That may backfire with email coming from inside your own network.
Not knowing your internal network topology makes it a little awkward
to diagnose.
{^_-}
- Original Message -
From: "M.Lewis" <[EMAIL PROTECTED]>
Thank Daryl. I have it solved now I believe.
trusted_networks 127.0.0.1
From: "mouss" <[EMAIL PROTECTED]>
jdow a écrit :
Your ISP's mail server is the trusteded server you should use. For me
it's Earthlink's servers:
trusted_networks 192.168.0/24 127/8 207.217.121/24
I am not sue this is needed. SA knows about fetchamil, so he only needs to
let SA trust the head
It looks like your mail was run through as a forward from inside
your network.
I always strip all markups off and leave the message as SpamAssassin
would see it fresh out of procmail (amavisd in your case). That way
nothing thinks it came from an internal address.
I test "eml" with "spamc -
Thank Daryl. I have it solved now I believe.
trusted_networks 127.0.0.1 192.168.1.33 64.125.72.2
Daryl C. W. O'Shea wrote:
M.Lewis wrote:
# Trusted
clear_trusted_networks
trusted_networks 127.0.0.1 192.168.1.0/16 64.125.72.2
I took a spam from earlier today and run it through spamassassin -
mouss wrote:
jdow a écrit :
Your ISP's mail server is the trusteded server you should use. For me
it's Earthlink's servers:
trusted_networks 192.168.0/24 127/8 207.217.121/24
I am not sue this is needed. SA knows about fetchamil, so he only needs
to let SA trust the header added by fetchmail,
M.Lewis wrote:
# Trusted
clear_trusted_networks
trusted_networks 127.0.0.1 192.168.1.0/16 64.125.72.2
I took a spam from earlier today and run it through spamassassin -D <
spam. Here's something I saw in the output that makes me think I still
have a problem somewhere.
debug: received-header:
jdow a écrit :
Your ISP's mail server is the trusteded server you should use. For me
it's Earthlink's servers:
trusted_networks 192.168.0/24 127/8 207.217.121/24
I am not sue this is needed. SA knows about fetchamil, so he only needs
to let SA trust the header added by fetchmail, which probabl
Thanks jdow & Jon. I was unaware of the 'clear_trusted_networks'. I have
added it now (and restarted mail):
# Trusted
clear_trusted_networks
trusted_networks 127.0.0.1 192.168.1.0/16 64.125.72.2
I took a spam from earlier today and run it through spamassassin -D <
spam. Here's something I saw
From: "Jon Kvebaek" <[EMAIL PROTECTED]>
"M.Lewis" <[EMAIL PROTECTED]> writes:
I've seen quite a few messages regarding trusted_networks lately. I have
played around with my setup and still don't think I have it set
correctly.
What I have is this:
# Trusted
trusted_networks 127.0.0.1 192.16
From: "M.Lewis" <[EMAIL PROTECTED]>
I've seen quite a few messages regarding trusted_networks lately. I have
played around with my setup and still don't think I have it set correctly.
What I have is this:
# Trusted
trusted_networks 127.0.0.1 192.168.1.0/16
My setup is my mail is dragged down
"M.Lewis" <[EMAIL PROTECTED]> writes:
> I've seen quite a few messages regarding trusted_networks lately. I have
> played around with my setup and still don't think I have it set correctly.
>
> What I have is this:
>
> # Trusted
> trusted_networks 127.0.0.1 192.168.1.0/16
>
> My setup is my mail
BDY.RTF
Description: RTF file
I've seen quite a few messages regarding trusted_networks lately. I have
played around with my setup and still don't think I have it set correctly.
What I have is this:
# Trusted
trusted_networks 127.0.0.1 192.168.1.0/16
My setup is my mail is dragged down via fetchmail from my provider, runs
[EMAIL PROTECTED] wrote:
> I've created a spamd user, and I'm running spamd with a "--username spamd"
> option.
>
> ps -aux | grep spamd shows that all the children are running as the spamd
> user... but the master spamd process is running as root!
>
> Is this expected?
>
Yes, because you've
I've created a spamd user, and I'm running spamd with a "--username spamd"
option.
ps -aux | grep spamd shows that all the children are running as the spamd
user... but the master spamd process is running as root!
Is this expected?
--
Matthew.van.Eerde (at) hbinc.com 805.964.455
From: "jdow" <[EMAIL PROTECTED]>
From: "Mathias Homann" <[EMAIL PROTECTED]>
Am Freitag, 21. Oktober 2005 14:48 schrieb Iain Smith:
One of the reports is the top n most triggered spam tests. Does
anyone know of an easy way to access the description of a test? I
was hoping perhaps I could loa
wrote:
| wrote:
| >I finally took the leap to SA 3.1 but am confused as to why the SA
| >X-Headers are prepended to the message and not appeneded like the
| >previous versions. This is causing havoc on my Blackberry. Is this
| >normal?
|
| What kind of havoc? I haven't heard of any i
| wrote:
| >I finally took the leap to SA 3.1 but am confused as to why the SA
| >X-Headers are prepended to the message and not appeneded like the
| >previous versions. This is causing havoc on my Blackberry. Is this
| >normal?
|
| What kind of havoc? I haven't heard of any issues from the
This thread is ancient I know, but I am still using the rule posted below but
had to make an update to it (in case anyone else also uses this rule).
