Re: Rule Design Benchmark/Resource Question

Thanks On Thu, Mar 31, 2005 at 05:16:25PM -0500, Matt Kettler wrote: > Rocky Olsen wrote: > > >Before i pull my hair out doing bench/resource test, i was wondering if > >anyone out there knew if there was much of a speed/resource usage > >difference between the following way of writing the same

Re: sa-learn issues

Chip wrote: Michael Parker wrote: On Thu, Mar 31, 2005 at 01:23:24PM -0500, Chip wrote: I have things setup so each user has a spam folder that they will put missed spam in. This folder will later be trained from cron jobs using sa-learn. The problem is, it seems that sa-learn is ignoring t

Re: sa-learn issues

Chip wrote: Michael Parker wrote: On Thu, Mar 31, 2005 at 01:23:24PM -0500, Chip wrote: I have things setup so each user has a spam folder that they will put missed spam in. This folder will later be trained from cron jobs using sa-learn. The problem is, it seems that sa-learn is ignoring t

Re: Rule Design Benchmark/Resource Question

Rocky Olsen wrote: >Before i pull my hair out doing bench/resource test, i was wondering if >anyone out there knew if there was much of a speed/resource usage >difference between the following way of writing the same rule. > > >Method A: >body rule_a /(?:feh|meh|bleh)/i > >vs. > >Method

Re: SA rescore config file

Jim Maul wrote: > >> > > umm what is masses/config file? That's the configuration file for the mass-check tools. They impact the perceptron when evolving scoresets (advanced stuff) > > You should only be changing scores in local.cf > > something like: > > score RULE_NAME_HERE VALUE_HERE > > ie:

Re: Mysql 5.0 with SA 3.0

On Thu, Mar 31, 2005 at 10:12:38PM +0200, [EMAIL PROTECTED] wrote: > > Has someone tested Mysql 5.0 with SA3.0? > Yes. Are you just asking? or did you find some sort of problem? I haven't found any problems so far, but all of my testing has been focused on BayesSQL. Michael pgpt1rIyLXb2C.p

Mysql 5.0 with SA 3.0

Hello Has someone tested Mysql 5.0 with SA3.0?

Re: SA rescore config file

Lisheng Sun wrote: Hi, I try to re-assign score, in masses/config file: SCORESET=3 HAM_PREFERENCE=2.0 THRESHOLD=5.0 EPOCHS=100 NOTE= What the SCORESET here mean? Do i need to change the HAM_PREFERENCE, THRESHOLD and EPOCHS value? Thanks. umm what is masses/config file? You should only be changin

SA rescore config file

Hi, I try to re-assign score, in masses/config file: SCORESET=3 HAM_PREFERENCE=2.0 THRESHOLD=5.0 EPOCHS=100 NOTE= What the SCORESET here mean? Do i need to change the HAM_PREFERENCE, THRESHOLD and EPOCHS value? Thanks.

Re: sa-learn issues

On Thu, Mar 31, 2005 at 02:24:23PM -0500, Chip wrote: > Ahh ok. Make sense! I will change to a sql backend, as my users have > no shell access and can't run the command as themselves. Thanks for the > clarification! Not a bad idea. The Bayes SQL modules have proven to be stable and in most c

Re: sa-learn issues

Michael Parker wrote: On Thu, Mar 31, 2005 at 01:23:24PM -0500, Chip wrote: I have things setup so each user has a spam folder that they will put missed spam in. This folder will later be trained from cron jobs using sa-learn. The problem is, it seems that sa-learn is ignoring the -u / --us

Re: sa-learn issues

On Thu, Mar 31, 2005 at 01:23:24PM -0500, Chip wrote: > I have things setup so each user has a spam folder that they will put > missed spam in. This folder will later be trained from cron jobs using > sa-learn. The problem is, it seems that sa-learn is ignoring the -u / > --user= flag. No mat

Autolearn=failed when BAYES_00 is only rule hit

Please forgive me if this is in the archives; I'm having trouble finding it. I've just finished training my Bayes DB using sa-learn (perversely, when I was trying to collect 200 spam messages, the spammers decided to stop sending to me). Now that the DB is usable, it's interesting that while most

Re: redirect output from lint

[EMAIL PROTECTED] wrote: > > >Hello all > >Can someone tell me how i can redirect the output from the command: >spamassassin --lint >to a file or maybe grep / awk > >spamassassin --lint | grep something >does not work! > >I want to autmate the checks of all rules > >bruno > > Ahh, system admin 2

.packlist

Anyone know why the /etc/mail/spamassassin and /usr/local/share/spamassassin stuff isn't being included in the .packlist? I realize that there might be some concern about them being removed if the package is uninstalled (unlikely) but its also kind of against everything for which the .packlist sta

redirect output from lint

Hello all Can someone tell me how i can redirect the output from the command: spamassassin --lint to a file or maybe grep / awk spamassassin --lint | grep something does not work! I want to autmate the checks of all rules bruno

