I have the redirect cf on (I can see in sa --lint ),
but this url goes through clean. ( see below )
Do I have to do anything besides enabling the CF in RDJ. To get it
working
BTW I am using SA 3.1.0 on linux
Thanks
Ram
..
Mathew told me to shoot you an email about the store I t
From: "Daryl C. W. O'Shea" <[EMAIL PROTECTED]>
jdow wrote:
From: "Daryl C. W. O'Shea" <[EMAIL PROTECTED]>
Bart Schaefer wrote:
On 6/29/06, Daryl C. W. O'Shea <[EMAIL PROTECTED]> wrote:
EVERYTHING after an MX MUST be listed as BOTH trusted and internal
networks.
Under what circumstances w
jdow wrote:
From: "Daryl C. W. O'Shea" <[EMAIL PROTECTED]>
jdow wrote:
From: "Bart Schaefer" <[EMAIL PROTECTED]>
On 6/29/06, Daryl C. W. O'Shea <[EMAIL PROTECTED]> wrote:
EVERYTHING after an MX MUST be listed as BOTH trusted and internal
networks.
Under what circumstances would one list
From: "Daryl C. W. O'Shea" <[EMAIL PROTECTED]>
jdow wrote:
From: "Bart Schaefer" <[EMAIL PROTECTED]>
On 6/29/06, Daryl C. W. O'Shea <[EMAIL PROTECTED]> wrote:
EVERYTHING after an MX MUST be listed as BOTH trusted and internal
networks.
Under what circumstances would one list something as
From: "Rick Macdougall" <[EMAIL PROTECTED]>
jdow wrote:
I don't know if it's a good example of YMMV, I think both of our bayes
are operating at respectable levels given the data they have to deal
with. I may wish I could get better results but I really don't think
it's possible in the enviro
You are into the land of opinions here, so you will get different
answers.
1. The 200 ham and 200 spam is a hard
minimum. You can change this. But don't.
So you MUST give Bayes at least 200 each ham and spam before it will start
doing anything. What you give it for ham should hopefull
jdow wrote:
From: "Daryl C. W. O'Shea" <[EMAIL PROTECTED]>
Bart Schaefer wrote:
On 6/29/06, Daryl C. W. O'Shea <[EMAIL PROTECTED]> wrote:
EVERYTHING after an MX MUST be listed as BOTH trusted and internal
networks.
Under what circumstances would one list something as internal but not
trus
jdow wrote:
From: "Bart Schaefer" <[EMAIL PROTECTED]>
On 6/29/06, Daryl C. W. O'Shea <[EMAIL PROTECTED]> wrote:
EVERYTHING after an MX MUST be listed as BOTH trusted and internal
networks.
Under what circumstances would one list something as internal but not
trusted?
One example is when
jdow wrote:
From: "Rick Macdougall" <[EMAIL PROTECTED]>
K! I bet you are running system wide Bayes for a very non-homogeneous
collection of people. I've appended my figures (not the best I have
seen but very good) below yours. Your BAYES_00 is better than mine
only if you do not consider the
From: "John D. Hardin" <[EMAIL PROTECTED]>
On Thu, 29 Jun 2006, Daryl C. W. O'Shea wrote:
Bart Schaefer wrote:
>
> Under what circumstances would one list something as internal but not
> trusted?
NEVER. Newer versions of SA won't even allow you to make that
misconfiguration.
What, you
From: "Daryl C. W. O'Shea" <[EMAIL PROTECTED]>
Bart Schaefer wrote:
On 6/29/06, Daryl C. W. O'Shea <[EMAIL PROTECTED]> wrote:
EVERYTHING after an MX MUST be listed as BOTH trusted and internal
networks.
Under what circumstances would one list something as internal but not
trusted?
NEVER.
From: "Bart Schaefer" <[EMAIL PROTECTED]>
On 6/29/06, Daryl C. W. O'Shea <[EMAIL PROTECTED]> wrote:
EVERYTHING after an MX MUST be listed as BOTH trusted and internal
networks.
