Greg Cirino - Cirelle Enterprises wrote:
> Most broadband users are not responsible enough to
> have the high speed connection,
I wouldn't say "most", but "a lot".
> but all this rant aside,
> 40 bucks a month does not make you an ISP.
Nope. But it's cheaper than good third-party hosting, and
John Fleming wrote:
> X-Spam-Status: No, hits=-4.9 required=2.4 tests=BIZ_TLD,DATE_IN_PAST_12_24,
> HABEAS_SWE,HTML_50_60,HTML_MESSAGE,MIME_HTML_ONLY,
> MIME_HTML_ONLY_MULTI,RCVD_IN_SORBS,WHY_WAIT autolearn=ham version=2.60
[snip]
> Apparently autolearn is now turned ON, but it used to be OFF!
Fred Bennett wrote:>
> I have SA 2.61 running spamd on a Mandrake server with Postfix. It
> sends mail to our Exchange 2000 server on the LAN. All is ok, except
> for one user that wants to opt-out. This user wants to get all
> messages unmodified by SA (I think header mods would be acceptable as
Martin Radford wrote:
> I'm pretty sure that the "autolearn=" is always present, irrespective
> of whether or not Bayes is actually available.
Yep. You should see "autolearn=off" if Bayes is inactive though.
> Obviously, if
> autolearn=ham or autolearn=spam, then Bayes *is* available. But you
Brett Dikeman wrote:
> I tried setting bayes_auto_learn_threshold_nonspam to a positive
> value- almost all legitimate email we get on the particular system is
> marked somewhere between 0 and 2- rarely any lower. Ever(save for
> whitelisting).
You've found the right setting, and I'm not aware of
Swapana Ghosh wrote:
> I have installed the spamassassin 2.41 in my local
> server. My intention is to upgrade it to 2.55.
> So after installing the spamassassin then i am running
> the procmailrc [which i kept under /etc directory ] ,
> i have started *spamd* , the Option at spamd startup
> sc
Nix wrote:
> On Thu, 7 Aug 2003, William Nichols stated:
> > unable to open ./SPAM/Restoring Creditworthiness to Power Companies :
> > at /usr/lib/perl5/site_perl/5.8.0/Mail/SpamAssassin/ArchiveIterator.pm
> > line 331.
> > unable to open Sept. 22-23 NY NY.eml: at
> > /usr/lib/perl5/site_perl/5.8.
I'm once again trying to debug some of my rules, and I'm having trouble
with what *seems* to be a bug in the handling of some types of nested
multipart MIME messages.
A customer reported an untagged pornspam over the weekend. They
forwarded the message as an attachment (attached), so I can see whi
Kris Deugau wrote:
> I'm once again trying to debug some of my rules, and I'm having trouble
> with what *seems* to be a bug in the handling of some types of nested
> multipart MIME messages.
Just to add to the confusion, I've just noticed that the message
received at the
"Fred I-IS.COM" wrote:
> Can anyone provide a policy for an ISPs' use of Spam Assassin to
> filter customers e-mail?
Make it opt-in: the customer MUST take some sort of specific action in
order to have SA filter their mail.
In our case, the customer actually signs up for an added-value
mail-filt
Ken Gordon wrote:
[spams snipped]
I've had customers report a few of these; SA seems to ignore the actual
message body; and therefore a long list of tests which would otherwise
trigger (and push such messages to 5.5-6 with default rules, and
probably over 10 with some of the custom rules I've wr
"Chad Leigh -- Shire.Net LLC" wrote:
> We send all email through spamassassin but do no actual filtering. ALL
> email is passed to the customer so that they can process the SA flags
> themselves if they choose to.
This is how I set up our domain hosting server; but because domain
email accounts
"Carl R. Friend" wrote:
>I'll concur that auto-deletion is not the wisest path to follow
> but I, too, am being lead down that path at the ISP
*wibble* Is this a Management path, or a "Users flooding the support
lines with requests" path?
