I think I received my first " Habeas SWE (tm)" email today and what do you
know, it's V|@gra spam.
X-Habeas-SWE-1: winter into spring
X-Habeas-SWE-2: brightly anticipated
X-Habeas-SWE-3: like Habeas SWE (tm)
X-Habeas-SWE-4: Copyright 2002 Habeas (tm)
X-Habeas-SWE-5: Sender Warranted Email (SWE) (
Yeah me too, the first false negatives i got this year, and its even
autolearning its ham, yikes.
whats the best and cleanest way of 'zapping' it out ?
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On
> Behalf Of Jack Gostl
> Sent: maandag 12 januari 2004 1
On Mon, 12 Jan 2004, Bruno wrote:
> Yeah me too, the first false negatives i got this year, and its even
> autolearning its ham, yikes.
>
> whats the best and cleanest way of 'zapping' it out ?
I am editing /usr/share/spamassassin/50_scores.cf.
Change the line that has:
score HABEAS_SWE -8.0
to
Hi,
On Mon, 12 Jan 2004 02:10:17 -0500 (EST) Chuck Peters
<[EMAIL PROTECTED]> wrote:
>
> I think I received my first " Habeas SWE (tm)" email today and what do you
> know, it's V|@gra spam.
There's a lot of that going around today. My copy came from an open
proxy in SBC netowrk space somewhere
Updated :) (+0.1)
Sorry www.habeas.com but if you were doing what you advertised and suing these suckers
or lobbying congress for tougher (or actual) laws then I'd give you a -30... Try
again next year.
We did also report 4 emails to them recently (1 was questionable). We're still
waiting
As with all all other attempts we really need to see the proof in the pudding... If
the zombies start using it then who do you sue? Then we receive 8400+ per 8400+
emails. Not to sound bad but I think that Habeas has an uphill battle trying to hit
the spammers. They need to get some better l
Hi,
On Sun, 11 Jan 2004 23:58:37 -0800 "Gary Smith" <[EMAIL PROTECTED]> wrote:
> As with all all other attempts we really need to see the proof in the
> pudding... If the zombies start using it then who do you sue?
The same people you always sue: the people with the money. :)
> Then we receive
LOL... More lawyers... That's the problem :). The good spammers have them.
Gary
-Original Message-
From: [EMAIL PROTECTED] on behalf of Bob Apthorpe
Sent: Mon 1/12/2004 12:59 AM
To: [EMAIL PROTECTED]
Cc:
Subject: Re: [SAtalk] forged
Hi folks,
I need to filter all emails that have links to a specific directory (/cd/).
Could you help me?
Thanks for all
Regards
Andrea
---
This SF.net email is sponsored by: Perforce Software.
Perforce is the Fast Software Configuration Manag
At 11:54 PM 1/11/04 +0100, Stefan Urbat wrote:
I have developed a hypothesis, which could explain eventually this strange
phenomenon:
spamassassin reads the configuration files directly, but not spamd ---
during installation the rules were compiled by the Debian postinstall
script into a format, wh
A combination of the rule below, and the backhair ruleset found at
http://www.merchantsoverseas.com/wwwroot/gorilla/sa_rules.htm has
stopped the flood of these emails that I was getting.
body haynes_banned_cd /Banned CD.{0,3}Government don\'t want
me/i
describe haynes_banned_cd S
On Sat, 10 Jan 2004, Rich Wales <[EMAIL PROTECTED]> wrote:
> I came up with a set of rules which appear to catch the new strain
> of spam with a meaningless jumble of words in the body, [...]
> header__MPOP_SUBJ1Subject =~ /Re: [A-Z]+, \S+ \S+ \S+/
You may want to compare/contrast the
Jack Gostl wrote:
>
> Wow. almost a dozen in very little time. Given how well bayes is
> working, I might just disable the habeus mark test.
Then let's create a ruleset for the Habeas violator Pharmacourt and
score it high enough for Habeas to be useless:
--- 20_uri_tests.cf
uri WWW_PHARMACO
Tim,
Andrea's email doesn't appear to be about the "banned CD" spams.
