[SAtalk] Why is P***** Enlarge score so low

2003-09-30 Thread bob
As a newbie to spamassassin I was surprised to see emails offering to enlarge my private parts, passing the filter with low scores. I noticed that P***_Enlarge only scores 2.8 I have altered my user_pref file to now score this test at 20 Why is this test scored so low in the first place ? -

Re: [SAtalk] (no subject)

2003-06-04 Thread Bob
my email checked, I will > check it myself! Let me know how to get rid of you ASAP! Send an example of the mail you're getting that's been tagged by SpamAssassin (remember the to send the headers as well) and we'll try to get t

[SAtalk] filters wrong messages

2003-07-13 Thread Bob
adjust the filter settings. All I can find is instructions for linux. Thanks -- Bye Bob Bob Axmear 208 2nd St Ne Waukon, Ia 52172 http://groups.yahoo.com/group/photosx/ Photo Exchange Websites http://gardensights.com Hosta Library http

RE: [SAtalk] Improvement: Image Recognition as spam criteria

2004-01-15 Thread Bob Apthorpe
mages, leading to an unacceptable number of FPs. Spammers and anti-spammers are creative; ask yourself who else has implemented an image hash database or if nobody has, why not? -- Bob --- The SF.Net email is sponsored by EclipseCon 2004 Premiere

[SAtalk] Re: The CAN-SPAM act....

2004-01-16 Thread Bob Proulx
be an easy target. Bob pgp0.pgp Description: PGP signature

[SAtalk] OT: Counter-intelligence (Spy v Spy)

2004-01-16 Thread Bob George
re to aid with rules development? I don't want to sign up for a dozen "getting started with MLM" lists by any means, but I am curious where/how one might monitor what's afoot. - Bob --- The SF.Net email is sponsored by

[SAtalk] Re: unsubscribed

2004-01-16 Thread Bob George
ation request" scoring engine, and stuck on the input chain of a mailing list (along with normal spam/virus filtering)? I've also thought about it as a flame filter for active lists. - Bob --- The SF.Net email is sponsored by Ec

[SAtalk] Re: Ann: "Rules De Jour": An automated way to keep up with the latest rulesets

2004-01-17 Thread Bob Proulx
will prevent impulse spikes on the servers. MAXDELAY=3600 if [ ! -t 0 -a $MAXDELAY -gt 0 ] ; then sleep $(($RANDOM % $MAXDELAY)) fi Bob pgp0.pgp Description: PGP signature

Re: [SAtalk] Newbie queries, install and configuration

2004-01-18 Thread Bob Apthorpe
; thru SA and pass it onto Mozilla? Can those mails marked as SPAM be put > into a specific folder ie Junk on Mozilla? If you use procmail, you can direct tagged mail anywhere you want. If you use pop3proxy, you'll need to sort mail within Mozilla. As was mentioned before, don't

[SAtalk] Forgery rules for outblaze/mail.com & rambler.ru

2004-01-18 Thread Bob Apthorpe
Outblaze/Mail.com scoreRAA_FORGED_FROM_OUTBLAZE 3.0 header RAA_FORGED_FROM_RAMBLERReceived =~ /imx[12]\.rambler\.ru/ describe RAA_FORGED_FROM_RAMBLERReceived line forged to implicate rambler.ru scoreRAA_FORGED_FROM_RAMBLER3.0 Have fun, -- Bob

Re: [SAtalk] SpamAssassin 2.62 is released!

2004-01-19 Thread Bob Apthorpe
od, probably because I manage perl modules with CPAN; rpm doesn't obviously fail but it also doesn't generate packages either[1]. If you run an all-rpm system you'll probably have better luck. -- Bob [1] Under SuSE 8.2, 'rpm -ta SOURCES/Mail-SpamAssassin-2.62.tar.gz' produ

Re: [SAtalk] Spam Assassin Problems

2004-01-20 Thread Bob Apthorpe
don't think that's the problem, though: > * > * > # spamd -d > Can't locate HTML/Parser.pm in @INC (@INC contains: ../lib [...] Try installing the HTML::Parser module and see if that helps. -- Bob

Re: [SAtalk] More obfuscation

2004-01-20 Thread Bob Apthorpe
e must exist a perl equivalent to it. see: > http://at.php.net/manual/en/function.levenshtein.php See http://search.cpan.org/search?query=Levenshtein&mode=all for a number of approximate-match and edit-distance modules. -- Bob --- The SF.Net ema

Re: [SAtalk] [OT] - The current state spam.

