George,
Maybe the way RDJ does the roll back needs be addressed? I know version
2 is nearing release, and this wouldn't be difficult to add: It could
check the cf file for a grep-able, commented, "this release" changes
entry, which may include a rules.htm#ChangesVerX url.
RDJ has always reporte
On Thu, Feb 17, 2005 at 04:51:50PM -0500, Chris Santerre wrote:
> This is ALWAYS a good idea, and why I don't use RPMs.
Heh. I try to only use RPMs to solve this issue. ;) Installing things
manually leaves somewhat random files all over the place, RPMs know what files
are what.
The thing is t
>
>So I thought maybe Net::DNS looks at it when it is first
>installed. Tried
>to reinstall Net::DNS from source, still nothing. Wonder if I
>need to remove
>the RPM version before installing from source? I have:
This is ALWAYS a good idea, and why I don't use RPMs.
>perl-Net-DNS-0.31-3.1
I
I have this one test that shows up in email headers from time to time
(all on subscribe.ru addresses) but I have no idea where it is coming
from. It is saying the address is in the AWL ("From: address is in the
auto white-list") but I am 99% positive it is not. I am using SQL and
have navicat o
That version of Net::DNS is too old. Upgrade that and see if it fixes
it.
Tom
Austin Weidner wrote:
According to the docs:
On UNIX systems the defaults are read from the following files, in the
order indicated:
/etc/resolv.conf
$HOME/.resolv.conf
./.resolv.conf
What
> According to the docs:
>
> On UNIX systems the defaults are read from the following files, in the
> order indicated:
>
> /etc/resolv.conf
> $HOME/.resolv.conf
> ./.resolv.conf
>
> What OS is this server running?
>
> Try running this:
>
> perl -MNet::DNS -e '$r=Net::DNS::Resolv
Austin Weidner wrote:
-
Does Net::DNS even look in resolv.conf? There seems to be some links to a
file called ".resolv.conf". I wonder if Net::DNS isn't even looking there?
According to the docs:
On UNIX systems the defaults are read from the following files, in the
order indicated:
/
> 1. there have been some reports that Net::DNS will only look at the very
> first nameserver listed in /etc/resolv.conf. Have you checked how long
> that takes to look up a (non-cached!) record?
I tried switching the order of the nameservers, no luck. Tried adding a new
nameserver (public names
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Austin Weidner writes:
> > 127.0.0.2 is the standard answer that Spamcop gives if the requested
> > address is in its list. If the address is not in its list, if returns
> > a NOT FOUND. So it looks like you are right in that the problem is not
>
> 127.0.0.2 is the standard answer that Spamcop gives if the requested
> address is in its list. If the address is not in its list, if returns
> a NOT FOUND. So it looks like you are right in that the problem is not
> access-related. Do you have a "dns_available" entry in your
> /etc/mail/spa
Austin Weidner wrote:
Try seeing if you can use nslookup to find a currently blacklisted
address. At this very moment, 64.12.184.133 is in the spamcop bl.
Try doing
nslookup 133.184.12.64.bl.spamcop.net
and see if that returns an address.
Kevin,
Thanks for the reply. That was a good idea:
--
> Try seeing if you can use nslookup to find a currently blacklisted
> address. At this very moment, 64.12.184.133 is in the spamcop bl.
> Try doing
>
> nslookup 133.184.12.64.bl.spamcop.net
>
> and see if that returns an address.
Kevin,
Thanks for the reply. That was a good idea:
> *cough*
>
> I'll repeat myself..
>
> " Either that or you are using comcast's nameservers, and they've decided
> to block access to RBLs by their users."
>
> Are you using comcast's nameservers? If so, it is possible that they have
> blocked their namserver from answering queries for common R
Andy Donovan wrote:
Especially with optimum and their voip + cable tv + cable modem for $100/month deal.
*choke*
ahhh the classic CableVision bait and Switch ... I'm paying closer to
$200/month and I don't even have the VOIP yet ...
So im not the only one? heh
im paying $40/month alone just for
Try seeing if you can use nslookup to find a currently blacklisted
address. At this very moment, 64.12.184.133 is in the spamcop bl.
Try doing
nslookup 133.184.12.64.bl.spamcop.net
and see if that returns an address.