It appears to be about banning any email which has a link to a directory on
disk named /cd/
ie:
uri LOCAL_ILLEGAL_LINK /\/cd\//i
Of course, the subject is very misleading in that case, but if you read his
(althoug
> It appears to be about banning any email which has a link to a directory on
> disk named /cd/
>
> ie:
>
> uri LOCAL_ILLEGAL_LINK /\/cd\//i
>
> Of course, the subject is very misleading in that case, but if you read his
> (although possibly her, hard to tell how Andrea is pronounced
Quoting Theo Van Dinter <[EMAIL PROTECTED]>:
> If you learn a message that has already been learned as the opposite
> type,
> SA will auto-forget it before learning the way you specify. :)
I understand this, always have. This is what I usually do. I only did this
is because I wanted to learn over
Updated and tested over the weekend.
I'm still working on a good rule to catch the G.Bush V-drug look-a-like
spam. This guy changes domain names all the time. Something soon I hope.
http://www.merchantsoverseas.com/wwwroot/gorilla/bigevil.cf
Chris Santerre
System Admin and SA Custom Rules Em
http://au2.spamassassin.org is out of date. It shows the latest version to
be v2.55
Best Regards
Mark Waterhouse
---
This SF.net email is sponsored by: Perforce Software.
Perforce is the Fast Software Configuration Management System offering
How is this determined? When a particular individual
send email to me, it picks up the following points for 'pretending to be
outlook' - however the user does use outlook so i am wondering what it is
that makes this a false positive.
3.5 - Forged mail pretending to be from MS
Outlook
0.
Thanks Matt, thanks Timothy,
My english is terrible, but I've to filter emails with a specific link to
/cd/ directory. The problem is the SPAM from 'banned_cd'. I think either
solutions could help me.
Thanks for support
Regards
Andrea
---
Thi
What do most people who write new SA rules set their threshold too? I had
set it around 3.0 for our company, but the false positive rate was very
high. I was looking at some of the big-evil stuff and noticed that many of
the scores were 3.0 by themselves...
Does everyone just use the 5.0 that co
I was going to post my stats as well. Slight increase in spam. Not getting
thru, but increase in being sent ;) *sigh*
"The goggles, they do nothing!" - McBane
I also get a lot of "Survey" calls at home now. *Deep sigh*
--Chris
> -Original Message-
> From: Gary Funck [mailto:[EMAIL PRO
i use the default of 5 and it gets all spam except the MS update virii which
nearly always score 4.7
On Mon, Jan 12, 2004 at 09:32:57 -0600, Carl Chipman wrote:
> What do most people who write new SA rules set their threshold too? I had
> set it around 3.0 for our company, but the false positive
Carl
I think you will find that there are many different ways that people
configure there SA.
Here I:
mark at 5.0 (occasional FP's)
Delete at 10.0 (No FP's.. Yet)
Alan
> -Original Message-
> Behalf Of Carl Chipman
> Sent: 12 January 2004 15:33
> To: [EMAIL PROTECTED]
> Subject: [SAtalk
yep 5.0. Works great for us.
/robert
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Carl
Chipman
Sent: Montag, 12. Januar 2004 16:33
To: [EMAIL PROTECTED]
Subject: [SAtalk] Your threshold score
What do most people who write new SA rules set their thresh
What do most people who write new SA rules set their threshold too? I had
set it around 3.0 for our company, but the false positive rate was very
high. I was looking at some of the big-evil stuff and noticed that many of
the scores were 3.0 by themselves...
Does everyone just use the 5.0 that com
Yes, I use the 5.0 default. My Bigevil rules go against my own
recommendations. The majority of my custom rules are between .33 and .55 in
score. But Bigevil is designed to hit 100% spam. It is the only set I have
scored high. FPs are taken care of right away.
I don't deliver the spam at 7.0 or h
One dufus spammer, beside spelling the drug correctly, also mentions the
generic name "Sildenafil Citrate". If not already in BigEvil, perhaps Chris
could add it.
Best Regards,
Bob
---
This SF.net email is sponsored by: Perforce Software.
