> No, I was thinking of multipart/alternative where one of the
> alternative streams is nothing but images. That doesn't strike me as
> legitimate. Can anyone think of a scenario where images *are* a
> legitimate alternative representation of text?
Doesn't really help. The actual mails have a tin
Michael Monnerie <[EMAIL PROTECTED]> writes:
> Do it like Spamcop does with SPAM: Contact *everybody* in the chain, and
> complain to them. Some sort of SPFcop would be nice for that..
Or even use SpamCop itself. Bounces to forged emails are now
considered legitimate for reporting to spamcop. Th
> On Sun, 25 Jun 2006, Jim Hermann - UUN Hostmaster wrote:
>
> > Here are examples of the Received Headers for the type of spam
> > that are being sent with forged email addresses for a domain that
> > I host.
>
> The Received headers in spams cannot be trusted, except for the
> Received headers
On Montag, 26. Juni 2006 01:36 Gino Cerullo wrote:
> > Spambot A => Recipient Server C => (Bounce) => Forged Email Server
> > D
>
> I think you've just proved my point. It's too hard to try and
> determine who to contact in these situations
Do it like Spamcop does with SPAM: Contact *everybody*
I am putting along with Perl. I just wrote a script
that loops through my mail, reads a msgs, sends it to
SA, then writes it out to a nw mbox. When it is done,
it copies the new mbox into the system one.
* horribly slow
* will miss mails
* mayeb I made more mistakes
but it is better than the alt
On Sun, 25 Jun 2006, Jim Hermann - UUN Hostmaster wrote:
> Here are examples of the Received Headers for the type of spam
> that are being sent with forged email addresses for a domain that
> I host.
The Received headers in spams cannot be trusted, except for the
Received headers put in by relays
> -Original Message-
> From: Brian Hamlin [mailto:[EMAIL PROTECTED]
> Sent: Sunday, June 25, 2006 11:24 PM
> To: users@spamassassin.apache.org
> Subject: was: detect active config, now: Start it Up
>
>
> all- i read the theory of operation on the wiki for
> spamd. Still wondering...
>
>
Here are examples of the Received Headers for the type of spam that are
being sent with forged email addresses for a domain that I host. These at
the last 10 bounced messages that I received, so it is fairly
representative.
Granted, 3 out of 10 messages originated in Romania. However, 3 out of 1
all- i read the theory of operation on the wiki for
spamd. Still wondering...
Since I am not installing a new SA as a user, the
existing SA is there, but for whatever reason is not
active for my acct, yet is reachable and basically
functioning...
There must be a magic line in the original instal
On Sun, Jun 25, 2006 at 12:49:17PM -0600, Philip Prindeville wrote:
> >No, I was thinking of multipart/alternative where one of the
> >alternative streams is nothing but images. That doesn't strike me as
> >legitimate. Can anyone think of a scenario where images *are* a
> >legitimate alternative re
update-
after readng more docs ;-)
I have verified that SA is active and reachable from
my acct. using SA < sampleMsg.txt. Debug shows that
the Bayes filter is not being used, because
debug: cannot use bayes on this message; db not
initialised yet
I just db_dump'd and db_loaded bayes_toks, sa
On Sun, 25 Jun 2006, David B Funk wrote:
> On Sun, 25 Jun 2006, John D. Hardin wrote:
> >
> > No, I was thinking of multipart/alternative where one of the
> > alternative streams is nothing but images. That doesn't strike me as
> > legitimate. Can anyone think of a scenario where images *are* a
>
On Sun, 25 Jun 2006, John D. Hardin wrote:
> On Sun, 25 Jun 2006, Philip Prindeville wrote:
>
> > John D. Hardin wrote:
> >
> > >On Sat, 24 Jun 2006, Philip Prindeville wrote:
> > >
> > >>The spammers send multipart/alternative
> > >>because they want the text/plain section to confuse the Bayes
>
On 25-Jun-06, at 7:22 PM, John D. Hardin wrote:
On Sun, 25 Jun 2006, Jim Hermann - UUN Hostmaster wrote:
There are at least two ISPs involved:
Spammer A => SMTP Server B => Recipient Server C => (Bounce) =>
Forged Email Server D
I don't think that's the case for most spam these days. For a
On 25-Jun-06, at 7:01 PM, Jim Hermann - UUN Hostmaster wrote:
Personally, nowadays I believe bouncing messages back to
the alleged
sender
That's not what he's asking. He wants to know whether asking ISPs to
implement SPF checks (where they don't yet check SPF) will work.
I'm not convinced
On Sun, 25 Jun 2006, Jim Hermann - UUN Hostmaster wrote:
> There are at least two ISPs involved:
>
> Spammer A => SMTP Server B => Recipient Server C => (Bounce) =>
> Forged Email Server D
I don't think that's the case for most spam these days. For a
spambotnet of compromised home systems, you'l
> >> Personally, nowadays I believe bouncing messages back to
> the alleged
> >> sender
> >
> > That's not what he's asking. He wants to know whether asking ISPs to
> > implement SPF checks (where they don't yet check SPF) will work.
>
> I'm not convinced that is what he meant but he wasn't clear
On 25-Jun-06, at 5:51 PM, John D. Hardin wrote:
On Sun, 25 Jun 2006, Gino Cerullo wrote:
Does it do any good to complain to the ISP that accepted the
original email
with a forged email address that uses a domain name that I
administer?
