>...
>
>From: "Keith Ivey" <[EMAIL PROTECTED]>
>
>> List Mail User wrote:
>>
>> > Legitimate domains will use wildcards for 'NS', 'MX' and even
>> > occasionally for some more obscure records, but an 'A' or 'CNAME'
>> > record is nearly always a spammer.
>>
>> Do you have any statistics for that?
>...
>
>List Mail User wrote:
>
>> Legitimate domains will use wildcards for 'NS', 'MX' and even
>> occasionally for some more obscure records, but an 'A' or 'CNAME'
>> record is nearly always a spammer.
>
>Do you have any statistics for that? I administer plenty of domains
>that have wildcard A
Hello, Rich Puhek.
So thanks for your answer.
It is what I wanted and works well.
Thanks again.
From: Rich Puhek <[EMAIL PROTECTED]>
To: Monty Ree <[EMAIL PROTECTED]>
CC: spamassassin-users@incubator.apache.org
Subject: Re: How to exlcude spamassassin check for some users?
Date: Mon, 23 May 2
Quoting Keith Ivey <[EMAIL PROTECTED]>:
List Mail User wrote:
Legitimate domains will use wildcards for 'NS', 'MX' and even
occasionally for some more obscure records, but an 'A' or 'CNAME'
record is nearly always a spammer.
Do you have any statistics for that? I administer plenty of domain
Quoting List Mail User <[EMAIL PROTECTED]>:
Looks like I slightly over estimated. I just checked the last
40 spams I received. After ignoring 419s, stock pumps and phishing I
found 14 without wildcards and 21 with - exactly 60% (only one had a
'CNAME' wildcard, the rest were all 'A' re
jdow wrote:
One must wonder at their motivations for allowing things like
wassyup.metazeek.spindrift.metafilter.com. Is there a good one?
I'm not sure about metafilter.com. It could just be that Matt Haughey
doesn't want to mess with his DNS whenever he wants to set up a new
subdomain, like
On Mon, May 23, 2005 at 08:26:45PM -0700, jdow wrote:
> One must wonder at their motivations for allowing things like
> wassyup.metazeek.spindrift.metafilter.com. Is there a good one?
It's good when you have a single setup serving all your websites,
for instance. I do this for all of my domains (
From: "Keith Ivey" <[EMAIL PROTECTED]>
> List Mail User wrote:
>
> > Legitimate domains will use wildcards for 'NS', 'MX' and even
> > occasionally for some more obscure records, but an 'A' or 'CNAME'
> > record is nearly always a spammer.
>
> Do you have any statistics for that? I administer p
From: <[EMAIL PROTECTED]>
> Quoting Justin Mason <[EMAIL PROTECTED]>:
>
> >> A similar idea, without the "back-channel" flaw is to test the
> >> domain for either 'CNAME' or 'A' record `wildcards' (as in the command
> >> "dig '*.spammer_domain.tld' a" and "dig '*.spammer_domain.tld' cname").
> >>
Hello Sandy,
Monday, May 23, 2005, 7:19:13 AM, you wrote:
>> > How can one use user_prefs to tell spamassassin to reject spam
>> > tagged at level N at just send it back to them?
>>
>> You can't.
>>
>> SA is not designed to delete, deliver or bounce mail. It is designed to
>> scan and identify SP
List Mail User wrote:
Legitimate domains will use wildcards for 'NS', 'MX' and even
occasionally for some more obscure records, but an 'A' or 'CNAME'
record is nearly always a spammer.
Do you have any statistics for that? I administer plenty of domains
that have wildcard A records, and I'm n
Monty Ree wrote:
> Hello, all.
>
> As you know spamd use lots of memory and CPU resources.
> So I would like to exclude spamassassin check for some users who receive
> lots of mails.
>
> How can I do this?
I came up with a procmail and perl solution to do just what you need.
Been working well f
Ben Wylie wrote:
> I am running SA 3.02 on a Windows 2003 server.
> As previously posted to this list I have had a problem where SA seems unable
> to remove a bayes lock file or something like that.
>
> I include complete logs below to show what it is like - I apologise for the
> size of it.
>
>
On Sun, 22 May 2005, Elizabeth Schwartz wrote:
> I'm sorry, I shoudln't post late at night. I am running SA as a
> sendmail milter. And of course SA is happy to filter again mail which
> has been filtered once - but I would love some way to tell it NOT to.
> I have an external relay running SA, a
>> >...
>>
>> A similar idea, without the "back-channel" flaw is to test the
>> domain for either 'CNAME' or 'A' record `wildcards' (as in the command
>> "dig '*.spammer_domain.tld' a" and "dig '*.spammer_domain.tld' cname").
>> This is an excellent spam sign (the host portion of the name is
I am running SA 3.02 on a Windows 2003 server.
As previously posted to this list I have had a problem where SA seems unable
to remove a bayes lock file or something like that.