> I volunteer time
> to (non-profit, so don't get you
Fuzzy Fox wrote:
> There is very little for any of SA's rules to trigger on, very little
> for any Bayes tokenization to use. The message is short, and I'd
> consider it basically an "image-only" type of spam, which SA is not
> likely to ever detect as spam, unless there is some corroborating evid
Kai MacTane wrote:
> In particular, I want to catch use of their "real name" info in the
> Subject:, or capitalized versions in the body. For easy testing, I'm
> supposing just one user, a Mr. Foobar Wombat. My rules to catch
> things are as follows:
[snip extra rule bits]
> header SUBJ_FOOBAR_CA
Jason McCormick wrote:
> I just upgraded to 2.55 and followed the directions for changing
> local.cf (allow_user_rules 1) to allow the user_prefs file to be read
> from ~/.spamassassin however I'm still not seeing spamd reading this
> file. I just installed spamc to run as a filter in postfix an
Charles Mount wrote:
> Gauntlet, like most commercial virus protection software does not offer the
> option of discarding virus infected messages; the only option is cleaning.
> Changing firewall software or routing of mail are not options.
> When Gauntlet detects a virus infected attachment, it re
Larry Gilson wrote:
> I could be wrong about this but I do not believe that spamc needs to be run
> with the -u parameter. The reason is that the master.cf file should be
> configured to pipe the message to filter script running as user filter.
Dunno. I don't speak postfix.
Personally, I'd us
Replied-to-sender and CC'ed to the list (I usually reply direct to the
list, not the sender) as Sourceforge has rejected my reply twice. >:(
Bill Polhemus wrote:
> Since I don't want the stuff appended by SA to be part of the email used to
> train Bayesian, I have to go through each message (I us
James Herschel wrote:
> Tailing the maillog
> ... /var/qmail/.spamassassin/.spamassassin/bayes_seen
> Running your command:
> ... /root/.spamassassin/bayes_toks
Your two sets of information are from different databases. I suggest
either symlinking /root/.spamassassin to /var/qmail/.spamassassin;
Larry Gilson wrote:
> I think that you will want to lower the score to maybe 1.0. There are
> a lot of legitimate mail servers that do not have a reverse lookup.
Like my own personal server at work. :/ For whatever reason, reverse
lookups on the IP block it's on don't resolve from outside. I t
No need to CC me; I'm subscribed to the list.
Mike Loiterman wrote:
> Kris Deugau wrote:
> > The patch was created by someone else. I didn't apply it directly,
> > as I wanted a patch to apply during a .rpm build, so I rebuilt it
> > as a "whole-source-tree
Steve Frazier wrote:
> I installed RH 9.0. It has Spamassassin installed along with
> sendmail. There has been talk about procmail, does that mean
> Spamassassin doesn't work with sendmail?
sendmail on its own does not really know how to talk to SpamAssassin.
If you were inclined to experiment,
Please remember not to post in HTML.
"Fred I-IS.COM" wrote:
> ---cut---
> When spamd receives a connection, it spawns a child to handle the
> request. The child will expect to read an email message from the
> network socket, which should then be closed for writing on the other
Skylar Thompson wrote:
> I use the MIMEDefang and SpamAssassin plugins for sendmail on my
> FreeBSD 4.8 mail server. For some reason, SpamAssassin tags all
> messages as SpamAssassin tags all messages as spam, even when the
> score is low or sub-zero. I have required_hits set to 5 in
> sa-mimedefan
Chris Barnes wrote:
> header LOCAL_PERLMX_TAG_100 /X-PerlMX=~ /\b Probability=100\%/
^
Just at a guess, what you want is something like:
header LOCAL_PERLMX_TAG_100 X-PerlMX=~ /\b Probability=100\%/
The header name isn't part of the regex.
-kgd
--
hm. I've l
Stephan van Hienen wrote:
> with 'subject_tag *SPAM* (_HITS_)' in local.cf
> now with this spam result
> X-Spam-Status: Yes, hits=5.8 required=5.0
[snip]
> i get this subject: '*SPAM* (05.84)'
> why the 0.04 extra ?
