Derek Catanzaro wrote:
> Matt Kettler wrote:
>> Derek Catanzaro wrote:
>>
>>> I have a ton of bayes_toks.expire files listed in
>>> /root/.spamassassin. Is it safe to delete these files?
>> Yes, provided no expire process is currently running and using one.
>>
> I did wind up deleting a
Christopher Martin wrote:
> I have been noticing the occasional spam slipping past spam assassin
> unscathed lately but have been a bit busy to pay attention (one spam a
> day is much better than the 150 each user used to get). I paid a bit
> more attention to one the other day and noticed it had a
Matt Kettler wrote:
Derek Catanzaro wrote:
I have a ton of bayes_toks.expire files listed in
/root/.spamassassin. Is it safe to delete these files?
Yes, provided no expire process is currently running and using one.
I did wind up deleting all of the bayes_toks.expire files, there
John D. Hardin wrote:
On Wed, 4 Oct 2006, Eric A. Hall wrote:
On 10/4/2006 5:57 PM, Richard Doyle wrote:
I've been getting lots of porn site spam containing words with doubled
letters, like this one:
Can anybody suggest a rule or ruleset to catch these double-letter
obfuscation
I have been noticing the occasional spam slipping past spam assassin
unscathed lately but have been a bit busy to pay attention (one spam a
day is much better than the 150 each user used to get). I paid a bit
more attention to one the other day and noticed it had an X-Spam header
before it got
On Wed, 4 Oct 2006, Eric A. Hall wrote:
> On 10/4/2006 5:57 PM, Richard Doyle wrote:
> > I've been getting lots of porn site spam containing words with doubled
> > letters, like this one:
>
> > Can anybody suggest a rule or ruleset to catch these double-letter
> > obfuscations? I'm using Spamassa
Derek Catanzaro wrote:
> I have a ton of bayes_toks.expire files listed in
> /root/.spamassassin. Is it safe to delete these files?
Yes, provided no expire process is currently running and using one.
> I did check the FAQ regarding "manybayestoksexpirefiles" but from what
> I can tell the direct
On 10/4/2006 5:57 PM, Richard Doyle wrote:
> I've been getting lots of porn site spam containing words with doubled
> letters, like this one:
> Can anybody suggest a rule or ruleset to catch these double-letter
> obfuscations? I'm using Spamassassin 3.1.4.
You'd probably need to write a plug-in
> I've been getting lots of porn site spam containing words with doubled
> letters, like this one:
>
>
> Orrgy pornn parrties! Lotts of
> sttupid bitchees gangbangged by queue of guyss.
> annal_nailing and cum__swallowing orgiees.
> archiive of gro
I've been getting lots of porn site spam containing words with doubled
letters, like this one:
Orrgy pornn parrties! Lotts of
sttupid bitchees gangbangged by queue of guyss.
annal_nailing and cum__swallowing orgiees.
archiive of group_ssex materia
decoder wrote the following on 04/10/2006 21:38:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alan Munday wrote:
Chris
Could you consider adding a configuration parameter which would have
the effect of scoring all results as zero?
This would allow people to configure FuzzyOCR for their syste
Linda Walsh wrote:
> Is there a way to "light-grey" a list -- not a blanket accept
> all, white-list, but something that temporarily moves the
> spam-"high-water" mark for that specific email:
For mailing lists, I use "whitelist_to", which by default subtracts 6
points from the email's score. It w
I'm having problems filtering a list I'm on (lkml).
First I had it on normal filter -- but I had too many false
positives. Finally switched it to a white-list, but now, many
true negatives (spam) get through.
Is there a way to "light-grey" a list -- not a blanket accept
all, white-list, but som
Stuart Johnston wrote:
Dallas,
I think there is a bug in the image_size_range function.
my $name = $type.'_dems';
Should probably be more like:
my $name = "dems_$type";
Thanks,
Stuart
Yup.. Craig Green made me aware of that last week, and I've been too
busy to address it. I'll get it updat
We use SA, ClamAV, Razor, Pyzor, DCC, etc. with amavis-new and Maia Mailguard.
