apologies the headers I sent was the ones received from SA. The headers in the included message (the original) are..
Return-Path:
Envelope-To: [EMAIL PROTECTED]
X-Spam-Status: SpamAssassin Failed
Received: from [192.168.2.29] (HELO reception)
by pickering.co.uk (CommuniGate Pro SMTP 4.1.5)
wi
Seems like any attachment, especially a binary such as a pdf
would go over the maximum size to be scanned by SA. This must
have been one tiny pdf, or you have set your SA instance to
scan messages over the max size (default
250k) Most pdf's are much larger than this.
i believe he attached it
Hello
In the last time we often got spam emails containing random word lists.
example:
nagasaki gazette rood cod dual gradate clifford babysitting newel
latin adenoma francisco aspheric express atavism
guardia photo section copperas ...
Some of them are recognized as spam some as ha
64.142.16.37 (s2.habeas.com) is also listed in spamcop :)
http://www.spamcop.net/w3m?action=blcheck&ip=64.142.16.37
cahya
On Wed, Jan 14, 2004 at 02:01:03PM -0800, Brian May wrote:
> Thought this was a little humorous... Habeas is Misusing their own mark?
>
> Content analysis details: (8.0 poi
Can I run sa-learn on a maildir? and if so how?
Best regards,
Owen Franssen
Technical Services Manager
WASP (a division of Insight Web Marketing Ltd.)
+353 64 54094
---
This SF.net email is sponsored by: Perforce Software.
Perforce is the
Just a quick note. Tripwire is a commercial IDS package, sold by Tripwire
Inc. We might have to watch our for trademark infringement.
Mark
---
This SF.net email is sponsored by: Perforce Software.
Perforce is the Fast Software Configuration
I have a setup involving procmail, SA and Razor, at the moment, every
time I do a razor-report (with "| /usr/bin/spamassassin -r" in my
procmailrc) my mail spool gets poisoned with something like this:
X-Spam-Checker-Version: SpamAssassin 2.61 (1.212.2.1-2003-12-09-exp) on
nepenthes.loca
On Thu, 15 Jan 2004, Sönke Ruempler <[EMAIL PROTECTED]> wrote:
> Subject: confiscate cosponsor gnat
> X-Mailer: huh
> Message-Id: <[EMAIL PROTECTED]>
http://marc.theaimsgroup.com/?l=spamassassin-talk&m=107361675716894&w=2
http://marc.theaimsgroup.com/?l=spamassassin-talk&m=107408986927266&w=2
--
Just a thought: It wouldn't only have simplified matters, it would have
been more secure. Imagine someone hacks your SA box...they'd have access
to your internal network right away (unless there are other measures not
mentioned in place of course) In any case, this setup is not
recommended, but
Technical Services said the following on 15/01/04 11:25:
Can I run sa-learn on a maildir? and if so how?
man sa-learn for the full docs...
Use the --dir option and pass the dir containing the email files.
Regards,
Ronny
--
Technical Director
Amazing Internet Ltd, London
t: +44 20 8607 9535
f: +
Hi
How about a URI rule testing for the holdontrynow.com link??
Cheers
Ralf G.
Sönke Ruempler wrote:
hi list,
I wonder if i can to something against these spam messages:
Return-Path: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
Received: from 62.116.172.149 (68.116.240.99:4887)
by mail
> small chastising rant: Subject lines exist for a reason, on high volume
> lists, please use them. "no subject" makes you look lazy and/or lacking in
> inteligence, usualy both.
>
Actually I was suffering from temporary (I hope) stupidity... My bad...
Sorry :)
> At 05:05 PM 1/14/2004, Christop
On Thu, Jan 15, 2004 at 11:25:37AM +, Technical Services wrote:
> Can I run sa-learn on a maildir? and if so how?
Yes you can.
for i in Maildir/cur; do sa-learn --spam $i; done
>
> Best regards,
> Owen Franssen
> Technical Services Manager
> WASP (a division of Insight Web Marketing Ltd.)
>
Hey does anyone know if there are any spamassassin books comming out?
---
This SF.net email is sponsored by: Perforce Software.