Austin Weidner wrote:
Hmm, sounds like your resolv.conf is pointing to a na
-
My /etc/resolv.conf file is pointing to my server providers nameservers.
These work find, because:
-
[EMAIL PROTECTED] tmp]# nslookup msn.com
Server: xxx.xxx.xxx.xxx <-- my isp namesever
Address:xxx.xxx.xxx.xxx #53
Non-authoritative answer:
Name:
Hi folks,
I have to repost this mail because I have no answer yet. Sorry about
this, has nobody an idea??
Pls help, I am drowning in junk! ;)
Daniel
--- Begin Message ---
Some more ideas
I have confixx installed, and my email is forwarded through a virtual
user table. That means my account [
At 02:58 PM 2/17/2005, Austin Weidner wrote:
Ignore the Comcast thing, that was a pure coincidence. My ISP is Comcast,
but that didn't have anything to do with the NS lookup that spamassassin
did. I think when it runs that test it does a random main domain or ISP
(I've seen sourceforge.net, linux.o
> Hmm, sounds like your resolv.conf is pointing to a nameserver that doesn't
> allow recursion, and only answers queries about comcast.net addresses.
>
> Either that or you are using comcast's nameservers, and they've decided to
> block access to RBLs by their users. I'm a comcast subscriber at ho
>> Especially with optimum and their voip + cable tv + cable modem for
>> $100/month deal.
*choke*
ahhh the classic CableVision bait and Switch ... I'm paying closer to
$200/month and I don't even have the VOIP yet ...
Chris Santerre wrote:
Autodialing for commercial solicitation to a residence without prior
consent by a for-profit group that you're not already doing
business with
is automatically subject to a $500 minimum damage per-call.
I don't know of many residences with VoIP ;)
Also: LOL @ LoogieLaunc
>
>Autodialing for commercial solicitation to a residence without prior
>consent by a for-profit group that you're not already doing
>business with
>is automatically subject to a $500 minimum damage per-call.
I don't know of many residences with VoIP ;)
Also: LOL @ LoogieLauncher!
--Chris (
Matt Kettler wrote:
Tracking down the originator is still a problem, and international
senders are a problem, but at least in the case of Spit you've got the
law on your side, unlike spam where the law is on the spammer's side
(can-spam)
All this talk of VOIP Spam (Spit) almost has me thinking o
Looks to me like you can do queries to your own internal DNS server, but
cannot directly query an exterior DNS server. This would happen if you
are behind a firewall and only your internal DNS server is allowed to
make queries to other DNS servers outside the firewall.
Hope that helps,
Kevin
At 01:32 PM 2/17/2005, Austin Weidner wrote:
debug: is Net::DNS::Resolver available? yes
debug: Net::DNS version: 0.48
debug: trying (3) comcast.net...
debug: looking up NS for 'comcast.net'
debug: NS lookup of comcast.net succeeded => Dns available (set
dns_available to hardcode)
debug: is DNS ava
At 12:23 PM 2/17/2005, Chris Santerre wrote:
More likely a hash. But this is another reason that filtering isn't the end
solution to the problem. Putting the spammers in jail is. Same goes for
mobile spam.
What does suck is that these SPITs will be harder to trace. I'm guessing
they will fall under
Matt,
As you suggested I ran spamassassin with a real message, and this was the
output:
debug: is Net::DNS::Resolver available? yes
debug: Net::DNS version: 0.48
debug: trying (3) comcast.net...
debug: looking up NS for 'comcast.net'
debug: NS lookup of comcast.net succeeded => Dns available (set
Yup, this fixed it. There is something wrong with Mandrake dists where
/usr/lib/perl5/site_perl gets chmod' to 700 and that is not the proper
behavior. This is a v10 -> 10.1 upgraded machine with 5.8.3 upgraded
to 5.8.5 in recent days as part of urpmi.update. It looks like the
vendor package ma
Interesting but what happens in the case where someone, like me, is
getting 250+ spam a day and only about ten or so legitimate emails? This
is not counting this account that my mailing lists go to which I have
far better bayes performance on (1:100 spam/ham ratio instead of 10:1 or
lower with
At 05:27 AM 2/17/2005, Chris Withers wrote:
I now only have TRIPWIRE ANTIDRUG EVILNUMBERS in my_rules_du_jour.
