Hello all,
I have made a bash script for scanning outgoing mail from all
the Squirrelmail users on my server using procmail. It is based
upon a script I got from Andrzej Adam Filip from the the
spamassassin mailing list.
It is possible to modify it to take care of all mails sendt by
the sendma
On Wed, Feb 23, 2005 at 03:31:33PM -0800, Ben Poliakoff wrote:
> Very useful comments all around. I now have some reasonable numbers
> (tokens and overall db size) to kick around. I also will reconsider
> using a "dbx" backed bayes.
FYI, I've found that at least with MySQL, the db size ends up
* Ben Poliakoff <[EMAIL PROTECTED]> [20050223 11:46]:
> What sort of guidelines/rules of thumb/formulas have people used to
> determine the bayes_expiry_max_db_size setting for a sitewide bayes
> database?
Thanks Matt, Kris, and Kai,
Very useful comments all around. I now have
David Guntner wrote on Wed, 23 Feb 2005 11:38:31 -0800:
> From the line about URIDNSBL, and the lack of a complaint
> about Net::DNS not being there, I'm thinking that SpamAssassin is happy now.
>
Looks good :-)
> Is there something I can do, though, to verify that the DNSBL check is
> act
Lisa Casey wrote on Wed, 23 Feb 2005 14:52:34 -0500:
> X-AntiAbuse:
>
These are quite common, however, I don't know if they are fake or inserted
by an abused system.
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
IE-Center: http://ie5
Ben Poliakoff wrote on Wed, 23 Feb 2005 11:45:47 -0800:
> 8Mb * 2000 users = ~16Gb!
>
nonono, a site-wide install doesn't scale per user, one fits all. We have
between 0,5 - 1 mio tokens and up to 40 MB databases for setups between a
dozen and a thousand users. Works well. dbx, not SQL. Not sur
Ben Poliakoff wrote:
> What sort of guidelines/rules of thumb/formulas have people used to
> determine the bayes_expiry_max_db_size setting for a sitewide bayes
> database?
Modify until it feels right.
> The Mail::SpamAssassin::Conf man page says the default is 15
> tokens (which, it says,
At 02:45 PM 2/23/2005, Ben Poliakoff wrote:
What sort of guidelines/rules of thumb/formulas have people used to
determine the bayes_expiry_max_db_size setting for a sitewide bayes
database?
Personally, I'm using 200,000 on a 100 user site-wide setup. This means my
bayes DB varies between 200k and
Hi,
I got a piece of spam today which contained some odd headers I've not seen
before. The e-mail was one of those promising me great wealth (yeah right -
wish I had a nickle for every time I've heard THAT!).
Anyone know anything about these headers (jellico.net is me by the way).
X-AntiAbuse:
What sort of guidelines/rules of thumb/formulas have people used to
determine the bayes_expiry_max_db_size setting for a sitewide bayes
database?
The Mail::SpamAssassin::Conf man page says the default is 15 tokens
(which, it says, is equivalent to roughly 8mb). It seems a little
extreme to si
On Wed, Feb 23, 2005 at 12:36:22PM -0700, Terry Poperszky wrote:
> Thanks, just checked the logs and it is working. When you ask "beyond
> the default ones", what BL's is SA 3.02 using by default?
There's a bunch (too many for me to remember). See your installed
20_dnsbl_tests.cf (probably under
Never mind, I found the rule set.
Thank you for the help,
Terry Poperszky
SOS Staffing Services
Network Manager
801-257-5709
[EMAIL PROTECTED]
Terry Poperszky wrote:
Thanks, just checked the logs and it is working. When you ask "beyond
the default ones", what BL's is SA 3.02 using by default?
Ter
Kai Schaetzl grabbed a keyboard and wrote:
> David Guntner wrote on Wed, 23 Feb 2005 01:35:02 -0800:
> > t/10-recurse...NOK 5# Failed test (t/10-recurse.t at line
> > 36)
>
> You really didn't need to post the whole log just to show this error!
Sorry, wasn't sure if the stuff leadi
Thanks, just checked the logs and it is working. When you ask "beyond
the default ones", what BL's is SA 3.02 using by default?
Terry Poperszky
SOS Staffing Services
Network Manager
801-257-5709
[EMAIL PROTECTED]
Theo Van Dinter wrote:
On Wed, Feb 23, 2005 at 12:13:11PM -0700, Terry Poperszky wro
>You may also want to
>consider buying a book on the subject, such as this one:
>http://www.packtpub.com/book/spamassassin.