Under what circumstances would one list something as internal but not trusted?
One example is when you are using
From: "Daryl C. W. O'Shea" <[EMAIL PROTECTED]>
Ross Boylan wrote:
...
Maybe it will help to be concrete. I'll use made up names to foil
spambots:
People send me mail at [EMAIL PROTECTED] b.edu has an MX record. I use
fetchmail to pull my mail off a.b.edu, the actual host machine the MX
re
From: "Rick Macdougall" <[EMAIL PROTECTED]>
Nigel Frankcom wrote:
On Fri, 30 Jun 2006 09:45:07 +1000, "Leigh Sharpe"
So it looks like I have to reset my Bayes and re-train it. I want to do
it properly this time. I will be making sure I personally review every
message that our users put into th
200 is OK. 2000 is enough. Over the years from 2.43 forward my entire
spam and ham corpus contents amount to under 2000 each and Bayes is
running remarkably smoothly for me. I am "tempted" to enable automatic
learning to see what will happen. I'll take a snapshot of my Bayes
first, though. (The "g
On Thu, 29 Jun 2006, Daryl C. W. O'Shea wrote:
> Bart Schaefer wrote:
> >
> > Under what circumstances would one list something as internal but not
> > trusted?
>
> NEVER. Newer versions of SA won't even allow you to make that
> misconfiguration.
What, you *trust* all your users? :)
--
Joh
Bart Schaefer wrote:
On 6/29/06, Daryl C. W. O'Shea <[EMAIL PROTECTED]> wrote:
Bart Schaefer wrote:
>
> Under what circumstances would one list something as internal but not
> trusted?
NEVER. Newer versions of SA won't even allow you to make that
misconfiguration.
Ah, good. That's as I expe
On 6/29/06, Daryl C. W. O'Shea <[EMAIL PROTECTED]> wrote:
Bart Schaefer wrote:
>
> Under what circumstances would one list something as internal but not
> trusted?
NEVER. Newer versions of SA won't even allow you to make that
misconfiguration.
Ah, good. That's as I expected. (So why doesn't
Bart Schaefer wrote:
On 6/29/06, Daryl C. W. O'Shea <[EMAIL PROTECTED]> wrote:
EVERYTHING after an MX MUST be listed as BOTH trusted and internal
networks.
Under what circumstances would one list something as internal but not
trusted?
NEVER. Newer versions of SA won't even allow you to ma
Nigel Frankcom wrote:
On Fri, 30 Jun 2006 09:45:07 +1000, "Leigh Sharpe"
<[EMAIL PROTECTED]> wrote:
So it looks like I have to reset my Bayes and re-train it. I want to do
it properly this time. I will be making sure I personally review every
message that our users put into the spam folder firs
On 6/29/06, Daryl C. W. O'Shea <[EMAIL PROTECTED]> wrote:
EVERYTHING after an MX MUST be listed as BOTH trusted and internal
networks.
Under what circumstances would one list something as internal but not trusted?
On Fri, 30 Jun 2006 09:45:07 +1000, "Leigh Sharpe"
<[EMAIL PROTECTED]> wrote:
>So it looks like I have to reset my Bayes and re-train it. I want to do
>it properly this time. I will be making sure I personally review every
>message that our users put into the spam folder first, to make sure they
>
Ross Boylan wrote:
> On Thu, 2006-06-29 at 00:30 -0400, Matt Kettler wrote:
>
>
>> No, internal must never receive mail directly from a dialup node. SA
>> applies DUL RBLs and other such tests against hosts delivering mail to
>> internal hosts.
>>
> I thought internal_hosts never get mail f
So it looks like I
have to reset my Bayes and re-train it. I want to do it properly this time. I
will be making sure I personally review every message that our users put into
the spam folder first, to make sure they haven't put spam into the wrong folder.
However, I have a couple of question
>...
>Mark Martinec wrote:
>
>> As required per docs, the MTA is considered trusted and internal,
>> and MSA is declared trusted and NOT internal.