Are these still worth having? They don't seem to have been updated in ages...
Antidrug is likely to not be updated, I'm lacking time to work on it.
It's also now a part of SA 3.0, so if yo
Hello,
a lot of questions in this list are about the spam : ham ratio to be trained
and how much mails should be trained. One continuously read myth is the 1 : 1
ratio.
I read an article about the best ratio as 1 : 1 and it was expirienced by a
test and later on derived from the bayesian theo
>-Original Message-
>From: Kenneth Porter [mailto:[EMAIL PROTECTED]
>Sent: Thursday, February 17, 2005 12:09 AM
>To: Spamassassin-Talk (E-mail)
>Subject: Re: MISC: HUMOR Instant 419!
>
>
>--On Tuesday, February 15, 2005 3:31 PM -0500 Chris Santerre
><[EMAIL PROTECTED]> wrote:
>
>> Looks
I can't wait to tell my customers that they need to get SpitAssassin.
RO
- Original Message -
From: "Craig McLean" <[EMAIL PROTECTED]>
To:
Sent: Thursday, February 17, 2005 8:46 AM
Subject: OT: Bayes for VoIP anyone?
A whole new set of challenges heading our way...
http://www.theregiste
Thanks for the heads up but the problem is starting to look like perl.
When I run perl as root I have the same @INC path as when I run
non-privileged. However, only as root am I able to find most of the
modules in site_perl. When I run as other than root, I can not get
access to the modules I n
>
>A whole new set of challenges heading our way...
>
>http://www.theregister.co.uk/2005/02/17/spam_gets_vocal_with_voip/
>
More likely a hash. But this is another reason that filtering isn't the end
solution to the problem. Putting the spammers in jail is. Same goes for
mobile spam.
What does
The following mail headers show that the message was flagged as spam. But I
have been trying oh so hard to get the mail to the spamassassin users list
and the mailscanner users list whitelisted. Any help is appreciated.
Thanks, Andy
I have this in a file "TS_WhiteList.cf" in my rules directory
I have new info. I changed the dns_available setting to test and I got
this.
Failed to run DNS_FROM_AHBL_RHSBL RBL SpamAssassin test, skipping:
(Can't call method "bgsend" on an undefined value at
/usr/lib/perl5/vendor_perl/5.8.5/Mail/SpamAssassin/Dns.pm line 112.
)
Failed to run NO_DN
Ok. I created copies of the /etc/resolv.conf file in the user's home
dirs and made sure the copies were owned by those users and no go. It
is still not executing network tests for any user other than root. Can
anybody confirm they are getting network tests performed on a 3.0.0
setup with procma
A whole new set of challenges heading our way...
http://www.theregister.co.uk/2005/02/17/spam_gets_vocal_with_voip/
Craig.
On Wed, Feb 16, 2005 at 10:27:09PM -0800, Robert Menschel wrote:
>Hello George,
>
>Wednesday, February 16, 2005, 9:38:41 PM, you wrote:
>
>GG> Even if someone doesn't use RDJ, isn't a 2-10 line commented change log
>GG> in the cf file worthwhile?
>
>GG> RDJ is not just for people who want to submit
> The problem w/ that is I don't let users have shell access to the
> server so
> editing the files would be a little bit difficult ;)
>
Stick'em in a database and give the peeps a web-based front end.
I use a plugin that snaps into SquirrelMail; I also use scripts so that Spam
is directed into an
I'm running spamd in a home server environment for < 20 users. We have
about 200-250 messages per day come in (most of them spam, but you knew
that).
My question is... wouldn't 5 spamd children be overkill? What would be
recommended for the children? I reduced it to 2 for the time being to
At 10:05 AM 2/17/2005, Tim P wrote:
I know there are options for the display fo the report but that is not
what I am looking to do. I have a large volume (to me at least) of
email to go through. I was hoping that someone knew of a way that
when spamassassin (or the exchange event sink) can put at
-- Original Message --
Received: Wed, 16 Feb 2005 08:32:25 PM EST
From: Robert Menschel <[EMAIL PROTECTED]>
To: FH <[EMAIL PROTECTED]>Cc: users@spamassassin.apache.org
Subject: Re[6]: Care and feeding instructions for SpamAssassin?
