Loren Wilton wrote:
This is quite interesting, and seems reasonably obvious that with the right
sort of mail (at least, maybe with any mail) this shoudl work better, since
it self tunes to your conditions. It does of course assume a reasonable
fp/fn rate to start, but SA is generally pretty goo
> Does anyone have a rule to chech the envelope To: against the header
> to: ? I'm sure that there's a reason why it's allowed to be
> different, but it doesn't apply here, and almost half of the
> spam that gets thru everything else would get stopped by that.
[First I am new here and so may kno
Thomas Booms wrote on Sun, 10 Jul 2005 16:40:56 +0200:
> due to some config probs i believe, i need to learn the machine
> spams/hams new. How can i do that?
Delete the Bayes db files (files starting with "bayes_").
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Servic
Does anyone have a rule to chech the envelope To: against the header
to: ? I'm sure that there's a reason why it's allowed to be different,
but it doesn't apply here, and almost half of the spam that gets thru
everything else would get stopped by that.
Thanks!
Mike-
--
Mornings: Evolution in ac
Just to add my 2 Euro-Cent:
Something like this might actually exist (in as far as gif-only spams
are of interest).
Bert Ungerer, an editor with the German IT magazine 'iX', developed a
procmail-based AntiSpam-System he called 'NiXSpam'.
One part of it is a list of MD5-hashes of parts of the bo
Hello,
nearly a year ago, i had trouble upgrading to 2.64. the problem ist still
present.
running 2.64 leads to mass syslog filling due to this lines:
Jul 10 22:41:35 xx spamd[15244]: Use of uninitialized value in
concatenation (.) or string at /opt/gnu/lib/perl5/site_perl/5.8.3/Mail/S
pamAs
On 7/10/2005 4:56 PM, Loren Wilton wrote:
> Rawbody will miss the subject, so you will need to add a test for that too.
I'm not looking for that
--
Eric A. Hallhttp://www.ehsco.com/
Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
Rawbody will miss the subject, so you will need to add a test for that too.
Loren
On 7/10/2005 3:49 PM, Loren Wilton wrote:
> However, if you want something like this, just off the top of my head:
>
> header __HAS_TOTo =~/\S/
> body__HAS_BODY/\S/
> metaEMPTY_MSG(!__HAS_TO && !__HAS_BODY)
Good idea. rawbody works better but the model is right.
--
Eric A.
>
> Anybody got a rule that will catch messages that don't have a body?
>
3.1.0-pre3 has this already...
-
# __MIME_ATTACHMENT defined in 20_html_tests.cf
body __NONEMPTY_BODY/\S/
meta EMPTY_MESSAGE !__MIME_ATTACHMENT && !__NONEMPTY_BODY
describe EMPTY_MESSAGE Message appe
> I guess I should have asked the obvious question:
>
> "and if so, could you post it?"
Well, I'd hoped that the 'draconian' would detract from that idea. But
since you ask anyway, I went looking. And discovered that I *don't* have a
rule for this anymore! I'm just getting by on the SARE rules
On 7/10/2005 3:12 PM, Loren Wilton wrote:
>>> Anybody got a rule that will catch messages that don't have a body?
>>>
>
> There are things like that around. I have a rather draconian pesonal
> rule I use. There is a much milder form in one of the SARE rulesets.
> The problem is you can't chec
> This brings up a question. Why are these sent out? To validate addresses
> perhaps?
Virtually all of the ones I see typically also lack either or both of a
subject and a To: address. They very typically have some header information
mangled also.
My belief is that one of the spammer tools (I
Hi Cedric. Welcome to the group. I can make some suggestions, although I
can't answer all your questions.
1.You should almost certainly have the SURBL rules enabled. Maybe this
is what you mean by spamcop rules, or maybe that is something else. The
SURBL rules should be enabled by default
On Sunday 10 Jul 2005 19:00, wrote:
> This brings up a question. Why are these sent out? To validate
> addresses perhaps?
B0rked malware infestations?
--
Rob Skedgell <[EMAIL PROTECTED]>
pgpF0vvzd8FmL.pgp
Description: PGP signature
This is quite interesting, and seems reasonably obvious that with the right
sort of mail (at least, maybe with any mail) this shoudl work better, since
it self tunes to your conditions. It does of course assume a reasonable
fp/fn rate to start, but SA is generally pretty good about that.
