> > What am I missing? - John
>
> OK, from the "spamd --help" output:
> -m num, --max-children num Allow maximum num children
>
> So that option is positively "a spamd thing." So how does one get that
> option into spamd? On the Mandrake test machine I have the init script
> in /etc/i
On Sun, Oct 31, 2004 at 02:41:36PM -0800, jdow wrote:
[ In the future, please trim the message you are replying to so that
you only include the relavent bits. ]
> > OK, I'll bare my ignorance here in hopes of enlightenment. I'm probably
> > lucky that I have SA working as well as I do. I only h
> SpamAssassin: Processing program. It loads, processes, and unloads.
> SpamD: It is SpamAssassin, but doesn't unload, so it is always ready. It
> listens for a communication from SpamC (on same or different computer).
> SpamC: It passes a message to be processed to SpamD (on same or different
>
Anyone seen this? It seems bent on choosing 4pm.
The date on the box is correct. Hope I'm not missing something incredibly
obvious :)
assassin# zcat /var/log/maillog.0.gz | ./sa-stats.pl -T 15 -l - -s
'2004-10-31 00:00:00' -e '2004-10-31 23:
59:58'
Report Title : SpamAssassin - Spam Statisti
On Sun, Oct 31, 2004 at 04:20:40PM -0500, John Fleming wrote:
> OK, I'll bare my ignorance here in hopes of enlightenment. I'm probably
> lucky that I have SA working as well as I do. I only have a loose
> understanding of the different roles of "spamassassin", "spamc", and
> "spamd". I start th
From: "John Fleming" <[EMAIL PROTECTED]>
> From: "jdow" <[EMAIL PROTECTED]>
> > From: "John Fleming" <[EMAIL PROTECTED]>
> >
> > > jdow said:
> > > > On another paw I note that most family tools are not left running
> > > > 24x7. If this is his case then a large portion of his 250 messages
> > > >
Hi,
If I send an email from IMP the headers it inserts can cause problems
with spamassassin and dialup blocking lists.
e.g.
Received: from CPE-203-45-11-59.vic.bigpond.net.au
(CPE-203-45-11-59.vic.bigpond.net.au [203.45.11.59])
by webmail.brunny.com (IMP) with HTTP
for <[EMAIL PROTE
Being pretty much a new guy to the SA scene, I think I can help you
understand which does what...
SpamAssassin is the actual processing program. When run directly as
"spamassassin" it needs to load a PERL processor (the scripting language
it's written in), runs, and then unloads from memory when
- Original Message -
From: "jdow" <[EMAIL PROTECTED]>
To:
Sent: Saturday, October 30, 2004 10:41 PM
Subject: Re: Load Average Problems
> From: "John Fleming" <[EMAIL PROTECTED]>
>
> > jdow said:
> > > On another paw I note that most family tools are not left running
> > > 24x7. If this
Hi everybody,
I have SpamAssassin 3.0.1 and Exim 4.43 with exiscan-acl patch revision 28
working together on FreeBSD 4.8.
My problem is how to configure SpamAssassin to make it recognize direct mail
from dial-up/dsl (and the like) pools received not only by my own server,
BUT BY THE TRUSTED RELAYS
G'day.
Has anyone else noticed problems with the DNS-based URI tests in
SpamAssassin 3.0.[01]? Specifically, running on Solaris 9, Perl 5.8.5,
and SpamAssassin 3.0.0 and .1 that the "urirhssub" and "uridnsbl" tests
are not even being called from spamd. However, they work fine from a
direct
Greg T. wrote:
I use Cyrus-imapd as my imap server, and it is a mail
store, not a maildir or a mailfile system.
I don't have access to the actual mail messages on the
server, as they are kept in a database.
I have several spams that keep coming in under the
SpamAssassin radar and being delivere
I use Cyrus-imapd as my imap server, and it is a mail
store, not a maildir or a mailfile system.
I don't have access to the actual mail messages on the
server, as they are kept in a database.
I have several spams that keep coming in under the
SpamAssassin radar and being delivered. These are
p
> > But shouldn't it have carried my database over from my previous install?
> > I'd been using it for atleast 6 months on different versions before this
> > upgrade. Did it 'forget' it all? Do I need to totally retrain it? I'm
> > using a stock install from FreeBSD ports, no local/global overr
-Original Message-
From: Jeff Chan [mailto:[EMAIL PROTECTED]
Sent: 31 October 2004 13:31
To: SpamAssassin Users
Subject: Pardon the old messages
I fscked up and resent some old messages from April. Please discard those.
Embarrassed,
Jeff C.
--
Well I'm quite new to this ma
I fscked up and resent some old messages from April. Please
discard those.
