You may want to consider qmail-scanner for this. It uses SA as a
scanner and will tag ALL email in the queue. See:
http://qmail-scanner.sourceforge.net/
---
Ed Henderson
Certainty Tech
http://www.certainty.net/
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED
I am using v1.5 and just got a false positive due to the
CHARSET_FARAWAY_BODY test. I looked thru the Perl code and see that it
is a test that looks for suspicious foreign character types. The
character type in this case was not foreign but was called
"windows-874". How do I modify my ~/.spamas
>
> Grrr. Since when is that an "accepted" character set? Stupid windows. :-(
>
> Add it to lib/Mail/SpamAssassin/Locales.pm.
>
> I hate to encourage such nonsense in their choice of MUA, though ...
>
> --
> Charlie Watts
> [EMAIL PROTECTED]
> Frontier Internet, Inc.
> http://www.frontier.net/
>
> >
> > Grrr. Since when is that an "accepted" character set? Stupid
> windows. :-(
> >
> > Add it to lib/Mail/SpamAssassin/Locales.pm.
> >
> > I hate to encourage such nonsense in their choice of MUA, though ...
> >
> > --
> > Charlie Watts
> > [EMAIL PROTECTED]
> > Frontier Internet, Inc.
> > ht
> > > I hate to encourage such nonsense in their choice of MUA, though ...
> > >
>
If it matters to anyone the X-Mailer that originated the "windows-184"
character set is:
X-Mailer: MSN Explorer 7.00.0021.1702
---
Ed.
___
Spamassassin-talk mailing
> I'm setting up another mail system and I'd like to be able to deliver the
> site-wide spam to a single maildir, while letting everything else get
> delivered by vpopmail.
>
> So far I've been unsuccessful because Procmail seems to want to
> either deliver
> everything or nothing; it doesn't (or
> First make sure you have added the "seek.diff" patch to vpopmail so that
> vdeliver can accept multiple pipes. Next change bottom of procmailrc to:
>
Forgot to mention the link to the vpopmail seek patch:
http://www.thesafebox.com/
Here is the discussion regarding it:
http://bluedot.net/m
> Thank you, this works beautifully. I had failed to mention that
> I did have
> the seek patch already too. :-)
>
> Now to get the SQL implementation going with my modified spamc
> and a quick CGI
> for the users to turn on/off their filtering. Oh yes, and a cron
> job so that
> we only keep t
> Duncan Findlay said:
>
> > > I was looking to how I could just delete mail that is flagged
> for/as SPAM
> > > rather than leaving it in the users, inbox. I run a small
> domain here,
> > > and the users agree that spam assassin is great, and they have enough
> > > confidence in it that it woul
report_header 1
defang_mime 0
use_terse_report 1
This makes it work best if you want the original HTML message to remain
readable.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of
> Michael Geier
> Sent: Tuesday, January 29, 2002 12:03 PM
> To: [sa-
www.myparty.yahoo.com 0 W32/MyParty-A
Of course seperate columns by TABS and run qmail-scanner-queue.pl -g
afterwards.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of
> Justin England
> Sent: Tuesday, January 29, 2002 2:51 PM
> To: [EMAIL P
>
>
> www.myparty.yahoo.com 0 W32/MyParty-A
>
> Of course seperate columns by TABS and run qmail-scanner-queue.pl -g
> afterwards.
>
>
> ___
> Spamassassin-talk mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/spamass
> At least on my systems, spamc is called in the .qmail-default
> file, which only
> is called when the mail is delivered locally (and in my case, is
> delivered
> through the standard mechanism (not an alias). I haven't heard of spamc
> being run earlier in the delivery queue.
>
> Regards,
> And
> BTW: I agree with the sentiment about virus scanners vs spam. In
> Qmail-Scanner, the SpamAssassin support merely tags the messages as spam -
> it doesn't quarantine them like it does for viruses. Still too many false
> alerts I'm afraid - a lot of my Email from root cronjobs gets caught! ;-)
>
>
> I currently have a qmail+qmailscanner+sophos antivirus setup on
> redhat. How
> do I integrate spamassassin? Their website doesn't have any docs with that
> combination.
