>Is your trusted_networks set correctly? Note: if you have a NATed mailserver
>you
>MUST set this manually, otherwise SA will mis-detect external mailservers as
>being a part of your network and this rule will misfire.
>
>Other common signs of incorrect trusted_networks are ALL_TRUSTED matching s
On Thu, 08 Dec 2005 03:31:21 +0100, you wrote:
>2. next check if that IP delivered directly to you (= your mail server) or
>not.
>If yes, then this hit is legitimate. It's not your IP and it delivered
>directly to you. That's exactly the kind of IP you want to check if it is
>on a blacklist.
From: <[EMAIL PROTECTED]>
On 12/7/05, Kai Schaetzl <[EMAIL PROTECTED]> wrote:
Not an incorrect format, but probably a format that SA mismatches, yes.
Looking at the rules (which look rather complex, so I may misinterpet it)
it seems it matches on the "dsl" part and on the IP address of the heade
From: "Kai Schaetzl" <[EMAIL PROTECTED]>
Jdow wrote on Wed, 7 Dec 2005 19:18:31 -0800:
And it seems SORBS in whatever wisdom they have has Mouss'
free.fr smtp host tagged.
Well, if you would just go and check you'd know why it is on their list:
http://www.dnsstuff.com/tools/ip4r.ch?ip=212.27
On 12/7/05, Kai Schaetzl <[EMAIL PROTECTED]> wrote:
> Not an incorrect format, but probably a format that SA mismatches, yes.
> Looking at the rules (which look rather complex, so I may misinterpet it)
> it seems it matches on the "dsl" part and on the IP address of the header
> line instead of the
Jdow wrote on Wed, 7 Dec 2005 19:18:31 -0800:
> And it seems SORBS in whatever wisdom they have has Mouss'
> free.fr smtp host tagged.
Well, if you would just go and check you'd know why it is on their list:
http://www.dnsstuff.com/tools/ip4r.ch?ip=212.27.42.29
As you see it's on their "spam re
wrote on Wed, 7 Dec 2005 18:15:05 -0800:
> A friend has suggested this may be a bug in the way that SpamAssassin
> parses the Received header. Is this, in fact, a bug in SpamAssassin?
> Or is my SMTP server generating Received: headers using an
> incorrect format?
Not an incorrect format, bu
From: "Matt Kettler" <[EMAIL PROTECTED]>
mouss wrote:
Matt Kettler a écrit :
Russ Ringer wrote:
Why did this message trigger these rules?
The email was not sent directly from a dial-up IP.
Is your trusted_networks set correctly? Note: if you have a NATed
mailserver you
MUST set this man
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Matt Kettler writes:
> [EMAIL PROTECTED] wrote:
> > I'm using SpamAssassin version 3.1.0 with default options, and have
> > run into a serious false positive problem. When I receive mail from
> > one of my correspondents, I get Received: lines like t
[EMAIL PROTECTED] wrote:
> I'm using SpamAssassin version 3.1.0 with default options, and have
> run into a serious false positive problem. When I receive mail from
> one of my correspondents, I get Received: lines like this one:
>
> Received: from adsl-71-133-227-154.dsl.pltn13.pacbell.net
> (71
Mouss wrote on Thu, 08 Dec 2005 01:35:32 +0100:
> my own messages to this list get a RCVD_IN_SORBS on my own SA. my first
> reaction is to remove all sorbs tests (because I don't believe in
> sorbs), but I still wanna understand why this happens.
You have to make a distinction between an IP bei
I'm using SpamAssassin version 3.1.0 with default options, and have
run into a serious false positive problem. When I receive mail from
one of my correspondents, I get Received: lines like this one:
Received: from adsl-71-133-227-154.dsl.pltn13.pacbell.net
(71.133.227.154) (HELO genstor.com)
mouss wrote:
> Matt Kettler a écrit :
>
>> Russ Ringer wrote:
>>
>>> Why did this message trigger these rules?
>>> The email was not sent directly from a dial-up IP.
>>
>>
>>
>> Is your trusted_networks set correctly? Note: if you have a NATed
>> mailserver you
>> MUST set this manually, otherwise
Matt Kettler a écrit :
Russ Ringer wrote:
Why did this message trigger these rules?
The email was not sent directly from a dial-up IP.
Is your trusted_networks set correctly? Note: if you have a NATed mailserver you
MUST set this manually, otherwise SA will mis-detect external mailservers as
How would I go about adding a header in the perl code below, the value
of the header would be dynamic on a per message basis so I don't think a
local.cf mod would help me.
I've tried dynamically touching $spamtest->{conf}->{headers_spam} and
$spamtest->{conf}->{headers_ham}, as well as a few other
On Wed, Dec 07, 2005 at 08:41:58AM -0500, Rose, Bobby wrote:
> Is anyone else having problems getting to www.apache.org? I've tried
> from work and from home. The site acts like it's trying to load and
> then eventually gives the generic cannot find server or DNS error. It's
> not DNS because th
Russ Ringer wrote:
> Why did this message trigger these rules?
> The email was not sent directly from a dial-up IP.
Is your trusted_networks set correctly? Note: if you have a NATed mailserver you
MUST set this manually, otherwise SA will mis-detect external mailservers as
being a part of your net
Why did this message trigger these rules?
The email was not sent directly from a dial-up IP.