Perfo
They've noted that we give HABEAS_SWE a score of -4.6 I think. I'm
adjusted it for my machines to zero. Here's the headers:
Return-Path: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
Received: from beefcake.intouch.ca (beefcake.intouch.ca [64.69.91.201])
by intouch.ca (Postfix) with ESMT
On Sun, 11 Jan 2004, Theo Van Dinter wrote:
> Send them to [EMAIL PROTECTED] I dug through my spam corpus and found
> 8 so far this month and just sent them off. We'll see what happens.
I agree on reporting them. But it should be obvious in the short term, if
these things become annoying, just s
Well, *DUH*...
First these guys applaud the CAN-SPAM act, now they say "Uh oh, it's
totally useless and nobody is following it"
http://www.mxlogic.com/news_events/01_08_04.html
Also, check out this nifty little "remove" direction that I found on a
spam this morning. How nice! All you need to d
I have ours set to 5.5. With 5.0 I had too many false positives. Our company came to the conclusion that a few missed spams were better than a few missed sales requests so we just deal with the handful of emails that get past the filter.
--Mike
From: Carl ChipmanSent: Mon 1/12/2004 9:32
I got a number of FP when i was using 5.0 so i am using 5.5 to mark and then
6.7 to delete. I would have liked to use 5 however to may client where
getting message tagged as spam that where not). I have only deleted 1
message by mistake in 25000 emails since friday and it was a "special" user
lol
Given the discussion of the recent problem with the Habeas mark being
autolearned as ham, I think it would be a good rule of thumb to skip the
bayes autolearning when a message has ANY negative score. This will prevent
future abuses of these types of scores from polluting the database.
The merits
Of course the phone number makes perfect fodder for a 10.0 rule.
-Original Message-
From: Jonathan Nichols [mailto:[EMAIL PROTECTED]
Sent: Monday, January 12, 2004 10:11 AM
To: SA
Subject: [SAtalk] MX Logic article
Well, *DUH*...
First these guys applaud the CAN-SPAM act, now they say "
On Mon, 12 Jan 2004, Charles Gregory wrote:
> On Sun, 11 Jan 2004, Theo Van Dinter wrote:
> > Send them to [EMAIL PROTECTED] I dug through my spam corpus and found
> > 8 so far this month and just sent them off. We'll see what happens.
>
> I agree on reporting them. But it should be obvious in
On Mon, Jan 12, 2004 at 11:20:42AM -0500, Gerry Doris wrote:
> I just sent my copy to [EMAIL PROTECTED] and it bounced. I personally
> think it was a REALLY bad idea to include these jokers in the scoring.
That's because it's habeas (note the "a", not a "u").
--
Randomly Generated Tagline:
"Ph
> > On Sun, 11 Jan 2004, Theo Van Dinter wrote:
> > > Send them to [EMAIL PROTECTED] I dug through my spam corpus and found
> > > 8 so far this month and just sent them off. We'll see what happens.
> >
> > I agree on reporting them. But it should be obvious in the short term, if
> > these thing
> > Send them to [EMAIL PROTECTED] I dug through my spam
> corpus and found
> > 8 so far this month and just sent them off. We'll see what happens.
>
> I agree on reporting them. But it should be obvious in the
> short term, if
> these things become annoying, just set the score for the
> habe
On Mon, Jan 12, 2004 at 11:26:46AM -0500, Jack Gostl wrote:
> I sometimes wonder if the whole system wouldn't be smaller and stabler if
> it were entirely Bayes based.
Well, sure it would be. But frankly, if you want Bayes only, there
are several other projects out there to look at... SpamBayes,
Could I ask a quick poll on the # of messages your configuration is able to process
per minute .. its time for me to move platforms and I'm trying to plan for growth
. your comments would be extremely useful.
I'd be willing to compile a summary should you wish to e-mail me direct ...
A.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Monday 12 January 2004 07:32, Carl Chipman wrote:
> What do most people who write new SA rules set their threshold too? I had
> set it around 3.0 for our company, but the false positive rate was very
> high. I was looking at some of the big-evil s
Check the SARE site for a rule called "AF_MEDICAMENTOS". I believe it was
submitted by a guy from Mexico. It tags a lot.
