Thanks Matt!
--Larry
> -Original Message-
> From: [EMAIL PROTECTED]
[mailto:spamassassin-talk-
> [EMAIL PROTECTED] On Behalf Of Matt Yackley
> Sent: Monday, January 19, 2004 11:57 AM
> To: [EMAIL PROTECTED]
> Subject: [SAtalk] New Ruleset: EvilNumbers
>
> Inspired by classic hits such a
Look at:
http://useast.spamassassin.org/doc/Mail_SpamAssassin_Conf.html#learning%20op
tions
bayes_ignore_header header_name
If you receive mail filtered by upstream mail systems, like a spam-filtering
ISP or mailing list, and that service adds new headers (as most of them do),
these headers may
> -Original Message-
> From: Ross Vandegrift [mailto:[EMAIL PROTECTED]
> Sent: Monday, January 19, 2004 4:07 PM
> To: Larry Gilson
> Cc: [EMAIL PROTECTED]
> Subject: Re: [SAtalk] Bayes mis-learning problem
>
> On Mon, Jan 19, 2004 at 03:21:06PM -0500, Larr
Hi Scott,
I tried the link and wound up with a 404 page not found error message.
Thanks,
Larry
> -Original Message-
> From: [EMAIL PROTECTED]
[mailto:spamassassin-talk-
> [EMAIL PROTECTED] On Behalf Of Scott Lambert
> Sent: Monday, January 19, 2004 7:32 PM
> To: [EMAIL PROTECTED]
> Cc:
Thanks for clarifying Justin!
--Larry
> -Original Message-
> From: [EMAIL PROTECTED]
> Sent: Monday, January 19, 2004 11:35 PM
> To: Larry Gilson
> Cc: 'Ross Vandegrift'; [EMAIL PROTECTED]
> Subject: Re: [SAtalk] Bayes mis-learning problem
> Larry Gi
Thanks Chris!
--Larry
> -Original Message-
> From: [EMAIL PROTECTED]
[mailto:spamassassin-talk-
> [EMAIL PROTECTED] On Behalf Of Chris Santerre
> Sent: Tuesday, January 20, 2004 3:39 PM
> To: Spamassassin-Talk (E-mail)
> Subject: [SAtalk] Bigevil updated again :)
>
> Just posted 2.06M w
> -Original Message-
> From: [EMAIL PROTECTED]
[mailto:spamassassin-talk-
> [EMAIL PROTECTED] On Behalf Of Chris Santerre
> Sent: Wednesday, January 21, 2004 11:27 AM
> To: '[EMAIL PROTECTED]';
[EMAIL PROTECTED]
> Subject: RE: [SAtalk] [OT] - The current state spam.
>
> Yeah, we have had t
Hi Bob,
Along the same lines, I had the following:
describe MY_RBDY_INVTXTSZ1 MY: Invisible text size
rawbody MY_RBDY_INVTXTSZ1 /font\s+.*\bsize=.-\d\D/i
scoreMY_RBDY_INVTXTSZ1 0.5
describe MY_RBDY_INVTXTSZ2 MY: Invisible text size with style
rawbody MY_RBDY_INVTXTSZ2 /size=.-\d\D sty
> -Original Message-
> From: Robert Menschel [mailto:[EMAIL PROTECTED]
> Sent: Thursday, January 22, 2004 8:13 PM
> To: Larry Gilson
> Cc: Spamassassin-Talk (E-mail)
> Subject: Re[2]: [SAtalk] SA missed an 'invisible font'?
>
> Hello Larry,
>
>
> On Thu, Jan 22, 2004 at 02:37:09AM -0500, Larry Gilson wrote:
> > Hi Bob,
> >
> > Along the same lines, I had the following:
> >
> > describe MY_RBDY_INVTXTSZ1 MY: Invisible text size
> > rawbody MY_RBDY_INVTXTSZ1 /font\s+.*\bsize=.-\d\D/i
> > score
Hi Regis,
> -Original Message-
> From: [EMAIL PROTECTED]
[mailto:spamassassin-talk-
> [EMAIL PROTECTED] On Behalf Of Regis Wilson
> Sent: Monday, January 26, 2004 4:57 PM
> To: [EMAIL PROTECTED]
> Subject: [SAtalk] [RD] Justified text
>
> Got some new variants on the "justified text" ratw
>-Original Message-
>From: mailinglists
>> >From: mailinglists
>>
>> >filter.sh
>> >
>> >#!/bin/sh
>> >
>> >INSPECT_DIR=/var/spool/filter
>> >SENDMAIL=/usr/sbin/sendmail
>> >#!/bin/sh
>> >
>> >INSPECT_DIR=/var/spool/filter
>> >SENDMAIL=/usr/sbin/sendmail
>> >SPAMASSASSIN=/usr/bin/spamc
>-Original Message-
>From: Angel Gabriel
>Can someone give me a working example of how procmail should be
>calling spamassasin? This is all I have in my ~/.procmailrc file.