RCVD_IN_NJABL_DUL
RBL: NJABL: dialup sender did non-local SMTP
[209.30.176.199 listed in combined.njabl.org]
RCVD_IN_SORBS_DUL
RBL: SORBS: sent directly from dynamic IP address
On Wednesday 07 December 2005 06:44 am, François Conil wrote:
> Rose, Bobby wrote:
> > Is anyone else having problems getting to www.apache.org? I've tried
> > from work and from home. The site acts like it's trying to load and
> > then eventually gives the generic cannot find server or DNS error
On Wednesday 07 December 2005 06:33 am, Matthew Daubenspeck wrote:
> Recently I have been receiving a TON of Stock Spam lately. For the most
> part, the subject is news related (news, updated news, breaking news,
> etc) and the message itself is empty except for a .GIF file with Stock
> information
On Wed, Dec 07, 2005 at 12:22:46PM -0500, Matt Kettler wrote:
> last parsed. (They're parsed default dir, site dir, user prefs, and in
> alpha-order within directories)
... and as usual, run with -D and it'll tell you the exact order it's using
(along with a bunch of other potentially interesting
Jeff Chan wrote:
> Thanks. americanbroadcastdx.com was never on any SURBLs, so
> it's probably the bug. Please consider upgrading to 3.1 or
> possibly even 3.0.5 as this may fix the bug:
>
> http://issues.apache.org/SpamAssassin/show_bug.cgi?id=3997
>
> The developers will know for sure a
Clay Davis wrote:
> How does SpamAssassin handle rules that are duplicated in different .cf
> files?
Yes.
Which takes precedence?
last parsed. (They're parsed default dir, site dir, user prefs, and in
alpha-order within directories)
On Wednesday, December 7, 2005, 8:31:06 AM, Brian Leyton wrote:
> Jeff Chan wrote:
>>
>> OK I can't remember if that one has the bug fix or not. 3.1
>> definitely does.
>>
>> What was the specific FP domain?
> Here's the scoring section of the SA report:
> Content analysis details: (5.5 poi
is there a way to store global filter rules in
mysql?
I have written an web frontend for administering spamassassin
rules.
But at the moment i got the problem to store all rules in one file
(it's to big and makes the server slow).
i searched with google, but i found just solutions to store
userp
Jeff Chan wrote:
>
> OK I can't remember if that one has the bug fix or not. 3.1
> definitely does.
>
> What was the specific FP domain?
Here's the scoring section of the SA report:
Content analysis details: (5.5 points, 5.0 required)
pts rule name description
--
On Wednesday, December 7, 2005, 8:14:43 AM, Brian Leyton wrote:
> Jeff Chan wrote:
>> What version of SpamAssassin are you using? There is a bug
>> in 3.0.x that can cause intermittent errors like this.
> "Spamassassin -V" reports:
> SpamAssassin version 3.0.4
> running on Perl version 5.8.6
Jeff Chan wrote:
> What version of SpamAssassin are you using? There is a bug
> in 3.0.x that can cause intermittent errors like this.
"Spamassassin -V" reports:
SpamAssassin version 3.0.4
running on Perl version 5.8.6
Brian Leyton
IT Manager
Commercial Petroleum Equipment
On Tuesday, December 6, 2005, 7:01:45 AM, Jean-Paul Natola wrote:
> I received another one of those HTML messages about stock quotes
[...]
> The previous ones were stopped due to the IP being listed in spamcop,
> I would like to report the IP this one came from BUT , I would like to make
>
On Tuesday, December 6, 2005, 1:26:32 PM, Brian Leyton wrote:
> I'm relatively new to SpamAssassin, but I've managed to get it working well
> in conjunction with MimeDefang. I'm having a strange problem though, which
> I hope someone can help me figure out.
> I'm on a hobby mailing list, and occa
Hi there,
is there a way to store global filter rules in
mysql?
I have written an web frontend for administering spamassassin
rules.
But at the moment i got the problem to store all rules in one file
(it's to big and makes the server slow).
i searched with google, but i found just solutions to s
How does SpamAssassin handle rules that are duplicated in different .cf files? Which takes precedence?
Thanks,
Clay
Rose, Bobby wrote:
Is anyone else having problems getting to www.apache.org? I've tried
from work and from home. The site acts like it's trying to load and
then eventually gives the generic cannot find server or DNS error. It's
not DNS because the FQDN resolves.
Same here.
--
François Con
Is anyone else having problems getting to www.apache.org? I've tried
from work and from home. The site acts like it's trying to load and
then eventually gives the generic cannot find server or DNS error. It's
not DNS because the FQDN resolves.
-Original Message-
From: [EMAIL PROTECTED]
Recently I have been receiving a TON of Stock Spam lately. For the most
part, the subject is news related (news, updated news, breaking news,
etc) and the message itself is empty except for a .GIF file with Stock
information on it. Has anyone seen these and come up with a custom rule
to stop them?
Jean-Paul Natola wrote on Tue, 6 Dec 2005 21:06:49 -0500:
> I she
> tried using their SMTP but then I get this in the log
>
> 2005-12-05 13:48:59 H=dsl-201-128-150-16.prod-infinitum.com.mx (acerL1)
> [201.128.150.16] F=<[EMAIL PROTECTED]> rejected RCPT
> <[EMAIL PROTECTED]>: relay not perm
Alan Gutierrez a écrit :
if the user didn't copy the FP message (he just moved it to the
Junk/Error folder, then it should be "redelivered" after sa-learn (but
one must make sure it is not delivered to the Junk folder again).
I hope this is the final piece of the puzzle, but, how do you res
From: "Graham Murray" <[EMAIL PROTECTED]>
"jdow" <[EMAIL PROTECTED]> writes:
Don't bother to try to report spam with that header placement if you
expect outfits that use DCC to respond. Placing the headers at the
bottom that way will screw up the DCC hash they can use to identify
the message d
38 matches
Mail list logo