Perforce is the Fast Software Configuration Management System offering
advanced branching capabilities and atomic
Why does HABEAS_SWE score -8.0? EVERYmessage that I recieve that matches
that criteria is spam. I've since added 16 point to HABEAS_SWE.
Jeff
---
This SF.net email is sponsored by: Perforce Software.
Perforce is the Fast Software Configuratio
At 08:34 AM 1/15/04 -0500, Jeff Fulmer wrote:
Why does HABEAS_SWE score -8.0? EVERYmessage that I recieve that matches
that criteria is spam. I've since added 16 point to HABEAS_SWE.
Read the archives of this list.. this has been discussed almost nonstop
since the weekend...
or read www.habeas.c
At 11:14 AM 1/15/04 +0100, Gunther Heintzen wrote:
X-Spam-Status: No, hits=2.6 required=3.9 tests=FORGED_HOTMAIL_RCVD2,
HTML_MESSAGE autolearn=ham version=2.61
It should be autolearn=no because hits=2.6 ist beetween 0.1 and 12.0
Autolearning is not based on the normal message score, it's based o
At 09:49 AM 1/15/04 +0100, Sönke Ruempler wrote:
I wonder if i can to something against these spam messages:
Simple starting things to check (if you're not already doing them)
1) use razor, dcc and/or pyzor.
2) Make sure your bayes is heavily trained (really, this batch of "poison"
has not been
Dear readers,
while using Spamassassin for about one month and having a very good
recognition rate I am discovering that spam that has almost or no text
within does not get detected by SpamAssassin, neither by normal criteria nor
by the Bayes filter. I think because there is not enough information
i like this idea,
possibley even design a DCC / pyzor / razor type system which would
implement a distributed checksum / md5 etc
on all image ?
- Original Message -
From: "Manuel Schmitt" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, January 15, 2004 4:08 PM
Subject: [SAta
Hello Rocky,
Wednesday, January 14, 2004, 8:53:25 PM, you wrote:
RO> I'm writing some custom rules and i am wondering if there is a list
RO> somewhere of what parts of the header i can test? such as
RO> header NO_REAL_NAME From =~
RO> header TO_HAS_SPACESTo:addr =~
First
Yes, we could integrate this into all bayes-like systems, I see no problem
and disk-space is not a problem any more.
Hint: I think we should store these things in a SQL database instead of in
the file system, shouldn't we?
- Original Message -
From: "snowchyld" <[EMAIL PROTECTED]>
To: <[
At 03:49 AM 01/15/04, Sönke Ruempler wrote:
hi list,
I wonder if i can to something against these spam messages:
We have been catching them with the following:
X-Spam-Report:
* 1.0 local_XMAILER_BOGUS X-Mailer =~ /^[a-z][^A-Z0-9]*$/
* 2.0 LE_NI BODY: obfuscated not interested
On Wed, Jan 14, 2004 at 05:48:20 +, Martin Hepworth wrote:
> Matt
>
> There's a howto for this in MailScanner.info on doing it for a
> MS-Exchange server. I guess you can ignore the MailScanner bit and just
> alter the sendmail bits you need.
i have had a quick look at Mailscanner and it lo
> Hint: I think we should store these things in a SQL database instead of in
> the file system, shouldn't we?
It is even possible to replace Berkeley DB with sql frontend and allow to use
postgres and for those who don't want to use sql server - sqlite
> > possibley even design a DCC / pyzor / r
"holdontrynow.com" is actually in my list to add. I'm sorry to say that at
my fastest, additions to Bigevil will take at least 2 days. With sooo many
people using, and a promise of ZERO FPs, I need to test overnight. Sometimes
I like to test more if the update was signifigant.
I search for all so
Who would be the best developer in the SA team for this?
- Original Message -
From: "Alexander Litvinov" <[EMAIL PROTECTED]>
To: "Manuel Schmitt" <[EMAIL PROTECTED]>
Sent: Thursday, January 15, 2004 4:40 PM
Subject: Re: [SAtalk] Improvement: Image Recognition as spam criteria
> On þÅÔ×ÅÒ
On Thu, Jan 15, 2004 at 12:09:36PM +0100, Cahya Wirawan wrote:
> 64.142.16.37 (s2.habeas.com) is also listed in spamcop :)
> http://www.spamcop.net/w3m?action=blcheck&ip=64.142.16.37
>
> cahya
>
> On Wed, Jan 14, 2004 at 02:01:03PM -0800, Brian May wrote:
> > Thought this was a little humorous...
