1) That should be "local.cf".
2) Restart spamassassin or the tool that has spamassassin daemonized.
{^_^}
- Original Message -
From: "Suhas (QualiSpace)" <[EMAIL PROTECTED]>
I did that in the loca.cf file but it's not refecting. What do I have to do
after modifying the local.cf file.
I did that in the loca.cf file but it's not refecting. What do I have to do
after modifying the local.cf file.
Warm Regards,
Suhas
System Admin
QualiSpace - A QuantumPages Enterprise
===
Tel India: +91 (22) 6792 - 1480
Tel US: +1 (614) 827 - 1224
Fax India: +91 (22) 2530 -
Thanks for your help.
Warm Regards,
Suhas
System Admin
QualiSpace - A QuantumPages Enterprise
===
Tel India: +91 (22) 6792 - 1480
Tel US: +1 (614) 827 - 1224
Fax India: +91 (22) 2530 - 3166
URL: http://www.qualispace.com
===
For Any Technical Query
From: "John Andersen" <[EMAIL PROTECTED]>
On Thursday 12 October 2006 14:54, John Rudd wrote:
That rule has a 3.2 value because the 3.2 value is
accurate to differentiating spam vs ham in the corpus. Therefore, the
score is appropriate.
No, its not accurate.
The rule is in-discriminant as to
From: "John Andersen" <[EMAIL PROTECTED]>
On Thursday 12 October 2006 14:25, Kurt Fitzner wrote:
The purpose of SpamAssassin is not to punish domains without working
postmaster addresses. It is not to act as RFC cops. It is to detect
spam. Let's not lose sight of the goal because some BL list ha
On Thursday 12 October 2006 04:05, Giampaolo Tomassoni wrote:
> :(
>
> One week ago if I would report a mail as spam to razor, they would soon
> report as such at the very next spamassassin -t.
>
> Now they don't...
>
> Is that I sent something they know it is not spam, or is something else?
Well
On Thursday 12 October 2006 14:54, John Rudd wrote:
> That rule has a 3.2 value because the 3.2 value is
> accurate to differentiating spam vs ham in the corpus. Therefore, the
> score is appropriate.
No, its not accurate.
The rule is in-discriminant as to content. It flags ham with the same sc
Thanks - this is exactly what I was looking for.
-Max
On 10/12/06, Kelson <[EMAIL PROTECTED]> wrote:
Max Clark wrote:
> I have seen an increase in the amount of spam that has made its way
> through our filters and in to our inboxes. Most of this seems to be
> the stock pitches that are image at
On Thursday 12 October 2006 14:25, Kurt Fitzner wrote:
> The purpose of SpamAssassin is not to punish domains without working
> postmaster addresses. It is not to act as RFC cops. It is to detect
> spam. Let's not lose sight of the goal because some BL list has gone on
> a crusade to police compl
alex wrote:
> does that mean the header is forged?
It is very common to see forged headers in email. My guess is that
yes those headers are forged. In fact even without looking if you
tell me the message is spam I would guess that the headers are
forged.
Bob
Bowie Bailey BUC.com> writes:
>
> > all rules seem the same, expected BAYES_50 vs BAYES_99. What will
> > the causing for this value so high at backup server. Also, i had set
> > internal_networks 192.168.2.0/24 at both spamassassin local.cf at
> > both server, will it reduce/increase the BAYES_
Is actually not a FP on the rules.
The rules are right, and newegg created a messed up email (and their
whois IS invalid)
No spam filter is 100% accurate for 100% of the people.
That is what manually training is for (because folks like newegg doen't
seem to care they create messed up emails)
Di
I'm on Linux, also did a snoop and didn't see any relaying so I hope not!
On Thu, Oct 12, 2006 at 05:51:39PM -0700, jdow wrote:
> Are you possibly infected and spewing spams?
>
> Note that the received headers can be forged. (There are even some
> clever tricks that are played with routers to rer
On Thu, 12 Oct 2006, Kurt Fitzner wrote:
> John D. Hardin wrote:
> > That said, many times I have been annoyed by a filter on somebody's
> > abuse@ address bouncing an abuse notice that I sent *with evidence*. I
> > do not recommend a rejecting spam filter on the abuse@ address, it
> > will keep p
Are you possibly infected and spewing spams?