>> (both MSA and MTA are on the same IP network)
>>...
>>
>> Is it normal that our own MSA ip address is being submitted for RBL tests?
>
>It' normal,
jdow wrote:
From: "Marc Perkel" <[EMAIL PROTECTED]>
Thanks Loren. I have an account but the links from the main web site
don't take me to SA's bugzilla. it takes me to an appache bugzilla
page and SA is not on that list.
The redirector to the new URL wasn't working the other day for a bit.
Ross Boylan wrote:
On Wed, Jun 28, 2006 at 01:45:52AM -0400, Daryl C. W. O'Shea wrote:
Ross Boylan wrote:
For 99% of systems there's no need to worry about listing systems that
aren't a part of your mail network in your trusted_networks (and never
list them in your internal_networks). Keep
From: "Marc Perkel" <[EMAIL PROTECTED]>
Loren Wilton wrote:
OK - 3rd time same question. Is there a bug here or am I doing something
wrong? The first host listed works but if the first host is down it
doesn't try the next host in the list.
Can't help you on that, sorry.
Also - I can
Then reinstall them one at a time to judge how effective they are.
There are two or three really large rule sets that should, indeed,
be avoided.
{^_^}
- Original Message -
From: "Hernan Gimenez" <[EMAIL PROTECTED]>
Disable any custom rules like SARE rules. Some of the rules cuases t
At the very least cut down on the number of children. More memory
would help. I can (lightly) use X with the two children I run here
and 1 G of memory. SpamAssassin is memory hungry. With 512k you
can run 2 children if you don't have anything else that is memory
hungry. Then start playing with oth
Or you can alternatively reduce the number of children.
{^_^}
- Original Message -
From: "Ronald I. Nutter" <[EMAIL PROTECTED]>
How much memory do you have in the box ? I had to take our SA box to 1.5G of ram to
resolve the problem. Was running more rules than I thought we were.
R
Mark Martinec wrote:
As required per docs, the MTA is considered trusted and internal,
and MSA is declared trusted and NOT internal.
(both MSA and MTA are on the same IP network)
A mail from an authorized external user follows the route:
->->
(I obfuscated IP addresses and host names
On Thu, 2006-06-29 at 00:30 -0400, Matt Kettler wrote:
> No, internal must never receive mail directly from a dialup node. SA
> applies DUL RBLs and other such tests against hosts delivering mail to
> internal hosts.
I thought internal_hosts never get mail from DUL RBLs. So why would SA
check if
Hernan Gimenez a écrit :
Disable any custom rules like SARE rules. Some of the rules cuases
this simptoms.
Hi there,
According to my (small) experience with low memory mail servers, the
following
should be avoided :
- using blacklist.cf (from RulesDuJour, it can create spamd processes
takin
Hernan Gimenez a écrit :
Disable any custom rules like SARE rules. Some of the rules cuases
this simptoms.
Hi there,
According to my (small) experience with low memory mail servers, the
following
should be avoided :
- using blacklist.cf (from RulesDuJour, it can create spamd processes
takin
This line from the article:
Image spam can also tax e-mail systems because each message is about
7.5 times larger than regular spam, Sprosts said.
...reminds me of an old(ish) saying I once read:
"A picture had better be worth a thousand words -- it takes up a lot
more disk space!"
--
Kelson
On Thu, Jun 29, 2006 at 04:54:13PM -0400, Chase James wrote:
> The first site rules file loaded is init.pre, the last file loaded, though,
> is:
>
> debug: using "/etc/spamassassin" for site rules dir
> debug: config: read file /etc/spamassassin/local.cf
>
> But it seems like its being read. Shou
On Thursday 29 June 2006 21:04, Thomas Raef wrote:
> I'm sure you've read this by now, but as this has been a topic in this
> group I thought it was at least worth bringing to everyone's attention:
>
>
>
> http://www.usatoday.com/tech/news/computersecurity/wormsviruses/2006-06-
> 28-spam-images_x.h
Matt,
The first site rules file loaded is init.pre, the last file loaded, though,
is:
debug: using "/etc/spamassassin" for site rules dir
debug: config: read file /etc/spamassassin/local.cf
But it seems like its being read. Should I put the rules in init.pre? I
enabled allow_user_rules and resta
I’m sure you’ve read this by now, but as this
has been a topic in this group I thought it was at least worth bringing to
everyone’s attention:
http://www.usatoday.com/tech/news/computersecurity/wormsviruses/2006-06-28-spam-images_x.htm
Thomas J. Raef
e-Based Security, Inc.