Hi there!
Recently I wondered why my spamd called by exim by
exim.conf:spamd_address = 127.0.0.1 783
is not adding asterisk to the mails.
I found out, that the whole /etc/spamassassin/local.cf seems not to be
read by spamassasin. regardeless as which user I call "spamassassin -t
< mail" or "cat
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday 15 January 2004 05:34, Jeff Fulmer wrote:
> Why does HABEAS_SWE score -8.0? EVERYmessage that I recieve that matches
> that criteria is spam. I've since added 16 point to HABEAS_SWE.
>
I set mine to 0, because some non-spammer do use the
At 07:50 AM 1/15/2004, Tim B wrote:
Hey does anyone know if there are any spamassassin books comming out?
None that I'm aware of.
I've been thinking of writing more guides to go with the rule-writing guide
I made, but haven't started yet.
--
Can't you hide messages in jpeg? If they created an engine that
embedded a hidden random word in the image wouldn't that change it's
hash and make this database useless.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Alexander Litvinov
Sent: Thursday, J
Hey all,
Got a question about Bayes. I have run into this a few times now and not
sure what is causing it.
When I run a sa-learn command, if I am training something or maintenance, I
get this error:
Cannot open bayes databases /var/spool/MailScanner/spamassassin/bayes_* R/O:
tie failed: I
nappro
I
think the best thing you can do is post a bug...
I'm
not sure if the developers watch this list (I never saw a reply to my bug post
here) but there is a bugzilla installation linked from the support
site.
I'd
fill out a description and paste these headers there - either that or try
d
> -Original Message-
> From: Manuel Schmitt [mailto:[EMAIL PROTECTED]
> Sent: Thursday, January 15, 2004 8:09 AM
> To: [EMAIL PROTECTED]
> Subject: [SAtalk] Improvement: Image Recognition as spam criteria
>
> Dear readers,
>
> while using Spamassassin for about one month and having a
Pedro Sam <[EMAIL PROTECTED]> wrote:
> Even better, give your users IMAP and give them a SPAM folder, and
> you can sa-learn for them in a cron job. Most users should be able
> to drag and drop their spam into the SPAM folder.
I agree. But don't forget you have to also fee Bayes a corpus of Ham.
At 07:11 AM 1/15/2004, Adrian Simmons wrote:
I have a setup involving procmail, SA and Razor, at the moment, every time
I do a razor-report (with "| /usr/bin/spamassassin -r" in my procmailrc)
my mail spool gets poisoned with something like this:
X-Spam-Checker-Version: SpamAssassin 2.61 (1.212.
Dragoncrest <[EMAIL PROTECTED]> wrote:
> Just curious, but I've never noticed once where someone sent me
> legitimate mail from a .biz domain name. How about you guys?
I - for one - use a .biz domain name for a legitimate business. I have
a software program that I wrote to help the secretaries o
Alexander Litvinov wrote:
Hint: I think we should store these things in a SQL database instead of in
the file system, shouldn't we?
It is even possible to replace Berkeley DB with sql frontend and allow to use
postgres and for those who don't want to use sql server - sqlite
From the work curre
On Thursday 15 January 2004 07:00 CET Max Paperno wrote:
> At 1/12/2004 02:47 PM -0500, Mick Szucs wrote:
> >A message arrived the other day that when it was processed by spamd was
> > logged in /var/log/messages instead of /var/log/maillog (like all other
> > mail processed by spamd.) The message
On Wed, 14 Jan 2004, Brian May wrote:
> Thought this was a little humorous... Habeas is Misusing their own mark?
I certainly hope Habeas isn't using some form of automated update for that
infringer list/lookup. Otherwise I can see spammers abusing them further
by submitting as many legitimate use
Hi,
On Thu, 15 Jan 2004, Rose, Bobby wrote:
> From: Alexander Litvinov
>
> > Hint: I think we should store these things in a SQL database instead
> > of in the file system, shouldn't we?