Note that the received headers can be forged. (There are even some
clever tricks that are played with routers to reroute your address
for a spam run then route it back that I have heard of.)
{^_^}
- Original Message -
From: "alex" <[EMAIL PRO
just got a bunch of bounced mails that have my ip in the header,
but I checked my mail logs and don't see any relaying.
does that mean the header is forged?
here is an example, I changed my ip in the example to a.b.c.d
and my domain to "mydomain"
Received: from mx06.east.net ([200.113.154.211])
Max Clark wrote:
I have seen an increase in the amount of spam that has made its way
through our filters and in to our inboxes. Most of this seems to be
the stock pitches that are image attachments. Is there any way to
effectively combat this?
Look into FuzzyOCR.
http://wiki.apache.org/spamassa
John D. Hardin wrote:
> That said, many times I have been annoyed by a filter on somebody's
> abuse@ address bouncing an abuse notice that I sent *with evidence*. I
> do not recommend a rejecting spam filter on the abuse@ address, it
> will keep people from reporting abuse of your systems to you.
I have seen an increase in the amount of spam that has made its way
through our filters and in to our inboxes. Most of this seems to be
the stock pitches that are image attachments. Is there any way to
effectively combat this?
Thanks in advance,
Max
--
Max Clark
http://www.clarksys.com
On Thu, 12 Oct 2006, John Rudd wrote:
> John D. Hardin wrote:
> > On Thu, 12 Oct 2006, John Rudd wrote:
> >
> >> So, why not use a milter that allows you to exempt abuse and
> >> postmaster from bouncing?
> >
> > I think you're misunderstanding the issue.
>
> Nope.
>
> I wasn't replying to the
What I'd like to see is a flag telling it to autolearn the headers only,
and a flage that causes it to test the headers only.
John D. Hardin wrote:
On Thu, 12 Oct 2006, John Rudd wrote:
So, why not use a milter that allows you to exempt abuse and
postmaster from bouncing?
I think you're misunderstanding the issue.
Nope.
I wasn't replying to the larger issue in that message. I was replying
to the specific issue
Kurt Fitzner wrote:
John D. Hardin wrote:
> But if the stated purpose of the BL is "this domain does not have a
working postmaster address" then it's unreasonable to ask them to
exclude a domain that does not have a working postmaster address, no
matter how large or popular that domain is.
My
John D. Hardin wrote:
> But if the stated purpose of the BL is "this domain does not have a
> working postmaster address" then it's unreasonable to ask them to
> exclude a domain that does not have a working postmaster address, no
> matter how large or popular that domain is.
My concern is the sc
Thanks to everyone for their help...
Charles pointed me in the right direction, I had 2 copies of
spamassassin. But just removing one didn't do the trick. Recompiled
from source after that, and I think it's good to go.
So far spam has been scored above 5, so I'm keeping my fingers crossed.
> -Original Message-
> From: Dan Horne [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 12, 2006 3:29 PM
> To: John DeYoung
> Cc: users@spamassassin.apache.org
> Subject: RE: sa-learn and POP3 accounts
>
> Actually, based on another recent thread here ("Parsing
> Email") I was able to
Actually, based on another recent thread here ("Parsing Email") I was
able to take the perl script that Vincent Li posted and modify it to
work the way I want:
1) user forwards spam message AS ATTACHMENT to a pre-defined email
address
2) postfix pipes emails to this address to the modified script
On Oct 11, 2006, at 11:41 AM, Dan Horne wrote: I have a working SA install using Bayes. My webmail users can "report spam" that makes it into their inboxes, and those .eml files get copied into a mailbox that gets regular scans by sa-learn. No problem so far. However most of my users are POP3
I don’t
want all this to be displayed in the email. From where do I remove it?
FYI I am running
SA 3.0.1 on windows platform.
Spam detection
software, running on the system "mirackle1", has
identified this incoming email as possible spam. The original
message
has been attached t
At 08:42 AM 10/12/2006, you wrote:
New phish looks like a LEGIT ebay messege from another user
"I'm still waiting payment for my item for about 1 week. What
happened? Please mail me ASAP or I will report you to ebay."
Only one link doesn't point back to ebay site, of course its the
"Respond
On Thu, Oct 12, 2006 at 10:31:39AM -0500, [EMAIL PROTECTED] wrote:
> What can I do to catch and handle Spam that has profanity with fuzzy matching?
