Hi
Guys,
Couldn't find a
thread like this hence this new one. Just wondering what strategy people are
using when it comes to dealing with email that gets enough points to be
considered as spam. Eg. being deleted and quarantined, or delivered and
quarantined etc.
I'm using store and
del
Hi,
We're using spamassassin-3.0.5-3.el4 with amavisd-new-2.4.1-1.el4.rf.
Since yesterday I'm receiving this message when downloading the SARE rules:
***WARNING***: spamassassin --lint failed.
Rolling configuration files back, not restarting SpamAssassin.
Rollback command is: mv -f
/etc/mail
The SARE rules seem to catch that kind of thing rather neatly. In
particular these are caught by some of the anti-Leo rules that Loren
wrote.
{^_^}
- Original Message -
From: "Bret Miller" <[EMAIL PROTECTED]>
I hadn't seen this type of obfuscation before, though I admit I don't
watch t
From: "Benjamin Adams" <[EMAIL PROTECTED]>
In Four days,
Spamassasin marked 1477 messages and missed 755 that where spam.
I have my Required set to 5
what is the variable to drop the required in 3.1?
I is it still required_score?
Is there something else I can do to help the overall performan
From: "Richard Collyer" <[EMAIL PROTECTED]>
Ryan Holowaychuk wrote:
I am have SA running on a windows machine.
Sa 3.1.1
Hmailer
Clam ANtivirus
I have it set up, but when an email goes through the server I am getting
blank emails? what am I missing here?
What level is the spam getting?
Marc Perkel wrote:
> I get a huge amount of spam associated with these two domains. What's
> the story with these people? Who are they?
>
http://spews.org/html/S2067.html
http://en.wikipedia.org/wiki/Scott_Richter
I get a huge amount of spam associated with these two domains. What's
the story with these people? Who are they?
Richard Collyer wrote:
Ryan Holowaychuk wrote:
I just sent an email and had some lengthy text and it gave it a score
of 3.8
What score did the blank e-mail get the one that is getting past the
spam filters.
Cheers
Richard
Ryan Holowaychuk wrote:
I just sent an email and had some lengthy text and it gave it a score of 3.8
Frankly, what do you expect as an answer for such an information-less
request?
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
Ryan Holowaychuk wrote:
I am have SA running on a windows machine.
Sa 3.1.1
Hmailer
Clam ANtivirus
I have it set up, but when an email goes through the server I am getting
blank emails? what am I missing here?
What level is the spam getting?
Its probably only tripping one rule for short
Bret Miller wrote:
I hadn't seen this type of obfuscation before, though I admit I don't
watch the dropped spam very closely. This one got returned to me via my
AOL feedback loop, so was looking to see how to catch it. Any ideas? Get
a sample message here:
http://webmail.wcg.org/~support/16-02-0
Hello, in a Debian Sarge i have installed Spamassassin and i Wish to change
the configuration to use a mysql database for the user prefs and the bayes
database, so each domain would have its own bayes db to filter spam. I
followed the instructions at
http://spamassassin.apache.org/full/3.0.x/dist/s
I am have SA running
on a windows machine.
Sa
3.1.1
Hmailer
Clam
ANtivirus
I have it set up,
but when an email goes through the server I am getting blank emails? what
am I missing here?
thanks
Ryan
Holowaychuk
General Manager -
Kamloops
Menzies Printers
Ltd.
Member of the Canadi
Benjamin Adams wrote:
> Think I found the problem just don't know how to fix:
> running: spamassassin -D --lint 4261.
> [9990] warn: config: warning: score set for non-existent rule BAYES_90
Looks like you've got an old local config trying over-ride the score for
BAYES_90. However BAYES_90 no long
Benjamin Adams wrote:
> Think I found the problem just don't know how to fix:
> running: spamassassin -D --lint 4261.
> [9990] warn: config: warning: score set for non-existent rule BAYES_90
> [9990] dbg: check: is spam? score=2.907 required=5
> [9990] dbg: check:
tests=BAYES_50,MISSING_SUBJECT,NO_
I started getting the following errors:
> This is a multi-part message in MIME format.
>
> =_446A379E.0A06CBBE
> Content-Type: text/plain
> Content-Disposition: inline
> Content-Transfer-Encoding: 8bit
>
> (no report template found)
that is on spams where spamassassin tries to encl
Think I found the problem just don't know how to fix:
running: spamassassin -D --lint 4261.