Embarrassed,
Jeff C.
--
Jeff Chan
mailto:[EMAIL PROTECTED]
http://www.surbl.org/
Raymond Dijkxhoorn wrote:
> Hi!
>
>> Hello SpamAssassin Users,
>> I'm pleased to announce a new type of RBL for blocking messages based
>> on spam domains contained in message bodies called SURBL.
>> Unlike other RBLs, the Spam URI RBL (SURBL) is not used to block spam
>> server IP addresses, but
On Monday, April 19, 2004, 5:01:01 PM, Mark Mark wrote:
> What about Matt's comment, though?
>> AFAIK it's invalid to
>> have a query to anything but '*.*.*.*.sc.surbl.org' or
>> '*.*.*.*.ws.surbl.org', where *.*.*.* is an IP address in reverse
>> order as per in-addr.arpa queries.
> Was not the
We're made a document describing some of the general properties
which code using SURBLs should have in order to use the data as
it was designed and intended. We hope these comments may be
useful to developers. Our Implementation Guidelines are brief
and copied below.
http://www.surbl.org/impl
On Monday, April 19, 2004, 11:31:47 AM, Kelson Vibber wrote:
> At 09:31 AM 4/19/2004, Kai Schaetzl wrote:
>>I think we are talking of different redirectors here. That kind:
>>http://www.yahoo.com/gotourl?spammerdomain.com
> ... which needs to be set up with to redirect only to those sites they're
On Monday, April 19, 2004, 12:31:38 PM, Ryan Moore wrote:
> You're not querying the RBL itself. You would want to look for
> "test.surbl.org" being in the RBl. To do so you would do "nslookup
> test.surbl.org.sc.surbl.org", which does indeed return a positive
> (127.0.0.2) result.
Thanks Ryan!
On Sunday, April 18, 2004, 11:12:26 PM, William Stearns wrote:
> On Mon, 19 Apr 2004, Marc Kool wrote:
>> I got a FP using ws.surbl.org.
>> Where can I get to to get it removed ?
> As a general rule, you should contact me directly for false
> positive reports. Please include the word "bla
On Sunday, April 18, 2004, 7:53:46 PM, Eric Kolve wrote:
> Currently SpamCopURI checks both the 2nd and 3rd level domain regardless
> of the TLD. I believe SA 3.0 does a little better job of this.
Sounds good. That should catch everything with few false
positives, since we're filtering out most
I've udpated the SURBL web site to use frames and have freshened
the content slightly. Please let me know if you spot any broken
links, etc.
http://www.surbl.org/
Also added "An Open Letter To Operators Of Redirection Sites"
in which we try to appeal to redirection sites to deny their
service
I probably should have introduced this second SURBL list
that can be used together with or in place of sc.surbl.org
before mentioning that its name was changing from sa.surbl.org
to ws.surbl.org. :-) Note that the two lists have different
data sources, so strictly speaking one is not a replacemen
On Friday, April 16, 2004, 4:35:28 PM, Loren Wilton wrote:
> How clever! They go OUT OF THEIR WAY to make their message
> look like spam, advertizing an anti-spam tool!
> I think the cure for this one may be complaints to Hotmail. :-(
Tell hotmail that using tiny fonts is going to get their us
On Friday, April 16, 2004, 12:49:07 PM, Matt Kettler wrote:
> DNSBLs are also inherently by far more scaleable than static SA rules. Why?
> because you don't need to store the entire database on your local machine.
I agree, but...
> Witness the overhead of SURBL vs BigEvil.
In some fairness BigE
Hi!
Hello SpamAssassin Users,
I'm pleased to announce a new type of RBL for blocking messages
based on spam domains contained in message bodies called SURBL.
Unlike other RBLs, the Spam URI RBL (SURBL) is not used to block
spam server IP addresses, but instead to block messages based on
Ouch, seems
This is a forwarded message
From: Daniel Patterson <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Date: Tuesday, April 13, 2004, 7:57:27 PM
Subject: [SURBL-Discuss] Fix for the "syntax error at
/etc/pamassassin/spamcop_uri.cf" errors
===8<==Original message text===
Hello all,
On Wednesday, April 14, 2004, 3:31:22 AM, Kai Schaetzl wrote:
> Alton Danks wrote on Tue, 13 Apr 2004 19:53:52 -0400:
>> In anticipation of this being the beginning of a stream like we've seen with
>> similar products I've added these rules. Score to taste.