Chris Santerre
System Admin and SA Custom Rules Emporium keeper
http://www.merchantsoverseas.com/wwwroot/gorilla/sa_rules.htm
'It is not the strongest of the species that su
I'm attaching one that was posted to another list. Unix Text format.
(receiver address munged.)
It is UGLY.
--Chris
> -Original Message-
> From: Scott Lambert [mailto:[EMAIL PROTECTED]
> Sent: Sunday, January 11, 2004 6:34 PM
> To: [EMAIL PROTECTED]
> Subject: [SAtalk] Obscured web site
Right now I am using spamass-milter to send all the email into spamassassin
but I would like to implement a deletion process where the email gets deleted
if it gets certain score. As it stands I cannot do that right now with my
setup.
I was wondering if I could just add procmail to the mix and th
Well, we _were_ running SA on a single P-III 733 with 256Mb ram and
processing an average of 15k messages/day, but about once/week the
system would fold up under it's own weight. It would basically run out
of RAM and die...
When we were only processing about 10-12k messages/day, things were
pretty
Hello All,
I have been getting alot of HABEAS based spam and I have been reporting
the spam to [EMAIL PROTECTED] But in the mean time I would like to
figure out a way to either turn off the HABEAS_SW based points to 0.0
or to block those emails all together. I am new to this spamassassin,
(and
This is a resubmission of a question that I have been trying to sort out
for about a week now. I am trying to tag messages that have more than
10 random words in the message body of an incoming e-mail I am running
the following
Solaris 8
Sendmail 8.12.10 (+libmilter support)
Mimedefang
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On
> Behalf Of SAtalk Mail User
> Sent: Monday, January 12, 2004 11:27 AM
> To: [EMAIL PROTECTED]
> Subject: [SAtalk] Habeas scoring
>
> Hello All,
>
> I have been getting alot of HABEAS based spam and I have
score HABEAS_SWE 0.0 in your local.cf
Brad
On Mon, 12 Jan 2004, SAtalk Mail User wrote:
> Hello All,
>
> I have been getting alot of HABEAS based spam and I have been reporting
> the spam to [EMAIL PROTECTED] But in the mean time I would like to
> figure out a way to either turn off the HABEAS
On Monday 12 January 2004 10:32 am, Carl Chipman wrote:
> What do most people who write new SA rules set their threshold too? I had
> set it around 3.0 for our company, but the false positive rate was very
> high. I was looking at some of the big-evil stuff and noticed that many of
> the scores w
Gary Smith wrote:
> We did also report 4 emails to them recently (1 was questionable). We're still
> waiting a response.
I have gotten automated responses with report numbers in the 109,000
range from every one that I have reported. They came within a couple
of minutes.
Bob
pgp0.pgp
Des
I'll have to have my guy check again. It's also possible that it's beeing sent to his
spam bucket now...
Gary
-Original Message-
From: [EMAIL PROTECTED] on behalf of Bob Proulx
Sent: Mon 1/12/2004 9:43 AM
To: SpamAssassin listserve
Cc:
I am running SA on a PIII 450 with 384 MB of RAM and it processes about 5k to 6k of messages (92% spam) a day without ever hitting swap.
--Mike
From: Andy DonovanSent: Mon 1/12/2004 10:38 AMTo: [EMAIL PROTECTED]Subject: [SAtalk] SA Performance ...
Could I ask a quick poll on the # of mes
Gary Smith wrote:
> I'll have to have my guy check again. It's also possible that it's
> beeing sent to his spam bucket now...
Just so you know what to look for, here is a sample response from
Habeas. [I obsfucated my work address. I word wrapped their text.
(They really should use format=flowe
I let 5.0
works quite fine, except for
- some "technical publicity" (palmpowered.com comes to mind)
- broken mail clients who send mail in 8bit raw (instead of encoded mime)
- some newsletters whose editors apparently haven't read a book "howto do clean
html"
- some new style nigerian scam, writt
On Mon, 12 Jan 2004, Carl Chipman wrote:
> What do most people who write new SA rules set their threshold too? I had
> set it around 3.0 for our company, but the false positive rate was very
> high. I was looking at some of the big-evil stuff and noticed that many of
> the scores were 3.0 by
Hiyo!