I hear thats a pretty decent book to start with ;)
--Chris
On Wed, Feb 23, 2005 at 12:13:11PM -0700, Terry Poperszky wrote:
> Can someone give me (Or point me to the documentation) a sample
> configuration for having SA 3.02 use SpamCop? I have read the Faq and
> the config man pages, but I am still unclear on the syntax.
3.x uses spamcop by default as
Can someone give me (Or point me to the documentation) a sample
configuration for having SA 3.02 use SpamCop? I have read the Faq and
the config man pages, but I am still unclear on the syntax.
Plus what other BL's would you recommend? (I have to be fairly
conservative in a corporate environmen
At 01:50 PM 2/23/2005, Meshbah Uddin Ahmed wrote:
i m using Debian + Exim + MailScanner + ClamAV +
SpamAssassin. All r successfully installed
But spamassassin cant detect spam. I use required_hits
5 in mailscanner.conf.
For ur inf, i enable Auto Whitelist SpamAssassin =
yes.
when i tried to send an
Hi,
i m using Debian + Exim + MailScanner + ClamAV +
SpamAssassin. All r successfully installed
But spamassassin cant detect spam. I use required_hits
5 in mailscanner.conf.
For ur inf, i enable Auto Whitelist SpamAssassin =
yes.
when i tried to send any mail, score is 1 or 2. Not
goes to 5.
Am Mittwoch, 23. Februar 2005 16:04 schrieb Robert Fitzpatrick:
> Yes, I got a hold of one and it score 24 points using 'spamassassin -t'
> and considered spam as only 5 points were required, but ended up in my
> inbox. I am running amavisd-new with Postfix, how do I tell if
> spamassassin is even
Jeff Chan wrote:
On Wednesday, February 23, 2005, 8:38:31 AM, Jay Levitt wrote:
I tried to create a test harness to see if I can replicate this outside
of SA, but for some reason, even though I double-checked the code I
copied from Dns.pm, I'm getting weird results - it's always
At 11:23 AM 2/23/2005, Gary Manigault wrote:
1. What version of spamassassin should I get?
3.0.2. If you're stuck with an old version of perl (ie: 5.0005) get 2.64.
Can I get the rpm?
As per the downloads page, you can use rpmbuild on it
http://spamassassin.apache.org/downloads.cgi
rpmbu
Hi Gary. There are a number of tutorials on the web that could best
answer your questions. A good place to start might be
http://wiki.apache.org/spamassassin/StartUsing. You may also want to
consider buying a book on the subject, such as this one:
http://www.packtpub.com/book/spamassassin.
Possibly you are missing the dot in front of the SA directory name?
Usually, the SA directory will be ".spamassassin"
Just a thought.
Matt Kettler wrote:
At 11:27 AM 2/22/2005, Carinus Carelse wrote:
When I try to run the command I get the following error. Am i doing
something wrong.
bash-2.05
On Wednesday, February 23, 2005, 8:38:31 AM, Jay Levitt wrote:
> After it's been running for a few hours, the lookup_ns check (which does
> a sanity check to make sure we can resolve the nameservers of a
> well-known domain) seems to fail. Or, rather, it returns, but with 0
> entries in the arra
Jeff Chan wrote (quoting Jay Levitt):
Nope, that's not it. I've been throwing debug code in bit by bit.
(More accurately, I've been re-copying the dbg statements as "warns",
because while there's plenty of useful output, there are just too many
un-categorized dbg statements to leav
Title: Message
I have Postfix
running and doing some limited blocking of titles etc. I would like to
install and run Spamassassin.
1. What
version of spamassassin should I get? Can I get the
rpm?
2. What other
pieces do I need to get with Spamassasin? I keep hearing razor, don't kn
At 10:10 AM 2/23/2005, Ciprian wrote:
Is there a way to copy the SA filters created by training SA3.0 to filters
that would install on SA2.64?
No. The bayes DB in SA 3.0 stores SHA1 hashes of tokens, whereas 2.6x
stores the tokens themselves in text format.
Despite recent findings of collisions i
At 10:31 AM 2/23/2005, Robert Bartlett wrote:
Do you suggest until resolved disable this? If to disable it what exactly do
I need to disable?
Upon closer inspection are you sure you fed SA the actual message with
complete headers?