>
>
>:0fw | /usr/bin/spamassassin
Was there something wrong with the config I sent you? Was it wrong for your
con
Hi Mark,
>-Original Message-
>From: Mark Brosius
>Here is my goal:
>
>Internet -> SpamAssassin -> Exchange
I use a similar setup.
>created /usr/bin/postfixfilter (owned by spamfilter
>permissions 755) which contains: ACCORDING TO GREG
>WEBSTER'S HOW TO
> #!/bin/bash
> /usr/b
Have you thought about just letting the users use the rules wizard to have
each user deliver the spam to a 'spam' folder in their own mailbox?
Another other option would be to use Procmail. I created recipies that will
provide global tagging or per-user tagging, administrative notifications,
et
What MTA are you using (Postfix, Sendmail, Qmail, etc.)? I can help with
Postfix, but you will need to search the archives for the Sendmail stuff (or
use Google). At this point, it is beyond the SA list.
--Larry
> -Original Message-
> From: Angel Gabriel
> I telneted to port 783, and
Try this:
># Parameter for $SPAMASSASSIN
># -P Pipe message, don't deliver
># -x Disable user config files
># -a Use auto-whitelists
># cat | $SPAMASSASSIN -P -x -a > out.$$ || { echo Message content rejected;
exit \
>$EX_UNAVAILABLE; } cat | $SPAMASSASSIN > out.$$ || { echo Message cont
>-Original Message-
>From: mailinglists
>filter.sh
>
>#!/bin/sh
>
>INSPECT_DIR=/var/spool/filter
>SENDMAIL=/usr/sbin/sendmail
>#!/bin/sh
>
>INSPECT_DIR=/var/spool/filter
>SENDMAIL=/usr/sbin/sendmail
>SPAMASSASSIN=/usr/bin/spamc
Was this a typo?
--Larry
-
Just my opinion, but malisicous file extensions should be tested for and
redirected before it even gets to SA. It would be beneficial if SA is your
only tagging mechanism, but it needs to be redirected somewhere so it should
be redirected upstream from SA. There is no excuse for filename.jpg.exe
Hi Stephene,
You could capture the envelope from/to and inject it into the header like
this:
#-
# $@ contains MAIL FROM as well as RCPT TO
# Extract MAIL FROM and dump it from the array with shift.
SENDER = "<$1>"
SHIFT = 1
# Expand the array to extract RCPT TO addresses
I am not sure, but I think that SA will remove SA markups by default.
You could use the following before calling spamc or spamassassin:
:0 w
* ^X-Spam-Status: Yes
| formail -I X-Spam-Status: Yes
However, if you already have an X-Spam-Status: Yes, why not just use it and
save yourself the cycles?
I have not tried that install myself. I have heard of others on the list
have good success. I use RH so I use Theo's RPMs.
--Larry
>-Original Message-
>From: Jennifer Fountain
>I found these installaions and installed spamassassin via these:
>
>#ssh into raq
>su -
>mkdir /tmp/spama
>-Original Message-
>From: Martin Radford
>I'd suggest that you get them to put this in writing, explicitly
>acknowledging that there is a risk of non-spam being tagged as spam
>and being deleted inadvertently. (Perhaps someone could suggest
>suitable wording to go in a FAQ item :-) Wi
I hope this is not OT. I have been seeing the following X-Comment lines in
the headers of Klez infected Emails:
X-Comment: Sending client does not conform to RFC822 minimum requirements
X-Comment: Date has been added by Maillennium.
I can not seem to find sufficient information on Maillennium.
Hi Fred,
> -Original Message-
> From: Fred
> Hello,
> I seen the same thing, I was not able to find anything
> either. It appears to come from AT&T and Comcast, have you
> seen it anywhere else? It only seems to appear in non-RFC
> messages, so we created a rule to add points for it.