www.
Title: RE: Blocking all inline GIF or JPG Images
> -Original Message-
> From: jdow [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, June 27, 2006 11:19 PM
> To: users@spamassassin.apache.org
> Subject: Re: Blocking all inline GIF or JPG Images
>
>
> From: "Chris Santerre" <[EMAIL PROTEC
Disable any custom rules like SARE rules.
Some of the rules cuases this simptoms.
Hernán Pablo Giménez
Gcia. de Tecnología Informática
Telefe
N White <[EMAIL PROTECTED]>
06/29/2006 03:27 PM
Para
users@spamassassin.apache.org
cc
Asunto
Re: spamassassin use CPU 100%
Lucas C
Lucas Cotta wrote:
Hello All,
I don't know what happens, but the spamassassin took 100% of CPU and
it blocked all of the processes. Do you have some suggestion?
Thank you
Lucas Cotta
Boss of Engineering of Support of
Ministério Público do Trabalho
We had similar problems on a machine runn
Lucas,
> I have 512 Mb in this machine.
Should be enough for two or three SA processes.
> But my application of smtp gateway and the
> spamassassin use together, 0,93% of CPU, and 88 k of memory. Will it be
> that the attitude of increasing the memory would really solve the problem?
> Gave me t
When I started seeing high cpu utilization on SA, I went through normal
troubleshooting and wasn't able to find anything that pointed to SA or my MTA.
I noticed that the swap file was in use a lot more than I would have expected.
If I stopped and restarted the services, It would run fine for a
Really Ronald,
I have 512 Mb in this machine. But my application of smtp gateway and the
spamassassin use together, 0,93% of CPU, and 88 k of memory. Will it be that
the attitude of increasing the memory would really solve the problem? Gave
me the impression that could be a BUG involving a very
> Is anyone running on Windows (server 2003) and been able to get
> bayes_path and auto_whitelist_path to work properly? I can't get
either
> to do anything for me. I've tried short names, no spaces, etc. Nothing
> seems to work. If I'm logged on it uses the administrator folder
(under
> Documents
>From logcheck:
un 29 15:08:41 d_baron spamd[5955]: bayes: cannot open bayes
databases /home/david/.spamassassin/bayes_* R/W: lock failed: Interrupted
system call
Jun 29 15:09:07 d_baron spamd[5955]: bayes: cannot open bayes
databases /home/david/.spamassassin/bayes_* R/W: lock failed: Interrupt
How much memory do you have in the box ? I had to take our SA box to 1.5G of
ram to resolve the problem. Was running more rules than I thought we were.
Ron
Ron Nutter [EMAIL PROTECTED]
Network Infras
nick wrote:
Connected to 195.8.182.101 but sender was rejected.
Remote host said: 550 5.7.1 Rejected: 209.237.227.199 listed at
sbl-xbl.spamhaus.org
I don't use spamhause cbl.abuseat.org blocked it for me:
Same thing. The XBL pulls most of its data from the CBL, and Spamhaus'
SBL-XBL list
Sorry, I know the topic has been hashed and rehashed several times
recently. I though I understood issues around internal/trusted
networks and I believe that it worked as expected the last time
I checked, but now I'm suprised again, please help me understand it.
This is SA 3.1.3.
We have a MSA whi
Hello All,
I don't know what happens, but the spamassassin took 100% of CPU and it
blocked all of the processes. Do you have some suggestion?
