Mick Pollard wrote:
> On Wed, 2006-11-22 at 19:34 -0600, Chris wrote:
> > I've gotten about 500 of these today and its getting to be hell weeding
> > through them to pull out my LARTs which are also bouncing. Any
> > ideas/suggestions are whole heartedly welcome.
>
> This may be useful. I haven't
wrote:
> | messju mohr wrote:
> | > mails from our host 80.237.202.55
> (ds80-237-202-55.dedicated.hosteurope.de)
> | > are tagged as HELO_DYNAMIC_IPADDR. Said IP is not dynamic, it's a
> | > dedicated server hosted at german ISP (Host Europe GmbH).
> | >
> | > How can we get our host removed
Philip Prindeville wrote:
> Don't they? I thought the recommended retry time was 2 minutes,
> doubling on each failure, and maxing out at 2 hours.
The traditional Sendmail would retry either every 15 or every 30
minutes. This would almost always be seen as the command line setting
as sendmail -q
Ramprasad wrote:
On Wed, 2006-11-22 at 19:34 -0600, Chris wrote:
I've been receiving tons of supposed bounces from Peru saying I've sent
messages to non-existant address using a [EMAIL PROTECTED] address.
One such bounce is below:
Return-Path: <>
Received: from pop.earthlink.net [209.86.
On Wed, 2006-11-22 at 19:34 -0600, Chris wrote:
> I've been receiving tons of supposed bounces from Peru saying I've sent
> messages to non-existant address using a [EMAIL PROTECTED] address.
> One such bounce is below:
>
> Return-Path: <>
> Received: from pop.earthlink.net [209.86.93.201]
| messju mohr wrote:
| > Hello,
| >
| > mails from our host 80.237.202.55 (ds80-237-202-55.dedicated.hosteurope.de)
| > are tagged as HELO_DYNAMIC_IPADDR. Said IP is not dynamic, it's a
| > dedicated server hosted at german ISP (Host Europe GmbH).
| >
| > How can we get our host removed from the li
messju mohr wrote:
> Hello,
>
> mails from our host 80.237.202.55 (ds80-237-202-55.dedicated.hosteurope.de)
> are tagged as HELO_DYNAMIC_IPADDR. Said IP is not dynamic, it's a
> dedicated server hosted at german ISP (Host Europe GmbH).
>
> How can we get our host removed from the list of DYNAMIC_IP
I've been receiving tons of supposed bounces from Peru saying I've sent
messages to non-existant address using a [EMAIL PROTECTED] address.
One such bounce is below:
Return-Path: <>
Received: from pop.earthlink.net [209.86.93.201]
by localhost with POP3 (fetchmail-6.2.5)
for [
Good thought.
The backup has slowly drained (while I was involved in solving a major
firewall problem - god I love being an SA in a medium-sized firm), so I
can't check it at this moment, but if it happens again, I'll have something
to start with.
Kurt
| -Original Message-
| From: Bowie
On Wednesday 22 November 2006 9:54 am, Andrew Hearn (AAISP) wrote:
> Chris wrote:
> > Total: 580 reports in 39m 28s. 4.08 seconds per report.
> > Tue Nov 21 22:08:56 CST 2006
>
> Sorry to be OT, but are these spam stats a built in feature of SA, or
> have you got a plugin to get this information
Have you run spamassassin -D --lint? to check for syntax, etc. errors?
Wes
Chris Willard <[EMAIL PROTECTED]> wrote:
Hi Wes!
On Tue, 21 Nov 2006, twofers wrote:
> Are you saying that you have separate rules in user_prefs and those rules are
> not being processed? or are you talking about
Hi Wes!
On Tue, 21 Nov 2006, twofers wrote:
> Are you saying that you have separate rules in user_prefs and those rules are
> not being processed? or are you talking about just configuration lines in
> user_prefs like use_bayes 1?
Yes - it does not process the seperate rules that are in user_p
Hi Loren!
On Tue, 21 Nov 2006, Loren Wilton wrote:
> Did you restart spamd after changing any options?
Yes. It made no difference.
Regards,
Chris
--
/* _\|/_
(o o)
+oOO-{_}-OOo+
|Chris Willard <[EMAIL PROTECTED]>
Don't they? I thought the recommended retry time was 2 minutes,
doubling on each failure, and maxing out at 2 hours.
That's what sendmail does (unless it's retry time has been explicitly
set to more than 2 hours, of course).
-Philip
Richard Frovarp wrote:
>I don't think the RFCs specify any t
I've got a FP on the TVD_FW_GRAPHIC_ID1 rule. It is a message with a
single in line image from Outlook Express.
I can't post the whole message, here are what I hope are the relevant parts:
X-Mailer: Microsoft Outlook Express 6.00.2900.2869
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.296
Steve [Spamassasin] writes:
> An ebay "watched item" email has been wrongly tagged as spam... with the
> following rules:
>
> --
> 2.2 INVALID_DATE Invalid Date: header (not RFC 2822)
> 0.8 DATE_IN_PAST_06_12 Date: is 6 to 12 hours before Received: date
> 0.1 TW_SJ
On Wed, 22 Nov 2006, Steve [Spamassasin] wrote:
>
> 2.2 INVALID_DATE Invalid Date: header (not RFC 2822)
> 0.8 DATE_IN_PAST_06_12 Date: is 6 to 12 hours before Received: date
> Date:Wed, 22 Nov 2006 09:03:16 GMT-07:00
> Received:from sjc2bat08.sjc.ebay.com (sjc2bat08.sjc.ebay.com [
From: Steve [Spamassasin] [mailto:[EMAIL PROTECTED]
> Date:Wed, 22 Nov 2006 09:03:16 GMT-07:00
Should be -0700 not GMT-07:00.