How have
This brings up a question. Why are these sent out? To validate addresses
perhaps?
- Original Message -
From: "Eric A. Hall" <[EMAIL PROTECTED]>
To:
Sent: Sunday, July 10, 2005 11:48 AM
Subject: messages with no body
Anybody got a rule that will catch messages that don't ha
Anybody got a rule that will catch messages that don't have a body?
--
Eric A. Hallhttp://www.ehsco.com/
Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
Kai Schaetzl wrote:
Thanks, I had a look at it. Unfortunately, looks like too much work
compared to --nodeps ;-)
That's the way I'd do it. I'd much, MUCH rather install Perl modules via
CPAN than have to go resolve RPM dependencies. If there's an RPM available
that works with my distro, grea
Dr Robert Young wrote:
Is there documentation available on all the prerequisites and setup
necessary for it to operate correctly?
On Jul 9, 2005, at 8:39 PM, Theo Van Dinter wrote:
On Sat, Jul 09, 2005 at 07:47:22PM -0400, Dr Robert Young wrote:
Is there any information available on what c
Is there documentation available on all the prerequisites and setup
necessary for it to operate correctly?
On Jul 9, 2005, at 8:39 PM, Theo Van Dinter wrote:
On Sat, Jul 09, 2005 at 07:47:22PM -0400, Dr Robert Young wrote:
Is there any information available on what configuration your firewal
On Sunday 10 Jul 2005 06:41, William Stearns wrote:
> Good evening, all,
>
> On Thu, 9 Jun 2005, Chris Santerre wrote:
> >> From: Sven Riedel [mailto:[EMAIL PROTECTED]
> >> Sent: Thursday, June 09, 2005 10:19 AM
> >>
> >> has anyone developed a good strategy against spams
> >> that contain a random
Hi all,
due to some config probs i believe, i need to learn the machine
spams/hams new. How can i do that?
Thomas
--
Booms EDV
- hosting & more -
Herrenstrasse 10
D-59073 Hamm
www.booms-edv.de
[EMAIL PROTECTED]
Cedric Knight wrote:
>
> 1) About a year ago, SpamCop seemed to be the single most
> useful test, catching a majority of spam with few of the
> reputed false positives.
> A weighting of 3.0 seemed right. In the past 2 or 3 months,
> the proportion of spam marked by SpamCop seems to have
> fallen,
>> > I just received this spam (some of them really get their stuff translated
>> well now) but was
>> > surprised that it did not trigger subject all caps rule
>>
>> Out of curiosity, that wouldn't happen to be a Nigerian spam in German,
>> would it?
>>
>> Loren
>>
>>
Hi,
sure so...
I don't know if this will help anyone or not, but I wanted to report
back just in case.
In early April, I completely unhinged the dividing line between what SA
score is used to mark a message as spam or ham (5.00 = default). This
allows the system and this dividing line to drift "freely" to an
> As for the all caps rule, it is hard to understand why it was written not
to fire on a single
> excessively long word.
I'll take a guess at that one:
Single word caps subjects are likely to be an acronym or similar, and are
moderately likely, at least in US business mails.
I suspect the 'exces
> I just received this spam (some of them really get their stuff translated
well now) but was
> surprised that it did not trigger subject all caps rule
Out of curiosity, that wouldn't happen to be a Nigerian spam in German,
would it?
Loren
Hello All,
Does anyone know If I can use Spammain with GMS (Gordano Mail Software
for Linux)
Thank you
-
Nabil Alkhamery
Internet Network Controller(INC)
TeleYemen
Sana'a-Yemen
Tel: Office +967 1 752 2166
Mobile: + 967 77 009 172
Fax:
From: "Thomas Booms" <[EMAIL PROTECTED]>
> Here's the content of my local.cf:
>
> rewrite_subject 1
> report_safe 2
> trusted_networks
> user_scores_dsn DBI:mysql::
> user_scores_sql_username
> user_scores_sql_password
> user_scores_sql_custom_query SELECT preference, va
30 matches
Mail list logo