Hi Mike,
> -Original Message-
> From: Mike Vanecek
> Details of the problem follow:
>
> My restrictions in /etc/postfix/main.cf in this order are:
>
> permissive = permit
Is this a class? Did you define it?
> smtpd_client_restrictions = permit_mynetworks,
> reject_rbl_client dn
> > Looks like your version of postfix is somehow or another failing to
> > understand classless reverse DNS. However, I can't see why it would
> > fail to do so since it should all by the OS's resolver library just
> > like "host" does.
It is not up to Postfix to understand reverse DNS. It is
Hi Randall,
You might want to look into SA on Win32
(http://www.openhandhome.com/howtosa.html) and Fetchmail
(http://www.catb.org/~esr/fetchmail/).
You can update SA with Theo's RPMs (http://spamassassin.kluge.net/)
You might just want to bother your provider and see what is up with SA. You
mig
Hi Mike,
> -Original Message-
> From: Mike Vanecek
> Possibly the attempt is from a spammer with forged
> information? The "to=" address is unique to this list. That
> means that whomever is sending the message got my address from this
> list or the list server.
I agree with that line o
Hi Mike,
> -Original Message-
> From: Mike Vanecek
> > > smtpd_client_restrictions = permit_mynetworks,
> > > reject_rbl_client dnsbl.njabl.org,
> > > reject_rbl_client relays.osirusoft.com,
> > > reject_rbl_client bl.spamcop.net,
> > > reject_rbl_client list.dsbl.org,
> >
Hi Mike,
As a side note, SecurityFocus has a great Postfix/UCE article at
http://www.securityfocus.com/infocus/1593.
> -Original Message-
> From: Mike Vanecek
> OK. Your thought is if none of the rejects hit, then it
> defaults to permit?
>
> My approach says that if it is part of the
Hi All,
I tend to see a lot of spam with message IDs like:
Message-ID: <[EMAIL PROTECTED]>
The message that contained the above message ID hit the following tests:
X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp)
X-Spam-Report: Start SpamAssassin results
5.40 poin
> -Original Message-
> From: Carlo Wood
> On Mon, Aug 25, 2003 at 09:58:42AM -0400, Larry Gilson wrote:
> > In reality, does anyone know
> of legitimate MUAs
> > or MTAs that do not form message IDs as @some.domain?
>
> ~/Mail>egrep '
I have not had much call to create custom rules. I just started
experimenting with rules and I noticed that the rules were not checked
unless I first restarted spamd. Is this normal?
Regards,
Larry
---
This SF.net email is sponsored by: VM W
the
rate of message flow would have a bearing. But let's toss out message rate
for the sake of argument.
Regards,
Larry
> -Original Message-
> From: Matt Kettler
> At 12:05 AM 8/26/03 -0400, Larry Gilson wrote:
> >I have not had much call to create custom ru
Hi Sebastian,
Razor2 TCP 2703 outbound
DCCUDP 6277 outbound
spamd TCP 783 (default)
listens port on 127.0.0.1 (default)
--Larry
---
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on
Thanks Matt! Points well taken. As I only use SA on a gateway with very
limited access, I have not been too worried about the potential spamd
exploit. However, user_prefs is not my first choice. In fact, I would
rather use local.cf with spamd. I just don't like the idea of restarting
spamd eve
> -Original Message-
> From: Chris Santerre
> I'm not sure about performance loss. I have every rule (That isn't a
> duplicate) in the SA rule emporeum running now. Plus all the
> evil domains generated by reg2rule.pl, plus more custom ones I
> haven't put on the Emporeum yet. I say I h
For the Postfix MTA, does anyone know how to turn off the addition of a
Message-Id when one is not supplied? This is for relay only so there should
be no need for the relay to add one.
Thanks,
Larry
---
This SF.net email is sponsored by: VM W
Hi Tom,
You can find it here:
http://www.wot.no-ip.com/show.me/Projects/Blocklist/
--Larry
> -Original Message-
> From: Tom Meunier
> A google of [reg2rule] and [reg2rule.pl] brings up nada.
> Throw me a bone?
---
This SF.net
od integrity check if the standard was adhered to better.
Thanks again Dave!
Regards,
Larry
> -Original Message-
> From: Yorkshire Dave
> On Tue, 2003-08-26 at 04:55, Larry Gilson wrote:
> > Thanks Carlo! Looks like this test would not be good for a relay
> > that
Hi Garth,
> -Original Message-
> From: Garth Serjeantson
> How do I configure spamassassin to listen on a given port
> (eg:825), and how would I get it to pipe to another port? Would
> anyone know how to do the same with post fix by any chance?
http://useast.spamassassin.org/doc/spamd.