2004-01-20 Thread Bob Apthorpe
hrough the provider? There are plenty of options open to the consumer and the provider; most of the problem is the provider's cheapness and lack of creativity. Hint: you can solve both problems by firing those idiot Stanford MBAs you hired from failed dot-coms and take the money you save to

Re: [SAtalk] Hello, new to list ! :-)

2004-01-21 Thread Bob Apthorpe
writing guides available: http://mywebpages.comcast.net/mkettler/sa/SA-rules-howto.txt http://www.intuitive.com/spam-assassin-rule-help.html (roughly the same material but a little easier to read) You'll find a lot of custom rules and rule-writing guidance on http://www.exit0.us, too. hth,

Re: [SAtalk] stats

2004-01-22 Thread Bob Apthorpe
t;2004-01-22 00:00:00" sa-stats.pl -s "today midnight" or sa-stats.pl -s "midnight" My logs are under /var/log/mail so I use: sa-stats.pl -l /var/log/mail -s "2004-01-22 00:00:00" I've been hacking sa-stats.pl and contributing patches

RE: [SAtalk] stats

2004-01-22 Thread Bob Apthorpe
Hi, On Thu, 22 Jan 2004, Vermyndax wrote: > Hi Bob... > > Thanks for the suggestions. I downloaded the latest sa-stats.pl from > www.sf.net CVS (v1.3) and tried as you suggested, but I'm still getting > all zeros. > > Details... > > My mail logs are at /var/

RE: [SAtalk] stats

2004-01-22 Thread Bob Apthorpe
spamd[14936]: identified spam (8.2/5.0) for > filter:500 in 1.9 seconds, 1756 bytes. I fixed the regex[1] in 1.3 and made some other changes; try http://www.cynistar.net/~apthorpe/code/sa-contrib/sa-stats.pl and see if that works for you. I verified it works on that log fragment. -- Bob [1

Re: [SAtalk] stats

2004-01-22 Thread Bob Apthorpe
onds,\s+ 118 ([0-9]+)\sbytes\. 119 /x) { In line 102 $YEAR should be set via a command line option or a standard, smart algorithm for guessing the year. I chose the simple, dumb way of taking the current year which is guara

Re: [SAtalk] stats

2004-01-22 Thread Bob Apthorpe
Hi, On Thu, 22 Jan 2004 15:12:06 -0600 Wagner One <[EMAIL PROTECTED]> wrote: > On 1/22/2004 1:15 PM, Bob Apthorpe wrote: > > > Note: I think this my hacked-up version of sa-stats.pl at > > http://www.cynistar.net/~apthorpe/code/sa-contrib/sa-stats.pl > > > &

[SAtalk] spamsources.sh - see who's spamming your Postfix server

2004-01-22 Thread Bob Apthorpe
ses in spam/ham ratios), and temporarily add firewall blocks or MTA rules (like dynamically updating an MTA access.db) Have fun! -- Bob [1] shared-austin.bos.hosting.com[64.55.166.99] forwards most of the mail directed to my ancient soon-to-be-retired address <[EMAIL PROTECTED]>, lina.cyni

[SAtalk] Re: SA-procmail newbie

2004-01-27 Thread Bob Proulx
to do the --ham learning from your normal mailbox too. You want similar numbers of both if possible. Bob pgp0.pgp Description: PGP signature

[SAtalk] [RD] FP with Fred's 90_FVGT.cf

2004-01-27 Thread Bob Amen
e are undesirable side effects to my change. Anyone have a better way to fix this? Cheers, Bob -- Bob Amen O'Reilly & Associates, Inc. http://www.ora.com/ http://w

