>> > Although our SA setup works very well in general, one issue that has
>> > come up a few times recently is airline E-tickets/reservations.
>>
>> Travel stuff in general seems to be designed specifically to hit as many
>> spam rules as possible. *Everything* from Travelocity and Alaska Air get
Nothing trimmed in an attempt to keep things somewhat coherent...
Ross Boylan wrote:
Thank you for your very clear answers. I have a few follow-up questions
below.
On Fri, 2006-06-23 at 23:44 -0400, Daryl C. W. O'Shea wrote:
On 6/21/2006 4:39 PM, Ross Boylan wrote:
After reading the Mail::Sp
> bayes token 'visa' => 0.997839158297152
> bayes token 'refund' => 0.997646909307943
> bayes token 'drinks' => 0.997585038685398
> bayes token 'NUMBER' => 0.990398319296953
> bayes token 'nights' => 0.98853871069642
This suggests you are still on 2.6x. It is possible that upgrading to 3.x
or 3.1
> Although our SA setup works very well in general, one issue that has
> come up a few times recently is airline E-tickets/reservations.
Travel stuff in general seems to be designed specifically to hit as many
spam rules as possible. *Everything* from Travelocity and Alaska Air get
around 20 poin
From: "Chris Santerre" <[EMAIL PROTECTED]>
SARE is working on this type of spam. We're getting there :)
OVERALL% SPAM% HAM% S/ORANK SCORE NAME
141751417410.999 0.00 0.50 imagespamtesticular
It takes time.
Chris, how are you scoring 141.75 times the amo
I'm using sa-exim to run checks against incoming mail at SMTP time. It seems
to be working great, except it won't run my custom rules in
/etc/spamassassin/local.cf. It seems to be responding to my custom settings
though. I'm using SpamAssassin version 3.0.3 running on Perl version 5.8.4
on Debian S
John D. Hardin wrote:
On Tue, 27 Jun 2006, Kelson wrote:
Until something
comes along that (a) handles all the formatting that people want to be
able to do, including adding silly backgrounds, changing the font or
color for no reason,
Why in the world do we need to support/encourage *that* n
John, if you have absolute authority to your network and what format your
users can receive/send email, then you may want to look at the 'DEMIME'
project. Perhaps you can use it to convert all user email to plain text and
remove any and all attachments as a part of your filtering. I use this to
On Tue, 27 Jun 2006, Kelson wrote:
> Until something
> comes along that (a) handles all the formatting that people want to be
> able to do, including adding silly backgrounds, changing the font or
> color for no reason,
Why in the world do we need to support/encourage *that* nonsense?
> and e
John D. Hardin Wrote:
>"inline" is an HTML-format email with text and images interspersed.
>When the message is rendered the images will be embedded in the message
body text.
>
>"attached" is the images attached like any other type of file.
>
>I have had exactly one instance to use inline images
Matt wrote:
HTML does not belong in e-mails.
Guess I'd better not send myself photos from my cell phone, then. The
email gateway adds an HTML body with an inline reference to the attachment.
Though come to think of it, I suppose I shouldn't be sending images to
an email address in the firs
Thank you for your very clear answers. I have a few follow-up questions
below.
On Fri, 2006-06-23 at 23:44 -0400, Daryl C. W. O'Shea wrote:
> On 6/21/2006 4:39 PM, Ross Boylan wrote:
> > After reading the Mail::SpamAssassin::Conf (spamassassin 3.1.3-1 on
> > Debian) I was unclear about trusted vs
Title: RE: Blocking all inline GIF or JPG Images
> -Original Message-
> From: Stuart Johnston [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, June 27, 2006 4:16 PM
> To: Matt
> Cc: users@spamassassin.apache.org
> Subject: Re: Blocking all inline GIF or JPG Images
>
>
> Matt wrote:
> >
Matt wrote:
An inline gif is INLINE with HTML.. an attached GIF is attached to the
message and the message is in MIME-text format. HTML does not belong
in e-mails.
Well, that's easy then. If you want to block all html messages, just
score up: HTML_MESSAGE
If you want to only hit those wit
On Tue, 27 Jun 2006, Stuart Johnston wrote:
> Matt wrote:
> > 1 - No legit e-mail should have in-line gifs.. they should be attached.
>
> I guess I'm missing something. What is the difference between an
> inline gif and an attached gif?
"inline" is an HTML-format email with text and images inte
An inline gif is INLINE with HTML.. an attached GIF is attached to the
message and the message is in MIME-text format. HTML does not belong
in e-mails.