[9990] warn: config: warning: score set for non-existent rule BAYES_90
[9990] dbg: check: is spam? score=2.907 required=5
[9990] dbg: check:
tests=BAYES_50,MISSING_SUBJECT,NO_REAL_NAME,NO_RECEIVED,NO_RELA
Bret Miller wrote:
> I hadn't seen this type of obfuscation before, though I admit I don't
> watch the dropped spam very closely. This one got returned to me via my
> AOL feedback loop, so was looking to see how to catch it. Any ideas? Get
> a sample message here:
>
> http://webmail.wcg.org/~suppo
I hadn't seen this type of obfuscation before, though I admit I don't
watch the dropped spam very closely. This one got returned to me via my
AOL feedback loop, so was looking to see how to catch it. Any ideas? Get
a sample message here:
http://webmail.wcg.org/~support/16-02-01-P.txt
Thanks,
Bret
> thanks for that fix; it's now in trunk, and as bug 4901 for b3_1_0.
Thanks, that was quick!
> but I don't get that last point -- warn() should always be noiser than
> dbg(), hence less likely to go by unnoticed
You may disregard it. It would be true if dbg would log to
syslog or some other
Mark Martinec writes:
> > > [1353] warn: dns: sendto() failed: at
> > > /usr/lib/perl5/site_perl/5.8.3/Mail/SpamAssassin/DnsResolver.pm line 340.
>
> The error report in sub bgsend does not show the failure reason
> because it mistakenly reports $@ instead of $!, as far as I can tell.
> Also, se
Nicolas,
> > > [1353] warn: dns: sendto() failed: at
> > > /usr/lib/perl5/site_perl/5.8.3/Mail/SpamAssassin/DnsResolver.pm line
> > > 340.
Please apply my patch from my previous message, and repeat your
command line test, concentrating on a any "dns:" logged entries, e.g.:
# su vscan -c 'spamas
Benjamin Adams wrote:
> I'm not getting a BAYES_XX in any email headers, The email you sent
> me had:
> X-Spam-Status: No, hits=0.104 tagged_above=-999 required=5 tests=AWL
> X-Spam-Level:
>
> Does this mean my variable is wrong in local.cf?
Not that the variable is wrong, but the directory may h
> > [1353] warn: dns: sendto() failed: at
> > /usr/lib/perl5/site_perl/5.8.3/Mail/SpamAssassin/DnsResolver.pm line 340.
The error report in sub bgsend does not show the failure reason
because it mistakenly reports $@ instead of $!, as far as I can tell.
Also, send() returns undef on error accordi
I'm not getting a BAYES_XX in any email headers, The email you sent
me had:
X-Spam-Status: No, hits=0.104 tagged_above=-999 required=5 tests=AWL
X-Spam-Level:
Does this mean my variable is wrong in local.cf?
-Ben
On May 16, 2006, at 12:43 PM, Bowie Bailey wrote:
Benjamin Adams wrote:
I am u
Benjamin Adams wrote:
> I am using sa-learn on the missed messages(using for a few months now
> seems to be no help)
Define "no help". Are you seeing BAYES_XX hits on your email? Are
you sure you are learning to the same database SA is using?
You might want to try learning from ALL of your mail
David Baron wrote:
> On Tuesday 16 May 2006 18:50, Theo Van Dinter wrote:
> >
> > a) use sa-udpate
> This is not yet contributing to successful spam flagging. Still
> problematic and may be the cause rather than the cure right now
The only problems I have encountered are simply making it work. O
I am using sa-learn on the missed messages(using for a few months now
seems to be no help)
SpamAssassin Server version 3.1.1
running on Perl 5.8.6
my local.cf
# Bayesian Auto Learn
bayes_auto_learn1
bayes_file_mode 0777
bayes_path /var/mail/spamassassin/bayes
baye
I agree with the Theo. 3.1 is too low. You don't want to reject real
mail.
1) Use the network/dns tests.
2) increase the score on individual rules especially those for URIBL
score URIBL_WS_SURBL 5.5
score URIBL_SBL 5.5
score URIBL_OB_SURBL 5.5
score DRUGS_ERECTILE 5.0
Study the mails to see wha
We use milter-spamc with SA and sendmail. Snertsoft lists a number of other
milters that could be used. I'm wondering which of those milters would actually
add something to what SA already does and be useful to add to our system.
I agree with the Theo. 3.1 is too low. You don't want to reject real
mail.
1) Use the network/dns tests.
2) increase the score on individual rules especially those for URIBL
score URIBL_WS_SURBL 5.5
score URIBL_SBL 5.5
score URIBL_OB_SURBL 5.5
score DRUGS_ERECTILE 5.0
Study the mails to see wha
On Tuesday 16 May 2006 18:50, Theo Van Dinter wrote:
> On Tue, May 16, 2006 at 11:42:56AM -0400, Benjamin Adams wrote:
> > Spamassasin marked 1477 messages and missed 755 that where spam.
>
> Seems unusual.
>
> > what is the variable to drop the required in 3.1?
> > I is it still required_score?
>
On 16 May 2006 at 16:25, Justin Mason wrote:
>
> check to ensure your SA-Exim checks are conditional on a message size
> check; at least in 2005, it didn't use the recommended size limits by
> default for some reason, which meant it allowed spamd to balloon out
> of control. Maybe that is still t
On Dienstag, 16. Mai 2006 17:42 Benjamin Adams wrote:
> Is there something else I can do to help the overall performance?
