What ever happened to "Louisville CO 80027" spam?
Did they change their scheme? Get Prosecuted?
Rob McEwen
PowerView Systems
error: Insecure dependency in eval while running setuid at
/usr/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/PerMsgStatus.pm line 2119._
, continuing
Ayup - another one of those horrid problems.
I am running 3.04 with spamd and spamc. I get this on "full" rules.
However, I do not get it all the t
From: "Matt Kettler" <[EMAIL PROTECTED]>
> Theo Van Dinter wrote:
> > On Fri, Jun 24, 2005 at 07:45:52PM +0200, Tuyen DINH wrote:
> >
> >>According to the lastest announce, SpamAssassin from version 3.0.1 to
> >>3.0.3 is subject to a Denial of Service Vulnerability.
> >>
> >>So is Spamassassin 3.0.
From: "Loren Wilton" <[EMAIL PROTECTED]>
> > I don't see the advantage of this. How does a *message header* help in
> > tracking? Or does it correspond with a web bug?
>
> List washing. When they actually get a complaint about spam, they can
> remove the address from the list, even if the report
John Horne wrote:
Many thanks for all the replies, which all seem positive.
However, we have been seeing problems with restarting the daemon
recently, which is why I am wary about starting to run RDJ from cron. In
trying to restart spamassassin, on a fedora core 4 and core 3 system, we
see:
/
Theo Van Dinter wrote:
> On Fri, Jun 24, 2005 at 07:45:52PM +0200, Tuyen DINH wrote:
>
>>According to the lastest announce, SpamAssassin from version 3.0.1 to
>>3.0.3 is subject to a Denial of Service Vulnerability.
>>
>>So is Spamassassin 3.0.0 vulnerable ?
>
>
> Is 3.0.0 between 3.0.1 and 3.0.
At 09:30 AM Friday, 6/24/2005, you wrote -=>
> >have
> >there been problems doing this?
>
> RDJ will not restart the daemon or even keep changed rulesets
> if the lint returns an error. So, running it via a cron job is safe.
It depends on how you're running SA. If you're using amavisd and you
Aaron Grewell wrote:
It depends on how you're running SA. If you're using amavisd and you
specify a restart script, make sure it restarts both amavisd and postfix.
there is no need to restart postfix.
Otherwise the two can stop talking to each other, and your mail will get
held up until you
David Brodbeck wrote:
> Bob Proulx wrote:
> > Matt Wills wrote:
> >
> >>Does anyone have a ruleset for catching any or all of these stock tips?
> >
> >
> > This is a little off-topic, but how do spammers expect to make money
> > from that spam?
>
> A lot of them are "pump and dump" schemes, I susp
On Fri, Jun 24, 2005 at 07:45:52PM +0200, Tuyen DINH wrote:
> According to the lastest announce, SpamAssassin from version 3.0.1 to
> 3.0.3 is subject to a Denial of Service Vulnerability.
>
> So is Spamassassin 3.0.0 vulnerable ?
Is 3.0.0 between 3.0.1 and 3.0.3 ? ;)
--
Randomly Generated Tag
>-Original Message-
>From: John Horne [mailto:[EMAIL PROTECTED]
>Sent: Friday, June 24, 2005 12:44 PM
>To: SpamAssassin
>Subject: Re: RDJ from cron - is it safe?
>
>
>On Thu, 2005-06-23 at 14:13 -0700, Ed Kasky wrote:
>> At 09:54 AM Thursday, 6/23/2005, John Horne wrote -=>
>> >Hello,
>>
Hello,
According to the lastest announce, SpamAssassin from version 3.0.1 to
3.0.3 is subject to a Denial of Service Vulnerability.
This french advisory says it concerns prior versions of 3.0.3.
http://www.certa.ssi.gouv.fr/site/CERTA-2005-AVI-225/index.html
So is Spamassassin 3.0.0 vulnerable
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Loren Wilton writes:
> > I don't see the advantage of this. How does a *message header* help in
> > tracking? Or does it correspond with a web bug?
>
> List washing. When they actually get a complaint about spam, they can
> remove the address from t
On Thu, 2005-06-23 at 14:13 -0700, Ed Kasky wrote:
> At 09:54 AM Thursday, 6/23/2005, John Horne wrote -=>
> >Hello,
> >
> >We have been running RDJ manually, but are now considering running it
> >via cron. The problem is what if something 'goes wrong'? This is on a
> >central mailhub, and we do no
> >have
> >there been problems doing this?
>
> RDJ will not restart the daemon or even keep changed rulesets
> if the lint returns an error. So, running it via a cron job is safe.
>
It depends on how you're running SA. If you're using amavisd and you
specify a restart script, make sure it re
Erwin Zavala wrote:
X-Spam-Flag should be the default.
In fact, AFAIK it's impossible to have SA generate a X_Spam_* header, it's got a
hard-coded X-Spam- prefix that can't be changed.