> Can't you hide messages in jpeg? If they created an engine that
> embedded a hidden random word in the ima
Oy... I'm having a really bad day. :) either you will get three of
these update notices, or the good people who moderate will see that I
keep posting from the wrong account and pull those. Third time is a
charm, and I've changed my default email. Sincere apologies!!
Newest Chickenpox vaccinat
Yes but if you start comparing prices between companies that offer basic
no-frills consumer DSL as well as "business class" DSL where the only
difference is no blocked ports and maybe a handfull of IP's, you'll notice
Speakeasy's Residential no-frills consumer DSL with dynamic IP starts at
abou
On Thu, Jan 15, 2004 at 08:48:52AM -0500, Matt Kettler is rumored to have said:
>
> I'd also be hesitant to say *every* message with the mark is spam.. At
> least one of the SA-devels (Theo) puts it on most of his messages.
As do I.
These people who arbitrarily decide to change the score of a
On Thu, Jan 15, 2004 at 11:11:34 -0600, Bob Apthorpe wrote:
> You could just normalize the images to a 64x64 bitmap with a reduced color
> depth (12bpp; ~48kb uncompressed) and store that; there are probably some
> optical cross-correlation techniques you can use to measure how similar
> the images
Greg, please don't think that you know everything...
SBC DSL FAQ states:
Question:
Can I run dedicated servers with DSL Internet access service?
Answer: Answer last updated: 05-02-02
Yes, as long as you have a static IP address. The best part of DSL
Internet access service is that the larg
Using the Tripwire set (obviously):
X-Spam-Status: Yes, hits=30.2 required=5.0 tests=BAYES_60,BIZ_TLD,
FVGT_TRIPWIRE_AJ,FVGT_TRIPWIRE_AV,FVGT_TRIPWIRE_BF,FVGT_TRIPWIRE_BH,
Greg Cirino - Cirelle Enterprises wrote:
> Most broadband users are not responsible enough to
> have the high speed connection,
I wouldn't say "most", but "a lot".
> but all this rant aside,
> 40 bucks a month does not make you an ISP.
Nope. But it's cheaper than good third-party hosting, and
Perhaps this is a stupid question, but how can I determine that
Spamassassin is checking the Habeas violator list?
I originally removed the -8 score for habeas but then I reinserted it.
I am, however, still receiving tons of spam with the fake marks.
-8.0 HABEAS_SWE Has Habeas warra
On January 15, 2004 12:04 pm, Malte S. Stretz wrote:
> On Thursday 15 January 2004 07:00 CET Max Paperno wrote:
> > At 1/12/2004 02:47 PM -0500, Mick Szucs wrote:
> > >A message arrived the other day that when it was processed by spamd was
> > > logged in /var/log/messages instead of /var/log/maill
Hi all,
As an Amateur Radio operator or ham and pork lover who said ham was a
bad word :) Recently I saw that messages that qualify
surely as Ham or Spam are used in SA. Do I qualify as SPAM as a ham? :)
--
The Little Helper
> Computers are like cars. If you crash your car into someone else's car
> (or house, or business), you're gonna pay for the damage you caused.
And if someone STEALS your car, the person who stole it is responsible,
even if you are unaware of the theft. With insurane being compulsory, in
some p
Sorry it took so long, I was waiting to hear back from Fred. He is trapped
in the North :)
Veriosn 1.14 has been posted to web with Bart Schaefer's changes! Nice work
Bart!
http://www.merchantsoverseas.com/wwwroot/gorilla/99_FVGT_Tripwire.cf
Chris Santerre
System Admin and SA Custom Rules Empor
> -Original Message-
> From: Chris Santerre [mailto:[EMAIL PROTECTED]
> Sent: Thursday, January 15, 2004 12:30 PM
> To: Spamassassin-Talk (E-mail)
> Subject: [SAtalk] Tripwire Update
>
>
> Sorry it took so long, I was waiting to hear back from Fred.
> He is trapped in the North :)
>
>
Thanks Seth, that did the trick.
Brad
On 15 Jan 2004, Seth wrote:
> If you run the attached email through SpamAssassin, it should flag as a
> HABEAS_VIOLATOR.
>
> Seth
---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference
Top posting :/
31 & 41 need a "t" in the regex toward the end like so...
(?:['`]{1}[dst]{1})
Sorry about that. I realized it when I saw too many of them hitting.