>
> Is there anything that has a good level of accuracy of trapping porn spam?
Try the SARE Adult ruleset. They've worked fairly well for me; not
On Thu, 12 Oct 2006, Benny Pedersen wrote:
> On Wed, October 11, 2006 22:09, John D. Hardin wrote:
>
> > I've suggested a tflag like "suppress_autolearn" before. Maybe there's
> > something similar slated for 3.2.0?
>
> tflag FUZZY_OCR noautolearn
There's apparently a plugin to implement this.
Title: New ebay phish
Bah responding to
myself..
They can't get their fake code
right either..
"eBay sent this message from
Michael Douglan (rivernick)."
Further
down in teh email..
"Question
from bravofan03."
Well, who the hell is it? :)
--Chris
-Origin
>>> tflag FUZZY_OCR noautolearn
Is this something we can do now that works?
Do we put this in any .cf file or a particular one?
- rh
--
Robert - Abba Communications
Computer & Internet Services
(509) 624-7159 - www.abbacomm.net
Title: New ebay phish
New phish looks like a LEGIT ebay messege from another user
"I'm still waiting payment for my item for about 1 week. What happened? Please mail me ASAP or I will report you to ebay."
Only one link doesn't point back to ebay site, of course its the "Respond Now" button.
What can I do to catch and handle Spam that has profanity with fuzzy matching?
Is there anything that has a good level of accuracy of trapping porn spam?
This message was sent using IMP, the Internet Messaging Program.
Frank Bures wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I am running sa-update once a day as a part of my daily housekeeping script.
Today, first time since I've been using spamassassin, the spamd would not
restart and the spam started pouring in.
Error message:
Starting spamd: [308
Hi all,
the last couple days have resulted in a lot of new, untagged weight loss
spam (Anatrim), many scoring in the area of 3.x, though a few are tagged
due to either stupidity of the sender (date in future), or some DNS
blacklisting. Has anybody updated some rules yet to catch this?
Tnx, -
On Thu, Oct 12, 2006 at 02:41:49AM +, Monty Ree wrote:
> >You likely either have memory/hardware issues,
> I have installed several x86_64 based systems, but the result was same..
> So I guess this is not a HW problem...
Perhaps. If they're all new and from the same vendor, it could be a bad
On Thu, 12 Oct 2006, John Andersen wrote:
> On Thursday 12 October 2006 00:20, Kurt Fitzner wrote:
> > ?The kind of score being added to every
> > one of their messages is out-of-line with the seriousness of missing a
> > couple of rfc addresses.
>
> I agree. Especially when Yahoo has published
On Thu, 12 Oct 2006, John D. Hardin wrote:
> > On Wed, October 11, 2006 22:09, John D. Hardin wrote:
> >
> > > I've suggested a tflag like "suppress_autolearn" before. Maybe there's
> > > something similar slated for 3.2.0?
>
> I'm putting in a bugzilla feature request.
...I *knew* I'd brought
On Thu, 12 Oct 2006, John Rudd wrote:
> So, why not use a milter that allows you to exempt abuse and
> postmaster from bouncing?
I think you're misunderstanding the issue. He has a problem with
rfc-ignorant being strict in their interpretation of the RFC
requirements. It's not mail to *his* postm
On Thu, 12 Oct 2006, Benny Pedersen wrote:
> On Wed, October 11, 2006 22:09, John D. Hardin wrote:
>
> > I've suggested a tflag like "suppress_autolearn" before. Maybe there's
> > something similar slated for 3.2.0?
>
> tflag FUZZY_OCR noautolearn
>From the docs:
Note that certain tests ar
martin wrote:
> config is:
>
> main mail server (said 192.168.2.5) got the email, the mail
> will local delivery and forward a copy to backup server
> (said 192.168.2.6). spamassassin log at main server shown:
>
> spamassassin log at main server
> clean message (3.2/6.0) for spa
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I am running sa-update once a day as a part of my daily housekeeping script.
Today, first time since I've been using spamassassin, the spamd would not
restart and the spam started pouring in.
Error message:
Starting spamd: [30803] error: spamd: coul
:(
One week ago if I would report a mail as spam to razor, they would soon report
as such at the very next spamassassin -t.
Now they don't...
Is that I sent something they know it is not spam, or is something else?