>
> -Nelson
>
The setup you are describing is exactly like mine (except different OS). If
you download the latest Q-S v1.1
>
> How would SA know which domains you service? Seems like a really hard
> problem unless you make big assumptions about how mail services are
> implemented at that location. Maybe this is a "feature" which could be
> implemented in documentation or something...
>
> C
>
I'm didn't mean to impl
Upgraded to v2.01 and seem to be getting more missed Spam than in v1.5.
This one message that I just recieved made it thru. I would have thought
that the "line of yelling" and "unsubscribe" would have triggered a score
but they were missed.
Here it is:
Return-Path: <>
Delivered-To: [EMAIL PROTE
>
>
> I'm seeing a lot of debt stuff too...
>
> How about:
>
> body PAY_OFF_DEBT /pay off (your )?debt/i
> describe PAY_OFF_DEBT A "pay off your debt" spam
>
> Matt.
> --
> <:->Get a smart net
>
What puzzles me is that this one should have gotten a LINE OF YELLING and
UNSUBSCRIBE. Something appe
> The LINE_OF_YELLING test is (IMHO) too picky in SA 2.0 (and, I presume,
> 2.01). See the archive for details. Bottom line, the line has to be >=
> 45 characters long, and there has to be a YELLING word >= 5 chars long
> >= 20 chars from either end. I proposed a couple of lame replacements,
>
How do I get a list of addresses that are currently in the auto_whitelist
database? Is there a way to remove a specific one aside from sending a
message to "spamassassin -R"?
---
Ed.
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.
I have been testing the auto_whitelist (AWL) feature sitewide in a single
database and have come to realize that it does have a downside - namely that
if false negatives get thru then eventually their address is added to the
AWL and then SA will never catch them as Spam. Any way around this? I a
>
>I was think about this exact same thing today, as I put SA into
> production for my 400+ users (800+ email accounts - and without a
> hiccup, I might add ;^). I wanted to have the default be to not filter
> because that's what people are used to, so I set the default theshold to
> 100 and
>
> How does solve my original problem of false negatives? all that it would
> take would be a few marginally spammy messages < 5 then once the
> threshhold
> is reached then they can Spam away!
>
> --
> Ed.
>
>
I've seen this happen already with some stuff from directclick.com. Now the
Spam h
How in the world did this one get thru? It contains the word Penis three
times and Viagra. I am using v2.01 stable.
Ed.
-Original Message-
Return-Path: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
>From [EMAIL PROTECTED] Fri Feb 01 09:20:17 2002
Return-Path: <[EMAIL PROTECTED]>
So far I have seen the following with v2.01 as compared to v1.5:
1. 2.01 appears to be better at reducing false positives that v1.5 - this
is good!
2. 2.01 appears to be worse with false negatives. There is alot more Spam
getting thru. I don't have the ability to run the false negatives thru 1
>
> In 2.01, the tests are as follows:
> 20_body_tests.cf:
> body VIAGRA/VIAGRA/
> * should probably be case insensitive
>
> change to:
> body VIAGRA/VIAGRA/i
>
> as far as I can tell, there is no rule simple looking for the
> word penis
> (a
>
> This looks (case-insensitively) for the word "penis" or the word
> "enlarge" followed by any character (including newline) 0 to 50 times
> and it looks for that whole thing twice (or more).
>
> -D
>
> --
>
> In the way of righteousness there is life;
> along that path is immortality.
>
> Just to reassure people -- I firmly believe that autowhitelisting can do a
> very good job of reducing false positives from frequent non-spammer
> correspondents. There's just a flaw in the current algorithm which wasn't
> thought through terribly hard. Once I update the algorithm and re-relea
> Having said that, I think apart from the issues with AWL, it's not *too*
> bad.
>
> C
>
Here, Here!! :-)
Ed.