Joao Gazzoni wrote:
> Hello,
>
> One message have these headers:
> From: Sucesu - RS <[EMAIL PROTECTED]>
> Reply-To: [EMAIL PROTECTED]
> Return-Path: [EMAIL PROTECTED]
>
> And the SA whitelist have this record:
> From: [EMAIL PROTECTED] yes
That's not a spamassassin whitelist ent
Hello,
One message have these headers:
From: Sucesu - RS <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Return-Path: [EMAIL PROTECTED]
And the SA whitelist have this record:
From: [EMAIL PROTECTED] yes
But SA action is:
Jun 24 00:03:05 MailScanner[14910]: Message j5O31n4N016
Hallo und guten Tag Andy,
Heute (am 24.06.2005 - 15:38 Uhr)
schriebst Du:
> When I read this I thought it's overkill but in the meantime and after
> looking at my logs (not only from SA but also ssh-attacks) I DO think that
> it's a good idea to block these IPs.
take a look at http://www.pe
Bob Proulx wrote:
Matt Wills wrote:
Does anyone have a ruleset for catching any or all of these stock tips?
This is a little off-topic, but how do spammers expect to make money
from that spam?
A lot of them are "pump and dump" schemes, I suspect. The spammer buys
a bunch of shares of som
There are two fairly obvious possibilities here:
1.Your server isn't normally running with net tests enabled, but they
were for the manual test.
Why would that be?
2.You ran the manual test > 1/2hr after the automatic scan, and by then
the domain had made it into all of the blackli
You might want to take a look at this:
http://www.blackholes.us/
Very useful for inclusion into RBLs if you so desire. I myself am not
very keen at all on blocking entire countries, but the option is there
if you need/want it.
Regards,
Martyn
Andy Spiegl wrote:
Hi Carlo,
back in
Hi Carlo,
back in May you wrote:
>Moreover, you might want to firewall (or reject their mail
>otherwise before it reaches spamassassin) all of South Korea and
>all of China -- that will reduce the ammount of spam you
>receive with about 99% ... So, it is more than worth it.
When I
>
>
> Hi, I am using spamassassin and store the user preferences in
> an SQL database.
> That works for simple options, like required_hits, since this
> has a key (required_hits) and a value (5.0 for example).
> But how about preferences where the key is composed of
> multiple parts, like rewr
Aaaah, clever, thank you, both!
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
IE-Center: http://ie5.de & http://msie.winware.org
I have the stock sa-stats.pl script, but I'm more familiar w/ PHP when
it comes to scripting, so when it comes to expressions in Perl I'm
pretty lost.
It seems to be an easy enough modification for someone who knows perl to
modify the script to accept another argument, that is, the domain you
wish
> I don't see the advantage of this. How does a *message header* help in
> tracking? Or does it correspond with a web bug?
List washing. When they actually get a complaint about spam, they can
remove the address from the list, even if the report is something like
Spamcop that attempts to remove a
> Jdow wrote on Thu, 23 Jun 2005 20:58:22 -0700:
>
> > X-Message-ID:
> > 106.100.111.119.64.101.97.114.116.104.108.105.110.107.46.110.101.116
> >
> > Which is merely my email address encoded stupidly.
>
> I don't see the advantage of this. How does a *message header* help in
> tracking? Or d
From: "Kai Schaetzl" <[EMAIL PROTECTED]>
> Jdow wrote on Thu, 23 Jun 2005 20:58:22 -0700:
>
> > X-Message-ID:
> > 106.100.111.119.64.101.97.114.116.104.108.105.110.107.46.110.101.116
> >
> > Which is merely my email address encoded stupidly.
>
> I don't see the advantage of this. How does a
Dr Robert Young wrote on Thu, 23 Jun 2005 22:04:57 -0400:
> So when using CPAN to get Sys::Syslog with Perl 5.8.3, it states that
> it requires Perl 5.8.7 as a depedancy.
>
> Just checking to be sure that the later version of Perl is needed if
> one is intending to use SA 2.6 and/or 3.0 with
Jdow wrote on Thu, 23 Jun 2005 20:58:22 -0700:
> X-Message-ID:
> 106.100.111.119.64.101.97.114.116.104.108.105.110.107.46.110.101.116
>
> Which is merely my email address encoded stupidly.
I don't see the advantage of this. How does a *message header* help in
tracking? Or does it correspond
On Thu, 23 Jun 2005, Loren Wilton spake:
> Also from almost complete ignorance: it seems unlikely since 3.0.
> Previously the bayes database had the actual tokens and counts in it. Since
> 3.0 the database has a hash of the token. I don't konw that the hashes from
> two different systems would en
Hi, I am using spamassassin and store the user preferences in an SQL database.
That works for simple options, like required_hits, since this has a key
(required_hits) and a value (5.0 for example).
But how about preferences where the key is composed of multiple parts, like
rewrite_header subject
On 6/24/2005 5:15 AM +0200, Charles Read wrote:
Howdy!
I have unfortunately had many addresses learned in the AWL rule. How
can I start from scratch... that is delete my auto white list database?
man rm
Niek Baakman
34 matches
Mail list logo