Rounding errors. Note that the X-Spam-Status line on
Stephen Reese wrote:
> h, i still don't understand why SA is not even looking at them
> though see's everything else?
In a nutshell, because virus messages don't look much like spam.
Virus messages are usually sent via a legitimate ISP's mail server.
They have (usually) valid return addresse
Per olof Ljungmark wrote:
> Is it possible to move a "auto-whitelist" and "bayes*" database from
> one machine to another or does it have to be created on the machine
> it will run on?
As long as a) the two machines are running the same type of hardware (ie
both x86, or both PPC) and b) both machi
Bret Miller wrote:
> Yes and no. How an e-mail gets forwarded is very much
> client-dependent.
You could put it that way.
> I find that with Microsoft products, there isn't any easy way to get
> it to forward a message and include the full headers.
My experience has been that once you get user
"Malte S. Stretz" wrote:
> On Tuesday 30 September 2003 21:41 CET Kris Deugau wrote:
> > ... and 3 ways to
> > attach a complete message (as sent by the POP3 server) to a new
> > message.
> Could you tell me the way to do it with Outlook 2000? I searched for that
Robert Krüger wrote:
> I've tried to apply the razor2-patch like it's described in the
> Readme and FAQ, but it doesn't work.
>
> I tried to execute: patch -p0 < Razor2.patch
>
> but I only got "command not found". Where is the 'patch' executable
> supposed to come from? What do I have to install
Fabiano Bonin wrote:
> BUT, in my particular point of view, spam generates 2 big problems:
>
> 1 - Lots of crap in our mailboxes
> 2 - Lots of internet traffic
>
> Today, SpamAssassin is solving problem number 1 greatly, but problem
> number 2 is unsolved, since i will continue to receive all thi
[EMAIL PROTECTED] wrote:
> a friend of mine wants to deploy SpamAssassin with Sendmail on the
> MTA level. MIMEDefang or milter-spamc/miltrassassin/spamass-milter
> are possible solutions.
> The problem is to restrict Spam Tagging for only some addresses :
> messages to [EMAIL PROTECTED] should not
Luis Hernán Otegui wrote:
> Hi, does anyone have any ideas about how to create a shortcut in PINE
> to remove spam headers from a message?
Not sure about this part of your question...
> Currently, I have a quarantine account for mail that scored between 5
> and 15 (I reject messages above that),
"Keith C. Ivey" wrote:
> One fairly easily detectable spam sign is the almost-white text
> (used to hide the irrelevant words), like this:
> > argumentation scabby
> > writhe
> That should have triggered HTML_FONT_INVISIBLE, but I think
> that test has some bugs.
It certainly has a bug on my sys
Chris Santerre wrote:
> Ok, perl gurus! If I but ?: in front of all my evilrules like so:
>
> /?:www\.spamhost\.com/i
> or
> /?:(www\.spamhost\.com)/i
>
> Would the rules be faster?
Actually, you'll probably get lint errors from SA.
?: is only useful when using parentheses to group tokens:
/(?
Charles Gregory wrote:
> When we first started using SA, I kept a casual eye on the personal files
> in .spamassassin, and did not see anything particularly problematic, but
> NOW I see auto-whitelist and 'bayes' files that are exceeding 1MB in size,
> each. Is this 'normal'?
For users with lots o
Simon Byrnand wrote:
> I imagine it would, however single threaded delivery mode just isn't
> an option for any kind of real world use. Until such time as sendmail
> implements a *proper* local delivery concurency setting, my method
> works very well...
IIRC, you posted this method seom time ago-
Patrick Morris wrote:
> Unless I'm misunderstanding what your procmail recipes are doing,
> it's *alread* been hacked into Sendmail.
Not exactly, there are a few load-based controls on *some* aspects of
sendmail's processing...
> From a sendmail.cf file I've got lying around:
> # load average at
Michael Emdy wrote:
> I've been trying to upgrade my Spam Assassin install on RedHat 9
> unsuccessfully so far.