Hi Kai,
> -Original Message-
> From: Kai MacTane
> Is this machine relaying from users' MUAs, or from some other
> SMTP server?
> That is, does the SMTP path look like this:
>
>User MUA ---> SMTP Server ---> Your Postfix Box --->
> final destination
>
> or like this:
>
>
Hi Dave,
> -Original Message-
> From: Dave Stern - Former Rocket Scientist
You are funny!
> If a user has a procmailrc that tests for user in whitelist ie
>
> :0:
> * !^X-Spam-Status:.*USER_IN_WHITELIST
> $MAILDIR/rejects
>
> And if further such a header does exist but is a wraparoun
> -Original Message-
> From: Bart Schaefer
> On Tue, 26 Aug 2003, Dave Stern - Former Rocket Scientist wrote:
>
> > :0:
> > * !^X-Spam-Status:.*USER_IN_WHITELIST
> > $MAILDIR/rejects
> >
> >
> > X-Spam-Status: No, hits=-93.4 required=5.0
> > tests=BASE64_ENC_TEXT,BAYES_60,HTM
header
newlines to spaces during regexp processing. I apologize for my mistake.
Bart is correct with his statements. Sorry Bart and sorry Dave.
--Larry
-Original Message-
From: Larry Gilson
> -Original Message-
> From: Bart Schaefer
> On Tue, 26 Aug 2003, Dave Stern
Hi Dave,
> -Original Message-
> From: Yorkshire Dave
> I'm not sure that having an @foo or @foo.localdomain
> message-id actually breaks any standards, although it may bend them
> slightly.
>
> RFC822/2822 seem to refer mainly to the uniqueness of the message-id.
> RFC2822(3.6.4) recomm
Hi Kai,
> -Original Message-
> From: Kai MacTane
> body IMAGE_ATTACHMENT /filename=\"[^\"]+\.(gif|jpe?g)\"/i
> describe IMAGE_ATTACHMENT Has a GIF or JPEG attachment.
> score IMAGE_ATTACHMENT 0.1
>
> rawbody RAW_IMAGE_ATTACHMENT /filename=\"[^\"]+\.(gif|jpe?g)\"/i
> describe RAW_IMAGE_AT
> -Original Message-
> From: jpf
> Is there someway that I can edit the subject line to get the
> SA score in there? I am using SA 2.55 and procmail.
You will have to double check me, but here is my attempt:
d = [0-9]
:0
* $ X-Spam-Status: Yes, hits=\/$d+\.$d
{
HITS = $MATCH
:0
Hi Chris,
Have the rules that you list here been working at all?
--Larry
-Original Message-
From: Chris Trudeau-Personal
This is a bit weird.
I have the following rules in my local.cf:
---
This sf.net email is sponsored by:Thi
Hi Chris,
> -Original Message-
> From: Chris Santerre
> Nope, sorry. Didn't catch that. THey are run from seperate cf
> files in the /etc/mail/spamassassin dir. They are run for the
> entire company! Every bit of email that enters company is
> subject to all of these rules.
Matt's rul
Hi David,
> -Original Message-
> From: David
> The setup is pretty secure (I think) and and don't find any
> evidence in my logs that I have an open relay. The problem is
> that I got a LOT of connections from someone that tries to
> send e-mail to fake users at my domain. The logfile
Hey Justin,
There was another suggestion that the tests could be commented out in
20_head_tests.cf. Which is the best and/or recommended method?
--Larry
> -Original Message-
> From: [EMAIL PROTECTED]
>
> Alexander Skwar writes:
> >Good morning,
> >
> >now that osirusoft is officially
Hey Chris,
> -Original Message-
> From: Chris Santerre
> See why I don't need bayes or net tests ;) I catch 99% of
> spam. I've had a breakthru today that should catch the ones
> that have been sneaking in. (Matt and JMason, the doc I sent
> you guys has a pattern in the Message-ID he
Hi Marcus,
> -Original Message-
> From: Marcus Schopen
> how sucessfull is pyzor in detecting spam? Any experiences?
> I'm alread using razor, which works quite nice. Would I get better
> results using pyzor instead or should I use a combination of both?