It's fixed on the spamhammer page. I also let Chris know.
I also have started putting version numbers on the sets per request. I
s
Not that I don't like this discussion, but this really is getting way off
topic for Spamassassin.
Can it be taken offlist now?
--Chris
> -Original Message-
> From: Brian May [mailto:[EMAIL PROTECTED]
> Sent: Thursday, January 15, 2004 12:30 PM
> To: Greg Cirino - Cirelle Enterprises; Ba
This thread is useless without pics!
Oh wait, sorry.
This post is useless without the spam! :)
Try the new version of Tripwire (1.14) posted today. It's been beechwood
aged for twice the flavor!
--Chris
> -Original Message-
> From: Steve Thomas [mailto:[EMAIL PROTECTED]
> Sent: Thursda
Hi list,
I'm a bit stumped. We're using Spam Assassin on a linux box, is acting as a
mail gateway, delivering mail internally to a Groupwise server (running on
Netware 6). I'm trying to figure out how users can submit FPs and missed spam so
we can use sa-learn to train the bayes filter. I'
Hello,
I'm running qmail 1.03 on a redhat 9 linux box. I've installed qmail-scanner-1.20 and SA 2.61.
mail flow: internet --> qmail/SA relay box in DMZ --> exchange server inside of network.
local.cf file says:
--
required_hits 4.0
rewrite_subject 1
repo
On Thu, 15 Jan 2004, Brad Hazledine wrote:
> I originally removed the -8 score for habeas but then I reinserted it.
>
> I am, however, still receiving tons of spam with the fake marks.
Just checked my probably-spam folder for today. I have two spams with fake
Habeas -- but they STILL scored aroun
On Thu, Jan 15, 2004 at 08:32:03PM +1300, Scott Truman wrote:
> -rw-r--r--1 exim exim 1757 Jan 15 15:23 bayes_msgcount
> -rw-r--r--1 exim exim 4096 Jan 15 15:23 bayes_seen.dir
> -rw-r--r--1 exim exim 7878656 Jan 15 15:23 bayes_seen.pag
> -rw-r--r--1
In the latest versions of Guin there is a tools directory that should have EXPORTSPAM
http://www.beginfinite.com/html/gwen_manual_2/index.htm
create a shared folder that users put SPAM into, then extract this and feed your
database ... check out the above link to read up on it
>>> BJM <[EMAI
By
default spamassassin doesn't add to the subject line. It just adds it's
information to the mail headers. You have to tell it to rewrite the
subject line in your local.cf file
-Original Message-From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]On Behalf Of marc
jacksonS
In the last 48 hours we have received hundreds of emails like the one below: no body
at all. It looks like all the header information was inserted by sendmail from HELO,
MAIL and RCPT commands. The date is my mail server's date.
For some reason, my users don't like to receive these non-communi
Hi Marc,
Have you added a line to tell SA what you want the subject line to be
changed to?
Along with the rewrite_subject line, try adding a "subject_tag" like
subject_tag[SPAM]
Or
subject_tag***SPAM***
HTH,
Matt
From: [EMAIL PR
At 1/15/2004 06:04 PM +0100, Malte S. Stretz wrote:
>> The last line is the new one, and it escapes any % signs in the
>> Message-ID. I don't use spamd so I can't confirm this to be the case,
>> but seems likely as I think it also uses Sys::Syslog.
>
>That shouldn't matter as spamd uses
> syslog
Thanks for responding. In my local.cf file, I have:
"rewrite_subject 0" that *should* tell SA to rewrite the header shouldn't it?
Just for kicks, I toggled it b/n 0 & 1. Neither worked.
Any more thoughts?
Regards,
Marc
>From: "David Groce" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Subject: R
I was catching them with all of the other rules, I was just unsure as to
whether or not it was even checking the violator list. The sample that
Seth sent me came back positive so I know it is working.
Brad
On Thu, 15 Jan 2004, Christopher X. Candreva wrote:
>
> Rather that takeing out the Habea
I
think you need the subject_tag that Matt was referring to. I think for the
rewrite_subject tag, 0 is off and 1 is on. Try adding the
subject_tag SPAM or something to that effect.
