I thought I saw here a while back a script which would check to see if
user wanted spam scanning or not. I've tried going through the list but
alas I just can't seem to find it. Any help would be appreciated.
Tim
At 06:13 PM 2/3/2005, Brian Godette wrote:
Those sorts of mail servers end up in my firewall rules till some point in
the
future.
I started off using a shun on them as a short-term fix, but then went to a
500 error message for all mail from the server in /etc/mail/access.
They seem to behave pro
On Thursday 03 February 2005 3:32 pm, Matt Kettler wrote:
> I encountered one ISP who's legitimate mail gateway is freaking out under
> the load of all the proxy spam.
>
> It's now retrying temp-fail messages immediately without any delay... 24+
> times per second.
>
> Since I have Sendmail set up
Hi,
* Theo Van Dinter wrote (2005-02-02 04:48):
>On Tue, Feb 01, 2005 at 10:45:59PM -0500, Pedro Sam wrote:
>> I noticed that although I have 5 spamd children, only one of them was
>> getting called at the time. Does anyone know how to process incoming mail
>> in parallel using procmail?
>
>Sur
I encountered one ISP who's legitimate mail gateway is freaking out under
the load of all the proxy spam.
It's now retrying temp-fail messages immediately without any delay... 24+
times per second.
Since I have Sendmail set up to verify sender domains exist, a lot of spam
gets a 451 error.. Un
When I am trying to train bayes ... eveyrone says you have to remove the
message header first ??
I assume this means the spam tag that spam assassin adds ? If the spam
is in the mailbox on the server, how do you remove the tag ???
Thanks,
Peter
At 09:56 AM 2/3/2005, Peter Marshall wrote:
>OK.
Hi,
* Pedro Sam wrote (2005-02-02 04:45):
>I noticed that although I have 5 spamd children, only one of them was
>getting called at the time. Does anyone know how to process incoming mail
>in parallel using procmail?
I think you should look at your MTA, Procmail can't do a thing about it.
Th
At 01:12 PM 2/3/2005, Kelson wrote:
I can't speak for Mailscanner, but I know MIMEDefang has some built-in RBL
functions, and people have posted several greylist implementations that
work within a MIMEDefang filter. With that setup, you could have MD do
the RBL lookup and conditionally run the
--On Thursday, February 03, 2005 1:43 PM -0500 Rob McEwen
<[EMAIL PROTECTED]> wrote:
Even though that may be correct in theory, isn't there one-way encryption
involved for these passwords? (you know, the kind which can't be retrieved
by anyone, only reset). But even if that is not the case, regul
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Matt Kettler writes:
> At 07:24 AM 2/3/2005, Sander Holthaus - Orange XL wrote:
> >I've noticed that my current memory consumption of spamd (3.x), when using a
> >number of custom rule-sets such as SARE, is relatively high (~50MB according
> >to ps).
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
use GNU patch (std answer to any Solaris question ;).
use "patch -p0". step 5 should be unnecessary, and in its place,
be sure to run "make clean".
- --j.
Martin Hepworth writes:
> Leonard
>
> most odd - perhaps ask the people involved in that bug
Kenneth Porter said:
>If you know how the password is stored, you don't even need to launch
>Outlook to actually connect to the ISP server. The same vulnerability would
>also work with Thunderbird; you'd just need to know how to extract the
>saved password from the Mozilla profile.
Even though
--On Wednesday, February 02, 2005 9:38 PM -0500 Rob McEwen
<[EMAIL PROTECTED]> wrote:
I couldn't tell from the article... but are SMTP Servers which REQUIRE
password authentication for sending immune from this particular type of
spam? Or does the system somehow route the spam through a person's
o
Matt Kettler wrote:
So, aside from hacking milter-greylist itself, is there a way in
sendmail.cf to only call a milter when a RBL hits? Is there another
milter that can wrap milter-greylist to do this? (ie: sendmail calls
milter-rbl-wrapper, and milter-rbl-wrapper conditionally calls
milter-gre
Hi,
I'm using SA 3.02 + Postfix relaying mail for our internal exchangeserver.
Is it possible to forward mail tagged as spam to a certain mailadress?
I'm not using procmail or amavisd.
Thanks in advance
/ Martin
Evan Platt wrote:
At 08:24 AM 2/1/2005, you wrote:
We checked the maillog. But the session shows as [127.0.0.1]
127.0.0.1. What config did you put in sendmail to make it shows more?
No idea. I knew about enough to grep the maillogs, modify a config file
here and there, but that's it.
