Re: subject - why not all caps?

As for the all caps rule, it is hard to understand why it was written not to fire on a single excessively long word. Probably because end users are morons and think that if they put lots of capital letters in the subject that you'll somehow prioritize it differently. Our helpdesk guy is

md5sum/sha1sum signatures available, was RE: Gif-Only spams

Good evening, all, On Thu, 9 Jun 2005, Chris Santerre wrote: From: Sven Riedel [mailto:[EMAIL PROTECTED] Sent: Thursday, June 09, 2005 10:19 AM has anyone developed a good strategy against spams that contain a random text and the actual spam in an image within a multipart/alternative mail? Sh

Re: subject - why not all caps?

Hi Matt, thanks for your reply. It seems these guys know how SA treats their messages :( There have been discussions before about "amplifying" rules, but I am not sure whether it is possible. I would say that both english and german versions of this "BUSINESS PROPOSAL" share a few characteri

Re: SURBL, SA 3.0.4, and firewalls

On Sat, Jul 09, 2005 at 07:47:22PM -0400, Dr Robert Young wrote: > Is there any information available on what configuration your firewall > needs in order to make use of SURBL in SA 3.0.4? Forts, etc?? SURBL needs DNS to function. -- Randomly Generated Tagline: Cop: "He's making a break for it.

Re: subject - why not all caps?

>> At 12:38 PM 7/9/2005, [EMAIL PROTECTED] wrote: >> >> >> >I just received this spam (some of them really get their stuff translated >> >well now) but was >> >surprised that it did not trigger subject all caps rule >> >> >> From the eval test code for that rule: >> >> >> # don't match one

SURBL, SA 3.0.4, and firewalls

Is there any information available on what configuration your firewall needs in order to make use of SURBL in SA 3.0.4? Forts, etc??

Re: How can I correctly detect these spams?

jdow schrieb: From: "Thomas Booms" <[EMAIL PROTECTED]> Loren Wilton schrieb: Well, header I have on detected spams like these (possibly I need to reconfigure something) to get the above lists: X-Spam-Status: No, score=-1.8 required=1.5 tests=BAYES_00, DATE_IN_FUTURE_03_06 autolearn=

Re: How can I correctly detect these spams?

jdow schrieb: From: "Thomas Booms" <[EMAIL PROTECTED]> Loren Wilton schrieb: Well, header I have on detected spams like these (possibly I need to reconfigure something) to get the above lists: X-Spam-Status: No, score=-1.8 required=1.5 tests=BAYES_00, DATE_IN_FUTURE_03_06 autolearn

Re: subject - why not all caps?

At 12:38 PM 7/9/2005, [EMAIL PROTECTED] wrote: I just received this spam (some of them really get their stuff translated well now) but was surprised that it did not trigger subject all caps rule From the eval test code for that rule: # don't match one word subjects Since that subject on

Re: Just upgraded to SA3.0.4

I looked around on the web for references to the "no active filter"found several links but nothing that explained what it meant. It was always just a link "peripheral" to some other issue, not the main target of the article/posting. I am not even sure it is a problem...but the wording is j

Re: How can I correctly detect these spams?

From: "Thomas Booms" <[EMAIL PROTECTED]> > Loren Wilton schrieb: > > >>Well, header I have on detected spams like these (possibly I need to > >>reconfigure something) to get the above lists: > >> > >>X-Spam-Status: No, score=-1.8 required=1.5 tests=BAYES_00, > >>DATE_IN_FUTURE_03_06 autolearn=ham

Re: How can I correctly detect these spams?

From: "Thomas Booms" <[EMAIL PROTECTED]> > Loren Wilton schrieb: > > >>Well, header I have on detected spams like these (possibly I need to > >>reconfigure something) to get the above lists: > >> > >>X-Spam-Status: No, score=-1.8 required=1.5 tests=BAYES_00, > >>DATE_IN_FUTURE_03_06 autolearn=ham

Re: Just upgraded to SA3.0.4

That, sir, appears to be a problem with your milter or sendmail config. What does that second entry mean to you? {^_^} - Original Message - From: "Dr Robert Young" <[EMAIL PROTECTED]> To: Sent: 2005 July, 09, Saturday 05:06 Subject: Just upgraded to SA3.0.4 > I just upgraded a box tha

subject - why not all caps?

I just received this spam (some of them really get their stuff translated well now) but was surprised that it did not trigger subject all caps rule Wolfgang Hamann Received: (qmail 13636 invoked by uid 94); 9 Jul 2005 16:00:06 - Received: from 127.0.0.1 by amadeus3 (envelope-from

RE: rules_du_jour script and firewall ports?

Dr Robert Young decided to say on Friday, July 08, 2005 8:46 PM: > Anyone have information on which ports would need to be opened for > rules_du_jour to function? As the other reply mentioned, it's just Port 80. But we made a bonehead move recently and with C

Re: How can I correctly detect these spams?