Are you sure that's not the output of spamassasin --lint??
It look
Thanks for the help everyone. Here is the new spam log running against the
same email now using the solution given below in the local.cf file. Is there
anything else you see that might be causing any other issues?
Thanks
Robert
-Original Message-
From: Martin Hepworth [mailto:[EMAIL PROTE
Robert
set the score to zero in local.cf
score ALL_TRUSTED 0
--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300
Robert Bartlett wrote:
Do you suggest until resolved disable this? If to disable it what exactly do
I need to disable?
Thanks again!
Robert
-Origin
Robert Fitzpatrick wrote on Wed, 23 Feb 2005 08:54:13 -0500:
> I have received complaints from two companies since yesterday about
> messages with porno content getting through.
>
take the "slipping" message and run it thru spammassassin -D, then, and
only then, you know more.
Kai
--
Kai Sch
Do you suggest until resolved disable this? If to disable it what exactly do
I need to disable?
Thanks again!
Robert
-Original Message-
From: Matt Kettler [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 23, 2005 8:28 AM
To: [EMAIL PROTECTED]; users@spamassassin.apache.org
Subject: Re:
At 10:09 AM 2/23/2005, Robert Bartlett wrote:
I have one client who gets 15-20 spam emails a day. Currently Im using SA
3.0.1. I had auto whitelist and auto learn on and since turned this off. I
ran spamd -D on one of the emails that got through that should of been
marked spam.
From your log:
deb
On Wednesday 23 February 2005 00:57, Robert Menschel wrote:
> Hello Larry,
>
> Tuesday, February 22, 2005, 3:11:00 PM, you wrote:
>
> LS> I have been seeing hundreds of "Postmaster" messages a day, that
> LS> are bounced to bogus sender addresses, in my domain. ...
>
> LS> The real problem is that
Hi,
Is there a way to copy the SA filters created by training SA3.0 to filters
that would install on SA2.64?
Thx,
Cip
I have one client who gets 15-20 spam emails a day. Currently Im using SA
3.0.1. I had auto whitelist and auto learn on and since turned this off. I
ran spamd -D on one of the emails that got through that should of been
marked spam.
I noticed it scored a 2.6 with the regex test at the beginning
Yes, I got a hold of one and it score 24 points using 'spamassassin -t'
and considered spam as only 5 points were required, but ended up in my
inbox. I am running amavisd-new with Postfix, how do I tell if
spamassassin is even working?
Gary W. Smith wrote:
You might want to collect some additio
You might want to collect some additional information from the client
such as the headers. This is where I would start.
Gary
> -Original Message-
> From: Robert Fitzpatrick [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, February 23, 2005 5:54 AM
> To: SpamAssassin
> Subject: Porno
>
> I
I set up a fake email address that I will send all my spam to. This
address should report spam via "spamassassin -r" which calls razor-report.
I use qmail, so here is the content of my .qmail-spamtrap:
|spamassassin -x -C /etc/mail/spamassassin -r
Of course, to prevent spamassassin from stopping
I have received complaints from two companies since yesterday about
messages with porno content getting through. Is this a new variant? And
is anyone else getting hit with these or know of any updates to filter
the messages? I am running Spamassassin 3.0.1 with rules du jour, but
neither seem t
David Guntner wrote on Wed, 23 Feb 2005 01:35:02 -0800:
> t/10-recurse...NOK 5# Failed test (t/10-recurse.t at line 36)
>
You really didn't need to post the whole log just to show this error!
I reinstalled Net::DNS a few days ago and got another error with that test as
well. In m
Apologies.
I didn't post a complete ruleset, merely some useful examples. The basic
motivation is that I have a rule that matches on various references to
size, a rule (below) that matches on references to genitalia, and a rule
that matches on mammary references (trying to beat our internal
profan
Yeah, get a newer version of razor.. At least 2.40. Ancient versions of
razor older than 2.40 aren't supported by SA anymore...
OK, thank you very much.
--
Milos Prudek
_
Most websites are
confused chintzy gaudy conflicting tacky unpleasant... unusable.
Learn how usable YOUR websit
Hi,
The INSTALL document says that installing the Net::DNS package, while not
strictly required, is recommended. I've been trying to install it to no
avail. Running Mandrake Linux 9.2 with perl 5.8.1. CPAN version is 1.76.