I changed __X_AUTH_WARN_3 to read:
header__X_AUTH_WARN_3 X-Authentication-Warning !~ /(?:using -f|owned
process doing -bs)/
to accomod
JamesDR wrote:
>
>> X-Inapac-InapacSpamCop: Found to be clean, not spam, SpamAssassin
>> (score=2.154, required 4,
>> autolearn=disabled, ALL_TRUSTED -2.82, HTML_90_100 0.19,
>> HTML_IMAGE_ONLY_16 1.28, HTML_MESSAGE 0.00, MPART_ALT_DIFF 1.50,
>> URIBL_OB_SURBL 2.00), ss
>>
>
> One thing that s
[EMAIL PROTECTED] wrote:
Hi James
I'm going to admit to having a MAJOR blond moment here.
I can't remember how to find which versions of which pieces you're
looking for here.
It's been one LNG week (TGIF!!!)
Agreed :-D
We're using OpenProtect 5.0.1.9 which includes:
SpamAs
Chris L. Franklin wrote:
> Back in 2.64 There was the option to have SA stop going though rules
> then it hit a max score.
> Is there any option for this in 3.X.X ?
No there wasn't such an option in 2.64, that option existed back in SA 2.31, and
was removed from SA 2.40 and higer because it caused
Evan Platt wrote:
At 11:45 AM 10/21/2005, you wrote:
If you grouped the rulesets into +/- sets and processed all the -
rules first it wouldn't create false ly scored messages. Or would it ?
No, but you still would have to process all the rules regardless - I
mean a incorrectly whitelisted
Evan Platt wrote:
At 11:45 AM 10/21/2005, you wrote:
If you grouped the rulesets into +/- sets and processed all the -
rules first it wouldn't create false ly scored messages. Or would it ?
No, but you still would have to process all the rules regardless - I
mean a incorrectly whitelisted
Todd Merritt wrote:
> jdow wrote:
>
>> From: "Chris L. Franklin" <[EMAIL PROTECTED]>
>>
>>> Back in 2.64 There was the option to have SA stop going though
>>> rules then it hit a max score. Is there any option for this in
>>> 3.X.X ?
>>
>>
>> No. Such a rule actually costs processing time AND
jdow wrote:
From: "Chris L. Franklin" <[EMAIL PROTECTED]>
Back in 2.64 There was the option to have SA stop going though rules
then it hit a max score.
Is there any option for this in 3.X.X ?
No. Such a rule actually costs processing time AND would create false
positives or false negatives
At 11:45 AM 10/21/2005, you wrote:
If you grouped the rulesets into +/- sets and processed all the -
rules first it wouldn't create false ly scored messages. Or would it ?
No, but you still would have to process all the rules regardless - I
mean a incorrectly whitelisted message could have en
jdow wrote:
From: "Chris L. Franklin" <[EMAIL PROTECTED]>
Back in 2.64 There was the option to have SA stop going though rules
then it hit a max score.
Is there any option for this in 3.X.X ?
No. Such a rule actually costs processing time AND would create false
positives or false negatives
From: "Chris L. Franklin" <[EMAIL PROTECTED]>
Back in 2.64 There was the option to have SA stop going though rules
then it hit a max score.
Is there any option for this in 3.X.X ?
No. Such a rule actually costs processing time AND would create false
positives or false negatives entirely too e
From: "Daniel W" <[EMAIL PROTECTED]>
Daniel W wrote:
I'm looking to be able to do a system such as follows:
local.cf (global spam settings)
===
required_hits 100
rewrite_subject 1
subject_tag [DEFINITE_SPAM]
body ANG_KILL_RULE_FALSE_VIRUS_SCANNER /\+\+\+ Attachment
From: "Mathias Homann" <[EMAIL PROTECTED]>
Am Freitag, 21. Oktober 2005 14:48 schrieb Iain Smith:
One of the reports is the top n most triggered spam tests. Does
anyone know of an easy way to access the description of a test? I
was hoping perhaps I could load one of the SpamAssassin modules a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ronan writes:
> In a heavily loaded server with a lot of connections hitting it per
> second, what is the best way to run spamd...
>
> the standard 3.1 (hot children) or the old style round robin???