Re: [SAtalk] stats (Slightly OT)

2004-01-28 Thread Bob Apthorpe
Hi, On Mon, 26 Jan 2004 22:09:28 -0600 "Vermyndax" <[EMAIL PROTECTED]> wrote: > Bob... > > Once again, excellent work. Thanks - I give back what I can. > I think my only complaint now is that my master.cf is messing with your > script's ability to report

Re: [SAtalk] stats

2004-01-28 Thread Bob Apthorpe
to run a known test case for both scripts and then anaylze it by hand to figure out what's broken. Any other JAPHs out there that want to take a crack at analyzing both scripts for consistency? -- Bob --- The SF.Net email is sponsored by

Re: [SAtalk] Bigevil and thoughts....

2004-01-28 Thread Bob Amen
od of time, then I will remove. I've started a small list of these to check on in a few weeks. I concur. Zero FP's is an impossible goal to achieve with so many opinions regarding what is spam and what isn't. But I think you are close enough for o

Re: [SAtalk] stats

2004-01-29 Thread Bob Apthorpe
On Fri, 23 Jan 2004, AltGrendel wrote: > On Fri, 2004-01-23 at 00:14, Bob Apthorpe wrote: > > Hi, > > > > On Thu, 22 Jan 2004 15:12:06 -0600 Wagner One <[EMAIL PROTECTED]> wrote: > > > > > On 1/22/2004 1:15 PM, Bob Apthorpe wrote: > > > &g

Re: [SAtalk] stats

2004-01-30 Thread Bob Apthorpe
nd I'm still hacking away on mine. I must submit those changes to Bugzilla soon... -- Bob --- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclip

Re: [SAtalk] Re: Installation failure

2004-01-30 Thread Bob Apthorpe
was that they didn't and you had to tweak their broken perl installation to use gcc and not their non-existant commercial compiler. See http://www.cynistar.net/~apthorpe/code/configuring_cpan.html for details. hth, -- Bob --- The SF.N

[SAtalk] Re: spammer reactions to antidrug (humorous)

2004-01-30 Thread Bob George
-completely-totally-unlike-spam manually, I suspect it's automated by now. - Bob --- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclips

Re: [SAtalk] autolearning spam as ham?

2004-01-30 Thread Bob Apthorpe
[THIS LIST HAS MOVED! see http://useast.spamassassin.org/lists.html .] On Thu, 29 Jan 2004 13:08:58 +0100 PieterB <[EMAIL PROTECTED]> wrote: > Can somebody explain me why a spammessage gets learned as ham? Dunno. Why are you running the message through SpamAssassin twice? -- Bob

RE: [SAtalk] CHARSET_FARAWAY_BODY test

2002-01-16 Thread Bob Proulx
> If it matters to anyone the X-Mailer that originated the "windows-184" > character set is: > X-Mailer: MSN Explorer 7.00.0021.1702 Leave it to Microsoft to turn plain text into a proprietary protocol. Bob ___ Spamassassin-talk

Re: [SAtalk] Spamassassin White List of This Email

2002-01-17 Thread Bob Proulx
is to your ~/.spamassassin.cf file: whitelist_from *@mailer.whitehat.com HTH Bob ___ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] Undisclosed recipients

2002-01-17 Thread Bob Proulx
mal course of action. They occur other places with a regularity as well. Bob ___ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] Undisclosed recipients

2002-01-17 Thread Bob Proulx
n(1) program autoresponds with out of the office messages without bothering to add a To: header and generates these types of messages as a normal course of action. They occur other places with a regularity as well. Bob ___ Spamassassin-talk mailin

Re: [SAtalk] Counting the spam filtered

2002-01-17 Thread Bob Proulx
ssuming you are saving it to a spambox then: grep -c '^From ' spambox Bob ___ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] detecting faked headers pretending to be from Hotmail