I can't remember who, but I beli
Thanks for taking the time to discuss this with me Dave. You probably have
a better understnding than me which helps educate me! I guess this whole
discussion is really moot as mail can easily be forged.
> -Original Message-
> From: Yorkshire Dave
> > I think the problem lies in that t
Hi Jim,
> -Original Message-
> From: Jim
> On Wed, Aug 27, 2003 at 04:43:41PM -0400, Larry Gilson wrote:
> > And shouldn't the first received line indicate
> > that the host that sent the message?
>
> Not necessarily,
>
> for example, I use a
> -Original Message-
> From: Martin Radford
> > On Tue, Aug 26, 2003 at 11:21:46AM +0100, Martin Radford wrote:
> > > >From my own collections:
> > >
> > >with FQDNwith hostname only
> > > ham: 2331 (85.6%) 391 (14.4%)
> > > spam: 1925 (76%
> Unless you do a LOT of training, I don't see how a purely Bayesian
> classifier can perform as well as something as multifacited as
> SpamAssassin. (I wonder how well a purely Bayesian classifier
> does on the HTML image only spams for example)
Unless I am mistaken, death2spam is running a s
Mail::SpamAssassin::Conf indicates that:
"Setting a rule's score to 0 will disable that rule from running.".
--Larry
> -Original Message-
> From: Carlo Wood
> Are you 100% sure that is also the case for RBL checks?
> It seems 'weird' that this test will indeed be completely
> turned
> -Original Message-
> From: [EMAIL PROTECTED]
> Jim writes:
> >qmail also sets Return-Path.
> >
> >Recent versions of Postfix can add an X-Original-To header.
>
> Just to confirm -- that's what's used in RCPT TO: , right?
>
> >Another nice method of passing these data along would be t
Hi Cornelius,
You might want to look at this post:
http://marc.theaimsgroup.com/?l=spamassassin-talk&m=106199230731192&w=2
--Larry
-Original Message-
From: Cornelius Bolten
heya list,
i'm very new to spamassassin, but managed to setup qmail+vpopmail+sa yet :)
is there any solution to
Hi Mike
> -Original Message-
> From: Mike Burkhouse
> Hi All,
>
> I am trying to clarify how Spamassassin works with Razor.
> Here is my setup:
>
> RedHat 7.3
> Qmail 1.03
> Spamassassin 2.55 (running spamd)
> Qmail-scanner 1.20rc1
> ClamAV 6.0
> Vipul's Razor 2.36 - installed today
> -Original Message-
> From: Kris Deugau
> In order to get spamd/spamc to use per-user prefs in
> ~/.spamassassin, you have two requirements:
>
> 1) spamd must run as root, otherwise it can't fork and drop
> priviledges to the user in question. Among other things,
> this lets it cre
Read the archives under the subject "Mail arrival time may be a criteria".
The following is a useful link:
http://www.gryzor.com/tools/spamstats-pics.html
--Larry
> -Original Message-
> From: jpf
> I was wondering if there are any tests that score based on
> what time of day
> the ma
Hi Jason,
> -Original Message-
> From: Jason McCormick
I looked at your config. It looks right. I just have a couple of mundane
questions.
1) Why do you think this is not working? Is SA not even marking the
message?
2) Is spamd running? (netstat -l | grep 783)
3) Do you see anything i
First, I use Procmail rather than the spamfilter script. The concept is
similar but my experience with the script is limited.
I had found a link to SecuritySage that might help you best.
http://www.securitysage.com/guides/postfix_uce_sa.html
I will continue to help if you think it would be ben
Hi Robin,
> -Original Message-
> From: Robin Witkop-Staub
> I have instances where users try to email me a block of
> messages they want blacklisted. The spam filter will see
> them all and tag the message as SPAM. Is there a way I can
> tell spamassassin not to mark internal mail as
Hi Louis,
> -Original Message-
> From: Louis LeBlanc
> Sorry for barging in on this thread, but I'm trying to get this
> working myself right now (spamd/spamc with procmail). I have one
> question though.
Join the party!
> Regarding spamc, if the -f flag us used and it can't connect
Hi Carlo and Martin,
I was wondering I could ask a huge favor of you both. Could you search your
spam and ham history to see if there is a good correlation between the
Message-Id and Received line. I would like to do this myself but all my
messages are in Exchange.
I was thinking of something l
Estimating a machine for another's mail environment is a tricky thing.