Maybe som
Matt Kettler <[EMAIL PROTECTED]> wrote on
02/03/2005 11:01:02 AM:
> Setup: Sendmail, milter-greylist, MailScanner, SA.
>
> Currently I use sendmail, and have milter-greylist enabled in "test
mode"
> so only my account is greylisted. Based on testing with my account,
some
> MTAs take a few hour
I know this is slightly OT here, but it is related to spamfighting, and
there are some good sendmail hacks on this list. The concept might prove
useful to others here too.
Concept: I want to be able to greylist email that matches an RBL. I'd
rather not greylist all mail company wide (although I
> Hello,
>
> We're seeing quite a few spam emails with subject lines
> similar to the below...
>
> "Better st0ck perfOrmance fr0m 0tc helpline"
>
> Does anyone have a rule for these yet?
>
> --
> Regards,
> Matt
>
There are rules for those, however, they only seem t
Hello,
We're seeing quite a few spam emails with subject lines similar to the
below...
"Better st0ck perfOrmance fr0m 0tc helpline"
Does anyone have a rule for these yet?
--
Regards,
Matt
At 09:56 AM 2/3/2005, Peter Marshall wrote:
OK. I am sure you all are going to think this question is related to not
reading on the contrary .. I have read countless threads, and I even
bought the spamassassin book by orielly .. still confused :(
How do I know that it is actually doing the a
OK. I am sure you all are going to think this question is related to not
reading on the contrary .. I have read countless threads, and I even
bought the spamassassin book by orielly .. still confused :(
Here is all I have in my local.cf file (system wide) ... I have not done
much with it ..
found it ... I had another procmailrc file in /etc ... I was trying
something else a little while ago and for got about it.
Thanks for the help.
I have another question, but I will make a new post.
Peter
-Original Message-
From: Peter Marshall [mailto:[EMAIL PROTECTED]
Sent: Thursday, F
Here is my .provmailrc file
#Spamassassin start
:0fw
| /usr/bin/spamc
#Spamassassin end
~
And I run this from /etc/init.d/spamassassin
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKI
At 02:49 AM 2/3/2005, Jeff Chan wrote:
> The only problem I see with the tactic is the ISP itself is likely to deal
> with the infected users pretty quickly, instead of dragging their feet,
> since the spam will now be bogging down their servers, instead of
bypassing
> them.
And the answer is: s
At 07:24 AM 2/3/2005, Sander Holthaus - Orange XL wrote:
I've noticed that my current memory consumption of spamd (3.x), when using a
number of custom rule-sets such as SARE, is relatively high (~50MB according
to ps). When running with a large number of children, this would consume
quite a large p
You have used the same name SARE_SUBJ for two different rules. I
suspect they are both evaluated before the meta rules and only one
result is kept and used for the meta rules. This is why SARE_NO_SUBJ
and SARE_BLANK_SUBJ have the exact same statistics. This is probably
not what you want.
L
> -
What kind of setup are you using? What do you do if a email is tagged as
spam? SpamAssassin ran twice, but because of -2.8 ALL_TRUSTED, I would say
that it is some configuration issue on how you quarentine spam.
Kind Regards,
Sander Holthaus
> -Original Message-
> From: Peter Marshall [ma
At 08:36 AM 2/3/2005, Peter Marshall wrote:
I am not sure why it is doing this ... but everytime i get a spam, it looks
like it does the smap rateing twice. And it gives different scores each
time. Here is the new header from the last email I got. Notice how it
looks like spamassassin ran twice.
My first guess would be that you could have 2 bayes db on your system, and
that spamassassin running as root is not looking in the same place for the
bayes db as spamd is. When upgrading from 2.64 to 3.02 I had a similar issue
where 2.64 was using the virtual mail users homedir fo its files (such a
At 11:43 PM 2/2/2005, Prashanth Narayanan wrote:
another strange thing is that if i use the new convention and use
"required_score n.nn" then it always takes the default score of 5
irrespeective of what score i give and so i had to revert to
"required_hits" although i know it is deprecated.
What ha
One area where this might cause additional problems (even for those who
successfully block ALL these spams) is tarpitting settings. Basically, many
servers will place the IP address of the sending server into a tarpit if
that server just got finished attempting to send X number of viruses or
spams
Leonard
most odd - perhaps ask the people involved in that bug (ie create an
bugzilla acct and ask then how to debug so you can get the thing going).