2002-01-18 Thread Bob Proulx
tself. But it does an amazingly good job with only a one node categorizing engine. Bob ___ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] false positives

2002-01-18 Thread Bob Proulx
er that a plus. But I do clean those messages out of the spam trap so that it won't confuse the results of training spam filters on the trapped mail in the future. This is not quite what you were asking. But perhaps it will spark another idea. Bob __

Re: [SAtalk] repeated-scanning

2002-01-19 Thread Bob Proulx
nclude that logic Charlie> there - don't pass it through spamassassin again if that Charlie> header exists. Or alternately you could in that case run it through spamassassin -d to restore it to normal. Then it would run through the, poss

Re: [SAtalk] Counting the spam filtered

2002-01-19 Thread Bob Proulx
s | wc -l More MUAs need to support Maildir. Unfortunately the one I like the best does not yet do so. Bob ___ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] Subject munging bug?

2002-01-25 Thread Bob Proulx
ated processing by autorpm and dpkg and other utilities trivial. Please keep it simple and easy. Bob ___ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] spam deferral

2002-01-25 Thread Bob Proulx
bably not productive. Bob ___ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] Version Numbering

2002-01-25 Thread Bob Proulx
style of version numbers and changed to whole numbers separated by dots scheme of 5.6.1. > Note: letters will break this too. Letters are a pain because there are so few of them. When you run past z you either go to aa or decide that perhaps .27 is not such a bad i

Re: [SAtalk] Version Numbering

2002-01-25 Thread Bob Proulx
8 2.9 2.10 2.11 2.12 2.13 2.14 Gosh, 2.2 _is_ significantly older than 2.14. Who would have guessed? Bob ___ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] Version Numbering

2002-01-25 Thread Bob Proulx
be different. Just to be different I suggest you rearrange the gear pattern on your gear shift and also mix up the brake and accelerator pedals. Bob ___ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] False positive with 2.0

2002-01-25 Thread Bob Proulx
well for me. Too bad it can't now separate the spammers from the merely inconsiderate. Bob ___ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] Version Numbering

2002-01-26 Thread Bob Proulx
iguous of a versioning scheme as possible. Make it easy on people trying to use and deploy the tools. Bob ___ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] Version Numbering

2002-01-28 Thread Bob Proulx
o you. Think very carefully about breaking RPM installation before going off on a rant like this. I realize that the Perl community will disagree but perl is only a small portion of a system and rarely installed by perl itself. But this is getting pretty fa

Re: [SAtalk] Version Numbering

2002-01-28 Thread Bob Proulx
as the external version of the package. Knowing CPAN's problems and the current 2.01 SA as an example, I myself would set the internal perl version to 2.01 and the external version used for rpm and other package tools to 2.0.1 and call it done. Bob ___ S

Re: [SAtalk] Version Numbering

2002-01-28 Thread Bob Proulx
ent you from upgrading to an older version. Usually in that case you need special handling to clean up the mess. > I vote for numbering such as 2.01. It works just great, why change it. And if it doesn't work? :-) Bob P.S. I have expended more energy on this topic than it warrants. I

[SAtalk] SA speed

2002-02-26 Thread Bob Plankers
already working on. :-) 4) How do you guys want patches? Thanks, all. Have a good day. ...Bob ...... Bob Plankers[EMAIL PROTECTED] University of Wisconsin - Madison +1.6

Re: [SAtalk] SA speed

2002-02-27 Thread Bob Plankers
o integration of SA with the mail machines. Less for me to worry about when the rest of the mail team does things to the mail machines... :-) ...Bob On 26 Feb 2002, Sidney Markowitz wrote: > On Tue, 2002-02-26 at 13:41, Bob Plankers wrote: > > However, SA is really slow, and I ne

RE: [SAtalk] Why am I having so many problems..spamc not working

2002-02-28 Thread Bob Plankers
When you invoke spamc, do so by giving it your username: spamc -u plankers (for me). Otherwise the version in 2.1 doesn't function properly. ...Bob On Thu, 28 Feb 2002, Mike Loiterman wrote: > Did some digging. > > Procmail is working fine > SpamAssassin is working fine