Memory *tends* to be more important than CPU. Personally, even if I could
get away with a P166, I wouldn't. A box that old has an increased
probability of dieing an unnatural death. I would at least want a box that
I could su
Hi Martin,
> -Original Message-
> From: Martin Radford
> At Fri Aug 29 20:36:31 2003, Larry Gilson wrote:
> >
> > Hi Carlo and Martin,
> >
> > I was wondering I could ask a huge favor of you both. Could you
> > search your spam an
Hey Louis,
Please forgive this reply. Your messages keep getting wrapped in a text
file as it comes through with an unknown content-type:
Content-Type: text/plain; charset=unknown-8bit
I did read the message even though it is not included here.
So if I understand correctly, what you really wan
Hi David,
> -Original Message-
> From: David Dyer-Bennet
> # Down-score foreign sources
> header DDB_FOREIGN_FROM From =~ /\.[a-z]{2}[, ]/i
> describe DDB_FOREIGN_FROM From includes two-char TLD
> score DDB_FOREIGN_FROM 0.1
>
> # Up-score okay English TLDs
> header DDB_
Hi Louis,
Please forgive the delay in responding. I was out of touch for a period of
time.
> -Original Message-
> From: Louis LeBlanc
> After rereading a lot of procmail docs, I've found that the exitcode
> is saved when the 'w' flag is used in the procmail recipe as follows:
I was mo
> >Date: Sat, 30 Aug 2003 04:20:56 +0300 (IDT)
> >Date-warning: Date header was inserted by mxout2.netvision.net.il
> -Original Message-
> From: Matt Kettler
> At 05:31 PM 8/30/03 +0200, Kai Schaetzl wrote:
>
> >why?
>
> Can you name a single nonspam mail sender who doesn't have a
> D
Hi Justin,
> -Original Message-
> From: Justin Mason
> > > Can you name a single nonspam mail sender who doesn't have a
> > > Date: header in the message when he delivers it to the MTA?
> > >
> > > No message-id is somewhat common for mass mailings (spam or
> > > nonspam) but I've never
Hi Robert,
I am not a regex wiz either but I will give you a working example I hope
will help.
> -Original Message-
> From: Robert Mikelsons
> Hello,
> I'm SpamAssasin user for some time.
> I still recieve a spam which gets fairly low score (2.5), due
> it is looking like kinda ordinary
> -Original Message-
> From: Louis LeBlanc
> > :0fw
> > * !^Subject:.*SAtalk
> > | spamc -u "$LOGNAME"
> >
> > SCANNED=$?
> >
> > :0 Efw
> > * SCANNED ?? ^^0^^
> > | spamassassin -a
>
> I'm pretty sure that wouldn't work. The E causes the second
> to always be skipped unless the fir
> -Original Message-
> From: Louis LeBlanc
> I'm afraid I don't have a test server - all my work is
> production environment development, which keeps life
> interesting, and makes me very careful about any changes.
It appears that even though spamc aborts the attempted spamd connectio
Hi Bart,
Thanks for the reply!
> -Original Message-
> From: Bart Schaefer
> On Tue, 2 Sep 2003, Larry Gilson wrote:
>
> > > > :0fw
> > > > * !^Subject:.*SAtalk
> > > > | spamc -u "$LOGNAME"
> > > >
Bart,
Thank you! This is of great value to me and I really appreciat the time you
took to review and comment!
Regards,
Larry
> -Original Message-
> From: Bart Schaefer
> On Wed, 3 Sep 2003, Larry Gilson wrote:
>
> > It appears that even though spamc aborts t
Hi Alan,
> -Original Message-
> From: Alan Fullmer
> does anyone have a website, or information about installing
> spamassasin (daemon version) with postfix?
Here are a few of links:
http://www.securitysage.com/guides/postfix_uce.html
http://www.advosys.ca/papers/postfix-filtering.h
Hi Alan,
You can download an archive at Spam Archive.
http://www.spamarchive.org/
--Larry
> -Original Message-
> From: Alan Fullmer
> I have an odd question.
>
> Does anyone know of a website, or some sort of thing to SIGN
> MYSELF UP FOR SPAM? Or get on some lists?
>
> I am go
Hey Mike,
The fix is post SP2 which means it was rolled into SP3. A vast majority of
the Exchange servers should be at least at that service pack if not SP4
which was released at the end of 2000.