>
> Actually, individual user preferences /is/ IMO
> reco
At 06:19 PM 2/16/2005, Austin Weidner wrote:
What does this mean when I do spamassassin --lint -D?
RBL: success for 0 of 1 queries
That is with a default local.cf, nothing disabled. Does this have something
to do with Net::DNS?
Try it feeding a real message to spamassassin -D, one that contains
Re
At 03:05 AM 2/17/2005, Philipp Snizek, seaan.net ag wrote:
X-Spam-Status: Yes, score=6.5 required=3.0
tests=BAYES_50,INVALID_DATE,
MSGID_FROM_MTA_ID,NO_REAL_NAME,RCVD_IN_NJABL_DUL,RCVD_IN_SORBS,
RCVD_IN_SORBS_DUL,TW_KT,URIBL_AB_SURBL,URIBL_SBL
autolearn=spam
version=3.0.1
I thought
I had not upgraded from a 2.6x install with Spam Cop. It was a totally
stock install and it is still 3.0.0. I have since discovered that when
I run spamassassin as any user except root, the network tests do not
work. When I run it as root, all the network tests work just fine. I
have tried to r
I know there are options for the display fo the report but that is not
what I am looking to do. I have a large volume (to me at least) of
email to go through. I was hoping that someone knew of a way that
when spamassassin (or the exchange event sink) can put at the top of
the .out file the subjec
On Mon 2005-02-14 (09:07), Johann Spies wrote:
> On Fri, Feb 11, 2005 at 10:37:06AM -0500, Chris Santerre wrote:
> > [...]
> >
> > Can we get the output from the "spamassassin -D --lint" please?
>
> I should have read what you meant! Ok. Here it is ( have since added
> a few more rules ) :
>
>
I'm having a hard time finding the docs on this (I saw them once) where
get_hits and get_required_hits are deprecated.
Is there a mapping/listing of these deprecated calls and what the new
calls are?
Thanks.
J
I am very new to SA. I just set it up on Fedora Core 3 last week. So far
it has been excellent. I expect performance to even be better once Bayes
establishes itself.
I do have a question with regards to training. Once in a while, I receive
advertisement e-mails from trusted sites. What is the
We are actually running 2.63, and the output for:
sa-learn --dump data | sort > bayes_dump.txt
looks like:
1.000233 0 1108594445 believed
1.000246 0 1108594445 HX-MimeOLE:V6.00.2800.1437
1.000250 0 1108594451 HContent-Transfer-Encoding:7Bit
On Thu, Feb 17, 2005 at 01:41:05PM +0100, Henk van Lingen wrote:
> >
> > spam_probability, #_in_spam, #_in_ham, timestamp, token
>
> How do you produce the tokens in readable form? When I do this, I get:
>
> 1.000332 1 1108642657 463fa0e5c1
Oke, reading a
On Wed, Feb 16, 2005 at 07:33:21PM -0500, Theo Van Dinter wrote:
> On Wed, Feb 16, 2005 at 05:32:34PM -0600, [EMAIL PROTECTED] wrote:
> > Could someone help me determine what these fields represent?
> >
> > 0.001 0 48 1108391722 H*M:hpb
> >
> > Could someone clarify t
Matt Kettler wrote:
At 04:44 AM 2/16/2005, Chris Withers wrote:
> Really, all you need to do is make sure Net::DNS is installed..
How'd I do that?
it's a perl module, install it from a package or with cpan.
I did:
apt-get install libnet-dns-perl
...so it keeps itself up to date with sceurity fixes,
Matt Kettler wrote:
Do I need to put in /etc/spamassassin/local.cf something like
' user_scores_dsn
ldap://host:port/dc=basedn,dc=de?attr?scope?uid=__USERNAME__' or what?
And I don't want at all to extend Windows AD schema (this is our
ldap :) with spamassassin attributes.
Is there a solution?
I use spamassassin version 2.64, SuSE 8.2 and qmail.
I get the following problem:
Argument_"\010862517M->U^TB"_isn't_numeric_in_numeric_gt_(>)_a
t_/usr/lib/perl5/site_perl/5.8.0/Mail/SpamAssassin/BayesStore.pm_line_1260.