-Original Message-From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]On Behalf Of marc
Newbie question - I just got one of those d-rug type emails that scored
several points above my spam cutoff and wasn't on a whitelist, yet the
subject wasn't tagged as expected. What can cause that? tnx
---
The SF.Net email is sponsored by E
On Thu, Jan 15, 2004 at 11:25:25AM -0500, Matt Kettler wrote:
> >Hey does anyone know if there are any spamassassin books comming out?
>
> None that I'm aware of.
There's 1 that I've heard about, but at last check they're still in the
outlining stage.
--
Randomly Generated Tagline:
I didn't wan
Just had the mail below trigger on:
2.0 MY_HTTP_ODD_PORT URI: Link to a server on nonstandard port
Why Vailresorts would want to go to the effort of declaring port 80 in their
link is a mystery.
However it is clearly not a non-standard port.
Alan
-Original Message-
From: e-Mount
At 02:59 PM 1/15/2004, Pierre Thomson wrote:
For some reason, my users don't like to receive these
non-communications. They slip right past SA with only a BAYES_99 penalty,
not enough to stop them. I could add a SUBJECT_MISSING test but it can't
have a high score; any other bright ideas?
BAYE
On Thursday 15 January 2004 21:09 CET Max Paperno wrote:
> At 1/15/2004 06:04 PM +0100, Malte S. Stretz wrote:
> >> The last line is the new one, and it escapes any % signs in the
> >> Message-ID. I don't use spamd so I can't confirm this to be the case,
> >> but seems likely as I think it also us
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On
> Behalf Of John Fleming
> Sent: Thursday, January 15, 2004 2:38 PM
> To: [EMAIL PROTECTED]
> Subject: [SAtalk] Above threshhold but not tagged
>
> Newbie question - I just got one of those d-rug type emails
Would it be possible for an additional mysql preferance for a threshold to
be added to an upcoming spamassassin release for mail deletion? e.g. A
user sets required_hits to 5, and sets deletion_hits to 10, any mail
between 5 and 10 is tagged, anything above 10 is deleted.
I had the same problemw when I first installed spamassassin with
qmailscanner. I found that I was using the -c -f switches with spamc.
-c = check only
-f = fallback safely - in case of comms error, dump original message
unchanges instead of setting exitcode
HTH
Jennifer
> -Original Messa
On Thu, Jan 15, 2004 at 08:41:58PM -, Alan Munday wrote:
> Just had the mail below trigger on:
>
> 2.0 MY_HTTP_ODD_PORT URI: Link to a server on nonstandard port
>
> Why Vailresorts would want to go to the effort of declaring port 80 in their
> link is a mystery.
>
> However it is cle
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday 15 January 2004 12:09, marc jackson wrote:
>
> Thanks for responding. In my local.cf file, I have:
> "rewrite_subject 0" that *should* tell SA to rewrite the header
shouldn't it?
yes
> Just for kicks, I toggled it b/n 0 & 1. Neither wo
At 03:37 PM 1/15/2004, John Fleming wrote:
Newbie question - I just got one of those d-rug type emails that scored
several points above my spam cutoff and wasn't on a whitelist, yet the
subject wasn't tagged as expected. What can cause that? tnx
are you sure it was above and not a large negative
If you have multiple SA filtering boxes, is it safe to NFS-mount a partition
with a system-wide Bayesian database and share it across all the boxes? In
our setup, we have three boxes dedicated to doing SA filtering, all running
the same version of FreeBSD, and it sure would be nice to be able to do
At 03:41 PM 1/15/2004, Alan Munday wrote:
Just had the mail below trigger on:
2.0 MY_HTTP_ODD_PORT URI: Link to a server on nonstandard port
Why Vailresorts would want to go to the effort of declaring port 80 in their
link is a mystery.
However it is clearly not a non-standard port.
Note:
Being thankful for SpamAssassin and it's sharing community of add-ons and
improvements, I'll share my mrtg scripts for SA in case anyone wants to
graph their SA performance.
The first graph, called "load" just graphs the CPU load on the computer.
Not SA specific, but handy since SA is pretty com
To the moderator of the FAQ:
Can we make this a FAQ?