Thank you
Lucas Cotta
Boss of Engineering of Support of
Ministério Público do Trabalho
Did I miss the rule that enables me to score inline gif's? I would like to
test with a low score
and go from there.
Loren Wilton wrote:
What version of hostname/long? Various versions have had some rather nasty
bugs that show up when used with SA.
Loren
Using version 1.4 (latest according to CPAN)
--
Jorge Valdes
Loren Wilton wrote:
OK - 3rd time same question. Is there a bug here or am I doing something
wrong? The first host listed works but if the first host is down it
doesn't try the next host in the list.
Can't help you on that, sorry.
Also - I can't seem to find a p
On 29-Jun-06, at 5:48 AM, Leigh Sharpe wrote:1) Bayes is still in training. I've only recently given everybody the opportunity to feed it spam. I expect it to get better soon. My question was more related to why this stuff is getting through now, when it used to get blocked. I'm guessing your usi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hamish Marson wrote:
> Loren Wilton wrote:
Yeah, I know about the SPF checks... But I meant does SA
currently do anything with digital signatures to verify that
the sender really is the sender & apply a -ve score.
>>> Other than the SPF
On Thu, 29 Jun 2006, Gary Forrest - Netnorth wrote:
Hi All
Has anyone else had this issue below
IP 209.237.227.199 appears listed within Spamhaus DNSBL
The IP number is listed as used by Apache Org in Arin whois DB
This is not the only list this has happened to. We are on a Qwest outage
no
Hamish Marson writes:
> Loren Wilton wrote:
> >> Yeah, I know about the SPF checks... But I meant does SA
> >> currently do anything with digital signatures to verify that the
> >> sender really is the sender & apply a -ve score.
> >
> > Other than the SPF type header checks I don't believe so.
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Loren Wilton wrote:
>> Yeah, I know about the SPF checks... But I meant does SA
>> currently do anything with digital signatures to verify that the
>> sender really is the sender & apply a -ve score.
>
> Other than the SPF type header checks I don't be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Justin Mason wrote:
> Hamish Marson writes:
>> Justin Mason wrote:
>>> Hamish writes:
On Wednesday 28 June 2006 08:48, Ralf Hildebrandt wrote:
> * [EMAIL PROTECTED] <[EMAIL PROTECTED]>:
>> Given that airline messages are important, are rel
Hamish Marson writes:
> Justin Mason wrote:
> > Hamish writes:
> >> On Wednesday 28 June 2006 08:48, Ralf Hildebrandt wrote:
> >>> * [EMAIL PROTECTED] <[EMAIL PROTECTED]>:
> Given that airline messages are important, are related to
> meney, and recipients dont want to get forged ones, it
> Yeah, I know about the SPF checks... But I meant does SA currently do
> anything with digital signatures to verify that the sender really is
> the sender & apply a -ve score.
Other than the SPF type header checks I don't believe so. Certainly not any
pgp blocks or the like in the body of the ma
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Justin Mason wrote:
> Hamish writes:
>> On Wednesday 28 June 2006 08:48, Ralf Hildebrandt wrote:
>>> * [EMAIL PROTECTED] <[EMAIL PROTECTED]>:
Given that airline messages are important, are related to
meney, and recipients dont want to get for
Alberto Iovino wrote:
Hi
[...]
the process start correctly but if I do the same with spamc
perl -T /usr/local/bin/spamc --syslog-socket=inet -d
I get the following error
*Unrecognized character \x7F at /usr/local/bin/spamc line 1*
Hello,
as I already explained in the perl bug report
From: "Alberto Iovino" <[EMAIL PROTECTED]>
Hi
I had this error running spamd:
# /usr/local/spamassassin/bin/spamd start
[16517] warn: unix dgram connect: Socket operation on non-socket at
/usr/local/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/Logger/Syslog.pm line 79
...