> It also shows another trend which is
On Tuesday, April 13, 2004, 8:58:30 AM, William Stearns wrote:
> On Tue, 13 Apr 2004, Charles Solomon wrote:
>> One more question. Since both lists contain the same domains, and this
>> list is now published at ws.surbl.org, couldn't I implement something
>> like the following in addition to the S
Hello SURBL users,
Please note that the name of the SURBL derived from Bill Stearns'
sa-blacklist is being changed from sa.surbl.org to ws.surbl.org .
If you were using the old name in your rules or configs please
update them to the new name.
We will keep DNS queries up on the old name for a week
On Monday, April 12, 2004, 4:58:08 PM, David Funk wrote:
> This looks like a poor test choice on the part of the authors.
> It's failing because that addres "[211.147.224.30]" is no longer in
> the sc.surbl.org list.
> They should use the specific "test" address that is guaranteed
> to be there. T
On Monday, April 12, 2004, 2:16:23 PM, Pete McNeil wrote:
>>However if *any* of the domains in a spam are on an SURBL list, the
>>entire message will get tagged as spam (for mail servers using
>>SURBL of course). The more spam domains the spammers add,
>>including their spamming rivals, the better
On Monday, April 12, 2004, 8:18:39 AM, Pete McNeil wrote:
> * Spammers are definitely stuffing legitimate urls, domains, and fragments
> into spam and the trend is increasing.
> * White and partial masking rules are numerous and required to avoid false
> positives. In practice (as you point out)
May I suggest directing SpamCopURI install questions to the SURBL
discussion list:
[EMAIL PROTECTED]
http://lists.surbl.org/mailman/listinfo/discuss
We have many people who can probably answer these questions
there.
Jeff C.
--
Jeff Chan
mailto:[EMAIL PROTECTED]
http://www.surbl.org/
On Monday, April 12, 2004, 8:59:21 AM, Burnie Burnie wrote:
> Paul Barbeau <[EMAIL PROTECTED]> wrote:
>> There still might be a place for BigEvil in this new world of SURBL. I find
>> there are a number of domain in BigEvil (and my own MidEvil) that are not
>> yet in the spam cop and therefore no
On Monday, April 12, 2004, 7:42:06 AM, Paul Barbeau wrote:
> that is a good point however there is the ability to whitelist domains in
> the CF file however this list could get large.
Yes, there is a per-installation whitelist (and blacklist)
available in SpamCopURI. Hopefully we prevent its need
On Monday, April 12, 2004, 12:07:19 PM, Alton Danks wrote:
> I'm running into some FP's with the RCVD_IN_BL_SPAMCOP rule. We've also just
> added SURBL and I wouldn't be surprised to see more. I don't see a good way to
> report FP's on the spamcop.net site. Does anyone know how to report them so
>
On Monday, April 12, 2004, 7:21:23 AM, Jeff Koch wrote:
> I have not tried SURBL yet but I'm concerned about what would happen if
> spammers started loading their emails up with links to legitimate websites
> - like paypal - ebay - chase - expedia, etc. Are you doing a manual review?
I am doing a
On Monday, April 12, 2004, 5:25:55 AM, Richard Humphrey wrote:
[snip]
> This looks like a great service! However, after downloading, unzipping
> and untarring, I got the following error doing perl Makefile.PL:
> Warning: prerequisite LWP 0 not found
[snip]
> I am having the same problem. Can an
On Monday, April 12, 2004, 3:09:41 AM, Paul Barbeau wrote:
> There still might be a place for BigEvil in this new world of SURBL. I find
> there are a number of domain in BigEvil (and my own MidEvil) that are not
> yet in the spam cop and therefore not in this service. Because of this
> there mig
On Friday, April 9, 2004, 12:50:23 PM, Martin McWhorter wrote:
> Burnie wrote:
>>Some time ago, Martin McWhorter <[EMAIL PROTECTED]> wrote:
>>>When I do a perl Makefile.PL I get --
>>>Can't locate Mail/SpamAssassin.pm in @INC (@INC contains:
>>>Well of course it cant find it there, its at--
>>>/us
Hello SA Users and Developers,
Raymond Dijkxhoorn has very kindly set up three Mailman-powered
mailing lists for folks using or interested in SURBL:
http://lists.surbl.org/
Announce - SURBL Announcement list [READONLY]
This is an announcement-only list for SURBL users. Message
volume shou
On Friday, April 9, 2004, 7:39:32 AM, Dan Stetser wrote:
> I did the same upgrade of perl. Spamassassin started as the stock
> Fedora rpm, then did a -Uvh with the 2.63 rpm.