Re: [SAtalk] Why am I having so many problems..spamc not working

2002-02-28 Thread Bob Plankers
it, but my new laptop has Linux and I have a plane flight tomorrow, so guess what... :-) I'll see if I can find the problem (if the folks at the airport don't dismantle my laptop first). ...Bob On Thu, 28 Feb 2002, Craig Hughes wrote: > On 2/28/02 11:30 AM, "Bob Plankers" &

RE: [SAtalk] Why am I having so many problems..spamc not working

2002-02-28 Thread Bob Plankers
Eric, Is your mailer daemon running as the user 'qmailq'? I'm not sure that running as root is a good idea, but it may be a symptom of the same problem. ...Bob On Thu, 28 Feb 2002, Woodworth, Eric wrote: > I also have to run spamc with the -u flag to get it to work. I us

Re: [SAtalk] Speed

2002-03-06 Thread Bob Plankers
messages per second, fed serially via formail on a generic 1.4 GHz Athlon box. ...Bob > > Matt, take a look at bugzilla #62 -- there is more discussion of exactly > > this there. If you re-order the rules, then the only problem with > > short-circuit scoring is razor submi

Re: [SAtalk] Speed

2002-03-07 Thread Bob Plankers
other configuration option then, too. I'll poke at it and see what we'd get from it. ...Bob > Actually I don't think this will be an issue any more. If the > stop_at_threshold is enabled, each sub will enter and immediately exit, > meaning the result is the same as Craig

Re: [SAtalk] SA-milter on AIX?

2002-03-14 Thread Bob Plankers
Kenneth, What compiler are you using? ...Bob On Wed, 13 Mar 2002, Kenneth Garreau Jr. wrote: > Has anyone here been able to compile SA-milter on AIX? I'm riddled with > a billion compile errors, including the following: > > c++ -DHAVE_CONFIG_H -I. -I. -I. -O2 -Wall -c s

[SAtalk] SA with Eudora or other Windows mail reader?

2002-05-27 Thread Bob Weissman
ible to force Eudora to re-read the file passed to a "notify application" filter? Alternatively, do you know of another PC-based mail reader which does allow SpamAssassin-type filtering? Thanks, - Bob ___ Don't m

Re: [SAtalk] Finally got it working...

2002-06-08 Thread Bob Proulx
SpamAssassin catagorizes messages, Procmail files messages. This is what I have in my .procmailrc file to file the spam that spamassassin has tagged. :0fw | spamassassin -P :0e { EXITCODE=$? } :0: * ^X-Spam-Flag: YES caughtspam Bob

Re: [SAtalk] SA with .forward files

2002-06-12 Thread Bob Proulx
But forward them with procmail and you have more control. Here is an example .procmailrc snippet which will forward all mail to the specified address. :0c ! [EMAIL PROTECTED] Always test your mail configuration by sending test messages af

Re: [SAtalk] country code blacklists

2003-08-14 Thread Bob Sully
x27;t remember even one from *.ie recently (no false-negatives, anyway!). -- Bob -- On Wed, 13 Aug 2003, Nix wrote: > On Mon, 11 Aug 2003, Justin Mason said: > > Folks -- > > > > just to add to this thread of absurd spam filtering. > > > > Without naming names

Re: [SAtalk] meaning of code in filter

2003-08-14 Thread Bob Apthorpe
double-quoted string.)" If you have detailed questions about existing rules or you want to write your own, you really need to read Perl's regular expression docs first. -- Bob --- This SF.Net email sponsored by: Free pre-built ASP.N

Re: [SAtalk] filter catching excel files

2003-08-14 Thread Bob Apthorpe
> these rules before you implement them. You're taking an extremely smart > content filtering system and turning it into a really dumb one. Scunthorpe. -- Bob --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Re