> I get this when trying to use the RPM from the SA site.
>
> [EMAIL PROTECTED] src]# rpm -Uvh spamassassin*
> warning: spamassassin-2.60-1.i386.rpm: V3 DSA signature: NOKEY, key ID
> e5
Ian Douglas wrote:
> Any permission issues to take into account if you make the owner of
> the file something other than the user's login name? If you change
> the owner of the filename but maintain writable permission to the
> files otherwise, you effectively have no quota issue as someone else
>
Dan Wilder wrote:
> In our case I took an old workstation, beefed up RAM and swapspace
> and dedicated it to running spamd. Servers having swapspace maxed out
> solved, and there's no possibility the demands of other processes
> will suddenly push a well-tuned spamd off the slippery slope into
> t
ian douglas wrote:
> Right now I have MailScanner configured to delete high scoring spam so
> it doesn't end up in my user's mailbox, but what about the 'bounce'
> option?
>
> I'd *really* like to find a way to spoof a 550 error or a 'user
> unknown' error
What's to spoof? Unless you've got a *v
"Cheryl L. Southard" wrote:
> Does anyone know if the "-m" flag is now more stable? We've since
> upgraded to Spamassassin 2.54 and Solaris 9.
I don't recall hearing any bugs specific to -m, but I though I saw some
odd behaviour reported on Solaris.
> Or maybe you folks can help me find another
Michael Bellears wrote:
> My debug output indicates that sql prefs are being fetched for user
> 'spamd' rather than recipient of e-mail:
[snip]
> Spamd:
> /usr/bin/perl /usr/sbin/spamd -D -m 10 -a -v -x -q -u vpopmail -H
> /home/vpopmail/ -d --pidfile=/var/run/spamd.pid
How is spamc getting called
Walter wrote:
> I get every day 700 emails generated on my system by the mail-deamon
> saying:
> from: Mail Delivery System
> subject:Undelivered Mail Returned to Sender
[snip]
> How can I stop this? I checked already my log files and I see that it
> comes from the apache deamon
Check your web d
First of all, please don't post in HTML.
Bill Polhemus was manually quoted as having said:
> I am running SA 2.60 installed from the RPMs on Red Hat 9, on an AMD
> 2100+ based system with a half-gig of RAM.
Personally, I've avoided RH > 7.3 for server work- RH8 and RH9 have seen
any number of rea
Robert Abatecola wrote:
> Has anyone else noticed a hugs increase in the amount of spam lately?
> In the last month or so the volume has more than doubled and a very
> large portion of it gets through spamassassin 2.41.
At the very least, you should upgrade to 2.44 (or 2.45 if it ever
existed)- th
p2 wrote:
> The majority of my users are POP. I would like an easy way to teach SA
> using spam emails from my user. Does anyone have any suggestions on the
> best method (easy) for users to transfer their spam to a location? Does
> forwarding thwart the sa-learn tool? Thanks.
If you can manage
Justin Mason [and a number of others] wrote:
[snip a long thread about tracking messages through spamc/spamd]
With all the talk about problems tracking spamd log entries, I'm curious
why nobody has simply tried "grep spamd /var/log/maillog" and done some
*very* basic sorting on the resulting outpu
[EMAIL PROTECTED] wrote:
> I've seen mentions of this type of spam that does not get tagged as such
> with the default rules of spamassassin 2.55.
>
> Can anyone elaborate on techniques for blocking this type of spam?
> Any recommendations would be of interest.
Start adding global rules- I've fou
Kelson Vibber wrote:
> This one's old hat. A significant percentage of spammers will
> deliberately send to the secondary MX on the chance that it will be
> less protected than the primary.
Worse, a few will send directly to an A record- or to a system which
used to be the MX, but which is not a
Vivek Khera wrote:
> No, this is *never* OK if the MX records exist. The standards define
> that if they exist, they must be honored. If they don't exist, then
> one must use the A record, as was the way before MX records were
> invented.
