Marshall Roch wrote:
> I have a Gentoo box running Postfix IMAP and SpamAssassin. Each user
> has a "Learn Spam" folder, and a cron job passes anything in that folder
> to sa-learn and then moves it to the Junk folder.
Okay. Sounds good.
> This works great, but the load is too much.
The syst
OK,
I figured out what my problem was.
It's in the way I always restarted SA. This was from the following
simple script that I always ran as root:
---
echo Running spamassassin --lint and then restarting spamd if OK...
spamassassin --lint
if [ $? != 0 ] ; then
echo "SA discovered err
BTW, Matt was right in his assumption below.
AWL worked correctly on my test.
I intentionally contrived 2 emails from the same fake address. The
first was inoccent the 2nd was the same text plus few known spammy
words and phrases.
On 8/24/05, Matt Kettler <[EMAIL PROTECTED]> wrote:
> jdow wrote
Below:
On 8/24/05, Matt Kettler <[EMAIL PROTECTED]> wrote:
> Ilan Aisic wrote:
> > Matt,
> > I've modified the permissions on my auto-whitelist file and directory
> > to 777
>
> I didn't say modify the permissions of the file or directory. I said to modify
> your configuration file option in your
On Aug 24, 2005, at 5:09 PM, Justin Mason wrote:
I think we've already implemented that in 3.1.0. ;)
I just love it when I request a feature that's already in the current
release candidate.
Thanks muchly :-)
On Aug 24, 2005, at 8:04 PM, jdow wrote:
From: "John Rudd" <[EMAIL PROTECTED]>
That sounds odd, doesn't it? "dynamic trusted_networks". The whole
point of a trusted network is that it's a specific network. However,
if a message came from a client who gave SMTP-AUTH, it ought to be
"truste
Hi all,
This is my first post here.
I have a Gentoo box running Postfix IMAP and SpamAssassin. Each user
has a "Learn Spam" folder, and a cron job passes anything in that folder
to sa-learn and then moves it to the Junk folder.
This works great, but the load is too much. I'm trying to move
From: "John Rudd" <[EMAIL PROTECTED]>
That sounds odd, doesn't it? "dynamic trusted_networks". The whole
point of a trusted network is that it's a specific network. However,
if a message came from a client who gave SMTP-AUTH, it ought to be
"trusted" (and not subjected to the blacklist che
When and what would SA place on the above tag?
--
Chris
Registered Linux User 283774 http://counter.li.org
19:20:59 up 3 days, 7:04, 2 users, load average: 1.23, 0.80, 0.63
Mandriva Linux 10.1 Official, kernel 2.6.8.1-12mdk
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
John Rudd writes:
> That sounds odd, doesn't it? "dynamic trusted_networks". The whole
> point of a trusted network is that it's a specific network. However,
> if a message came from a client who gave SMTP-AUTH, it ought to be
> "trusted" (and n
That sounds odd, doesn't it? "dynamic trusted_networks". The whole
point of a trusted network is that it's a specific network. However,
if a message came from a client who gave SMTP-AUTH, it ought to be
"trusted" (and not subjected to the blacklist checks). And that's what
my feature requ
Duncan Findlay <[EMAIL PROTECTED]> writes:
> Certain parts of SpamAssassin's documentation are horribly out of date
> and could really use some help. (For example spamd/README still
> recommends people set --max-children to 20, and has numerous "FIXME"
> sections.)
>
> Since it's ofter a bit ardu
On Wednesday 24 August 2005 08:44 am, Matt Kettler wrote:
> At 11:07 PM 8/23/2005, Chris wrote:
> >First time I've ever seen this, can someone explain what it
> >means? Running SA
> >3.0.4
> >
> >Parsing of undecoded UTF-8 will give garbage when decoding entities
> >at /usr/lib/perl5/site_perl/5.8
I am using SA as a Front end server. It has no real email boxes on it. Maybe
sitewide is not the proper name for this config... But, anyway... my
understanding is that Procmail must call a real mailbox in order to work.