[SAtalk] Help with BAYES database problem

2003-08-14 Thread Bob Mcgregor
/bayes R/O: Invalid argument Does anyone have any ideas how we can continue to use the BAYES database from our old server, or do we have to start afresh. Many thanks in advance for any suggestions to a resolution for this problem. Regards, Bob. Bob McG

Re: [SAtalk] user_prefs configuration

2003-08-14 Thread Bob Apthorpe
Hi, On Tue, 12 Aug 2003 17:10:15 -0500 Mike Grau <[EMAIL PROTECTED]> wrote: > on 08/12/2003 02:07 PM Bob Apthorpe wrote: > > > > > Has someone explained to him what a horrible idea this is? Spam is usually > > forged to look like it came from a non-existant or inn

Re: [SAtalk] [SA talk] Little OT: getting my outgoing mail blocked for no reverse dns

2003-08-15 Thread Bob Proulx
net. You would need to have them set up a reverse dns entry for you. Bob --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an X

[SAtalk] forged From: check?

2003-08-18 Thread Bob Proulx
other people solved this problem? Thanks Bob Received: from tiger.example.com (tiger.example.com [10.0.0.101]) by bear.example.com (Postfix) with ESMTP id 83A4713957 for <[EMAIL PROTECTED]>; Wed, 16 Oct 2002 00:36:16 -0600 (MDT) Received: from lion.examp

[SAtalk] Re: forged From: check?

2003-08-18 Thread Bob Proulx
Matt Kettler wrote: > Bob Proulx wrote: > > whitelist_from_rcvd [EMAIL PROTECTED] example.com > > whitelist_from_rcvd [EMAIL PROTECTED] mymachine.example.com > > where "mymachine.example.com" is some internal machine that spam won't > arrive from, bu

Re: [SAtalk] How To Change Recipient In User Unknown Message?

2003-08-19 Thread Bob Apthorpe
sender to set up some alternate means of delivery. MIMEDefang does that with infected and disallowed files. If you need to accept and discard spam but alert *someone* that the message was dropped, alert the recipient, not the alleged sender. -- Bob

Re: Re[2]: [SAtalk] Moved into the ex-ip of a spammer

2003-08-19 Thread Bob Apthorpe
rassed back to sanity. This more than anything is why I run my own mail servers - to avoid just this sort of erratic behavior from my ISP. ... > Which is why Spews is such a joke. SBC really doesn't have > to worry about losing customers when there is no place for > them t

Re: [SAtalk] Re: forged From: check?

2003-08-19 Thread Bob Proulx
alan premselaar wrote: > Bob Proulx wrote: > > I would rather do this all within SA, though, since that is > > already hooked into the mail flow. > > how do you have SA imeplemented at your site? this sounds like something > that's easily done with MIMEDefang (

Re: [SAtalk] `HTML::Parser' not found.

2003-08-20 Thread Bob Apthorpe
m not very used to Perl , but I thought > that this config should work. It should, though it's possible that with multiple installations of perl or with perl+modules not compiled from source (e.g. installed via RPM) that you might have some brokenness within your local perl distribution(s.) h

Re: [SAtalk] Threaded lookups PLEASE!

2003-08-20 Thread Bob Apthorpe
threading model and to SpamAssassin to make use of the aforementioned are cheerfully accepted. :) -- Bob --- This SF.net email is sponsored by Dice.com. Did you know that Dice has over 25,000 tech jobs available today? From careers in IT to Engi

Re: [SAtalk] "This mail is probably spam." (-105 points)

2003-08-20 Thread Bob Apthorpe
massassin should operate this way? Not without some of the above information, no. > I would think that it would only attach the above text only if it was > likely that the email was spam. Generally, yes. -- Bob --- This SF.net email i

Re: [SAtalk] What is the point of this spam?

2003-08-20 Thread Bob Apthorpe
s posts BTW, I love seeing $RANDOM IZE and variants scattered through the text. While trying to pollute bayes, they provide us with a virtually foolproof spam signature. :) -- Bob --- This SF.net email is sponsored by Dice.com. Did you know t

Re: [SAtalk] joe-jobs anyone?