--Larry
> -Original Message-
> From: Mike Kuentz (2)
> There is always a lot of good ta
Hey Mike,
> -Original Message-
> From: Mike Kuentz (2
> Good call, I'm sorry I missed that. What a shame, I was
> hoping I was on to something, if nothing other than
> solidifying the MSGID_GOOD_EXCHANGE rule. Oh well, back to
> the drawing board!
>
> Mike
I am curious, does MSGID_GO
> -Original Message-
> From: Gary Shine
> When I run the solaris solaris-rc-script.sh I see this.
>
> unix passed to setlogsock, but path not available at
> /usr/local/bin/spamd line 207
>
> HOWEVER
>
> # ps -ef | grep spamd
> root 4262 4250 0 01:19:39 pts/10:00 grep spamd
Hi Chris,
> -Original Message-
> From: Covington, Chris
> This is what I'm now using w/Postfix (should work for any MTA):
>
> header NO_RDNS Received=~ /\(unknown[ ]\[/
> describe NO_RDNS Sending MTA has no reverse DNS
> score NO_RDNS 2.5
>
> header NO_RDNS2 Received=~ /\(\[.*\]\)/
> de
Well, just to add one more post to this thread. I contacted Joe Brennan at
Columbia. He let me know how he performs this check and said it would be ok
to share with the list. Please don't ask me questions about this as he uses
Mimedefang and Sendmail, both of which I do not use.
Cudos to Joe fo
Hi Jim,
> -Original Message-
> From: Jim
> I actually do use the -m switch, but on top of that I use a
> concurrency limit on the spamc transport (I am using
> Postfix). So Postfix will never launch more than "n" copies
> of spamc, and will trickle the mails out of the queue when
>
Hi Rob,
> -Original Message-
> From: Bruce, Rob
> I noticed a while ago a focused website dedicated to rule trading,
> but now I can't find it. Do you guys know what I'm talking about?
The SpamAssassin Custom Rule Emporium
http://www.merchantsoverseas.com/wwwroot/gorilla/sa_rules.htm
> -Original Message-
> From: Fred I-IS.COM
> I know I'd be a little upset if I created an open-source
> program and someone packaged it and started to profit from my hard
> work!
Like the Linux kernel or Webmin?
--Larry
---
This s
SA only knows what it sees. Normal headers do not include the envelope
sender. How would you get the envelope sender from your MTA to SA?
--Larry
> -Original Message-
> From: David Hubbard
> Do the header tests include the envelope sender?
> If so, what is it called?
--
Hi Jason,
> -Original Message-
> From: Jason Williams
> I have a two scripts located in /usr/local/bin:
> the spamfilter script and the reinjection script...
> I added the following to my main.cf file:
>
> content_filter=spamfilter:
>
> and the following to my master.cf:
>
> 127.0.0.1
I never knew you could use ${user}. I thought only ${sender} and
${recipient} were available. Is there a list of allowed variables? I never
found one. How did you know to use ${user}?
Also, how is ${user} different from ${recipient}?
--Larry
> -Original Message-
> From: Alan Fullme
How about piping through sed?
USER = `echo $5 | /bin/sed 's/@\S+//g'`;
--Larry
> -Original Message-
> From: Alan Fullmer
> alright, one more question is there any way i can remove the
> @domain.tld?
>
> so i just have the email prefix before the @?
-
Another way to handle this is to use what you have. For example, my
master.cf has the following (excuse the wrap):
merlin unix - n n - 5 pipe
flags=Rq user=merlin argv=/usr/bin/procmail -m /home/merlin/etc/merlin.rc
${sender} ${recipient}
In Procmail, I save
Thanks Jim! I don't know how I missed that.
--Larry
> -Original Message-
> From: Jim
> On Wed, Sep 17, 2003 at 07:44:51AM -0400, Larry Gilson wrote:
> > I never knew you could use ${user}. I thought only ${sender} and
> > ${recipient} were available.
Hi All,
I have been trying to understand the advantages and disadvantages of using
the shell script method (like that employed by SecuritySage) and the
Procmail method as a content_filter for Postfix. Can someone lend an expert
opinion? Does anyone feel that one method is more flexible than anot
Hi Alex,
How are you reinjecting the mail into Postfix? Are you using Postfix's
sendmail?
--Larry
> -Original Message-
> From: Alex van den Bogaerdt
> On Wed, Sep 17, 2003 at 09:59:48AM -0700, Jason Williams wrote:
>
> > However, im having a hard time trying to configure postfix to
1 - 100 of 313 matches
Mail list logo