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
Get rid of the "-a" switch in spamd.
---
Ed.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Bill
> O'Hanlon
> Sent: Saturday, February 02, 2002 1:46 PM
> To: [EMAIL PROTECTED]
> Subject: Re: [SAtalk] sitewide auto_whitelist db
>
>
> On Fri, Feb
I've noticed an additional header has been added to my emails since
upgrading to SA 2.01. There is an additional pseudo-header like:
>From [EMAIL PROTECTED] Thu Jan 31 17:47:22 2002
added usually before the Delivered-To: header. I have set the spamd option
"-F 0" but this has no affect. Any i
For some reason this message gets tagged by the USER_IN_WHITELIST test. I
do not have the From or To in my whitelist. I do not use autowhitelist and
have no whitelist_from defined for any yahoo.com addresses. I am using the
stable v2.01. Any ideas? This is the second message today that was ta
*@diamondwebdesigns.com
whitelist_from *@elijahlist.com
whitelist_from *.echampions2000.com
> -Original Message-
> From: Craig Hughes [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, February 06, 2002 11:42 AM
> To: CertaintyTech - Ed Henderson
> Subject: Re: [SAtalk] US
]
> [mailto:[EMAIL PROTECTED]]On Behalf Of
> CertaintyTech - Ed Henderson
> Sent: Wednesday, February 06, 2002 11:56 AM
> To: Craig Hughes; satalk
> Subject: RE: [SAtalk] USER_IN_WHITELIST problem
>
>
> Here are my whitelist_from entries in my /etc/mail/spamassassi
I have been seeing alot more Spam get thru (false negatives) in v2.01 than
with v1.5. I have been comparing the scores of 1.5 with 2.01 to see why.
Here is an interesting discovery: there are several scores in the
50_scores.cf file that are 0.01 in value:
50_scores.cf:score A_HREF_TO_UNSUB
> I think the Genetic Algorithm (GA) assigns all the scores now.
> GA's are very
> powerful optimization tools, and if the GA lowered those scores, it likely
> raised (compensated) other scores that were more common spam signatures.
>
> The GA is only as good as the population of data it is run on
> show-stopper bugfixes. Please get the latest stuff from CVS (or wait
> till after ~1am PST and get the 2.1 tarball from the website) and try it
> out over the next few days. I've re-instated the "-a" flag in the spamd
> startup scripts, but make sure you're using it, and let me know how it's
>
> In your personal .spamassassin.prefs, place something like this:
> Business User: Yes
> Pornographer: Yes
> Anti-Hotmail: Yes
> ...
> etc
>
> and have these kinds of group modifications tone down the scores
> of specific
> types of tests (in this case, anything mentioning money or having
> $ in
The whitelist_from entries for a site would normally be in
/etc/mail/spamassassin/local.cf
--
Ed.
> We've been attempting to setup a global whitelist for our SpamAssassin
> installation in our office. We've tried
> /usr/share/spamassassin/60_whitelist.cf and /etc/spammassassin.cf with
> no luck?
> > anyone else seeing false-positives more often with 2.11?
>
> Yes, I have had to roll back to 2.01.
>
> Geoff Gibbs
I have not seen more false positives but have seen a significant improvement
with false negatives. From my experience it is an improvement over 2.01
---
Ed.
___
You can up the debug level to VERBOSE=9. This may tell you more. I'm
guessing that spamc is failing with some error and therefore maildrop defers
delivery. Enclose the xfilter line with an exception:
exception {
xfilter "spamc -f"
}
to "./Maildir"
This will allow maildrop to go ahead
Maybe spamc is returning some odd status code that maildrop misinterprets as
a failure. Again it seems to point to spamc/spamd
Ed.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Brook
> Humphrey
> Sent: Thursday, March 07, 2002 11:48 AM
> To: Sp
Downgrade to Razor 1.19 and it will work. There has been several
discussions about this on the list the last few days.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of
> [EMAIL PROTECTED]
> Sent: Saturday, March 09, 2002 9:15 AM
> To: [EMAIL PROTE
Use the "-F 0" switch for spamd/spamassassin
---
Ed.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of
> Rodent of Unusual Size
> Sent: Saturday, March 09, 2002 9:30 AM
> To: [EMAIL PROTECTED]
> Subject: [SAtalk] rewrite_mail changing 'Return-Path: '
I have been unable to get spamd to log any messages to syslog "mail"
facility. I have even switched it to "local0" and still no luck. The odd
thing is that spamd does send all syslog messages to the console. Here is
the line that I used for syslog.conf:
local0.info /var/log/spamd.log
spa
> It works for me. I think I'd be looking at syslog. Perhaps your Perl
> syslog interface?