2003-08-21 Thread Bob Proulx
out there and I am only partially affective. The rest I have been manually deleting. Looking forward to this current surge of virus hacks to subside. Bob pgp0.pgp Description: PGP signature

[SAtalk] OT: mercury.thesuttons.force9.co.uk tagging outbound mail

2003-08-22 Thread Bob Apthorpe
es here since I trust remote sites not to flag their outgoing ham as spam (so I don't have to send all inbound mail through 'spamassassin -d | spamc') FYI, in case people are wondering why their posts aren't getting timely responses... :) -- Bob ... Received: by thesuttons.forc

Re: [SAtalk] kernel panics and the .spamassassin/bayes_ stuff

2003-08-24 Thread Bob Proulx
main in the other systems queue and it will be retried again. Sorry but I do not know enough to comment on your bayes database issues. Bob pgp0.pgp Description: PGP signature

Re: [SAtalk] Parsing almost-certainly-spam and probably-spam files

2003-08-27 Thread Bob Apthorpe
I'd probably use one of the first four modules to extract a list of messages from the mbox file, then convert each of those messages into Mail::Internet objects to analyze the appropriate headers, and strip off the original SA tagging of suspected

Re: [SAtalk] different notification emails depending on domain

2003-08-27 Thread Bob Apthorpe
ix the problem. Above all, place the burden on your local network, not the rest of the world. -- Bob --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf __

Re: [SAtalk] RBL

2003-08-27 Thread Bob Apthorpe
On Wed, 27 Aug 2003 17:56:19 +0200 Céline REDON <[EMAIL PROTECTED]> wrote: > Hi all, > > Could anyone tell me if there is some free RBL ?? Yes, see http://openrbl.org and http://www.declude.com/junkmail/support/ip4r.htm -- Bob -

Re: [SAtalk] OT: Spam hell

2003-08-27 Thread Bob Apthorpe
dmail myself and I'm hardly a > guru there either - but can't you require validation to connect to the > server? All users on my system have to validate before being allowed > to send mail. Unless I'm mistaken, that prevents outside spammers >

Debian stable backport (was: [SAtalk] Trademark improperly used in deceptive ad?)

2003-08-28 Thread Bob Proulx
ian.org/~duncf/debian/ woody main Bob --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ___ Spamassassin-talk mailing list [EMAIL PR

Re: Debian stable backport (was: [SAtalk] Trademark improperly used in deceptive ad?)

2003-08-28 Thread Bob Proulx
Adam D. Barratt wrote: > Bob Proulx wrote: > > I assume you found Duncan's backport area? Just making sure. > > > > deb http://people.debian.org/~duncf/debian/ woody main > > That only appears to include 2.54. If you review what changed between 2.54 and 2.5

Re: Debian stable backport (was: [SAtalk] Trademark improperly used in deceptive ad?)

2003-08-29 Thread Bob Proulx
Bob Proulx wrote: > Adam D. Barratt wrote: > > Bob Proulx wrote: > > > I assume you found Duncan's backport area? Just making sure. > > > deb http://people.debian.org/~duncf/debian/ woody main > > That only appears to include 2.54. > > If you review

Re: [SAtalk] SpamAssassin 2.60 rc3 released

2003-08-29 Thread Bob Apthorpe
efault 1) UNIX domain sockets (above) 2) localhost:783 If this goes in, I'd suggest in 2.7x if only so any bugs in the UNIX domain sockets are flushed out of the 2.6x release. Thoughts? -- Bob --

Re: [SAtalk] OSIRUSOFT

2003-08-30 Thread Bob Apthorpe
y difficult; if they can't find you, they can't sue you. Hell, I have to credit the RIAA for being the biggest driver of personal privacy technology. As long as they keep suing their customers, they'll keep motivating privacy technology developers. Long-term, we win. -- Bob [

Re: [SAtalk] OSIRUSOFT

2003-09-01 Thread Bob Apthorpe
> in a idea like this. I wish I had the time and competence for a project like this. I couldn't find the time to help with mass-check runs for SA 2.6x :/ -- Bob --- This sf.net email

Re: [SAtalk] OSIRUSOFT

2003-09-01 Thread Bob Proulx
Bob Apthorpe wrote: > Richard Ahlquist wrote: > > The only gotchyas are how to maintain it. Who decides who is on it > > and when they come off. > > Balancing anonymity and trust is difficult ... I prefer the benevolent dictator approach, where I get to choose and to ignor

Re: [SAtalk] How to identify attachments with PIF extensions?

