Funny you should ask, as 2.60 filtered the forward just fine on my side with
pbw installed. Even without Backhair this would have been filtered.
-Mark
-Original Message-
From: Howard Brazee [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 30, 2003 7:45 AM
To: Spamassassin-Talk (E-mail)
I was running a whitelist on our local domain for a long time but overcoming
whitelisted spam became too much of a chore. So I removed the whitelist
entry and replaced with a header check on Received to verify it came from
our internal machines, then assigned it -50. Then I slap a 5.1 on anything
all_spam_to [EMAIL PROTECTED] should do it.
-Original Message-
From: Obantec Support [mailto:[EMAIL PROTECTED]
Sent: Monday, December 01, 2003 2:25 PM
To: [EMAIL PROTECTED]
Subject: [SAtalk] Disable a User who does not want SA
Hi All
RH8.0 with SA2.60 installed as sitewide.
Procma
Watch for hits? It shouldn't take long, those rules hit about 1 in 5 for
me.
-Original Message-
From: Vee Persaud [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 03, 2003 10:48 AM
To: Spamassassin-Talk (E-mail)
Subject: RE: [SAtalk] BIG HUGE EVIL RULE NEWS
How can I tell that S
There certainly is a rule, and it caught this mail: HTML_FONT_INVISIBLE
The score on it is just really low. I've been pondering bumping it up.
-Original Message-
From: Rubin Bennett [mailto:[EMAIL PROTECTED]
Sent: Thursday, December 04, 2003 10:40 AM
To: [EMAIL PROTECTED]
Subject: [SAtal
Bigevil just took a poke at a legit ticketmaster confirmation email, hit on
3 rules: 70, 82 and 150.
I'm tracking down the specific URLS, one is entertainment.com :(
-Original Message-
From: Chris Thielen [mailto:[EMAIL PROTECTED]
Sent: Thursday, December 04, 2003 2:38 PM
To: [EMAIL PROTE
than removing akmaitech
:P I hate those guys. But obviously Chris wanted *zero* false positives,
and this is one.
-Original Message-
From: Mark Muller
Sent: Thursday, December 04, 2003 2:51 PM
To: '[EMAIL PROTECTED]';
[EMAIL PROTECTED]
Subject: RE: [SAtalk] Re: BIG HUGE
ote:
> On Thu, 4 Dec 2003, Mark Muller wrote:
>
>> promotion.entertainment.com (70)
>> a1524.g.akmaitech.net (82)
>> and service.bfast.com (150)
>>
>> Personally, I'll be whitelisting ticketmaster rather than removing
>> akmaitech :P I hate those g
Hey all,
Just an observation with my 2.61 upgrade this morning. Scan times on mails
are averaging about 6 seconds, and moving into the 10 second range at times.
My average scan time on 2.60 was about 2 seconds, 4 seconds if things were
really bogged down. I'm curious if anyone else sees this hap
Appologies, I've solved my own problem. (I *always* forget to turn DCC back
off) Adding score DCC_CHECK 0 to my local.cf right now. :)
-Original Message-
From: Mark Muller
Sent: Tuesday, December 09, 2003 11:25 AM
To: [EMAIL PROTECTED]
Subject: [SAtalk] 2.61 scan time observation
Updated regex from my friend:
uri CUSTOM_IE_URL_SPOOF /\x01\s*\@|&\#01\s*\@|\%01\s*\@/
He missed the %01 encoding.
-Original Message-
From: Ivar Snaaijer [mailto:[EMAIL PROTECTED]
Sent: Thursday, December 11, 2003 12:13 PM
To: [EMAIL PROTECTED]
Subject: Re: [SAtalk] Need
Friend gave this to me this morning:
uri CUSTOM_IE_URL_SPOOF
/\x01\s*\@|&\#01\s*\@/
score CUSTOM_IE_URL_SPOOF (up to you, I set it
to 5.0)
describe CUSTOM_IE_URL_SPOOFCustom: URL tries to
spoof its identity via an IE trick
Anyone care to c
12 matches
Mail list logo