>
> #!/usr/bin/perl -w
>
> use strict;
> use Sys::Syslog qw(:DEFAULT setlogsock);
>
> my $log_facility = 'mail';
> openlog('test_logger','foo,bar',$log_facility);
> syslog('info',"Test log entry");
>
> --
>
>
> There's an absurdly simple DoS attack against remotely-logging syslog.
>
> You just log like crazy.
>
> Fill up the attackee's disks.
>
> Somebody else mentioned another perl program that looked like it was
> perhaps using the /dev/log syslog interface - you might investigate that.
> If you do
> > Somebody else mentioned another perl program that looked like it was
> > perhaps using the /dev/log syslog interface - you might
> investigate that.
> > If you don't need remote logging enabled, it's best to disable it.
> >
> > --
> > Charlie Watts
>
The question that I have is "why does Spa
How do you get it to bind only to 127.0.0.1? I don't see an option in
syslogd or syslog.conf for that.
>
> Personally, I don't care if syslogd allows "network" logging through UDP,
> because I:
>
> 1. Only bind to 127.0.0.1
> 2. Firewall the syslog port on the local machine for TCP and UDP
> 3.
This is not SA specific but I am using maildrop as a filter to make delivery
decisions for my email, ie. Spam or not Spam. I am trying to come up with
recipe for extracting the email address from the "From:" header. Of course
the From: header can take many different forms:
From: [EMAIL PROTECT
I am using SA 2.11 and sometimes see messages that are messed up - all of
the headers appear in the body of the message and the From: and To: headers
are empty. This has happened very infrequently but I wonder if anyone else
is seeing this on occasion? Or is this a known problem with 2.11? It s
> Might conceivably be a locking problem. How are you delivering
> messages, and to what sort of message store (mbox, maildir, etc.)?
>
> Greg
> --
I am using qmail+vpopmail+maildrop to Maildirs. Like I said it does not
happen often but I have seen it occasionally. Here are some of the
> Were these line breaks there or did you add them when
sending the> message?>> -jim>
Here are the headers again in HTML so that
you don't get the line breaks. Also, all headers and first part of body
are included:
Return-Path: <[EMAIL PROTECTED]>Delivered-To: [EMAIL PROTECTED]Return-Path:
>
> Hate to sound like the boy who cried wolf, but *that* definitely sounds
> like a locking problem. Is procmail delivering to an mbox file? If so,
> does the delivery recipe lock the file?
>
> Read "man procmailrc" for procmail's locking syntax. Like everything
> procmail, it's cryptic and no
> My setup is using procmail; question for you guys: are the incoming
> mails getting clobbered arriving near each other in time? I have a
> number of cron jobs on our servers that all occur simultaneously that
> launches a bunch of mail messages, some of which arrive intact, some of
> which don't
Add a whitelist_from entry in your /etc/mail/spamassassin/local.cf or
perhaps a custom rule that looks for a unique Subject and scores the message
with a -100. See man page Mail::SpamAssassin::Conf for details.
==
Ed.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROT
s Charlie Root
score CHARLIE_ROOT -100.0
Now it will get thru.
---
Ed.
