We currently have an Exchange 2003 server that is under heavy burden due to
excessive SPAM. The company is not willing to spend $$$ to resolve the
issue if it can be done on Linux - especially being that we have several
Linux boxes lying idle! Hence, my plan is to implement Sendmail as a front
e
Hi Bret,
According to tip from Gary V. you can reliably use whitelist_from_rcvd,
You only should configure the following parameters right:
trusted_networks
internal_networks
Best Regards,
Leon Kolchinsky
-Original Message-
From: Bret Miller [mailto:[EMAIL PROTECTED]
Sent: Thursday,
Chris wrote:
Seems the huge network of compromised machines that started earlier this
month are still going strong and appears to be growing. My spam input has
grown today by about 700%. Below are the top ASN's and CIDR's for todays
run:
Report date: Sat Nov 18 22:52:53 CST 2006
Total spams:
Seems the huge network of compromised machines that started earlier this
month are still going strong and appears to be growing. My spam input has
grown today by about 700%. Below are the top ASN's and CIDR's for todays
run:
Report date: Sat Nov 18 22:52:53 CST 2006
Total spams: 543
Total ASNs
Running openwebmail, the docs say to patch the DB_File.pm file with this
patch for OWM to work correctly:
---
Please modify /usr/lib/perl5/5.8.0/i386-linux-thread-multi/DB_File.pm by
adding
$arg[3] = 0666 unless defined $arg[3];
before the following text (about line 247)
# make recno in Be
Yes,
I have tested this by pointing my entries in resolve.conf to our
non-caching server. . . definitely slowed it down ... about 1/2 the
speed
(could not do r-DNS as quickly) :)
- Darren.
-Original Message-
From: Jeff Chan [mailto:[EMAIL PROTECTED]
Sent: Saturday, November 18, 2006 1:
On Friday November 17 2006 21:24, Giampaolo Tomassoni wrote:
> Besides, if there wasn't SA pluging, I would prefer a C/C++ version of SA.
> Wouldn't it run better? Wouldn't it be faster, wouldn't have a smaller
> memory footprint, better reclamation, better hooks for plugins etc? :)
...and buffer
Giampaolo Tomassoni writes:
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> >
> > ...omissis
> >
> > Recently in the perl "blead" code, one of the perl hackers has added a
> > trie-based regexp matcher (with Aho-Corasick optimisations) to efficiently
> > match multiple regular expressions in
well...
I spent several years writing Java in the '90s, and am quite certain that
SpamAssassin would perform a *lot* worse if written in Java.
SpamAssassin is heavy on regular expressions, and *very* optimised for
Perl's VM.
On top of that, I'm pretty sure it would be quite hard to get fast
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
>
> ...omissis
>
> Recently in the perl "blead" code, one of the perl hackers has added a
> trie-based regexp matcher (with Aho-Corasick optimisations) to efficiently
> match multiple regular expressions in parallel, to the perl core regexp
> matchi
Giampaolo Tomassoni writes:
> From: Matt Kettler [mailto:[EMAIL PROTECTED]
> > 1) perl has a substantial base of text parsing and utility libraries
> > that no other language can match.. Java does have native regex
> > support, so it has a leg up over the others,
>
> Right, but both langs are not
Giampaolo Tomassoni wrote:
> From: Matt Kettler [mailto:[EMAIL PROTECTED]
>
>> 1) perl has a substantial base of text parsing and utility libraries
>> that no other language can match.. Java does have native regex support,
>> so it has a leg up over the others,
>>
>
> Right, but both langs
From: Matt Kettler [mailto:[EMAIL PROTECTED]
> 1) perl has a substantial base of text parsing and utility libraries
> that no other language can match.. Java does have native regex support,
> so it has a leg up over the others,
Right, but both langs are not that much suited for scoring a message:
On Fri, 17 Nov 2006, Jeff Chan wrote:
> It seems that the particular URI obfuscation in:
>
> http://www.surbl.org/evidence/seruikiontunhfasnde.com.txt
>
> successfully confuses SpamAssassin 3.1.6 into not detecting the
> SURBL blacklisted URI.
How about a rule that adds points for a link with
Marc Perkel wrote the following on 11/18/2006 8:24 AM -0800:
>
> decoder wrote:
>> Marc Perkel wrote:
>>> The words file needs a little documentation. Is it limited to single
>>> words or phrases too? What's with the colon and the numbers after
>>> the word?
>>>
>> Phrases are possible too, spaces
On Sat, Nov 18, 2006 at 01:41:22PM -0500, Fred T wrote:
> I'm trying to create a rawbody rule to catch the attached message.
> It's full of characters like =E4=FC=B3 etc.
Those are quoted-printable encoded chars, btw.
> It returns what looks like gibberish, (high-ascii) characters.
Yep. That's
Hello SA-Users,
I'm trying to create a rawbody rule to catch the attached message.
It's full of characters like =E4=FC=B3 etc.
I went crazy trying to figure out why it won't match the patterns in
the attached message.
