30, 2003 at 11:17:25AM +1200, Simon Byrnand wrote:
>> > to trigger on netfolder updates. Is this not considered a bug, considering
>> > how high the scores of those two tests are ? The combined score is 7.1
>> > w
Hello Martin,
>> I am using a very simple and standard FormMail form on my website and
>> forms sent to me from my own web site are getting marked as spam!
>>
Look at the headers of the feedback form; since it comes from your
own site it will probably have the site user ID and/or IP in
one of th
It seems to me that SA comes with language options that will
print test descriptions in languages other than English,
i.e., you can opt to have the test that is giving offense
here described as "Spiega come aumentare le dimensi
oni del proprio pene" - I would assume by choosing
appropriate language
Incident Information:-
Originator: [EMAIL PROTECTED]
Recipients: [EMAIL PROTECTED]
Subject:Spamassassin-talk digest, Vol 1 #1328 - 2 msgs
WARNING: The file your_details.zip (details.pif) you received was infected
with the W32/[EMAIL PROTECTED] virus. The file attachment was not successfully
Incident Information:-
Originator: [EMAIL PROTECTED]
Recipients: [EMAIL PROTECTED]
Subject:Spamassassin-talk digest, Vol 1 #1329 - 1 msg
WARNING: The file your_details.zip (details.pif) you received was infected
with the W32/[EMAIL PROTECTED] virus. The file attachment was not successfully
Incident Information:-
Originator: [EMAIL PROTECTED]
Recipients: [EMAIL PROTECTED]
Subject:Spamassassin-talk digest, Vol 1 #1329 - 1 msg
WARNING: The file your_details.zip (details.pif) you received was infected
with the W32/[EMAIL PROTECTED] virus. The file attachment was not successfully
Incident Information:-
Originator: [EMAIL PROTECTED]
Recipients: [EMAIL PROTECTED]
Subject:Spamassassin-talk digest, Vol 1 #1328 - 2 msgs
WARNING: The file your_details.zip (details.pif) you received was infected
with the W32/[EMAIL PROTECTED] virus. The file attachment was not successfully
Title: ScanMail Message: To Recipient virus found and action taken.
ScanMail for Microsoft Exchange has detected virus-infected attachment(s).
Sender = [EMAIL PROTECTED]
Recipient(s) = [EMAIL PROTECTED]
Subject = Spamassassin-talk digest, Vol 1 #1328 - 2 msgs
Scanning Time = 06/29/2003 21:37
Title: ScanMail Message: To Recipient virus found and action taken.
ScanMail for Microsoft Exchange has detected virus-infected attachment(s).
Sender = [EMAIL PROTECTED]
Recipient(s) = [EMAIL PROTECTED]
Subject = Spamassassin-talk digest, Vol 1 #1329 - 1 msg
Scanning Time = 06/29/2003 21:37:
Abigail Marshall writes:
>It seems to me that SA comes with language options that will
>print test descriptions in languages other than English,
>i.e., you can opt to have the test that is giving offense
>here described as "Spiega come aumentare le dimensi
>oni del proprio pene" - I would assume b
Be advised that the two emails that have come thru entitled "Re:
Application" contain a zip file attachment which may be a variant of the
Sobig worm. The zip file for both emails was named your_details.zi, and
contained a file called details.pif, which seems to match the
characteristics describ
An Internet e-mail message was sent to you from an outside source that
contained an prohibited file type, but was removed for security
purposes.
The message header is attached below. If you must use e-mail to receive
business-related .exe files, there is a workaround. Please inform the
sender of
An Internet e-mail message was sent to you from an outside source that
contained an prohibited file type, but was removed for security
purposes.
The message header is attached below. If you must use e-mail to receive
business-related .exe files, there is a workaround. Please inform the
sender of
Title: Houghton Internationals' Anti-virus Service, Antigen, found FILE FILTER= *.pif file
Houghton Internationals' Anti-virus Service (Antigen for Exchange) found your_details.zip
->details.pif matching FILE FILTER= *.pif file filter.
The file is currently Removed. The message, "[SAtalk] Re:
Title: Houghton Internationals' Anti-virus Service, Antigen, found FILE FILTER= *.pif file
Houghton Internationals' Anti-virus Service (Antigen for Exchange) found your_details.zip
->details.pif matching FILE FILTER= *.pif file filter.
The file is currently Removed. The message, "[SAtalk] Re:
Hi all,
Perhaps this is a question for -devel...but I'll ask here anyway.
One of the rules for this version was against using a port other than
the standard HTTP port. Well, since this is -CVS, I may as well keep
quiet, but I wonder why this rule is here, since people are free to use
other ports
61 matches
Mail list logo