> -Original Message-
> From: Mike Loiterman [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, March 16, 2002 2:03 PM
> To: 'CertaintyTech - Ed Henderson';
> [EMAIL PROTECTED]
>
> Sent: Saturday, March 16, 2002 4:43 PM
> To: 'CertaintyTech - Ed Henderson';
> [EMAIL PROTECTED]
> Subject: RE: [SAtalk] Whitelist for Charlie Root
>
>
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Ugh...its still isn't working. I paste
arch 17, 2002 5:03 AM
> To: 'David G. Andersen'
> Cc: 'CertaintyTech - Ed Henderson';
> [EMAIL PROTECTED]
> Subject: RE: [SAtalk] Whitelist for Charlie Root
>
>
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hrm...
>
> I'm doin
You may want to look at the "spamc -c" option which will return error codes
that correspond to the number of hits, etc.. Based on what spamc -c reports
you could exit with a particular status code that would cause the SMTP
session to fail and not continue. I personally use qmail and an exit code
I am very pleased with SA and the job it is doing. Good job to all!
But...In my situation if SA makes a false positive it is often on mailing
list type emails. Perhaps a user has suscribed to a joke of the day or some
hobby list, etc... Has anyone developed any custom rules what would
give -ve
t; To: [EMAIL PROTECTED]
> Subject: [SAtalk] Re: List emails
>
>
> CertaintyTech - Ed Henderson wrote:
>
> > I am very pleased with SA and the job it is doing. Good job to all!
> >
> > But...In my situation if SA makes a false positive it is often on
> > m
Kerry,
Could you try adding the tests that Matthew recently posted specifically for
lists? Would be interesting to see how or if these change your results.
Here they are:
Here's some rules that I have for lists:
# Only look for 7 bit chars between square brackets, because a lot
# of spam with 8
I am an ISP using SA for my customers. I have set the default SA threshold
to 7. I have also setup a bi-weekly report notifying my customers of how
many Spam messages they have accumulated. No Spam messages are deleted
unless they are older than 30 days. They can then go to our Webmail service
gt; University of California, Berkeley
> [EMAIL PROTECTED]
>
> On Tue, 19 Mar 2002, CertaintyTech - Ed Henderson wrote:
>
> > I am an ISP using SA for my customers. I have set the default
> SA threshold
> > to 7. I have also setup a bi-weekly report notifying my
> customers o
>
> On Wednesday 20 March 2002 11:46 am, Lewis Bergman wrote:
> > I have installed SpamAssassin and it is working as it should
> be. The only
> > problem I seem to have is this error is reported when it runs:
> > razor check skipped: No such file or directory undefined Razor::Client
>
> If you are
Remember that spamc will only scan messages that are 250KB or smaller.
Could it be that some larger messages are the ones that you saw without any
SA headers?
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Scott
> Doty
> Sent: Wednesday, March 20
Percentage is relative but on my box spamd is currently using 8.8MB of RAM.
Got this from top.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of AHA
> Lists
> Sent: Friday, March 29, 2002 9:43 AM
> To: [EMAIL PROTECTED]
> Subject: [SAtalk] Spamd and
>
>
> My % = 6.8 megs. That just seems really high while sitting there doing
> nothing but waiting.
>
>
>
I see that you are using AWL. How large is your db? This may be what is
using alot of your RAM. My AWL db is about 16MB.
---
Ed.
___
Spamass
So what you are saying is that they can have custom settings thru their
personal .mailfilter file but not thru their own user_prefs dir thru SA.
Correct?
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of
> Dallas Engelken
> Sent: Friday, March 29, 200
I am working on a vpopmail patch to SA. My first go at it on Friday looks
good. When it is ready I will release it to the list in a few days.
Basically you pass the email address using "spamc -u [EMAIL PROTECTED]" (like
the SQL lookup feature) and spamd will look up userinfo from vpopmail.
Norma
Want to pose this question to the more knowlegeable:
If I use sitewide AWL (as defined in my /etc/mail/spamassassin/local.cf) but
still allow individual users to create their own user_prefs where they could
create whitelist_from entries would this skew the sitewide AWL db for other
users? Here is
> > If I use sitewide AWL (as defined in my /etc/mail/spamassassin/local.cf)
> but
> > still allow individual users to create their own user_prefs where they
> could
> > create whitelist_from entries would this skew the sitewide AWL db for
> other
> > users?