When I try to do the install, this is what I get:
# cpan
cpan shel
On Tue, Feb 22, 2005 at 07:30:26AM -0600, Larry Rosenman wrote:
> Johann Spies wrote:
> > On Fri, Feb 18, 2005 at 11:02:15AM -0500, Chris Santerre wrote:
> >>
> >> Absolutely! But without knowing how you are blocking, I can't say
> >> anymore.
> >
> > I am using exim4 with exiscan and refuse to
Hello Larry,
Tuesday, February 22, 2005, 3:11:00 PM, you wrote:
LS> I have been seeing hundreds of "Postmaster" messages a day, that
LS> are bounced to bogus sender addresses, in my domain. ...
LS> The real problem is that I receive the "Postmaster" messages, and
LS> feel that they should be rev
On Tuesday, February 22, 2005, 10:25:36 PM, Jay Levitt wrote:
> Kelson wrote:
>> Jay Levitt wrote:
>>
>>> I have SA 3.01 running under mimedefang 2.43 with sendmail 8.13.1.
>>> At some point, SA seems to stop doing lookups on the DNSBLs; spam
>>> gets through that is listed in multiple BLs; if
Hello David, Nate,
Tuesday, February 22, 2005, 3:07:41 PM, David wrote:
>> Here is the typical email I get from these morons. Notice the missing
>> letters "Vicodin", "Viagra", "Xanax", and "Cialis". In my email client
>> Microsoft Outlook displays all the letters. However, if I copy and paste
hi, I'm quite new with SA and also open source program.
I need your help as follow: I'm using FreeBSD 4.9 stable and deplyoing qmail
1.03 with qmail-scanner 1.20.
It works fine.
I haven't installed SA at the first place.
Do you have any advice how to install it to the current config? Your advise
On Tuesday, February 22, 2005, 6:19:06 AM, Robert Brooks wrote:
> David B Funk wrote:
>> I'm seeing a new spam varient that is clearly designed to get
>> past SURBL. It is an HTML message that contains many (50~100)
>> 'invisible' links; links that have no target text, just:
>> http://garbage.siten
On Tuesday, February 22, 2005, 8:42:17 AM, Matt Kettler wrote:
> At 10:58 AM 2/22/2005, Marc Perkel wrote:
>>First I would recomment you upgrade to Spam Assassin 3.x - It's much better.
> Good point Marc, that's a better solution in general. I do recommend that
> over my previous advice of just a
On Tuesday, February 22, 2005, 9:57:02 AM, Andy Jezierski wrote:
> Kelson <[EMAIL PROTECTED]> wrote on 02/22/2005 11:30:46 AM:
>> Jay Levitt wrote:
>> > I have SA 3.01 running under mimedefang 2.43 with sendmail 8.13.1. At
>> > some point, SA seems to stop doing lookups on the DNSBLs; spam gets
Kelson wrote:
Jay Levitt wrote:
I have SA 3.01 running under mimedefang 2.43 with sendmail 8.13.1.
At some point, SA seems to stop doing lookups on the DNSBLs; spam
gets through that is listed in multiple BLs; if I check manually with
spamassassin -t, it detects the BL entry, even if I run it m
Hi,
I'm running SA 3.0.0 on Mandrake 10.1. Emails are passed from postfix to
procmail and procmail passes each email to /usr/bin/spamassassin. I
would like to know how to get it to show the X-Spam-Report headers for
all messages, not just the ones it thinks are spam. I want to see what
the scor
Update: this is resolved after quick response by Mark Martinec to a
post to the amavis-users list.
The issue was that I'd changed my postifx config to do address
mappings after the content filter instead of before, so amavisd-new
was seeing non-local domains and not adding the X-Spam headers to
th
On Tue, 22 Feb 2005, Andy Jezierski wrote:
> Kelson <[EMAIL PROTECTED]> wrote on 02/22/2005 11:30:46 AM:
>
> > Jay Levitt wrote:
> > > I have SA 3.01 running under mimedefang 2.43 with sendmail 8.13.1. At
> > > some point, SA seems to stop doing lookups on the DNSBLs; spam gets
> > > through that
At 11:47 AM 2/22/2005, Milos Prudek wrote:
> What version of razor2 do you have?
perl-razor-agents 2.34
Yeah, get a newer version of razor.. At least 2.40. Ancient versions of
razor older than 2.40 aren't supported by SA anymore...
Also, any version of razor 2.61 or higher contains whiplash signa
58 matches
Mail list logo