Re: sa-learn issues

>> The problem is, it seems that sa-learn is ignoring the -u / --user= flag. (B> (B> Of course it's ignoring it. There is no -u flag in sa-learn. ONLY spamc (B> and spamd accept that flag. (B> (B> sa-learn uses the userid of the user that calls it. Period. (B (B>From TFM: (B (B-u username,

Re: sa-learn issues *RETRACTED*

My bad, apparently 3.0.2 and 3.0.1 do have such a flag in sa-learn. I was looking at the 3.0.0 version, which does not. Matt Kettler wrote: >Chip wrote: > > > >>The problem is, it seems that sa-learn is ignoring the -u / --user= flag. >> >> > >Of course it's ignoring it. There is no -u flag

Re: sa-learn issues

Matt Kettler wrote: Chip wrote: The problem is, it seems that sa-learn is ignoring the -u / --user= flag. Of course it's ignoring it. There is no -u flag in sa-learn. ONLY spamc and spamd accept that flag. sa-learn uses the userid of the user that calls it. Period. man sa-learn says diff

Re: sa-learn issues

Chip wrote: > The problem is, it seems that sa-learn is ignoring the -u / --user= flag. Of course it's ignoring it. There is no -u flag in sa-learn. ONLY spamc and spamd accept that flag. sa-learn uses the userid of the user that calls it. Period.

sa-learn issues

I recently installed SA 3.0.2 on freeBSD 4.10, and it's working great, except for this one feature: I have things setup so each user has a spam folder that they will put missed spam in. This folder will later be trained from cron jobs using sa-learn. The problem is, it seems that sa-learn is

Re: negative score from ALL_TRUSTED

At 09:07 AM 3/31/2005, Arvinn Løkkebakken wrote: You have a broken trust path. ALL_TRUSTED should *never* match email from outside your network. But it does anyway, even when trust path is set correctly: http://bugzilla.spamassassin.org/attachment.cgi?id=2508 Hmm. Well, that happens if and only if

Re: can Pyzor run localy?

Alan Shine wrote: Hi, I have a few questuions regrding the benefit/use of SA fatures. 1. Can Pyzord run localy as SURBL does with rbldnsd (check the message with local repository, not with the Pyzor web servers) ? See: http://pyzor.sourceforge.net/ Since the entire system is released under the G

Re: negative score from ALL_TRUSTED

Matt Kettler wrote: You have a broken trust path. ALL_TRUSTED should *never* match email from outside your network. But it does anyway, even when trust path is set correctly: http://bugzilla.spamassassin.org/attachment.cgi?id=2508 Happens when spamassassin fails to parse the Received header(s)

Re: HUMOR: 419 pic

On 3/30/2005 10:15 PM +0100, Chris Santerre wrote: For those of you who don't know, there is a group of ppl that lead 419 scammers on wild goose chases. One of the things they do is request pics for proof. THey have them do some funny stuff. (Bread and fish on head) This came accross my mail today.

From dollars to pounds... and Nigeria to UK

Nigerian scams are evolving... I just received that one with only 3 rules matching (SA 2.6)... BAYES_90 2.10, RCVD_IN_SBL 1.11, RCVD_IN_SORBS 0.10 Return-Path: <[EMAIL PROTECTED]> Received: from vsmtp1.tin.it (vsmtp1.tin.it [212.216.176.141]) by (8.12.10/8.12.10) with ESMTP id j2V3snX802038

Re: Getting around URIRBLs

i wrote something similar to this but instead of of using .+, i used [^>]+, supposedly a tad faster, iirc. also writing s?(?:<.+>)? as (?:s(?:<[^>]+)?)? should be slightly faster cause if it fails to match on the 's' it won't move on to check for the -Rocky On Thu, Mar 31, 2005 at 11:35:26AM +0

Re: Anyway to have SA drop high spam & tag other?

> I'm running Spamassassin 3.0.2 on Linux in front of Oracle Collaboration > Suite. > I am using proxsmtp(http://memberwebs.com/nielsen/software/proxsmtp/) to > scan > mail and then pass it along to oracle. > > My question is... > > I know that you can have spamassassin exit with a non-zero code i

Getting around URIRBLs

http://getpornodvd.com This looks like an effective way of getting round URIRBLs (though of course it requires the end user to cut and paste). The rule below seems to catch the technique. Any suggestions for improving it or any other rules to suggest? # 2005-03-31 new rule rawbody local_OBFU_H

Re: Bigevil file is gone.

Hurray and... can't wait -- Martin Hepworth Snr Systems Administrator Solid State Logic Tel: +44 (0)1865 842300 Chris Santerre wrote: Too much traffic used for a file no longer updated. BigEvil has been removed. I shall replace it with our newest ruleset soon. Its a real corker ;) Chris Sante

Re: Anyway to have SA drop high spam & tag other?