> my /usr/bin/spamassassin has:
> use lib '/usr/lib/perl5/vendor_perl/5.8.1'; # substituted at 'make' time
> Is this what
On Friday, April 9, 2004, 3:57:16 PM, Walker Aumann wrote:
>> # spamassassin --lint
>> Failed to compile URI SpamAssassin tests, skipping:
>> (syntax error at /etc/mail/spamassassin/spamcop_uri.cf, rule
>> SPAMCOP_URI_RBL, line 1, near "eval:"
>> syntax error at /etc/mail/spamassassin/bige
On Friday, April 9, 2004, 8:59:15 AM, Sandy S wrote:
> This looks like a great service! However, after downloading, unzipping and
> untarring, I got the following error doing perl Makefile.PL:
> Warning: prerequisite LWP 0 not found
> I may be dense, but what's LWP 0 and where do I find it? I br
On Friday, April 9, 2004, 9:53:37 AM, Adam Denenberg wrote:
> two questions for this.
> 1) Do you need to subscribe to spamcop to use this ?
No, though I would certainly encourage anyone to use SpamCop to
report spams, including the parsing and reporting it provides as
input for SURBL. We then g
On Friday, April 9, 2004, 11:15:14 AM, Matthew Thomas wrote:
> debug: querying for onlinedeals.com.sc.surbl.org
> debug: Query failed for onlinedeals.com.sc.surbl.org
> Does this mean that the uri wasn't found in the list, or that I failed to
> contact the surbl?
Hi Matt,
In case it helps, online
On Friday, April 9, 2004, 12:09:12 PM, Shaun Erickson wrote:
> [EMAIL PROTECTED] wrote:
>> I have had quite a few come in this morning that Chris' rules hit, but the
>> new SURBL did not hit.. I'll keep both running for a while, and see how
>> things shake out!
> You're right - I put BigEvil bac
On Friday, April 9, 2004, 11:52:57 AM, ITReading ITReading wrote:
> Hello all,
> I think I may have the SURBL working on ActivePerl 5.61 on Win32 w/ SA 2.63.
> I was hoping someone could forward a message to me that will
> trigger the rule in "spamcop_uri.cf" so that I may test it
> before placing
Hello Daniel,
On Friday, April 9, 2004, 2:13:49 AM, Daniel Kleinsinger wrote:
> I'm not "of" MailScanner, that sounds bad I'm just a simple
> MailScanner user who gives thanks everyday to Julian Field, the
> wonderful developer of MailScanner. For what it's worth, I just
> installed .09 and
On Friday, April 9, 2004, 2:01:50 AM, Bob Mortimer wrote:
> Oops sorry - make test gets this:
> t/bad..ok
> t/blacklistok
> t/cacheok
> t/dnsrbl...ok
> t/good.ok
> t/ipaddressok
> t/longhostname.ok
> t/mailto...ok
> t/merge_ur
Hmm, I thought it may be a MailScanner/SA/SpamCopURI
compatibility issue of some kind. But then Mike Zanker
gave 0.09 a try with MailScanner and had no problems.
I'm not sure if Daniel Kleinsinger of MailScanner is on this list,
so I'll cc him for a heads up.
Daniel, can you give SpamCopURI 0.09
On Thursday, April 8, 2004, 10:05:25 PM, Dan Stetser wrote:
> Running SA version 2.63
> Mail-SpamAssassin-SpamCopURI-0.09 did a make/test/install with no errors
> but then when I try and use spamcop_uri.cf in my /etc/mail/spamassassin dir
> and lint it I get:
> Failed to compile URI SpamAssassin
On Thursday, April 8, 2004, 10:17:46 AM, Mike Schrauder wrote:
> We seem to be getting many through despite continual bayes training.
> They have one URI in them and here is my rule that is getting many but not
> all of them as it seems spammers have an
> unlimited supply of goofy domain names reg
As Steve pointed out off list, the update has not propagated to
all the SourceForge mirrors yet. Please check for the updated
version later at a mirror near you. ;)
Jeff C.
__
On Thursday, April 8, 2004, 4:48:17 PM, Jeff Chan wrote:
> Hi Steve,
> Eric Kolve has just issued a fix for the test su
Hi Steve,
Eric Kolve has just issued a fix for the test suite in his 0.09
version of SpamCopURI:
http://sourceforge.net/projects/spamcopuri/
Please give it a try and let us know what kind of results
you get. :D
Jeff C.
__
On Thursday, April 8, 2004, 4:29:58 PM, Steve Wakelin wrote:
> Jeff,
On Thursday, April 8, 2004, 9:59:47 AM, Matthew Thomas wrote:
> I receive a goodly number of spams in the format below. I have fed a large
> number of them into bayes, but since the text varies so much from message to
> message I still am not catching many. Is there a set of rules that anyone
> i
On Thursday, April 8, 2004, 3:40:15 PM, Jonathan Nichols wrote:
> The domains -
> pimpinprices.com
> billiebobbie.com
> funkyprices.com
> These are all owned by the same person, same registrar, everything.