Since I have no real mailboxes on the SA server (and don't want any since it
pa
Steve Dimoff wrote:
> Folks,
>
> We have in the SA conf:
>
> subject_tag [SPAM]
>
> We are running SA 2.63
>
> Since today, we haven't had a problem with the rewrite, and today a
> message came in as:
>
> [SPAM-P]
>
> ...I'm confused... of where the -P came from. Has anyone seen this
>
Matthew Schumacher wrote:
> List,
>
> I am noticing that SA checks all untrusted relays it finds in the header
> against the rbls. This is troubling because some rbls list dynamic
> addresses and claim that this doesn't cause problems as long as the
> dynamic user relays the message though their
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Matt Kettler writes:
> Would the maintainer of the spamassassin.org website kindly consider adding a
> new "security" tab?
>
> My vision here is to have a central spot to list all the versions of SA
> affected
> by DoS and other security vulnerabili
Matt Kettler wrote:
>
> Are you sure you have a problem?
>
> SA won't honor any SORBS_DUL results unless they specifically match the first
> untrusted host SA sees as it works backwards through the received path.
>
> However, all the other SORBS tests are valid for any IP in the received: path,
Would the maintainer of the spamassassin.org website kindly consider adding a
new "security" tab?
My vision here is to have a central spot to list all the versions of SA affected
by DoS and other security vulnerabilities, and have links off to the CVE
entries, or some other security announcement,
List,
I am noticing that SA checks all untrusted relays it finds in the header
against the rbls. This is troubling because some rbls list dynamic
addresses and claim that this doesn't cause problems as long as the
dynamic user relays the message though their ISP, however SA checks both
the ISP's
From: "Kris Deugau" <[EMAIL PROTECTED]>
Fortunately, it's a little easier to shut them up about spam that slips
through. "Well, Mr Smith, I see that there are 2000 spams in your spam
folder, which at the moment looks like about 100 per day. I think the
filter's working just fine, don't you?"
Pal Laszlo wrote:
> Hi,
>
> I'd like to lower the priority of SA processess. Currently I don't use
> spamd (should I?) SA invoked by amavisd.
No, you shouldn't use spamd with amavisd. Amavisd invokes the perl API directly
and in effect acts as it's own spamd.
> Do you have any idea?
You'd have
Steve Dimoff wrote:
> Folks,
>
> We have in the SA conf:
>
> subject_tag [SPAM]
>
> We are running SA 2.63
Warning: You have a DoS vulnerability in your version of SA. This vulnerability
is in the mime parser, and can be exploited remotely by sending you a malformed
message. Upgrade to 2.
Folks,
We have in the SA conf:
subject_tag [SPAM]
We are running SA 2.63
Since today, we haven't had a problem with the rewrite, and today a message
came in as:
[SPAM-P]
...I'm confused... of where the -P came from. Has anyone seen this before?
Or know why?
Thanks,
Steve
jdow wrote:
> Ilan, you could adopt my strategy and simply turn off auto-whitelist
> and delete the auto-whitelist file. I've seen too many mis-trained
> auto-whitelists mentioned on this list to be at all comfortable with
> it. The same can be said for auto-learn with Bayes.
>
Are you sure they
jdow wrote:
>
> From: "Kris Deugau" <[EMAIL PROTECTED]>
>
> > No matter how you do it, you *will* get users complaining that:
> > a) you tagged $relative's Really Important (forwarded copy of a
> > fowarded copy of... a joke) Message, or
> > b) you are forcing them to wade through the spam when y
Ilan, you could adopt my strategy and simply turn off auto-whitelist
and delete the auto-whitelist file. I've seen too many mis-trained
auto-whitelists mentioned on this list to be at all comfortable with
it. The same can be said for auto-learn with Bayes.
At the VERY least set the thresholds for
From: "Kris Deugau" <[EMAIL PROTECTED]>
No matter how you do it, you *will* get users complaining that:
a) you tagged $relative's Really Important (forwarded copy of a fowarded
copy of... a joke) Message, or
b) you are forcing them to wade through the spam when you *promised*
they wouldn't have
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Nels Lindquist writes:
> Hi there.
>
> I'm testing SA 3.10RC1, and I'm running into problems with zombie
> processes. I'm using SA with MIMEDefang, which calls SpamAssassin
> directly in perl. When the MD multiplexor tries to shut down idle
> sl
Hi there.