I include complete logs below to show what it is like - I apologise for the
size of it.
First of all, I was wondering if
Hello,
I am currently running SA 3.03 with bayes, and bayes is storing all of its
data into a mysql DB. As this was all installed via PSoft's HSphere, I didn't
actually pick the specific configuration myself. On my system, bayes is
trained per mailbox individually, and I am wanting to change th
Quoting Justin Mason <[EMAIL PROTECTED]>:
A similar idea, without the "back-channel" flaw is to test the
domain for either 'CNAME' or 'A' record `wildcards' (as in the command
"dig '*.spammer_domain.tld' a" and "dig '*.spammer_domain.tld' cname").
This is an excellent spam sign (the host
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
jdow writes:
> From: "Justin Mason" <[EMAIL PROTECTED]>
>
> > - - if a spammer were to use a hostname like
> > "jm_at_jmason_dot_org.spamdomain.com", they get a free backchannel to
> > verify that I was (a) using SpamAssassin to filter to my mail
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
List Mail User writes:
> >Theo Van Dinter writes:
> >> On Mon, May 23, 2005 at 06:45:12PM -0500, [EMAIL PROTECTED] wrote:
> >> > Here's the algorithm:
> >> >
> >> > 1 Decode any URL-encoding in the message
> >> > 2 Un-MIME the message
> >>
> >
From: "Justin Mason" <[EMAIL PROTECTED]>
> - - if a spammer were to use a hostname like
> "jm_at_jmason_dot_org.spamdomain.com", they get a free backchannel to
> verify that I was (a) using SpamAssassin to filter to my mail, and (b)
> that that address is valid. So blindly resolving the ful
>...
>
>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA1
>
>
>Theo Van Dinter writes:
>> On Mon, May 23, 2005 at 06:45:12PM -0500, [EMAIL PROTECTED] wrote:
>> > Here's the algorithm:
>> >
>> > 1 Decode any URL-encoding in the message
>> > 2 Un-MIME the message
>>
>> Wrong order?
>>
>> > 3
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Theo Van Dinter writes:
> On Mon, May 23, 2005 at 06:45:12PM -0500, [EMAIL PROTECTED] wrote:
> > Here's the algorithm:
> >
> > 1 Decode any URL-encoding in the message
> > 2 Un-MIME the message
>
> Wrong order?
>
> > 3 Scan all parts of th
On Mon, May 23, 2005 at 06:45:12PM -0500, [EMAIL PROTECTED] wrote:
> Here's the algorithm:
>
> 1 Decode any URL-encoding in the message
> 2 Un-MIME the message
Wrong order?
> 3 Scan all parts of the message for URLs and email addresses (this can be
> links, IMG tags, mailto:'s, or even
I'd like to contribute some research I've done on spam that doesn't use
traditional bayes filters or other scoring methods nor traditional DNS BLs. Its
either spam or its not, but I'd like to see this technique in spamassasin,
possibly with really high scores for things that this method says are "s
Hello, all.
As you know spamd use lots of memory and CPU resources.
So I would like to exclude spamassassin check for some users who receive
lots of mails.
How can I do this?
my procmailrc file is below...
DROPPRIVS=yes
#Spamassassin start
:0fw: spamassassin.lock
* < 256000
| /usr/bin/spamc -
Hi,
I have installed SpamAssassin and Maildrop on local machine. With
the help of this website,
http://www.firstpr.com.au/web-mail/Postfix-SA-Anomy-Maildrop/, I can
receive non-spam messages without any problem.
However, when it comes to spam messages, spamd detects its spam message,
but fa
The setting here is "Determined by individual user settings". Also the
messege encoding is set to MIME and both is selected.
I'm going to keep an eye on the folder and make sure it keeping the
original format.
Craig
-Original Message-
From: Wolfgang Zeikat [mailto:[EMAIL PROTECTED]
Sen
Thanks Justin. I'll try that later.
Steven
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Monday, May 23, 2005 12:05 AM
To: Steven Manross
Cc: Loren Wilton; users@spamassassin.apache.org
Subject: Re: debug and STDERR
-BEGIN PGP SIGNED MESSAGE-
Hash
On 05/23/05 17:44, Sloan, Craig wrote:
Examining the properties of the servers public folders, I cannot see any
settings that would change the format of the message. If I check the
properties of the public spam folder w/Outlook, it is set to use
IPM.post.
Craig, in the Exchange System Manag
That did the trick. Thanks a bunch!
Bryce Kahle <[EMAIL PROTECTED]>
Systems Administrator - Binary Net
1-402-742-7042 http://www.binary.net/
-Original Message-
From: Matt Kettler [mailto:[EMAIL PROTECTED]
Sent: Monday, 23 May, 2005 12:02 PM
To: Bryce Kahle
Cc: users@spamassassin.apache
Bryce Kahle wrote:
> spamd options:
> -c -d -r /var/run/spamd.pid -C /usr/local/etc/mail/spamassassin/
>
I think you want --siteconfigpath not -C above... -C should be
/usr/share/spamassassin or /usr/local/share/spamassassin.