On Wednesday 30 March 2005 08:02 pm, Robert Menschel wrote: > Hello Bill, > > Wednesday, March 30, 2005, 8:15:05 AM, you wrote: > > B> I'm running Spamassassin 3.0.2 on Linux in front of Oracle Collaboration > Suite. B> I am using > B> proxsmtp(http://memberwebs.com/nielsen/software/proxsmtp/) to s

can Pyzor run localy?

Hi, I have a few questuions regrding the benefit/use of SA fatures.   1. Can Pyzord run localy as SURBL does with rbldnsd (check the message with local repository, not with the Pyzor web servers) ?   2.I would like to activate more features to SA (I currently use only SARE rules). We are conside

Re: Anyway to have SA drop high spam & tag other?

Hello Bill, Wednesday, March 30, 2005, 8:15:05 AM, you wrote: B> I'm running Spamassassin 3.0.2 on Linux in front of Oracle Collaboration Suite. B> I am using B> proxsmtp(http://memberwebs.com/nielsen/software/proxsmtp/) to scan B> mail and then pass it along to oracle. B> My question is... B

Rule Design Benchmark/Resource Question

Before i pull my hair out doing bench/resource test, i was wondering if anyone out there knew if there was much of a speed/resource usage difference between the following way of writing the same rule. Method A: bodyrule_a /(?:feh|meh|bleh)/i vs. Method B: bod __rule_a

Re: my girlfriend is getting ticked :)

Michael Bellears wrote: "I'm using 3.0.2 on a debian woody box. Its from www.backports.org (great site)" Ok, so you're using Spamassassin 3.0.2 on Debian. Are you using Sendmail, qmail, courier, or postfix? I honestly don't know that Debian uses as a default mailserver. Exim. Ok

RE: my girlfriend is getting ticked :)

> > "I'm using 3.0.2 on a debian woody box. Its from www.backports.org > > (great site)" > > > Ok, so you're using Spamassassin 3.0.2 on Debian. Are you > using Sendmail, qmail, courier, or postfix? I honestly don't > know that Debian uses as a default mailserver. Exim.

Re: my girlfriend is getting ticked :)

Matthew Lenz wrote: - Original Message - From: "AltGrendel" To: Sent: Wednesday, March 30, 2005 8:50 PM Subject: Re: my girlfriend is getting ticked :) Mike Jackson wrote: Your bayes database looked to be reasonably trained. The false-negative was labeled 99% spam by Bayes. I don't see

Re: my girlfriend is getting ticked :)

On Wednesday, March 30, 2005, 2:21:01 PM, Matthew Lenz wrote: > I just installed backports perl-libnet-dns (.48, hope that is new > enough .49 is the newest). Is there anywhere I can check to see if > 'network tests' (what the SURBL says needs to be enabled) are enabled? Set your trust path corre

Re: my girlfriend is getting ticked :)

- Original Message - From: "AltGrendel" To: Sent: Wednesday, March 30, 2005 8:50 PM Subject: Re: my girlfriend is getting ticked :) Mike Jackson wrote: Your bayes database looked to be reasonably trained. The false-negative was labeled 99% spam by Bayes. I don't see any RBL checks, w

Re: my girlfriend is getting ticked :)

On Wednesday, March 30, 2005, 2:20:17 PM, Mike Jackson wrote: >> Your bayes database looked to be reasonably trained. The false-negative >> was labeled 99% spam by Bayes. >> >> I don't see any RBL checks, which might have made the difference on this >> one, if it's already been seen and flagged.

Re: my girlfriend is getting ticked :)

Mike Jackson wrote: Your bayes database looked to be reasonably trained. The false-negative was labeled 99% spam by Bayes. I don't see any RBL checks, which might have made the difference on this one, if it's already been seen and flagged. Do you have Net::DNS installed and the RLB tests enab

Re: my girlfriend is getting ticked :)

Matthew Lenz wrote: X-Spam-Status: No, score=4.1 required=5.0 tests=BAYES_99,HTML_80_90, HTML_FONT_BIG,HTML_MESSAGE,HTML_TITLE_EMPTY,MIME_HTML_ONLY, MSGID_FROM_MTA_ID autolearn=no version=3.0.2 I see your false negative scored 99% on bayes. The BAYES_99 rule has a much lower score

Re: increasing children

- From 'man spamd': - -m num, --max-children=num Allow maximum num children Just set that as desired in your script that starts up the spamd daemon. HAHAHA!! OMG, I was looking at the wrong man file. ^_^;; Thanks for the help.

Re: Phishing attempts getting through.

> Can someone expand on the ClamAV detecting phishing attempts. Or direct > me some where? Pick up some of the SARE rulesets. I think spoof or fraud is the one that contains an assortment of phishhooks. Won't get 'em all, but will sure cut down on the more common ones. Loren

Re: 3.0.2 and SARE

> I am thinking of downloading rules from SARE. > However, I am told that some or many of the > rules have already been incorporated into 3.0.2 > > Can someone recommend the best approach to > avoid duplicates ? Sure. Read the docs on the SARE rules page relating to each ruleset. We document whi