The relevant Code of
/usr/lib/perl5/site_perl/5.8.0/Mail/SpamAssassin/BayesSt
Hi
X-Spam-Status: Yes, score=6.5 required=3.0
tests=BAYES_50,INVALID_DATE,
MSGID_FROM_MTA_ID,NO_REAL_NAME,RCVD_IN_NJABL_DUL,RCVD_IN_SORBS,
RCVD_IN_SORBS_DUL,TW_KT,URIBL_AB_SURBL,URIBL_SBL
autolearn=spam
version=3.0.1
I thought the autolearn=spam is at a score of 12.
Wha
On Wednesday, February 16, 2005, 2:25:52 PM, Thomas Bolioli wrote:
> Hence my problem.
> From my local.cf which is not overridden anywhere
> skip_rbl_checks 0
> dns_available yes
> From etc/procmailrc
> SPAMC="/usr/bin/spamassassin"
> :0f
> |$SPAMC
> but the surbl checks only occur when I do sp
Hello George,
Wednesday, February 16, 2005, 9:38:41 PM, you wrote:
GG> Even if someone doesn't use RDJ, isn't a 2-10 line commented change log
GG> in the cf file worthwhile?
GG> RDJ is not just for people who want to submit full trust. It can also
GG> be used to help automate distribution of ful
On Wed, Feb 16, 2005 at 07:34:44PM -0800, Robert Menschel wrote:
>Hello George,
>
>Wednesday, February 16, 2005, 7:06:16 PM, you wrote:
>
>>>GG> Rather than squelching custom site rules, I think it more
>>>GG> appropriate to verbosely report why rules become obsoleted (not
>>>GG> necessarily in the
--On Tuesday, February 15, 2005 3:31 PM -0500 Chris Santerre
<[EMAIL PROTECTED]> wrote:
Looks like 419'er are using instant messaging to get people now! Funny
conversation that a friend of mine had. Worth the read.
http://www.merchantsoverseas.com/wwwroot/gorilla/funny419.txt
(Friends name change
Hello George,
Wednesday, February 16, 2005, 7:06:16 PM, you wrote:
>>GG> Rather than squelching custom site rules, I think it more
>>GG> appropriate to verbosely report why rules become obsoleted (not
>>GG> necessarily in the new ruleset). Maybe a changes file for each cf
>>GG> file is appropriat
On Wed, Feb 16, 2005 at 05:19:38PM -0800, Robert Menschel wrote:
>Hello George,
>
>Wednesday, February 16, 2005, 7:02:58 AM, you wrote:
>
>GG> Rather than squelching custom site rules, I think it more
>GG> appropriate to verbosely report why rules become obsoleted (not
>GG> necessarily in the new r
Hello FH,
Wednesday, February 16, 2005, 7:31:57 AM, you wrote:
>> What were the rule hit changes? Depending on the time between the
>> first scan and the second, some of that might have been due to network
>> tests having been taught the spam. The more time that passed, the more
>> likely such a
Hello George,
Wednesday, February 16, 2005, 7:02:58 AM, you wrote:
>>GG> I had custom scores for them but they seem gone now...
>>They've been archived -- moved to the 70_sare_header_arc.cf file.
GG> okay next time I'll look at raising my rule count rather than
GG> raising scores to block spam.
I know there are options for the display fo the report but that is not
what I am looking to do. I have a large volume (to me at least) of
email to go through. I was hoping that someone knew of a way that
when spamassassin (or the exchange event sink) can put at the top of
the .out file the subjec
On Wed, Feb 16, 2005 at 05:32:34PM -0600, [EMAIL PROTECTED] wrote:
> Could someone help me determine what these fields represent?
>
> 0.001 0 48 1108391722 H*M:hpb
>
> Could someone clarify this a bit for me?
spam_probability, #_in_spam, #_in_ham, timestamp, token
--
Randomly
What does this mean when I do spamassassin --lint -D?
RBL: success for 0 of 1 queries
That is with a default local.cf, nothing disabled. Does this have something
to do with Net::DNS?
This is a earlier on the debug output:
debug: is Net::DNS::Resolver available? yes
debug: Net::DNS version: 0.4
69 matches
Mail list logo