2003-09-01 Thread Bob Apthorpe
rtain HTML, etc), neutralizing whatever junk was sent to you. It also tags content it has sanitized, making it easier to write SA custom rules to flag malware. I'd probably just move sanitized content to a virus folder and not process it by SA, but you could p

Re: [SAtalk] Using spamc

2003-09-01 Thread Bob Apthorpe
->new(); # add/replace with DBI call to pull mail message from MySQL my $spamtest = Mail::SpamAssassin->new(); my $status = $spamtest->check ($mail); if ($status->is_spam ()) { # do something to suspect mail # $status->rewrite_mail (); } e

Re: [SAtalk] SA tags, but won't redirect

2003-09-06 Thread Bob Apthorpe
get redirected. How do you make SA redirect? Make procmail happy. :) Also, considering adding: DROPPRIVS=yes to your .procmailrc for safety and use VERBOSE=YES LOGFILE=$HOME/procmail.log during testing to see what procmail is doing (vs what you think it's doing.) Check the man pag

Re: [SAtalk] allowing certain types of spam

2003-09-09 Thread Bob Amen
er spammer will be able to forge both the From and Received headers. Bob -- Bob Amen O'Reilly & Associates, Inc. http://www.ora.com/

Re: [SAtalk] Nigerian, er, Afghani scam

2003-09-11 Thread Bob Sully
Well, I got one of these today also (though it purportedly came from some boggart in the United Arab Emirates who has esophageal cancer (couldn't happen to a nicer spammer!))...anyway, it only scored a 4.0, and I'm running 2.55 with Bayes on (adequately trained). -- Bob -- On T

Re: [SAtalk] SA 2.60 was hit-and-miss for me

2003-09-12 Thread Bob Apthorpe
t anything having to do with > Osirusoft. :) Do the messages that passed through 2.60 also pass through 2.55? > Is this a known problem? And if not, any hints on how I might try to track it > down? May be, though if the issue is message size, it's intentional behavior. -- Bob Apt

Re: [SAtalk] Has anyone written rules for Sobig:F

2003-09-14 Thread Bob Apthorpe
6588, 7033, 8000, 8080, 8081, 8085, 8090, 8095, 8100, 8105, 8110, and . These are given as examples of the scope of reactive proxy testing; I strongly advise against scanning other networks unless you want a call from your ISP. hth, -- Bob Apthorpe ---

Re: [SAtalk] Rule for no reverse DNS

2003-09-15 Thread Bob Apthorpe
smarthosting, even if you send mail directly, because you never know when RoadRunner, et. al. will arbitrarily block your mail solely because it comes from a DSL connection[1]. It's best to have a tested contingency plan for rerouting outbound mail because complaining about being inadverte

Re: [SAtalk] Rule for no reverse DNS

2003-09-15 Thread Bob Proulx
recent batch of mail 1189 messages out of 3832 total spam messages came to my server from an unregistered IP address. So "unknown" sites account for nearly one third of my spam. Ratio of mail without reverse DNS: spam: 1189/3832 non-spam: 80/2142 Not having reverse DNS is a really strong spam sign. Bob pgp0.pgp Description: PGP signature

Re: [SAtalk] Infinite-Monkeys

2003-09-16 Thread Bob Apthorpe
or retest by DSBL, Monkeys, and Blitzed and you should be OK. Once you've done that, fix the HELO/EHLO string on your mail server to be a FQDN (RFC requirement.) hth, -- Bob Apthorpe --- This sf.net email i

  1   2   3   4   5   >