Just curious how to best handle HTML character spam. For example, the 'V'
pill word was spelled: Vïàgrå
And it's 'X' counter-part as: Xánåx
I could use 'rawbody', but then I end up 'wheeling' through all the
different possible substitutes for each letter. Is there a simple test
for this
At 01:05 PM 1/12/2004, Charles Gregory wrote:
I could use 'rawbody', but then I end up 'wheeling' through all the
different possible substitutes for each letter.
actually, rawbody won't help you.. those characters are decoded even in
"rawbody" type rules...
the only differences between rawbody an
Hello all,
I am using sa 2.55 on my main windows based mail server and all is working
fine.
My question is I am having my users that get a spam message that slips
through to "forward the message as an attachment", so the actual attachment
is the original email, to a spam mailbox that I then have
On Sun, 2004-01-11 at 22:39, Kai Poppe/Redaktion SDCE wrote:
> Hello List, Hello Martin
>
> I tried to describe to letters with an \x.. code but there are still some
> difficulties. having only a | or a ¡ as special character in the word the
> rule swings in, but adding another one or two @s just
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]
> n Behalf Of
> McWhirter,Julia
> Sent: Monday, January 12, 2004 12:34 PM
> To: [EMAIL PROTECTED]
> Subject: [SAtalk] Detecting 10+ random words
>
>
>
>
>
>
> This is a resubmission of a question that I have been
>
Comments inline...
>
>
>
> This is a resubmission of a question that I have been trying
> to sort out
> for about a week now. I am trying to tag messages that have more than
> 10 random words in the message body of an incoming e-mail I am running
> the following
>
*snip*
>
> This is the .c
Sorry, I'm reposting this message. It's important for me to have an
answer, and I don't know where else to go for help!
I'm an administrator of a spamassassin-enabled server with 250 users. I'm
upgrading from 2.55 -> 2.61 and, as suggested in the INSTALL doc, want to
use "sa-learn --import" and "s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Theo Van Dinter writes:
>On Mon, Jan 12, 2004 at 11:26:46AM -0500, Jack Gostl wrote:
>> I sometimes wonder if the whole system wouldn't be smaller and stabler if
>> it were entirely Bayes based.
>
>Well, sure it would be. But frankly, if you want Bay
Here is the partial Auto Reply from Habeas.. where they tell you that they
most likely will not reply back to you, but will go after the abuser..
Thank you for your report of spam containing the Habeas headers.
[snip]
With respect to spam containing our headers:
Please know that at Habeas we take
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Gary Smith writes:
>Updated :) (+0.1)
>
>Sorry www.habeas.com but if you were doing what you advertised and suing these
>suckers or lobbying congress for tougher (or actual) laws then I'd give you a -30...
>Try again next year.
hmm. From what I'v
Hello everyone,
I have had a lot of the Habeas messages also and have reported them, but
am extremely confused at the actual point of Habeas?
If I understand correctly a Habeas "Certified" message has the 9 or 10
"Habeas" header lines in it and that alone is suppose to be enough to
make the messa
> Don't they see (surely they do, but I'm just missing the point of their
> product) that all a spammer has to do is add the headers to their
> messages in order to bypass all the spam trapping applications?
The point is that their header is trademarked. Any spammer using their
text is subject to
>
> Don't they see (surely they do, but I'm just missing the
> point of their
> product) that all a spammer has to do is add the headers to their
> messages in order to bypass all the spam trapping
> applications? Please
> tell me I'm missing something and that these people haven't robbed
> co
> The point is that their header is trademarked. Any spammer
> using their
> text is subject to trademark violations, since the right to use the
> trademark is granted only to those who send messages compliant with
> their definition of not-spam.
Copyright, not Trademark. Big Difference.
-ste
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Kevin Old wrote:
| If I understand correctly a Habeas "Certified" message has the 9 or 10
| "Habeas" header lines in it and that alone is suppose to be enough to
| make the message identifiable as "non-spam" according to their website.
| What gives?