Which, of course, spammers will ignore- if there's an A a
Bob Sully wrote:
> It looks like this thread is dying off but I've just gotten through
> reviewing two days' worth of messages. I have to admit that I
> agree with Abigail on the premise of the thread. If I can run
> clam-antivirus and mime-defang on my mail servers (including one on
> which I ru
Leo Huang wrote:
[snip]
> Failed to parse line in SpamAssassin configuration, skipping:
> spamphrase_highest_score 38220
> Failed to parse line in SpamAssassin configuration, skipping: spamphrase
> 38220 temple kiff
[snip]
These would be due to invalid-in-v2.5x configuration lines in one of
your c
I've been adminning SA (currently 2.55) on a server at work for almost a
year now, and I've yet to have any serious trouble with it. (Longer on
a private server.)
However, I've just today run into some *very* odd behaviour.
I have a long and growing list of custom rules for message elements
foun
Matt Kettler wrote:
> I tested and couldn't reproduce the bug on 2.54
I figured that might be the case. :(
> I was using following rules (one each of uri, body and rawbody)
[snip]
> uri SPAM_SITE_11/(domainsforpeople|pandabearperks)\.com/i
Just for kicks, I tweaked the message to use th
[EMAIL PROTECTED] wrote:
> I already tried adding
> score VIAGRA 5.0
> to my local.cf file before posting. I restarted sendmail+mimedefang
> just in case, and sent an e-mail to myself from yahoo with "viagra"
> in the body and it came throough.
If you're calling SA via MIMEDefang, you might have t
AltGrendel wrote:
> A few questions to answer first:
>
> What OS are you running.
> What version of SA are you running.
> What do the logs say (maillog and syslog)
> Do the SA headers show at all in the email?
More importantly, if it useta' work, and don't work no more, is:
What changes in your
Please reply to the list; then the solution is available for someone
else.
Use reply-all, or reply-to-list; I've set my "reply-to" for this
message just to make sure.
Walter Ray wrote:
> No changes that I know of have been made to anything on the server.
> Here are the answers to the other ques
Brian Sneddon wrote:
>... It only seems to occur when the email
> is being processed through spamass-milter and spamd; processing it
> manually using spamassassin works properly.
There was a similar issue with some SA processing through the MIMEDefang
milter; the fix was for MIMEDefang's author
Paul Hirschorn wrote:
> I just completed my full blown install of spam assassasin and was very
> happy with the results. I am using it as a mail gateway in front of
> my exchange 5.5 server. My problem is that I have a user who
> absolutely needs/wants the ability to maintain his own whitelists.
"Colin A. Bartlett" wrote:
> I would think you could write a mime boundries rule like Matt suggests
> but score it 0 on the site wide config. Then just score it something
> higher on the individual users config file. Crew, am I wrong here?
I've done exactly that for a few users with oddball email
Brook Humphrey wrote:
> On Tuesday 25 November 2003 05:18 am, Frederick M Avolio wrote:
> > Yesterday I again tried to install 2.60 on RedHat Linux 7.3.
> *This* is your problem ^^
How so? (My emphasis added)
I have a number of RedHat 7.3 servers which have
Frederick M Avolio wrote:
> Perhaps this is *my* problem. November 14 I mentioned having problems
> upgrading to 2.60. One of the rules was giving an error.
A custom rule, or a builtin rule? I've been running 2.60 on my own 7.3
server for around two months; and I just upgraded the production ser
Pedro Sam wrote:
> hehe, we can give a state to each possible combination of HITS for the
> rules. So if rules 1, 3, 5, 7 hit, we give that a state, and if 2, 4,
> 6, 8 hit, we give it another state, and so on... I think they call it
> subset construction or something...
Which is next to useless
Graham Murray wrote:
> Would it not have been a lot simpler to just done
>
> #perl -MCPAN -e shell;
> cpan> install Mail::SpamAssassin
>
> which is the 'standard' way of installing almost any Perl based
> package?