There is a flag on the spamd startup that limits the number it will
span which achieves a similar effect to the patch,,
-m num, --max-children=n
I am not sure why it is doing this ... but everytime i get a spam, it looks
like it does the smap rateing twice. And it gives different scores each
time. Here is the new header from the last email I got. Notice how it
looks like spamassassin ran twice. Any Idea's ??? (yes, my threshhold is
low
Greetings!
Are there many other high-volume spamassassin installations out there
using DCC? I would very much like to add DCC to our arsenal of
spamassassin checks. However, the aggregate volume of my three
site-wide gateways is over 250K messages daily. I'm quite certain I
couldn't set thes
Martin,
I'm having a little problem with the
patch, as I'm admittedly not extremely "perl savvy". Perhaps
you can see what I might be doing wrong and steer me in the right direction.
1. Saving both patches as text files (named patch1 and patch2 respectively)
into the /Mail-SpamAssassin-3.0.1 d
I've noticed that my current memory consumption of spamd (3.x), when using a
number of custom rule-sets such as SARE, is relatively high (~50MB according
to ps). When running with a large number of children, this would consume
quite a large portion of memory.
Or am I wrong here, and is a portion of
> At 07:59 PM 2/2/2005, Sander Holthaus - Orange XL wrote:
> >I've been interested in offering customers to train manually
> train the
> >SpamAssassin Bayes filter for ham and spam (to reduce false
> positives
> >and negatives). However, I can only find documentation to this for
> >local mailb
On Thu, 2005-02-03 at 10:01 +, Gray, Richard wrote:
>
>
> > debug: DCC -> check failed: no X-DCC returned (did you create a
> map file?): no valid DCC server hostnames
>
> Did you?
>
> The errors certainly suggest that everything is working, but that dcc
> can't find any servers.
Th
Title: Help...dcc
>
debug: DCC -> check failed: no X-DCC returned (did
you create a map file?): no valid DCC server
hostnames
Did you?
The errors certainly suggest that everything
is working, but that dcc can't find any servers.
R
Title: Help...dcc
Hi List.
Does anyone have a howto for building Spamassin with dcc?
MTA is exim using exiscan
I have razor and oyzor running fine, but cant get dcc to work.
debug: DCCifd is not available: no r/w dccifd socket found.
debug: executable for dccproc was found at /usr/l
hi all...
i have a sa installed in a vpopmail machine. it works fine and the bayes
seems to be autolearning fine. but there is still some spam that gets
true.
under vpopmail everything is owned by the vpopmail user.
how should i use sa-learn with the existing bayes dbs i have under my
.spamassass
I'm running debian stable and I updated spamassassin from 2.63 to 3.0.
It seem to be running fine, but I keep getting thsi error.
bayes: bayes db version 2 is not able to be used, aborting! at
/usr/share/perl5/Mail/SpamAssassin/BayesStore/DBM.pm line 160,
line 44.
I've seen the link to this prob
On Wednesday, February 2, 2005, 6:20:50 PM, Matt Kettler wrote:
> At 09:11 PM 2/2/2005, Shane Mullins wrote:
>>Here is a link from ZDNet warning of a spam increase. I can't wait to see
>>SA smat it down.
> Hmm.. so zombies are going to start using the legit mailserver instead of
> acting as a d
On 2005-02-02 10:59:43 -0600, [EMAIL PROTECTED] wrote:
> I have seen it done both ways in examples.
Both. Is it so difficult to read procmailrc(5)?
Best regards
Martin
--
Martin Schröder, [EMAIL PROTECTED]
ArtCom GmbH, Lise-Meitner-Str 5, 28359 Bremen, Germany
V
hi,
i am using the following setup:
debian sarge (testing)
qmail (netqmail 1.05)
bincimap-1.2.11final
qmail-scanner-1.24
Mail-SpamAssassin-3.0.2
maildrop-1.8.0
razor-agents-2.67
the ***SPAM*** text is never placed in the Subject. but i know
spamassassin is reading my local.cf because if i chang
From: Robert Nicholson <[EMAIL PROTECTED]>
Date: February 2, 2005 9:22:21 PM CST
To: Sa-Talk (E-mail)
Subject: Removing attachments for mail identified as SPAM
Has anything been added to the recent releases of SA to handle this?