>
> Bart Schaefer mentioned this, and I
Take a look at "man Mail::SpamAssassin::Conf" this should give you
configuration help.
--
Ed.
>
> Hi folks,
>
> I'd like to add a couple rules to SpamAssassin:
>
> - Detect if the email is in some funky character set
> - Detect if the email is not in english
> - Detect if the subject ends in six
Here is from a recent post from Dallas:
first you have to apply the seekable patch to vpopmail
(http://www.thesafebox.com)
after you have the seekable patch applied, you can filter through maildrop
by changing your domain/.qmail-default file to
| maildrop mailfilter
the mailfilter file must be o
Try adding the -c option to spamd.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Shane
> Hickey
> Sent: Wednesday, April 03, 2002 1:29 PM
> To: [EMAIL PROTECTED]
> Subject: [SAtalk] auto-whitelist problem
>
>
> Howdy all, I'm sure I'm doing some
I
currently use 5, 7, and 10. I posed this same question sometime ago
and this was the consensus.
-Original Message-From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of
RenatoSent: Wednesday, April 03, 2002 4:16 PMTo:
[EMAIL PROTECTED]Subject: [SAtalk] Help
Shane Hickey [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, April 03, 2002 2:48 PM
> To: CertaintyTech - Ed Henderson
> Cc: [EMAIL PROTECTED]
> Subject: RE: [SAtalk] auto-whitelist problem
>
>
> Hmm... I changed the way I start spamd to "spamd -d -c -a -F1 -u spamc"
> a
Sorry. I can't reproduce it. Didn't mean to raise a false alarm.
> -Original Message-
> From: Craig R Hughes [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, April 03, 2002 11:39 PM
> To: CertaintyTech - Ed Henderson
> Cc: Shane Hickey; [EMAIL PROTECTED]
>
> hi,
>
> I've been using spamassassin for a few weeks and
> am pretty happy with it. My setup is with
> spamc/spamd. Some users however would prefer to be
> able to see the HTML (in case) for readability. Is
> there any option for this?
>
> thanks
>
> --
> Ivan Ivanyi
>
You will find your a
> Qmail + qmailqueue patch + tls patch
> qmail-scanner + sophie/sophos
> spamd/spamc
>
I ditto this. This system is very similar to mine and it just plain works!
Very little day to day maintenence.
---
Ed.
___
Spamassassin-talk mailing list
[EMAIL
Title: User_prefs location
Per
user preferences go in ~/.spamassassin/user_prefs. Site wide preferences
are typically stored in /etc/mail/spamassass/local.cf
-Original Message-From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Andy
GramataSent: Thursday, April
> > It is. It's just only in there as source, not a binary.
> >
> any takers as to why it's only there as source?
> --
> Duncan Findlay
>
I believe its because of the qmail licensing. You can distribute source
freely but not precompiled binaries.
--
Ed.
__
> Spamassassin is correctly identifying emails as spam but seems to
> corrupting
> the mailbox when writing the email back to it.
>
> I am using the daemon and spamc via procmail.
>
Post your procmail recipe. Problem probably lies there.
___
Spamas
> If you manually add a line like
> From Mon Apr 15 13:49:45 CDT 2002
> right here above the Received: line, the message will no longer be
> "embedded" in the previous one. That 'From ' line (but don't indent
> it) is the message separator in the mbox format.
>
If you run spamd with "-F 1" o
>
> One of the options we offer at Star/ML is to send all spam to an
> admin instead
> of the recipient. That might be a useful option for you. I'm not sure how
> you'd do it with your setup, but I'm sure someone else can offer
> the right
> recipe.
>
> - --
> Matt.
This can easily be done thru p
>
>
> You guys are great. I love initiating good conversation. You've brought
> some very points to the table, includiung legal issues. Anyway -- my
> problem still remains. Any ideas how to set up maildrop rules to do this?