I
I found in the rules that spamassassin ships a rule for checking against
bl.spamcop.net. In the score file, it gives this a zero weight, encouraging
you to give it some score if you donate.
Since I am a spamcop customer and feel justified in using them, I copied
the line:
score RCVD_IN_BL_SPAMC
On Mon, Jan 12, 2004 at 01:55:43PM -0500, Kevin Old wrote:
> I have had a lot of the Habeas messages also and have reported them, but
> am extremely confused at the actual point of Habeas?
Ok, I'm getting tired of these types of messages. Habeas' business model
is not SA related, so please stop p
On Mon, 12 Jan 2004, SRH-Lists wrote:
> > The point is that their header is trademarked. Any spammer
> > using their
> > text is subject to trademark violations, since the right to use the
> > trademark is granted only to those who send messages compliant with
> > their definition of not-spam.
>
That's all you need to do. SpamAssassin doesn't actually run any tests that
have a score of 0, so the test was all set up and ready to be run, but disabled
(by the zero score). Changing that is all you need to do to enable it.
On Mon, 12 Jan 2004, Ed Greenberg wrote:
> I found in the rules that
On Mon, 2004-01-12 at 14:12, Theo Van Dinter wrote:
> On Mon, Jan 12, 2004 at 01:55:43PM -0500, Kevin Old wrote:
> > I have had a lot of the Habeas messages also and have reported them, but
> > am extremely confused at the actual point of Habeas?
>
> Ok, I'm getting tired of these types of message
Hello,
I've a strange problem with spamassassin:
I lunch it with -v and -d options and the log (/var/log/maillog), each time receive a
mail message, show this:
Jan 12 20:27:27 bizio spamd[582]: connection from localhost [127.0.0.1] at port 32891
Jan 12 20:27:27 bizio spamd[1380]: Use of uninit
On Mon, Jan 12, 2004 at 02:27:59PM -0500, Kevin Old wrote:
> I hear ya. Shame on me. How dare someone have an actual question that
> needed clearing up and after searching the archives still didn't find a
> suitable answer to their question. Why don't we just close down this
> list so we can all
Hi all,
I did check the archives for the answer to this one, but the keywords involved
are vague enough that it may have been answered and I couldn't find it.
A message arrived the other day that when it was processed by spamd was logged
in /var/log/messages instead of /var/log/maillog (like a
Hi all.
Can anyone help me out with a problem? I've got SA 2.61 running on
Debian Woody- I'm migrating from RH9, where I always used pre-packaged
RPMs. I couldn't get the unstable packages to install, so I got the
.tar.gz instead.
It took me a while to sort out getting SA running and integratin
On Mon, 12 Jan 2004, Theo Van Dinter wrote:
> "why does habeas get a score of -8 in SA by default" is on topic, "why
> do the habeas people think their business model is going to work" isn't.
How about "Why do the SA developers (who assigned a score of -8) think the
Habeas business model is going
I received the following spam that does not comply with the Habeas agreements:
>From [EMAIL PROTECTED] Mon Jan 12 03:38:18 2004
Received: (from [EMAIL PROTECTED])
by replaced
for replaced
Date: Mon, 12 Jan 2004 03:38:18 -0800 (PST)
Received: from ([142.177.249.186]) by replaced a
How is this determined? When a particular individual
send email to me, it picks up the following points for 'pretending to be
outlook' - however the user does use outlook so i am wondering what it is
that makes this a false positive.
3.5 - Forged mail pretending to be from MS
Outlook
0.6
Hi there!
I have a difficult Problem since I donÄt know where the difference
comes from:
[EMAIL PROTECTED]:~$ spamc -c < spam4
4.6/6.5
[EMAIL PROTECTED]:~$ spamassassin -t < spam4
...
Content analysis details: (10.1 points, 6.5 required)
pts rule name description
--
> Quote from Jack Gostl:
> "The RBLs are nice, but i have a half dozen spams a week slip through
because of spamc/spamd timeouts, which I'd bet are RBL related."