Among other reasons, it doesn't play nicely with package managers.
Debian and the
"Yackley, Matt" wrote:
> Damn are we back in the good old BBS days? :)
>
> I received this one today and damn near fell of my chair
> laughing.
*snicker* It's not even very *good* ASCII art...
-kgd
--
"Sendmail administration is not black magic. There are legitimate
technical reasons why
William Stearns wrote:
> You should use _bounce_ or _redirect_, instead.
Which, unfortunately, adds some new headers with most MUAs. :( Along
with the extra set of Received: headers that go along with sending a
message (which you could probably work around).
The only way I've seen to get a mes
Larry Gilson wrote:
> Does anyone have up-to-date source RPMs for DCC (1.2.22)
Not me...
> and Razor2 (2.36 including the patch)?
... but I have posted these. ftp://ftp.deepnet.cx/pub/devel/razor/
SRPMS in ftp://ftp.deepnet.cx/pub/devel/SRPMS/.
Perl modules required for Razor/Razor2/SA/MIMEDe
Alan Munday wrote:
> I get failed dependency errors for Mail::Internet and
> Digest::Nilsimsa when I try and rpmbuild from the src.rpm
>
> However when I use CPAN its telling me they are up to date.
Because rpm doesn't know about anything you've installed via CPAN,
tarball, or any other package m
Larry Rosenman wrote:
> I just had my nice Bayes DB killed on a sa-learn that had 1300+
> messages in it.
>
> What seemed to happen is the bayes.lock file got deleted by some
> spamd process EVEN THOUGH sa-learn WAS STILL ALIVE.
Most programs that use a separate file as a lock indicator (rather t
"Robt. Miller" wrote:
[snip Q&A re: how to set up a sendmail milter for calling SA]
> Is it ok to do it this way? Somebody said I should use mimedefang.
> I'm not clear on the advantages of either.
spamc doesn't know anything about getting called as a sendmail "milter"
plugin- assuming you get th
Liu Shuai wrote:
> I want to set up a system wide cron job that deletes old (2 weeks
> maybe) tagged spam from each user's spam folder, but I am not sure
> how.
A bit of Perl and a lot of swearing at the problems encountered parsing
mbox files.
> Does anybody here has a script that does similar
Tim B wrote:
> This way regardless of the reason, if X-SPAM-STATUS header is
> missing, we will assume spamc had some kind of problem, and then we
> will use the good ol' stand by command line spamassassin.
On a heavily loaded server, this is downright *suicidal*. spamd/spamc
are used to reduce s
Christian 'CBE' Benner wrote:
> I use sendmail as a MTA with spamass-milter and amavis-milter
>
> All is workig very fine but I'll not only mark SPAM messages
> via Subject tag but save it as a file to a directory.
I don't know how configureable spamass-milter and amavis-milter are, but
one of th
Dave Kliczbor wrote:
> So this script does not meet my requirements (sorry, I did not fully
> specify them in my first mail).
> It should:
> 1) read the message file
> 2) go into the background
> 3) call sa-learn
> 4) clean up if necessary
>
> As soon as 2) is done, the original message file i
Andy Donovan wrote:
> Could I ask a quick poll on the # of messages your configuration is
> able to process per minute .. its time for me to move platforms and
> I'm trying to plan for growth . your comments would be extremely
> useful.
PII/450/512M, running sendmail+MIMEDefang+clamav+SA. Run
Robin Lynn Frank wrote:
> Some time ago, I changed the Habeas rule from -8 to a low positive
> number. Not high enough to generate FPs, but definitely not welcome
> mat for spammers.
Dangerous. I've created a number of local rules with slight negative
scores for common sender domains here; I mad
Paul Fielding wrote:
> From what I've been able to determine, I *think* what's happening is
> that when procmail is running via the user rc file, SA is being run
> as the proper user and the proper user SA prefs are being called.
> However, when I use the sitewide rc file, SA seems to be being call
81 matches
Mail list logo