Maia is a great way to imitate some of the big expensive spam filters out
there. It gives users a web front end for managing their spam and even their
spam score limits. It may be a little more than what you want t
describe QMAIL_TYPO Hand-forged Received header with typos
header QMAIL_TYPO Received =~ /\.[a-z]{1,4}\s\((?!Qmail)Qm[ail]{3}\)\swith\s/
scoreQMAIL_TYPO 1.00
--
John Hardin KA7OHZICQ#15735746http://www.impsec.org/~jhardin/
[EMAIL PROTECTED]FALaholic #11174pgpk -a [EMAIL PR
I am looking into switching from a global bayes/awl/setting environment
to a per-user environment with MySQL as a backend.
Would anyone care to offer an opinion as to whether and/or to what
degree this might make in overall effectiveness? Anyone back up that
opinion with cold hard facts?
Will I
I use Exim with the integrated SA ACL.
I'm really pleased with how it works.
http://www.exim.org/exim-html-4.62/doc/html/spec_html/ch40.html
/Andreas
Title: RE: What's the best method to use SA?
Sendmail/Procmail
/etc/procmailrc:
:0fw* < 115000* !
^(TO|Cc):.(user1noscan|user2noscan|user3noscan)* ! ^Return-Path:
\<\>* ! ^List-Id:.\* !
^Disposition-Notification-To:.*MUNGED* !
^Received:.(domain1.com|domain2.com|domain3.com)* ! ^To:.*abuse
I have a ton of bayes_toks.expire files listed in /root/.spamassassin.
Is it safe to delete these files? I did check the FAQ regarding
"manybayestoksexpirefiles" but from what I can tell the directory is not
set to use sticky bit. Here is my ls -la results on the directory:
[EMAIL PROTECTED
Jason Haar wrote:
I'm having marvelous luck with FuzzyOCR - but the spammers are learning too.
When I first started using it just a couple of months ago, it really
whacked the image-based spam. You could see why when "gocr file.gif"
returned nice text that was easy to match against.
However, no
Title: RE: What's the best method to use SA?
> -Original Message-
> From: Monty Ree [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, October 04, 2006 12:44 AM
> To: users@spamassassin.apache.org
> Subject: What's the best method to use SA?
>
>
> Hello.
>
> I have used SA using with p
On Wed, Oct 04, 2006 at 04:43:37AM +, Monty Ree wrote:
> Hello.
>
> I have used SA using with procmail.
> and clamav + sendmail(libmilter) against virus.
>
> But I have found that other related solutions like
> http://www.mailscanner.info/ or
> http://www.amavis.org/.
>
> I don't know wha
Title: RE: Stock spam in images
Greetings list,
The old timers on the list know I tend to try things outside the norm. Like my strong resistence to sitewide bayes. Well for months I've been using a simpler approach to these Stock Spams w/ images. I don't look at the image at all. He
Dallas,
I think there is a bug in the image_size_range function.
my $name = $type.'_dems';
Should probably be more like:
my $name = "dems_$type";
Thanks,
Stuart
Hi people,
Got a problem with FuzzyOCR. I'm using version 2.3j but had
the same problem with 2.1. At points through out the day there will be
3 - 4 instances of gocr running all fighting over CPU. They run
forever, which I though that SA would kill the processes if they took to
long
> I did a local DNS query:
>
> dig somedomain.com.multi.surbl.org a
>
> If you get NXDOMAIN then it's not listed.
>
> > Do you know a way to see result for each test (PH, OB, etc ... ) ?
>
> dig somedomain.com.multi.surbl.org txt
>
> will show the lists; so will the lookup page, and so wil
On Wednesday, October 4, 2006, 3:11:16 AM, Fabien GARZIANO wrote:
>> Another possibility is that there is a DNS proxy or DNS
>> modification service like OpenDNS changing the DNS results in
>> a way that's not compatible with SURBL applications:
>>
>> http://www.surbl.org/faq.html#opendns
> I
I dream of a amavis+spamassassin system developed in C++ language and with
separate rule compiler and matching daemon...
Also, this thing of running a perl regex matching for each (enabled) rule is a
bit brain damaged... Why not invert the flow and build something like flex +
bison, ie: a gramm
I definitely have to say that between OutOfMemoryProblems and TrustPath
we've probably covered about 20% of the problems on the list :)
Justin Mason wrote:
> hey, feel free to edit around that FAQ too, Matt ;)
>
> Right now I think that question really *is* the most FA'd Q.