Personally, nowadays I believe bouncing messages back
On Sun, 25 Jun 2006, Gino Cerullo wrote:
> > Does it do any good to complain to the ISP that accepted the
> > original email
> > with a forged email address that uses a domain name that I administer?
>
> Personally, nowadays I believe bouncing messages back to the alleged
> sender
That's not
On 25-Jun-06, at 12:58 PM, "Jim Hermann - UUN Hostmaster" <[EMAIL PROTECTED]> wrote:Does it do any good to complain to the ISP that accepted the original emailwith a forged email address that uses a domain name that I administer?I administer a number of domain names that are being used in the forge
John D. Hardin wrote:
>On Sun, 25 Jun 2006, Philip Prindeville wrote:
>
>
>
>>John D. Hardin wrote:
>>
>>
>>
>>>On Sat, 24 Jun 2006, Philip Prindeville wrote:
>>>
>>>
>>>
The spammers send multipart/alternative
because they want the text/plain section to confuse the Bayes
f
On Sun, 25 Jun 2006, Philip Prindeville wrote:
> John D. Hardin wrote:
>
> >On Sat, 24 Jun 2006, Philip Prindeville wrote:
> >
> >>The spammers send multipart/alternative
> >>because they want the text/plain section to confuse the Bayes
> >>filters, since they know it won't be rendered...
> >
> >
John D. Hardin wrote:
>On Sat, 24 Jun 2006, Philip Prindeville wrote:
>
>
>
>>the text and the images. The spammers send multipart/alternative
>>because they want the text/plain section to confuse the Bayes
>>filters, since they know it won't be rendered...
>>
>>
>
>It seems to me that righ
> -Original Message-
> From: Ken Dawber [mailto:[EMAIL PROTECTED]
> Sent: Sunday, June 25, 2006 10:12 AM
> To: users@spamassassin.apache.org
> Subject: SpammAssassin on WHM/Cpanel
>
>
> I have a reseller shared hosting account under WHM/Cpanel software. (In
> other words I’m not a systems
On Sat, 24 Jun 2006, Philip Prindeville wrote:
> the text and the images. The spammers send multipart/alternative
> because they want the text/plain section to confuse the Bayes
> filters, since they know it won't be rendered...
It seems to me that right there is the spam sign you should be look
At 07:11 25-06-2006, Ken Dawber wrote:
I have a reseller shared hosting account under WHM/Cpanel software.
(In other words I'm not a systems admin) The Cpanel is a control
panel for web hosting. The implementation
This is the first time I see someone saying that. :)
1) Is there some way for t
> > On 6/24/2006 11:14 AM, Jim Hermann - UUN Hostmaster wrote:
> > > How do I debug the SPF Module during SA Operations?
> > >
> > > I have had another email marked as SPF_SOFTFAIL during the
> > first receipt and
> > > the From domain does not have a TXT SPF record. When I
> > isolated the mes
Does it do any good to complain to the ISP that accepted the original email
with a forged email address that uses a domain name that I administer?
I administer a number of domain names that are being used in the forged
email addresses for spam that is sent to recipients on other servers. Some
peo
Yeah,
it's in init.pre and I just moved it to v312.pre and it's still have the same error. Any idea?
Hi,
Did you enable:
loadplugin Mail::SpamAssassin::Plugin::Razor2
in your /etc/mail/spamassassin/v310.pre file?
KR
Nigel
On Sun, 25 Jun 2006 09:51:50 -0400, "Screaming Eagle"
<[EMAIL PROTECTED]> wrote:
>Hmm, I know I installed razor, because I just ran a razor-report.
>razor-report -v
>Raz
I have a reseller shared hosting account under WHM/Cpanel software. (In
other words I’m not a systems admin) The Cpanel is a control panel for
web hosting. The implementation includes Spamassassin (SA) From what I
have seen on shared hosting, Cpanel is probably the most heavily used
domain host
Hmm, I know I installed razor, because I just ran a razor-report.
razor-report -v
Razor Agents 2.82, protocol version 3
Any idea? why spamassassin assassin is saying it's not available.
config in local.cf:
use_razor2 0
razor_config /etc/mail/spamassassin/.razor/razor-agent.conf
I had try both "
Wonder if that would help the cronjob.
Guess that might do it.
Especially since sa-update does use the LWP libaries.
That's just like *NIX utilities.
57 varaties of how to do the same job.
Hi,
Did you do:
'razor-admin -discover'
'razor-admin -register'
After installing razor?
KR
Nigel
On Sun, 25 Jun 2006 10:58:53 +0200, numE <[EMAIL PROTECTED]> wrote:
>Hi,
>
>i installed spamassassin and razor2 via cpan.
>
>but i get this message, when running "spamassassin --lint"
>
>---
>[72
Michael Scheidell <[EMAIL PROTECTED]> [24-06-2006 17:28]:
[...]
> I now need to set a proxy server to do sa-updates through, but could not
> find any information on settings for a proxy server.
echo 'alias sa-update="http_proxy=http://login:[EMAIL PROTECTED]:port/ ' \
'sa-update"' >> ~/.p
Hello All-
My primary mail acct is hosted on a legacy Soalis
5.8 sun box, with SA 2.6 installed. I have been
getting a ton of mail - 8k msgs per day, to my desktop
client. It killed a hard drive!
So I am attempting to look into the config myself.
No one else has time to do this for this acount
36 matches
Mail list logo