Not to be rude to you Andrew, I know you are just asking a question but
1) a little research (reading the list archive from yesterday) would
show that the answer is no. SpamAssassin does NOT delete, it simply
marks up messages (It's not desi
At 04:01 PM 1/15/2004, Andrew Cranson wrote:
Would it be possible for an additional mysql preferance for a threshold to
be added to an upcoming spamassassin release for mail deletion? e.g. A
user sets required_hits to 5, and sets deletion_hits to 10, any mail
between 5 and 10 is tagged, anything ab
I've read the archives, and I've seen numerous answers to posts saying
that it's not supported. My question was to the developers - would they
(you) consider adding it to a future version of spamassassin?
The problem with qmail-scanner and the like is they aren't able to (from
what I've read) dele
Matt/Theo
Yes it did come from the "other" wiki.
This raises the question of how can we learners tell what is no longer valid
from the custom rule sets?
Also are there any established processes for managing them?
Thanks
Alan
> -Original Message-
> From: Matt Kettler [mailto:[EMAIL PRO
Fred thawd out. Added the PGP stuff that was requested. Update posted to my
site. Link in sig.
Who says opensource doesn't respond quickly?
Chris Santerre
System Admin and SA Custom Rules Emporium keeper
http://www.merchantsoverseas.com/wwwroot/gorilla/sa_rules.htm
'It is not the strongest
At Thu Jan 15 20:41:58 2004, Alan Munday wrote:
>
> Just had the mail below trigger on:
>
> 2.0 MY_HTTP_ODD_PORT URI: Link to a server on nonstandard port
>
> Why Vailresorts would want to go to the effort of declaring port 80 in their
> link is a mystery.
>
> However it is clearly not a
You asked for it!
http://sthomas.net/spam.txt
On Thu, Jan 15, 2004 at 02:10:24PM -0500, Chris Santerre is rumored to have said:
>
> This thread is useless without pics!
>
> Oh wait, sorry.
>
> This post is useless without the spam! :)
>
> Try the new version of Tripwire (1.14) posted today.
Read the first email! He's using qmail-scanner.pl
The default config for that sets fast_spamassassin, ie. spamc -c -f.
this will not return the full spamassassin report to qmail-scanner you need
to turn off the -c option. I know this is in the list archives I have
answered it before.
-Ori
On Thu, 15 Jan 2004, Dallas L. Engelken wrote:
> IMHO... i still think
>
> rawbody __PGP_BEGIN /^-BEGIN PGP (MESSAGE|SIGNATURE)-$/
> rawbody __PGP_END /^-END PGP (MESSAGE|SIGNATURE)-$/
Actually the intent of my suggested change was that all t
Success! You know that spam with the ever changing domains? The one with the
George Bush look alike doctor that is selling 6 kinds of Mr. Wiggly
enhancing drugs? Well I finally got it right and tested!
Watch out for line wraps in your mail client. (should be 7 lines)
rawbody __VDRUG1 /^\\/
rawbo
Andrew,
I am not a developer and don't pretend to speak for them. I am, however
a long-time user.
I understand your question but that's just not what SA does. If you read
the archives then you should know this. This isn't the first message
posted that explains that SA doesn't do this. (I know
At Wed Jan 14 19:38:33 2004, Gary Funck wrote:
>
> For the purposes of these tests how is "textual parts" defined? For example,
> in a multipart/alternative, would the tests be run both on the text part and
> the html part? Which MIME types are classified as text? Just for clarity,
> if someone a
I too would greatly appreciate any information - as we have 9 boxes
doing Spam scanning. Anyone tried this?
On Thu, 2004-01-15 at 13:31, Mike Jackson wrote:
> If you have multiple SA filtering boxes, is it safe to NFS-mount a partition
> with a system-wide Bayesian database and share it across al
We are working on a way to manage the custom rules A LOT better. Also we
will have some of the older ones for people not running the latest versions.
We will have them archived as older.
I'm not sure what Matt Y. was thinking scoring that at 2.0 :) But I suggest
lowering all custom rules that yo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday 15 January 2004 13:21, Andrew Cranson wrote:
> I've read the archives, and I've seen numerous answers to posts saying
> that it's not supported. My question was to the developers - would they
> (you) consider adding it to a future version o
1 - 100 of 166 matches
Mail list logo