Hello,
I was asking last week about the spam that get through on my system that all
report this in the header:
qmail-scanner-1.20rc3 (
It was discussed a while back how the phrases like:
"This message conforms to the requirements of the 'CAN-SPAM Act of 2003' and
was sent to you by .."
Just wanted to let you guys know I'm seeing it in legit ham now. Careful
using a rule for this stuff.
Chris Santerre
System Admin and SA C
These guys have quite a reputation for a common con - I ask this question to
provoke discussion and hopefully decision on SA policy on a method of
dealing with these kind and their ilk.
They send a message (spam?) to the domain owner, requesting that he confirm
a request to transfer his domain by
I keep
saying this and no one does... (not sure if it's you, or if there are a lot of
people sending the same question) - MORE INFORMATION is
needed.
0)
READ THE ACHIVES
1)
SEND THE HEADERS
2)
FILE A BUG REPORT
I
think I've seen a few people asking this, but no one is doing the above.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Robert Menschel writes:
> I'm trying to make sure my corpus is as clean as possible, eliminating
> all duplicates.
>
> I tried to use the masses/corpora/uniq-mailbox program for this, and had
> problems which I've documented in bugzilla report 2920.
Thus spake Mitch (WebCob) ([EMAIL PROTECTED]) [12/01/04 15:47]:
> These guys have quite a reputation for a common con - I ask this question to
> provoke discussion and hopefully decision on SA policy on a method of
> dealing with these kind and their ilk.
>
> They send a message (spam?) to the dom
Andy Donovan wrote:
> Could I ask a quick poll on the # of messages your configuration is
> able to process per minute .. its time for me to move platforms and
> I'm trying to plan for growth . your comments would be extremely
> useful.
PII/450/512M, running sendmail+MIMEDefang+clamav+SA. Run
At 02:11 PM 1/12/2004, Ed Greenberg wrote:
I found in the rules that spamassassin ships a rule for checking against
bl.spamcop.net. In the score file, it gives this a zero weight,
encouraging you to give it some score if you donate.
Since I am a spamcop customer and feel justified in using them,
On Monday, January 12, 2004 3:47 PM, Mitch (WebCob) wrote:
> Here is one such message. The client assures me they did not at any
> time contact these guys... which is of course the con - convince the
> client you are doing what they asked you to and then do it when they
> blindly confirm...
I've n
Just noticed a message with an encoded URL, that misses, the "BIZ_TLD" rule,
etc.
The message body contains:
http://gf=2eclearmath=2ebiz/jsimp/index=2ehtml";>scored this way=2e
http://K=2eclearmath=2ebiz/images/js02=2ejpg"; border=3d=
"0">
I know this wraps a bit ugly, when pasted into my mai
On Mon, 12 Jan 2004, Mike Carlson wrote:
> Right now I am using spamass-milter to send all the email into spamassassin
> but I would like to implement a deletion process where the email gets deleted
> if it gets certain score. As it stands I cannot do that right now with my
> setup.
Read the docu
'Cause they are scammers... they are being actively sued by a variety of
people...
There are a variety of these buggers, many have bad reps with various
business bureaus, etc.
>From my viewpoint, a con artist with a % of legitimate business, is still a
con artist.
Just as a legitimate bulk maile
Thus spake Mitch (WebCob) ([EMAIL PROTECTED]) [12/01/04 16:39]:
> 'Cause they are scammers... they are being actively sued by a variety of
> people...
>
> There are a variety of these buggers, many have bad reps with various
> business bureaus, etc.
>
> From my viewpoint, a con artist with a % of
Apparently DROA (domain registry of america) is also being sued by a variety
of people... Enom Inc is the parent I think.
I'm not a rule writer expert, but I figure to be of real use, such a thing
should be included in the default set with a reasonable score - looking at
setting a precedent of sor
Is this possibe?
Let's say [EMAIL PROTECTED] sends an email to [EMAIL PROTECTED] and Joe is in a
whitelist_from_rcvd. Would it be possible to auto add a whitelist_from_rcvd for Mary?
This way Mary will be trusted since Joe is already trusted to send emails.
This is different than AWL since this
1 - 100 of 142 matches
Mail list logo