I'm testing SA 3.10RC1, and I'm running into problems with zombie
processes. I'm using SA with MIMEDefang, which calls SpamAssassin
directly in perl. When the MD multiplexor tries to shut down idle
slaves, they become zombies. If I revert to SA 3.04, the problem
disappears entirel
Ilan Aisic wrote:
> Matt,
> I've modified the permissions on my auto-whitelist file and directory
> to 777
I didn't say modify the permissions of the file or directory. I said to modify
your configuration file option in your local.cf to be 0777. The file should be
set to 666 anyway (which is what
On Wed, Aug 24, 2005 at 07:10:37AM -0400, Greg Allen wrote:
> I tried Procmail for several days, in the end I found that it does not work
> on a sitewide SA. But I did get a resolution on this, it looks like, using
> Postfix header_checks. See my email last night. Thanks...
Why not? I use both si
Richard Hobbs wrote:
> Hello,
>
> Thank you for your reply, and apologies for my delay in replying again.
>
> If these emails are never going to match the whitelist, is there a way I can
> always allow emails from certain addresses in a fool-proof way?
>
> The addresses I need to allow though ar
Matt,
I've modified the permissions on my auto-whitelist file and directory
to 777 even though I don't see why this is needed since spamd runs as
root.
Anyway, I did as advised and ran spamassassin -D < test (intead of the
--lint option) and I ran it twice on 2 messages from the same address
(2nd
At 11:07 PM 8/23/2005, Chris wrote:
First time I've ever seen this, can someone explain what it
means? Running SA
3.0.4
Parsing of undecoded UTF-8 will give garbage when decoding entities
at /usr/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/HTML.pm line 182,
line 1117.
--
It's harmless:
ht
At 05:15 AM 8/24/2005, Ilan Aisic wrote:
Hi,
I'm running SA 3.0.2 with Exim 4.5. spamd runs as root.
Warning: You are subject to a remote DoS attack on SA's mime parser, it's
triggered by sending you a malformed message. Upgrade to 3.0.4.
http://marc.theaimsgroup.com/?l=spamassassin-announ
suresh kumar wrote:
>
>Thanks Burton Windle . It's working now. I need
> one more information. The suspected spam mails will be
> moved to the SPAM file in the user's home directory
> instead of going to the user's mailbox. The original
> valid mails will be in the location /var/spool/mail
You can use whitelist_from. This will only match on the From address, so is
quite spoofable.
Loren
Ilan Aisic wrote:
Related output from running spamassassin -D --lint :
[EMAIL PROTECTED]|ip=none scores 0/0debug: AWL
active, pre-score: 7.328, autolearn score: 7.328, mean: undef, IP:
undef
This isn't terribly helpful. Please try running with a real email,
using the syntax:
spamassass
Hi,
> I tried Procmail for several days, in the end I found that it does not
> work on a sitewide SA. But I did get a resolution on this, it looks
> like, using Postfix header_checks. See my email last night. Thanks...
Umm! Works fine for me here... Might not have worked the way you
wanted it
I tried Procmail for several days, in the end I found that it does not work
on a sitewide SA. But I did get a resolution on this, it looks like, using
Postfix header_checks. See my email last night. Thanks...
> -Original Message-
> From: jdow [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, A
Hello,
Thank you for your reply, and apologies for my delay in replying again.
If these emails are never going to match the whitelist, is there a way I can
always allow emails from certain addresses in a fool-proof way?
The addresses I need to allow though are very unlikely to be spoofed, so
thi
Title: Different spam rules
Hi,
I'm looking for a solution for filter spam-mails, depending of recipient-domains.
We have a postfix-mailrelay with amavisd and spamassassin working (but without local mailboxes) for delivering emails to our customers mailservers.
Each of them have differen
Procmail is not all that big. If it's overhead is too much for you then
something is seriously wrong there. SpamAssassin's overhead is VASTLY
more than procmail's.
{^_^}
- Original Message -
From: "Greg Allen" <[EMAIL PROTECTED]>
Mailscanner and Amavis-new have way too much overhead IM
Hi,
I'm running SA 3.0.2 with Exim 4.5. spamd runs as root.
I think I've set my configuration to have a system-wide auto-whitelisting.
However, I've noticed that even though the file "auto-whitelist"
always remains 12,288 bytes long and unchanged and naturally, scores
aren't affected.
Everytime
Hi,
I'd like to lower the priority of SA processess. Currently I don't use
spamd (should I?) SA invoked by amavisd. Do you have any idea?
Thx
L:
46 matches
Mail list logo