I've got some code that I use but it's not full proof as it only lo
Sounds like the pc's will act like a smtp server. But they were very vague.
Shane
- Original Message -
From: "Rob McEwen" <[EMAIL PROTECTED]>
To:
Sent: Wednesday, February 02, 2005 9:38 PM
Subject: RE: spam warning from zd net
I couldn't tell from the article... but are SMTP Servers whi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Rob McEwen writes:
> I couldn't tell from the article... but are SMTP Servers which REQUIRE
> password authentication for sending immune from this particular type of
> spam? Or does the system somehow route the spam through a person's outlook,
> makin
I couldn't tell from the article... but are SMTP Servers which REQUIRE
password authentication for sending immune from this particular type of
spam? Or does the system somehow route the spam through a person's outlook,
making use of the saved password for the default mail account?
(Too bad the art
On Wed, Feb 02, 2005 at 06:17:57PM -0800, Robert Menschel wrote:
> An S/O of 0.812 for SARE_EMPTY_SUBJ_BODY is maybe worth a point or so,
> but it's not a strong enough indicator of spam to be worth much.
Ewww! (I'd just delete things around 0.8...)
It doesn't hit a ton, but there is a rule in 3
On Wed, 02 Feb 2005 21:20:50 -0500, Matt Kettler <[EMAIL PROTECTED]> wrote:
> Hmm.. so zombies are going to start using the legit mailserver instead of
> acting as a direct delivery... Hmm.. Well, we should see the DUL RBL hits
> drop off pretty fast. Won't affect SURBL hits though.
Or see legit m
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Matt Kettler writes:
> At 09:11 PM 2/2/2005, Shane Mullins wrote:
> >Here is a link from ZDNet warning of a spam increase. I can't wait to
> >see SA smat it down.
>
> Hmm.. so zombies are going to start using the legit mailserver instead
> of acting
Hello Matthew,
Tuesday, December 7, 2004, 7:32:22 AM, you wrote:
MN> Hello,
MN> I've recently installed SA 3.0.1, and found some junk was
MN> getting through with scores too low for my liking, especially before the
MN> URLs made it into SURBL. I've put together a few rules to match some
MN> of t
At 09:11 PM 2/2/2005, Shane Mullins wrote:
Here is a link from ZDNet warning of a spam increase. I can't wait to see
SA smat it down.
Hmm.. so zombies are going to start using the legit mailserver instead of
acting as a direct delivery... Hmm.. Well, we should see the DUL RBL hits
drop off pre
Hello Jeff,
Tuesday, December 14, 2004, 10:09:29 AM, you wrote:
JK> We're getting hit with a lot of emails with blank subject lines and blank
JK> contents. Could be some kind of address verification robot. Is SA supposed
JK> to filter these? If not, does anyone have some custom rules that would d
Here is a link from ZDNet warning of a spam
increase. I can't wait to see SA smat it down.
http://news.zdnet.com/2100-1009_22-5560664.html?tag=nl.e589
Shane
At 07:59 PM 2/2/2005, Sander Holthaus - Orange XL wrote:
I've been interested in offering customers to train manually train the
SpamAssassin Bayes filter for ham and spam (to reduce false positives and
negatives). However, I can only find documentation to this for local
mailboxes and IMAP. Most
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Sander Holthaus - Orange XL writes:
> Yesterday, I saw the following message in my logs after shutting down spamd:
>
> Attempt to free unreferenced scalar: SV 0xbb91874.
>
> I have no clue as to what is means. Can anyone enlighten me? I'm usin
On Thu, Feb 03, 2005 at 01:59:21AM +0100, Sander Holthaus - Orange XL wrote:
> I've been interested in offering customers to train manually train the
> SpamAssassin Bayes filter for ham and spam (to reduce false positives and
> negatives). However, I can only find documentation to this for local
>
I've been interested
in offering customers to train manually train the SpamAssassin Bayes filter for
ham and spam (to reduce false positives and negatives). However, I can only find
documentation to this for local mailboxes and IMAP. Most users however, retrieve
their mail through POP and us
Yesterday, I saw the
following message in my logs after shutting down spamd:
Attempt to free unreferenced scalar: SV 0xbb91874.
I have no clue as to
what is means. Can anyone enlighten me? I'm using SpamAssassin 3.02, Perl 5.8.5
and FreeBSD 4.10
Kind
Regards,
Sander
Holthaus
62 matches
Mail list logo