On 6/27/06, Stuart Johnston <[EMAIL PROTECTED]> wrote:
Matt wrote:
> 1 - No legit e-mail should have in-line gifs.. they should be attached.
Title: RE: Dev list on an RBL
> -Original Message-
> From: Daryl C. W. O'Shea [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, June 27, 2006 3:22 PM
> To: Chris Santerre
> Cc: SaTalk (E-mail)
> Subject: Re: Dev list on an RBL
>
>
> Chris Santerre wrote:
> > dev@spamassassin.apache.org m
Matt wrote:
1 - No legit e-mail should have in-line gifs.. they should be attached.
I guess I'm missing something. What is the difference between an inline
gif and an attached gif?
Daryl C. W. O'Shea wrote:
Chris Santerre wrote:
dev@spamassassin.apache.org mailing list
Blockedby cbl.abuseat.org
Oh noes! :)
Both the users@ and dev@ lists use the same servers, so I don't see how
you'd have one listed and not the other.
Any particular IP that you see listed?
I receiv
Chris Santerre wrote:
dev@spamassassin.apache.org mailing list
Blockedby cbl.abuseat.org
Oh noes! :)
Both the users@ and dev@ lists use the same servers, so I don't see how
you'd have one listed and not the other.
Any particular IP that you see listed?
Daryl
1 - No legit e-mail should have in-line gifs.. they should be attached.
2 - I don't
3 - Right, and that's what I'm asking how to do.
On 6/27/06, Dallas L. Engelken <[EMAIL PROTECTED]> wrote:
> -Original Message-
> From: jdow [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, June 27, 2006 08:09
Marc Perkel wrote:
I'm trying to use the spamc -d option and it doesn't seem to be
working. I have multiple hosts listed and it works fo the first host
bot not for the second.
spamc -x -d pascal.ctyme.com,localhost
What am I doing wrong? Or is there a bug?
Am I the only one who is havin
Henry Kwan designmedia.com> writes:
> Failed Test Stat Wstat Total Fail Failed List of Failed
> ---
> t/dcc.t41 25.00% 2
> t/dnsbl.t 234 17.39% 2 9-11
> 11 tests skipped.
My cron job runs once a day, at 21:15.
I just tried it, manually, and still get:
Rules Du Jour Run Summary:RulesDuJour Run Summary on strongbad:
The following rules had errors:
William Stearn's RANDOM WORD Ruleset was not retrieved because of: 403 from
http://www.sa-blacklist.stearns.org/sa-blac
Title: Dev list on an RBL
dev@spamassassin.apache.org mailing list
Blockedby cbl.abuseat.org
Oh noes! :)
Chris Santerre
SysAdmin and SARE/URIBL ninja
http://www.uribl.com
http://www.rulesemporium.com
On Tue, Jun 27, 2006 at 10:50:03AM -0500, Larry Starr wrote:
> I don't believe that it is referring to the Spamassassin Version, but rather
> the version of "Berekly DB". Have you updated any packages lately?
Actually it is the SA DB version being referred to. v2 is for databases
in SA 2.6x, v
I don't believe that it is referring to the Spamassassin Version, but rather
the version of "Berekly DB". Have you updated any packages lately?
On Tuesday 27 June 2006 10:45, Bobby Johnson wrote:
> When I run sa-learn --dump or --sync, it tells me the database is
> version 2. This machine neve
When I run sa-learn --dump or --sync, it tells me the database is
version 2. This machine never ran less than Spamassassin version 3.
The --sync will run continueing to try and get a lock on the file
forever. The only related process running was amavisd, killed it.
Still couldn't get a lock on th
Hi,
Trying to keep this a little alive :)
I ran a SA-independent benchmark, which was simply using a .dump (which
outputs BEGIN TRANSACTION, CREATE TABLE, INSERT ..., COMMIT) of a single
table with 5 columns, ca. 17000 rows:
with BEGIN TRANSACTION/COMMIT:
PRAGMA synchronous=OFF;
real0m1
Title: RE: Airline reservations get tagged
> -Original Message-
> From: Paul Boven [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, June 27, 2006 10:13 AM
> To: Spamassassin Users List
> Subject: Airline reservations get tagged
>
>
> Hi everyone,
>
> Although our SA setup works very we
Hi Ralf,
Ralf Hildebrandt wrote:
Although our SA setup works very well in general, one issue that has
come up a few times recently is airline E-tickets/reservations. These
tend to be ALL CAPS and have quite a few other trigger words. Our
company seems to do business with more than one travel-
Mauro Leite wrote:
>
> I've upgraded my SA and there is a doubt.