If you mean "performance" like "correctness":
1) Harden your MTA, e.g. use some RBL there, greylisting helps a lot,
SPF checking also
2) SA could maybe need additional rules,
nicolas aulas wrote:
Any idea what's wrong ? Thanks in advance for your help.
Going on that try removing dns availible.
Also try and re-install / upgrade Net::DNS perl module.
Have you updated perl recentely?
Cheers
Richard
After upgrade Net::DNS to 0.57, I got exactly the same error log
On Tue, May 16, 2006 at 11:42:56AM -0400, Benjamin Adams wrote:
> Spamassasin marked 1477 messages and missed 755 that where spam.
Seems unusual.
> what is the variable to drop the required in 3.1?
> I is it still required_score?
Yes, but I wouldn't do that due to the large FP increase.
> Is th
It seems that my regexp rules are not being hit, once more.
I am running with --siteconfigpath /etc/mail/spamassassin which has locat.cf
which has these rules. This worked yesterday and earlier today.
In Four days,
Spamassasin marked 1477 messages and missed 755 that where spam.
I have my Required set to 5
what is the variable to drop the required in 3.1?
I is it still required_score?
Is there something else I can do to help the overall performance?
--Ben
check to ensure your SA-Exim checks are conditional on a message size
check; at least in 2005, it didn't use the recommended size limits by
default for some reason, which meant it allowed spamd to balloon out of
control. Maybe that is still the case. see this thread:
http://www.exim.org/mail-arch
On 16 May 2006 at 10:07, Matt Kettler wrote:
> Dermot Paikkos wrote:
> > Hi
> >
> > Spamassassin 3.02 running from SA-Exim (exim 4.5).
> >
> > OPTIONS="--nouser-config --max-children 6 --helper-home-
> > dir=/var/spool/spamassassin/ -s /var/log/spamd.log
> > --username=nobody"
> >
> > I recently
Al
Probably due to their timezone not being correct.
--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300
> -Original Message-
> From: news [mailto:[EMAIL PROTECTED] On Behalf Of Al Danks
> Sent: 16 May 2006 15:54
> To: users@spamassassin.apache.org
> S
We get email from international students from Indonesia, China, Korea, etc.
Sometimes the email trips one of the DATE_IN_FUTURE rules.
Does this happen because the sender's computer has bad date/time? Because of the
time zone they are sending from? Or some other reason?
Some of this email also
Dermot Paikkos wrote:
> Hi
>
> Spamassassin 3.02 running from SA-Exim (exim 4.5).
>
> OPTIONS="--nouser-config --max-children 6 --helper-home-
> dir=/var/spool/spamassassin/ -s /var/log/spamd.log --username=nobody"
>
> I recently went live with the above system and am noticing some very
> heavy m
Dermot Paikkos wrote:
Hi
Spamassassin 3.02 running from SA-Exim (exim 4.5).
OPTIONS="--nouser-config --max-children 6 --helper-home-
dir=/var/spool/spamassassin/ -s /var/log/spamd.log --username=nobody"
I recently went live with the above system and am noticing some very
heavy memory usage
Nicolas Aulas wrote:
>> With some mail (don't know why), SA up to 99,9% cpu and freeze mail
queu (mail
are labelled in postfix as " maybe be sent more than once)
With problematic mail, sudo -u amavis -s | spamassassin -t <
/root/amavis-20060515T124439-32765/email.txt give :
[1353] warn: dns:
Oops ! Sorry I haven't join the local.cf
Le 16/05/06 9:36, « Nicolas Aulas » <[EMAIL PROTECTED]> a écrit :
> Hi list,
>
> I'm running amavisd-new.2.3.3, clamv 0.88.1, SA 3.1.1 with Perl 5.8.3 on FC1
> 2.4.22
>
> Here the prinicipal options of local.cf
required_hits 4.0
report_safe 1
trusted_
Hi
Spamassassin 3.02 running from SA-Exim (exim 4.5).
OPTIONS="--nouser-config --max-children 6 --helper-home-
dir=/var/spool/spamassassin/ -s /var/log/spamd.log --username=nobody"
I recently went live with the above system and am noticing some very
heavy memory usage. Each spamd is using near
I thought I would add dcc to my spamassassin mix. Loading the Debian
package failed as it kept giving the error "socket(UDP): Address
family not supported by protocol"
So I d/loaded the latest sources and built. I now get variously
"open(/var/dcc/map): Permission denied" or
"open(/var/dcc/map-
Hi,
I am new to Spamassassin and need some help.
I have has it working for a few days and have been twigging the spam
detection levels no probs.
Today I had need to restart some processes and in doing so must have broken
spamassassin.
Can anyone help me with what "bad protocol: header error: (cl
50 matches
Mail list logo