I created a test rule,
rawbody TEST_CATCH_CHRS /.{80}/
It returns what looks
> -Original Message-
> From: Matt Kettler [mailto:[EMAIL PROTECTED]
> Sent: Saturday, November 18, 2006 10:29 AM
> To: Michael Scheidell
> Cc: users@spamassassin.apache.org
> Subject: Re: URI obfuscation that confuses SA
>
>However, it's just doing a search for "8ZC*2". If you have the
On Sat, 18 Nov 2006 11:16:30 -0600, Chris <[EMAIL PROTECTED]>
wrote:
>On Saturday 18 November 2006 10:59 am, Nigel Frankcom wrote:
>> Hi All,
>>
>> After a fair bit of discussion on and off list,and a fair bit of
>> thought I've decided to change tack a little with stock spam.
>>
>> As of this mor
On Saturday 18 November 2006 10:59 am, Nigel Frankcom wrote:
> Hi All,
>
> After a fair bit of discussion on and off list,and a fair bit of
> thought I've decided to change tack a little with stock spam.
>
> As of this morning (GMT) I'm reporting all stock spam to the SEC (they
> have a semi-dedica
Hi All,
After a fair bit of discussion on and off list,and a fair bit of
thought I've decided to change tack a little with stock spam.
As of this morning (GMT) I'm reporting all stock spam to the SEC (they
have a semi-dedicated address for it). I figure they'll either tell me
to quit, block me or
decoder wrote:
Marc Perkel wrote:
The words file needs a little documentation. Is it limited to single
words or phrases too? What's with the colon and the numbers after the
word?
Phrases are possible too, spaces and numbers are stripped out in both
the wordlist and the OCR output before mat
Marc Perkel wrote:
The words file needs a little documentation. Is it limited to single
words or phrases too? What's with the colon and the numbers after the
word?
Phrases are possible too, spaces and numbers are stripped out in both
the wordlist and the OCR output before matching :)
The co
The words file needs a little documentation. Is it limited to single
words or phrases too? What's with the colon and the numbers after the word?
Michael Scheidell wrote:
> When I past that (with the munged) in it I get a nasa web site.
> (maybe google built into firefox finds the nasa site)
>
>
> http://8ZC*2/F3B.seruikiontuMUNGED.com/?LHN-+IA-
>
>
> Scarry crap.
>
> Hey nasa: is this even something you want public?
> I will send you link i
On Sat, November 18, 2006 14:45, Justin Mason wrote:
> http://8ZC*2/F3B.seruikiontuMUNGED.com/?LHN-+IA- >
> link
> Surely that doesn't work. certainly doesn't with any of my MUAs! anyone
> got a copy of Lookout or Outlook Express they can test with?
fedora core 6 x86_64 firefox 1.5.0.8 display
When I past that (with the munged) in it I get a nasa web site.
(maybe google built into firefox finds the nasa site)
http://8ZC*2/F3B.seruikiontuMUNGED.com/?LHN-+IA-
Scarry crap.
Hey nasa: is this even something you want public?
I will send you link it gets if you email me back.
> -Orig
> This was with amavisd-new, but should not be much different than
> spamd, except for somewhat smaller daemon main program in clamd.
s/clamd/spamd/
On Saturday November 18 2006 02:05, Matt Kettler wrote:
> I also expect a lot of the memory usage is the annotation tables and
> such for regexes. It would be interesting to compare the size of spamd
> without any rules loaded against one with a stock ruleset. The
> difference between the two can't
Matt Kettler writes:
> Jeff Chan wrote:
> > It seems that the particular URI obfuscation in:
> >
> > http://www.surbl.org/evidence/seruikiontunhfasnde.com.txt
> >
> > successfully confuses SpamAssassin 3.1.6 into not detecting the
> > SURBL blacklisted URI.
> >
>
> Does that even work as a l
Ramprasad wrote:
> Which is lighter to use bayes in files or bayes in SQL for a large setup
> We get around 6-7 Million mails per day on our 14 servers ( >80% get
> rejected at MTA however)
>
For such a large system, SQL would be by far more efficient.
Admittedly SQL is "heavier" than bayes in
Marc Perkel wrote:
OK - trying out the FuzzyOCR plugin. So far it all the default stuff
with minimal installation. I'm running Fedora Core 6. Used the gocr
RPM and didn't patch the source. Everything is default and it doesn't
seem to be complaining so .
If I like this what do I need to ch
Christian Aust wrote:
Hi all,
I'm using spamassassin 3.1.7 on Debian 3.1 w/ postfix 2.3.3 and GNU
MailMain 2.1.5. When I last sent out a message to the list participants,
I encountered this:
Two users having an local account on the same machine from which the
mail comes are subscribed to th
Ramprasad wrote:
Which is lighter to use bayes in files or bayes in SQL for a large setup
We get around 6-7 Million mails per day on our 14 servers ( >80% get
rejected at MTA however)
Currently each machine( dual Xeon 4GB Ram) running Postfix + SA +
MailScanner has it own bayes files. How about
Hi all,
I'm using spamassassin 3.1.7 on Debian 3.1 w/ postfix 2.3.3 and GNU
MailMain 2.1.5. When I last sent out a message to the list
participants, I encountered this:
Two users having an local account on the same machine from which the
mail comes are subscribed to the list. Both get the
Which is lighter to use bayes in files or bayes in SQL for a large setup
We get around 6-7 Million mails per day on our 14 servers ( >80% get
rejected at MTA however)
Currently each machine( dual Xeon 4GB Ram) running Postfix + SA +
MailScanner has it own bayes files. How about running a mysql se
36 matches
Mail list logo