Perl -T PROCESS-PAT
Hamish writes:
> On Wednesday 28 June 2006 08:48, Ralf Hildebrandt wrote:
> > * [EMAIL PROTECTED] <[EMAIL PROTECTED]>:
> > > Given that airline messages are important, are related to meney, and
> > > recipients dont want to get forged ones, it would be a great idea to
> > > start a campaign with a
Hi
I had this error running spamd:
# /usr/local/spamassassin/bin/spamd
start[16517] warn: unix dgram connect: Socket operation on non-socket at
/usr/local/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/Logger/Syslog.pm line
79[16517] error: no connection to syslog available at
/usr/local/l
Hum. Bayes only seems like a waste, there are probably
simpler tools if that is all you really want to do. A whole lot of the
capability of SA comes from the other rules.
However, I suppose you could either delete the rules from the two rules
directories, or perhaps more simply and safely
> OK - 3rd time same question. Is there a bug here or am I doing something
> wrong? The first host listed works but if the first host is down it
> doesn't try the next host in the list.
Can't help you on that, sorry.
> Also - I can't seem to find a place to enter SA bugs into Bugzilla.
But I ca
From: "Loren Wilton" <[EMAIL PROTECTED]>
I turned off Bayes tests temporarily and it had little effect.
This seems a bit odd. That bayes_00 should have been good for about -3
points. Backing out Bayes should have raised the scores on this stuff by
around 3 points, which with only a little bi
* Leigh Sharpe wrote (29/06/06 03:03):
This was my first suspicion. I turned off Bayes tests temporarily and
it had little effect. I'm seriously considering resetting the bayes
and starting again
I can recommend that. I had a situation a while ago where the bayes
database got mysteriously cor
> Ok, well that is resolvable. What is actually meant
> to be included as "internal" and what is the difference
> between that and trusted networks? If something is
> trusted then it can be treated as internal, or can't it?
The "simple" rule is internal_networks are really YOUR internal networks
t
> I turned off Bayes tests temporarily and it had little effect.
This seems a bit odd. That bayes_00 should have been good for about -3
points. Backing out Bayes should have raised the scores on this stuff by
around 3 points, which with only a little bit of help should be tipping them
into spam.
I suspect others have already mentioned it, but every one of those hit
bayes_00, which claims they are ham. Something has happened to your Bayes
database, I would guess.
Loren
- Original Message -
From:
Leigh Sharpe
To: users
Sent: Wednesday, June 28, 2006 5:0
What version of hostname/long? Various versions have had some rather nasty
bugs that show up when used with SA.
Loren
You should report this on Bugzilla so the devs can decide if this is a bug
or a feature.
Loren
- Original Message -
From: "Jorge Valdes" <[EMAIL PROTECTED]>
To:
Sent: Wednesday, June 28, 2006 8:47 AM
Subject: Hidden Option?
> Hi,
>
> just wanted to let everyone know that I fou
On Thu, Jun 29, 2006 at 08:37:59AM +0100, Gary Forrest - Netnorth wrote:
> Has anyone else had this issue below
>
> IP 209.237.227.199 appears listed within Spamhaus DNSBL
> The IP number is listed as used by Apache Org in Arin whois DB
It looks like hermes.apache.org (apache.org mail server) wa
Gary Forrest - Netnorth wrote:
Hi All
Has anyone else had this issue below
IP 209.237.227.199 appears listed within Spamhaus DNSBL
The IP number is listed as used by Apache Org in Arin whois DB
Hi! This is the ezmlm program. I'm managing the
users@spamassassin.apache.org mailing list.
Me
Hi All
Has anyone else had this issue below
IP 209.237.227.199 appears listed within Spamhaus DNSBL
The IP number is listed as used by Apache Org in Arin whois DB
> Hi! This is the ezmlm program. I'm managing the
> users@spamassassin.apache.org mailing list.
>
>
> Messages to you from the use
People,
how do I get spamd to work without the non-bayes rules?
I used to just disable
the /usr/shared/spamassassin folder, but that seems to fail the
app
Thanks in
advance.
Maurice
81 matches
Mail list logo