Since you've managed to eliminate all the default rulefiles from being
I am evaluating version 3.02 of spamassassin and I'm running into some
problems. I am using a spamc/spamd setup via procmail for each opt-in
user with a .procmailrc in the user's home directory. My problem is that
spamc/spamd doesn't seem to be adding the X-Spam-Status or any of the
other headers t
I am not seeing that behavior w/Outlook 2003 as the client moving the
mail to our public Spam folder. They are remaining plain text. I have
instructed the users to click, drag the messages to the folder, not
"send to:". Also to prevent embarrassment (and possible sexual
harassment suit?) the users
We are trying to use a public folder on an Exchange 2003 server to store
spam for sa-learn. When a user copies a mail into that folder with
outlook, plain text mails get converted to text and HTML. Copied with
mozilla mail via IMAP, the mails stay unchanged. What are the necessary
steps to pre
On Monday 23 May 2005 16:02, Joe Borg typed:
> incorrectly trained it. Is it possible to upgrade but force spamassassin to
> install a new/fresh bayes db?
Remove the bayes files and SA will re-create them.
Hi,
I'm still pretty much a newbie to Spamassassin so please excuse me if I'm
asking an already answered questions; however, I've searched the site for an
answer and could not find one.
I'm currently running Spamassassin v. 2.63 and would like to upgrade to the
latest version in the coming weeks.
Steven Manross wrote:
Thanks for the response.
Well, I am calling the SA classes directly as perl via "PerlScript"...
Similar to VB and how an ASP page is called from IIS (but by
perlse.dll).
EX:
use Mail::SpamAssassin;
Etc, etc.
Namely, the SMTP Exchange interface ('Simple Mail Transfer
- Original Message -
From: "guenther" <[EMAIL PROTECTED]>
To: "The Doctor" <[EMAIL PROTECTED]>
Cc:
Sent: Sunday, May 22, 2005 8:27 AM
Subject: Re: Setting up a rejection limit
> On Sun, 2005-05-22 at 07:03 -0600, The Doctor wrote:
> > How can one use user_prefs to tell spamassassin to
Thank for the quick answer Loren.
I'will try the --max-conn-per-child=100 option to see how it work.
Also, i resolve my syntax error just after posting..
Thank
Julien
Thank very much Loren.
regards,
mizzio
Il giorno lun, 23-05-2005 alle 04:51 -0700, Loren Wilton ha scritto:
> > - I get some messages marked as SPAM coming form this mailing list,
> > since the body contains URLs and text from real spam messages: do I have
> > to feed them in my DB as ham or this
On Sunday, May 22, 2005, 10:19:39 AM, Bookworm wrote:
> However, here's the chuckle part. It's a quote from a NY Times article.
> "But apparently even the swindlers have sometimes been stung. "We accept
> Western Union Money Transfer as the only payment method due to some
> reasons from our past
> - I get some messages marked as SPAM coming form this mailing list,
> since the body contains URLs and text from real spam messages: do I have
> to feed them in my DB as ham or this can cause some kind of bayes
> poisoning ?
The best thing is to avoid having the mail from this list go through SA
Hi everybody,
first post on this list so please be patient if I'm asking dumb
questions. :-)
I have a spamassassin 3.0.3 mail gateway which is working pretty well
and I train the bayesian DB everyday.
I have a couple of questions on this:
- I get some messages marked as SPAM coming form this mai
> Everything works fine BUT spamd keeps become bigger and bigger.
> When i start it, it take about 31M of memory per child (i get 5) and after
a
> week, it grows up to 43M of memory.
> Is it a problem? Will it grow over and over?
Considering the number of add-on rules files, 43M is probably only a
Hi all,
I am a little worry. I've just install SA 3.03 (perl 5.6.1) with qmail and
maildrop, on a debian stable.
It runs Razor, Pyzor, DCC and URIDNSBL. I use MySQL to store Bayes, awl and
rules.
It is base on a per user config so user1 and user2 doesn't have the same
bayes and awl training.
Every
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Thomas Zehetbauer writes:
> On Sat, 2005-05-21 at 22:24 -0400, Theo Van Dinter wrote:
> > Move aside/delete the default rule files. There's no point in a config
> > option to ignore other config options. ;)
>
> I think there is: default config goes
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
FWIW, you may be open to use
my $f = fileno(STDERR);
close(STDERR);
use POSIX ();
if ($f != 2) { POSIX::close(2); }
open STDERR, ">log.txt" or warn "open failed";
ie. persuade perl to set up your *own* stderr on fd 2. Perl w
48 matches
Mail list logo