>
> I have been having problems over the last 2 w
From: Daniel W [mailto:[EMAIL PROTECTED]
>
> Daniel W wrote:
> > I'm looking to be able to do a system such as follows:
> >
> > local.cf (global spam settings)
> > ===
> > required_hits 100
> > rewrite_subject 1
> > subject_tag [DEFINITE_SPAM]
> >
> > body ANG_KILL_RU
Mathias Homann wrote:
> better would be a check for a _VALID_ signature... but then the mail
> server would have to have a gnupg key for the sender...
Now you're talking about a Mail::SpamAssassin::Plugin::GPG module. That's a
serious undertaking.
Mail::SpamAssassin::Plugin::DomainKeys is a goo
Daniel W wrote:
I'm looking to be able to do a system such as follows:
local.cf (global spam settings)
===
required_hits 100
rewrite_subject 1
subject_tag [DEFINITE_SPAM]
body ANG_KILL_RULE_FALSE_VIRUS_SCANNER /\+\+\+ Attachment: No Virus found/
describe ANG_KILL_RUL
Am Freitag, 21. Oktober 2005 18:52 schrieb
[EMAIL PROTECTED]:
> Mathias Homann wrote:
> > anyways, I'd love to be able to give scores to a mail if its from
> > a given email address but it is not pgp signed.
>
> Sounds like three rules should do the trick. Pseudo-rules follow:
>
> _FROM_JOE: From
Mathias Homann wrote:
> anyways, I'd love to be able to give scores to a mail if its from a
> given email address but it is not pgp signed.
Sounds like three rules should do the trick. Pseudo-rules follow:
_FROM_JOE: From address matches /[EMAIL PROTECTED]/
_PGP_SIGNED: body matches /---
Am Freitag, 21. Oktober 2005 17:57 schrieb
[EMAIL PROTECTED]:
> Mathias Homann wrote:
> > Hi,
> > I have a good idea for a plugin/ruleset, where do i send it?
>
> users@spamassassin.apache.org is a good place to assess how useful
> it would be to the community. Is this something you would write
>
At 09:03 AM 10/21/2005, you wrote:
Back in 2.64 There was the option to have SA stop going though rules
then it hit a max score.
Is there any option for this in 3.X.X ?
Nope.
All depends on the order of the rules. What if it had yet to come
across a whitelist rule?
Back in 2.64 There was the option to have SA stop going though rules
then it hit a max score.
Is there any option for this in 3.X.X ?
--
-- Chris L. Franklin --
Mathias Homann wrote:
> Hi,
> I have a good idea for a plugin/ruleset, where do i send it?
users@spamassassin.apache.org is a good place to assess how useful it would be
to the community. Is this something you would write yourself, or are you
asking for help in writing it?
--
Matthew.van.Eerd
Sounds like something that should be bugzillaed so it can be patched into
SA's DNS.pm.
At 08:08 PM 10/20/2005, [EMAIL PROTECTED] wrote:
Matt Kettler wrote:
> Let's look at Dns.pm line 588:
>
> if ($Net::DNS::VERSION < 0.34) {
>
> Hmm, looks like someone (the Net::DNS maintainer) made Net:
At 04:47 AM 10/21/2005, Ronan wrote:
In a heavily loaded server with a lot of connections hitting it per
second, what is the best way to run spamd...
the standard 3.1 (hot children) or the old style round robin???
I have been having problems over the last 2 weeks etc with the spamd
timing out
Am Freitag, 21. Oktober 2005 14:48 schrieb Iain Smith:
> One of the reports is the top n most triggered spam tests. Does
> anyone know of an easy way to access the description of a test? I
> was hoping perhaps I could load one of the SpamAssassin modules and
> call a function, a la $desc = getdes
Perhaps this might be a better one for the developers list... I'm writing a
small reporting (perl) script to parse the syslog entries produced by spamd
and produce a report based on its findings. One of the reports is the top n
most triggered spam tests. Does anyone know of an easy way to access th
Hi,
I have a good idea for a plugin/ruleset, where do i send it?
bye,
MH
--
gpg key fingerprint: 5F64 4C92 9B77 DE37 D184 C5F9 B013 44E7 27BD
763C
In a heavily loaded server with a lot of connections hitting it per
second, what is the best way to run spamd...
the standard 3.1 (hot children) or the old style round robin???
I have been having problems over the last 2 weeks etc with the spamd
timing out connections from the mta's i run so i
Hello Matt,
From: Matt Kettler <[EMAIL PROTECTED]>
Subject: Re: Argument "0.53_01" isn't numeric
Date: Thu, 20 Oct 2005 20:02:05 -0400
> Let's look at Dns.pm line 588:
>
> if ($Net::DNS::VERSION < 0.34) {
>
> Hmm, looks like someone (the Net::DNS maintainer) made Net::DNS have a version
>
48 matches
Mail list logo