> How can I test this software, before put my computer to work on the
> net? Sorry for my english, I'm a brazilian user.
First run a lint check.
spamassassin --lint
This should produce no output. If it gives you any errors, f
Thanks! That's what I was looking for. I couldn't find it by greping.
It was in the rulesdujour/config file.
Tracey Gates
Lead Developer
[EMAIL PROTECTED]
1350 South Boulder, Third Floor / Tulsa, OK 74119-3203
Phone 918-663-0991 / Fax 918-663-0840
This communication is intended only for the
Dimitri Yioulos wrote:
> On Monday June 26 2006 5:17 pm, you wrote:
>
> > Well that's just itI don't know where it's getting these. I
> > don't have SARE_URI2 in my rules_du_jour file to update. The
> > listing for the "ARE_BAYES_POISON_NXM" is listed as
> > "SARE_BAYES_POISON_NXM". I can't
* Paul Boven <[EMAIL PROTECTED]>:
> Hi everyone,
>
> Although our SA setup works very well in general, one issue that has
> come up a few times recently is airline E-tickets/reservations. These
> tend to be ALL CAPS and have quite a few other trigger words. Our
> company seems to do business wi
Hi everyone,
Although our SA setup works very well in general, one issue that has
come up a few times recently is airline E-tickets/reservations. These
tend to be ALL CAPS and have quite a few other trigger words. Our
company seems to do business with more than one travel-agent, so just
white
On Monday 26 June 2006 20:50, Mauro Leite took the opportunity to write:
> I've upgraded my SA and there is a doubt.
> How can I test this software, before put my computer to work on the net?
It depends on what you want to do, exactly. You can always pipe messages to
spamassassin -t.
--
Magnus
> -Original Message-
> From: jdow [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, June 27, 2006 08:09
> To: users@spamassassin.apache.org
> Subject: Re: Blocking all inline GIF or JPG Images
>
> From: "Matt" <[EMAIL PROTECTED]>
>
> > Hi,
> > What would I need to do to just outright block all
From: "Matt" <[EMAIL PROTECTED]>
Hi,
What would I need to do to just outright block all e-mail that has an
inline gif or jpg (or multiple ones)?
1) Be willing to accept a large number of lost legitimate emails.
2) If you use procmail it's quite easy to look for files with a large
number of d
Matt wrote:
Hi,
What would I need to do to just outright block all e-mail that has an
inline gif or jpg (or multiple ones)?
You should do this in whatever program you have calling SA/AV/etc.. SA
itself doesn't "block" anything.
-Jim
Hi,
What would I need to do to just outright block all e-mail that has an
inline gif or jpg (or multiple ones)?
> Here are the kind of HELO Signatures my favorite Spambot produces:
> (always lower case, always one period, never a .tld)
>
> ljxr.pzt
> mclbfk.wdui
> zsgnwd.zctjrq
Hum. Weren't there some rulesets predating SARE that checked for odd letter
combinations of various kinds in the mail body? Tripl
> Now, (it seems, cross fingers) magically the
> /var/mail/userxxx file is being kept small by
> something. The rates of spamassassin marked headers
> was getting 8000+ msgs a day through to me. We shall
> see what the new rates are, but it looks a _lot_
> better.
I suspect that you had managed
On Fri, 2006-06-23 at 11:48 -0400, Screaming Eagle wrote:
> how about those test that does not have plugins, e.g:
> 20_drugs.cf and 20_fake_helo_tests.cf, how do you include this in your
> spamasassin?
>
> Thanks.
You must have found that by now , put any file with name *.cf
in /etc/mail/spamassa
Its still hard to believe that those are all of the headers. If so,
you have more serious problems than getting a few rule hits. What about
headers like
From:
To:
Subject:
X-Priority:
X-MSMail-Priority:
X-Mailer:
X-MimeOLE:
I *KNOW* you don't have one of those headers. I'm pretty s
From: "Theo Van Dinter" <[EMAIL PROTECTED]>
On Tue, Jun 27, 2006 at 08:42:41AM +0200, Alberto Iovino wrote:
When I make start spamd with
perl -T /usr/local/bin/spamd --syslog-socket=inet -d
the process start correctly but if I do the same with spamc
perl -T /usr/local/bin/spamc --syslog-socket=i
46 matches
Mail list logo