> Thanks for the tip Ed.
> BTW -- Thanks Rich Wellner, you're a cool
No you can't. Q-S will only run spamc and doesn't block or quarantine any
Spam messages. It has to be done further down the delivery pipe using
maildrop or procmail.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of
> Christopher Davis
> Sent: Wedne
> By policy we used to strip ALL attachments. That could work out
> the problems
> above but only if it was done before spamd gets the mail.
>
> Nick
This where something like MIMEdefang could help you.
---
Ed.
___
Spamassassin-talk mailing l
cmail.)
-Original Message- From: CertaintyTech
- Ed Henderson Sent: Wed 4/17/2002 4:50 PM To: Nick
Fisher; Christopher Davis; [EMAIL PROTECTED]
Cc: Subject: RE: [SAtalk] Porn mail deleting for
school
> By policy we used to strip ALL attachments. That could
> Let's say I've got an e-mail that is a false-positive and has an
> attachment and/or is in HTML format. Because SpamAssassin inserts
> the detailed results into the body of the message, it won't be
> displayed by (lets say) Eudora as an HTML message. Everyone here uses
> POP clients, so the mes
>
> Finally! It's here! I just rolled out the .tar.gz and .zip files to the
> spamassassin.org website, so it should either be updated now, or will
> auto-update itself soon to reflect that. Matt Seargeant, I'd be
> obliged if you
> could update CPAN with 2.20. The CVS tag for this release is
> I didn't see any way mentioned to tell qmail-scanner not to scan
> outgoing mail. If
> you follow the advice of setting your SA preferences to not
> modify the body and add a
> rule that gives a big negative score for some header that you can
> be sure indicates
> that the mail is being sent fro
7 is the most common at my site.
---
Ed.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Eric
> S. Johansson
> Sent: Sunday, April 21, 2002 4:44 PM
> To: Klaus Heinz; [EMAIL PROTECTED]
> Subject: Re: [SAtalk] false positive
>
>
> At 02:56 PM 4/21
>
> I wanted something free (GPL or similar), and preferably not written
> in Java (as is OpenAntiVirus, the only package mentioned on freshmeat
> that does have its on ruleset).
>
> SPAM: email sent by an infected human.
> Virus: email sent by the infected combination human/computer.
> Worm: emai
Create custom rule like:
header OLDADDRESS Delivered-To =~ /brians-old-address\@enchanter\.net/i
describe OLDADDRESS This is an old address
score OLDADDRESS 100.0
Now any message with Delivered-To: header will get a score of 100 and
therefore get tagged as Spam.
---
Ed.
>
> I have some old ema
> The two obvious approaches seem to have problems:
>
> |spamassassin -d |mail $MAIL -- spamassassin will simply reprocess the
> message, and, in any case, the original headers won't show up properly
>
> |spamassassin -d >>$MAIL -- this could run afoul of sendmail delivering
> mail
>
> So... any s
> > It has also got an issue with not bouncing spam to non existing
> addresses
> > there needs to be a check as to what
> VHOME=`/var/vpopmail/pop/bin/vuserinfo
> > -d $EXT@$HOST` actually comes to... when it says "no such user" then it
> > ought to bounce rather than trying to put it in a maild
>
> Anyone else here trying to use SpamAssassin to filter
> ALL incoming mail for many users in Vpopmail on Qmail?
>
> Is Qmail-Scanner the way to go? http://qmail-scanner.sourceforge.net/
> ifspamh? http://www.gbnet.net/~jrg/qmail/ifspamh
>
> Any tips/URLs/FAQs appreciated.
> I'm pret
>
> I believe the new version of SA allows userprefs in vpopmail directories..
> although I have not had the time to play with it. I dont see how it could
> be faster to parse a userpref file than do a database query
> anyhow.. I think
> i'll stick with my current setup.
>
> Dallas
>
I'm the on
1 - 100 of 125 matches
Mail list logo