> Yet these are the ONLY ones that seem to slip through.
> Any more domain examples? We ne
On Thursday, April 8, 2004, 5:01:48 PM, Matthew Trent wrote:
> On Thursday 08 April 2004 4:56 pm, Rick Macdougall wrote:
>> Jeff Chan wrote:
>> > Hi Steve,
>> > Eric Kolve has just issued a fix for the test suite in his 0.09
>> > version of SpamCopURI:
>> >
>> >http://sourceforge.net/projects/s
On Thursday, April 8, 2004, 11:59:30 AM, Chris Santerre wrote:
> I am SOO happy to see this!!! So what does this mean to the future of
> BigEvil??? I'm not sure just yet. This is what I have wanted for so long. I
> have done BigEvil because we didn't have any other option. But now we do :)
>
On Thursday, April 8, 2004, 11:18:14 AM, Matthew Trent wrote:
> On Wednesday 07 April 2004 06:22 pm, Jeff Chan wrote:
>> Unlike other RBLs, the Spam URI RBL (SURBL) is not used to block
>> spam server IP addresses, but instead to block messages based on
>> URI domains previously reported to SpamCop
On Thursday, April 8, 2004, 1:52:24 AM, Ryan Castellucci wrote:
> Kelson Vibber wrote:
>> At 09:49 AM 4/7/2004, Shaun T. Erickson wrote:
>>>I'm not trying to start a religious war, but are there any RBLs whose data
>>>is considered trusted enough to use to block mail from coming into the
>>>server
Hello SpamAssassin Users,
I'm pleased to announce a new type of RBL for blocking messages
based on spam domains contained in message bodies called SURBL.
Unlike other RBLs, the Spam URI RBL (SURBL) is not used to block
spam server IP addresses, but instead to block messages based on
URI domains pre
Looks like somebody didn't read the UPGRADE doc...
Due to the database format change, you will want to do something like
this when upgrading:
I read it and followed the directions and didn't see any problem for a
couple days and then suddenly the spam level jumped substantially.
Upon further
On Sat, 30 Oct 2004, Tuc at Beach House wrote:
> > > himinbjorg% sa-learn --dump magic
> > > 0.000 0 3 0 non-token data: bayes db version
> > > 0.000 0175 0 non-token data: nspam
> > > 0.000 0 73501 0 non-token data: nh
From: "John Fleming" <[EMAIL PROTECTED]>
> jdow said:
> > On another paw I note that most family tools are not left running
> > 24x7. If this is his case then a large portion of his 250 messages
> > may be coming in right after he boots. If he is setup to spawn
> > too many spamds then he could ex
> > himinbjorg% sa-learn --dump magic
> > 0.000 0 3 0 non-token data: bayes db version
> > 0.000 0175 0 non-token data: nspam
> > 0.000 0 73501 0 non-token data: nham
> > 0.000 01027341 0 non-token
jdow said:
> On another paw I note that most family tools are not left running
> 24x7. If this is his case then a large portion of his 250 messages
> may be coming in right after he boots. If he is setup to spawn
> too many spamds then he could experience a memory crisis.
That's not it. It's most
how to tell postfix to NOT check mails from sasl authenticated users:
use no content_filter in your
main.cf:
content_filter =
use a amavisd filter after sasl authentication
main.cf:
smtpd_sender_restrictions =
permit_sasl_authenticated,
check_sender_access regexp:/etc/postfix/amavisd.regexp
amavisd
Jan Theofel said:
>
> Hello Matt,
>
> On Sat, Oct 30, 2004 at 01:00:01PM -0500, Matt Yackley wrote:
>>
>> Today marks the first full year that SARE has been contributing custom rules
>> to
>> the
>> SA community.
>>
>> Happy Birthday SARE!
>
>>>From where do you know this? There's no note about th
On another paw I note that most family tools are not left running
24x7. If this is his case then a large portion of his 250 messages
may be coming in right after he boots. If he is setup to spawn
too many spamds then he could experience a memory crisis.
{^_-}
From: "JamesDR" <[EMAIL PROTECTED]>
I just wonder what rule set should be catching "m o r tgage" along with
all the other drug rules level permutations on that word, perhaps
coupled with "application" similarly permutated.
{^_^}
- Original Message -
From: "Matt Yackley" <[EMAIL PROTECTED]>
> -BEGIN PGP SIGNED MESSAGE--
75 matches
Mail list logo