Kai Schaetzl schrieb: It seems you are not using *any* custom rules. You may want to check out RDJ and SARE. Kai I've found in my debugging infos the part, where Razor wasnt be able to read its config file. This part i've corrected with positive debugging infos. Hope it's working now. If

Re: How can I correctly detect these spams?

It seems you are not using *any* custom rules. You may want to check out RDJ and SARE. Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com IE-Center: http://ie5.de & http://msie.winware.org

Re: Just upgraded to SA3.0.4

Dr Robert Young wrote on Sat, 9 Jul 2005 08:06:45 -0400: > Jul 9 07:12:20 email2 sendmail[1175]: j69BCKK8001175: Milter: no > active filter > Jul 9 07:12:20 email2 sendmail[1175]: j69BCKK8001175: > gorilla.jungle.com [38.151.210.157] did not issue MAIL/EXPN/VRFY/ETRN > during connection to M

Re: How can I correctly detect these spams?

Loren Wilton schrieb: Well, header I have on detected spams like these (possibly I need to reconfigure something) to get the above lists: X-Spam-Status: No, score=-1.8 required=1.5 tests=BAYES_00, DATE_IN_FUTURE_03_06 autolearn=ham version=3.0.4 This says that the message is NOT spam. B

Just upgraded to SA3.0.4

I just upgraded a box that had a "broken" Sa 2.63 to SA 3.0.4 I noticed the following in the maillog...is this normal for a very "low" activity system. The "no active filter" has me worried. Using spamassassin and spamc to send in the "sample" emails" showed them to be working, but that does

Re: How can I correctly detect these spams?

Loren Wilton schrieb: Well, header I have on detected spams like these (possibly I need to reconfigure something) to get the above lists: X-Spam-Status: No, score=-1.8 required=1.5 tests=BAYES_00, DATE_IN_FUTURE_03_06 autolearn=ham version=3.0.4 This says that the message is NOT spam. B

Re: How can I correctly detect these spams?

> Well, header I have on detected spams like these (possibly I need to > reconfigure something) to get the above lists: > > X-Spam-Status: No, score=-1.8 required=1.5 tests=BAYES_00, > DATE_IN_FUTURE_03_06 autolearn=ham version=3.0.4 This says that the message is NOT spam. Bayes in particular is

Re: How can I correctly detect these spams?

From: "Thomas Booms" <[EMAIL PROTECTED]> > I have changed the set the REPORT_SAFE to 2 now and get the headers. > What you see it are network tests running or not? > > > > >From - Sat Jul 9 12:58:05 2005 > X-UIDL: 1120906515.M816654P13835051595651361458.host1 > X-Mozilla-Status: 0001 > X-Moz

Re: How can I correctly detect these spams?

Loren Wilton schrieb: How can I see in mail header about if network tests run? You would see tests like SURBL and other net tests hitting. For instance: 1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net [Blocked - see

Re: How can I correctly detect these spams?

Loren Wilton schrieb: How can I see in mail header about if network tests run? You would see tests like SURBL and other net tests hitting. For instance: 1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net [Blocked - see

Re: How can I correctly detect these spams?

> How can I see in mail header about if network tests run? You would see tests like SURBL and other net tests hitting. For instance: 1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net [Blocked - see ] 3.1 RCVD_IN

Re: Still need to work on Mail SpamAssassin 3.1.0

The Doctor wrote on Fri, 8 Jul 2005 17:22:02 -0600: > Next suggestion? Take a long sleep and ask yourself if the attitude you are currently showing will get you any further. Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com IE-Center: ht

Re: How can I filter this kind of spam?

Michael Moyse wrote on Fri, 08 Jul 2005 17:55:32 +0100: > To me it looks like a duck and sounds like a duck I'm probably wrong > and missing something here because I'm no expert so I'm happy to be > enlightened. Ok, I enlighten you ;-) I hope I'm not wrong. Now that I look again at the header

Re: SpamAssassin w/POP3 & SMTP outsourced e-mail server...

Jesse Shumaker wrote on Fri, 8 Jul 2005 01:51:13 -0700: > I want to do > what you say you've created at home but don't have documentation on how to > set this up. virusscanning + SA: check out MailScanner or MIMEDefang. BTW: most Linux systems can adapt to different hardware quite nicely. If yo

Re: SURBL & SA 3.0.4

Dr Robert Young wrote on Fri, 8 Jul 2005 20:34:00 -0400: > Is there a particular "port" and/or "protocol (TCP/UDP) that must be > opened on any firewalls that might be on the network for the plugin to > work? Probably 53. If you have control of the firewall, then simply shut it off for a few m

Re: rpm installation and dependencies

Jim Maul wrote on Fri, 08 Jul 2005 11:40:11 -0400: > http://perl.arix.com/cpan2rpm/ Thanks, I had a look at it. Unfortunately, looks like too much work compared to --nodeps ;-) Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com IE-Center:

Re: How can I correctly detect these spams?

You need URIBL lookups. See www.surbl.org and www.uribl.com for information. I've installed that stuff several times because of some problems I got in the beginning. On the last install it seems something went wrong and no Net::DNS was installed. So I've made it a few days again. Do you h