---
Giampaolo Tomassoni - IT Consultant
Piazza
:(
One week ago if I would report a mail as spam to razor, they would soon report
as such at the very next spamassassin -t.
Now they don't...
Is that I sent something they know it is not spam, or is something else?
---
Giampaolo Tomassoni - IT Consultant
Piazza
> On the one hand they (apache.org) refuses mail from perfectly RFC compliant
> Linux boxes insisting you send through your ISP, and then they refuse mail
> from the ISP because ONE spammer in some backwater managed to get one
> piece of spam into some spamtrap somewhere.
You assume (incorrectly)
[EMAIL PROTECTED] wrote:
>
> We are using Lotus Notes / Domino for sending the messages to the
> sa-host.
>
> When a user is reporting a message as spam or ham, the recipient address
> is modified to [EMAIL PROTECTED] or [EMAIL PROTECTED] and then copied into
> the
> router mailbox from the domin
Kurt Fitzner wrote:
Benny Pedersen wrote:
why do you care about it ?
after all its not your domain :-)
I care because:
A) All mail into my domain is filtered through SpamAssassin with a
milter - including mail that goes to postmaster and abuse. Not that my
little domain gets much on either a
We are using Lotus Notes / Domino for
sending the messages to the sa-host.
When a user is reporting a message as
spam or ham, the recipient address
is modified to [EMAIL PROTECTED] or [EMAIL PROTECTED]
and then copied into the router mailbox from the domino server.
The Domino router then sends t
[EMAIL PROTECTED] wrote:
>
> Hello All
>
> I would change or add the reply-to address to "[EMAIL PROTECTED]"
> of each message before learning.
> This to prevent failures or misstakes while sending messages to the
> sa-host.
>
> Can someone tell me if this method is suitable for the bayes database?
John Andersen <[EMAIL PROTECTED]> writes:
> On the one hand they (apache.org) refuses mail from perfectly RFC compliant
> Linux boxes insisting you send through your ISP, and then they refuse mail
> from the ISP because ONE spammer in some backwater managed to get one
> piece of spam into some spa
Hello All
I would change or add the reply-to address
to "[EMAIL PROTECTED]" of each message before learning.
This to prevent failures or misstakes
while sending messages to the sa-host.
Can someone tell me if this method is
suitable for the bayes database?
Thanks in advance
Bruno
On Thursday 12 October 2006 00:20, Kurt Fitzner wrote:
> The kind of score being added to every
> one of their messages is out-of-line with the seriousness of missing a
> couple of rfc addresses.
I agree. Especially when Yahoo has published methods for reporting
spam and abuse even if they are n
Benny Pedersen wrote:
> why do you care about it ?
>
> after all its not your domain :-)
I care because:
A) All mail into my domain is filtered through SpamAssassin with a
milter - including mail that goes to postmaster and abuse. Not that my
little domain gets much on either address, but from w
Hi
In to the log file of my spamassassin I've found more lines like the
follow:
Oct 12 09:57:24 srv-relay spamd[6935]: child processing timeout at
/usr/sbin/spamd line 1085, line 61723.
Oct 12 09:57:24 srv-relay spamd[6935]: child processing timeout at
/usr/sbin/spamd line 1085, line 61723.
Ho
config is:
main mail server (said 192.168.2.5) got the email, the mail
will local delivery and forward a copy to backup server
(said 192.168.2.6). spamassassin log at main server shown:
spamassassin log at main server
clean message (3.2/6.0) for spamassassin:99 in 4.8 seconds
John Thompson vector.os2.dhs.org> writes:
>
> On 2006-10-11, Enrico Pasqualotto pasqualotto.org> wrote:
>
> > Hi at all, I want to deliver mail marked from spamassassin with SPAM to
> > admin address and not deliver to the user.
> > Is possible?
> > After I want to set this setup to specific
On Wed, October 11, 2006 22:09, John D. Hardin wrote:
> I've suggested a tflag like "suppress_autolearn" before. Maybe there's
> something similar slated for 3.2.0?
tflag FUZZY_OCR noautolearn
but i still like to see the plans for import the extracted spam text from
images to be used in bayes,
Monty Ree wrote:
> Anyone who have installed well spamassassin at AMD 64 based system?
Yes. I run SpamAssassin every day on amd64 systems. It works great.
Bob
61 matches
Mail list logo