>
> --j.
>
>
Title: RE: Spamassassin Rules
Yes, spamassassin definitely RULES! ;-D
Hi all
Tried to install NET::DNS via CPAN to get my network tests going but
get the following error report at the end:
sudo cpan -i Net::DNS
Running make test
PERL_DL_NONLAZY=1 /usr/local/bin/perl "-MExtUtils::Command::MM" "-e"
"test_harness(0, 'blib/lib', 'blib/arch')" t/*.t
t/00-load.
Title: RE: Spamassassin Rules
> -Original Message-
> From: Jeff Chan [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, October 04, 2006 6:13 AM
> To: Loren Wilton
> Cc: users@spamassassin.apache.org
> Subject: Re: Spamassassin Rules
>
>
> On Tuesday, October 3, 2006, 6:57:21 PM, Loren
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Loren Wilton wrote:
> @page Section1 {size: 8.5in 11.0in; margin: 1.0in 1.0in 1.0in 1.0in;
> } P.MsoNormal { FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt; FONT-FAMILY:
> "Times New Roman" } LI.MsoNormal { FONT-SIZE: 12pt; MARGIN: 0in 0in
> 0pt; FONT-FAMILY: "T
Loren Wilton writes:
> > I'm running SpamAssassin version 3.0.5. (On Perl 5.8.6).
> > I've checked the the bugzilla page about this bug. I dont understand a
> > damn thing 8-|... I guess that i need to update my spamassassin setup
> > and I'm scared. I'm gonna check the wiki for advice on spamassa
I'm running SpamAssassin version 3.0.5. (On Perl 5.8.6).
I've checked the the bugzilla page about this bug. I dont understand a
damn thing 8-|... I guess that i need to update my spamassassin setup
and I'm scared. I'm gonna check the wiki for advice on spamassassin
updates, but first, get a horse
On Tuesday, October 3, 2006, 6:57:21 PM, Loren Wilton wrote:
> If you don't have network rules enabled you should enable them. The
> URIBL-type rules will probably catch the vast majority of this junk. Most
> of the mis-spelled pharma stuff I get scores around 50.
See:
http://www.surbl.org/
> What version of SpamAssassin are you running? Versions before
> 3.1 have an infrequent DNS query bug:
>
> http://bugzilla.spamassassin.org/show_bug.cgi?id=3997
>
I'm running SpamAssassin version 3.0.5. (On Perl 5.8.6).
I've checked the the bugzilla page about this bug. I dont understand a
Clifton Royston writes:
> I'm trying to write some SA rules for additional tests on the
> connecting mailserver's SMTP HELO string, and I have some questions
> about how to do it. Should I send them to this list or to the
> dev list?
hey Clifton! -- yep, this list.
> Assuming it's this list
hey, feel free to edit around that FAQ too, Matt ;)
Right now I think that question really *is* the most FA'd Q.
--j.
Matt Kettler writes:
> Woot!! Thank you Justin and the rest of the Wiki crew for putting that up!
>
> I was getting tired of writing the "Are you using sa-blacklist.cf?"
> emai
Benny Pedersen wrote:
On Wed, October 4, 2006 05:59, M.Lewis wrote:
X-Spam-Status: No, score=x tagged_above=-999 required=5 tests=[]
check amavisd.conf for $sa_mail_body_size_limit is highter then the mail size
in this
mail, if it is amavisd disabled scanning of this mail
Thanks Benny. I s
On Wed, October 4, 2006 09:18, Benny Pedersen wrote:
> On Wed, October 4, 2006 05:59, M.Lewis wrote:
>> X-Spam-Status: No, score=x tagged_above=-999 required=5 tests=[]
> check amavisd.conf for $sa_mail_body_size_limit is highter then the mail size
> in this
> mail, if it is amavisd disabled scan
On Wed, October 4, 2006 05:59, M.Lewis wrote:
> X-Spam-Status: No, score=x tagged_above=-999 required=5 tests=[]
check amavisd.conf for $sa_mail_body_size_limit is highter then the mail size
in this
mail, if it is amavisd disabled scanning of this mail
--
"This message was sent using 100% recy
43 matches
Mail list logo