This may also trigger the DATE_IN_PAST_06_12, since probably the SA's date
parsing module simply discards the zone offset data.
giampaolo
> To:...
> Return-Path:<[EMAIL
John W Mickevich wrote:
Hello all!
...
I would like to know now to use a variable within SpamAssassin. For
example, how would I “capture” the last name of the From header field
for use in comparisons elsewhere? Here is a sample:
>From: "Molly Owens" <[EMAIL PROTECTED]>
>Subject: Me
On Wed, Nov 22, 2006 at 04:20:29PM +, Steve [Spamassasin] wrote:
> Date:Wed, 22 Nov 2006 09:03:16 GMT-07:00
>
> Am I overlooking something here? Why doesn't SpamAssassin like these dates?
That's not a valid date header, the TZ is invalid.
--
Randomly Selected Tagline:
"... and we still hav
An ebay "watched item" email has been wrongly tagged as spam... with the
following rules:
--
2.2 INVALID_DATE Invalid Date: header (not RFC 2822)
0.8 DATE_IN_PAST_06_12 Date: is 6 to 12 hours before Received: date
0.1 TW_SJ BODY: Odd Letter Triples with SJ
0.0 HT
Mark wrote:
-Original Message-
From: Rene Caspari [mailto:[EMAIL PROTECTED]
Sent: dinsdag 21 november 2006 12:09
To: users@spamassassin.apache.org
Subject: SPF and SMTP AUTH
I have a little problem with SPF:
For domain.tld there is a SPF record, which says that
mail.domain.tld is al
Yep, a problem I continually get is that people want to make email into
something that it is not.
It's not a credit card or an ATM card or Driver's license or a Visa or etc.
Joe
jay plesset wrote:
It never fails to amaze me now many mail server admins ask for ways to
break the RFC's in the in
Chris wrote:
> On Tuesday 21 November 2006 6:47 pm, Chr. v. Stuckrad wrote:
>> Hi!
>>
>> Yesterday we had a sudden drop in spam-percentage from >80% to near 60%.
>> Parallel to it I got six copies of an undetectable (by NAI and ClamAV)
>> new trojan 'exe' in the Mail.
>>
>> Do we have to prepare fo
It never fails to amaze me now many mail server admins ask for ways to
break the RFC's in the interest of "security". I do tech support on
mail servers, and get requests to configure out server for this kind of
thing weekly. . .
jay
Philip Prindeville wrote:
Well, I tried to contact some p
On Wed, Nov 22, 2006 at 05:33:39PM +0200, Leon Kolchinsky wrote:
> Nov 22 14:25:39 mail postfix/smtp[15132]: 23CBE1CA24: to=< [EMAIL PROTECTED]
> >, orig_to=< [EMAIL PROTECTED]>, relay=127.0.0.1[127.0.0.1], delay=25,
> status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in
> process
You should upgrade your MIME::Parser as well.
You are probably using a very old one, where it does not support of
"max_parts" as stated in the error log!
/Micke
Leon Kolchinsky wrote:
Example of maillog errors:
Nov 22 14:25:39 mail postfix/smtp[15132]: 23CBE1CA24: to=< [EMAIL PROTECTED] >, o
On Wed, Nov 22, 2006 at 03:39:43PM +, Justin Mason wrote:
>
> messju mohr writes:
> > mails from our host 80.237.202.55 (ds80-237-202-55.dedicated.hosteurope.de)
> > are tagged as HELO_DYNAMIC_IPADDR. Said IP is not dynamic, it's a
> > dedicated server hosted at german ISP (Host Europe GmbH).
messju mohr writes:
> mails from our host 80.237.202.55 (ds80-237-202-55.dedicated.hosteurope.de)
> are tagged as HELO_DYNAMIC_IPADDR. Said IP is not dynamic, it's a
> dedicated server hosted at german ISP (Host Europe GmbH).
>
> How can we get our host removed from the list of DYNAMIC_IPS?
stop
Hello All,
I'm running SLES9 with the following versions:
spamassassin-2.64-3.2
perl-spamassassin-2.64-3.2
amavisd-new-20030616p9-3.6
I know I probably stuck with perl5.8.3 because SLES9 don't have the newer :(
I've installed new versions of SA and amavis (see below) with the following
packets
Hey list,
How do I go about to make spamd report message id, or any handle for
that matter, into the log? Doing traces on spamlogs is a tough one
without anything to go by :-)
Best regards
--
Kim Christensen
"With a gun barrel between your teeth, you speak only in vowels"
I don't think the RFCs specify any time limit. Most timeout after 5 days
of trying. We run 3 equivalent scanning machines, which requires us to
run a greylisting that will sync between them. That could cause a large
delay, if the sending machine tries to send to a different host that
isn't sync
Hello,
mails from our host 80.237.202.55 (ds80-237-202-55.dedicated.hosteurope.de)
are tagged as HELO_DYNAMIC_IPADDR. Said IP is not dynamic, it's a
dedicated server hosted at german ISP (Host Europe GmbH).
How can we get our host removed from the list of DYNAMIC_IPS?
thanks in advance
messju
Here's an argument for you:
http://www.nebrwesleyan.edu/people/stpierre/filtered.png
This is the breakdown of mail filtered by one of our MXes over the
past week. The "RBL" line shows mail rejected by an RBL, mostly by
njabl; the "Rejected" line is line rejected by other MTA-level rules
(like re
Kurt Buff wrote:
> Nope - it's not that.
>
> Looking through my syslog more closely reveals that I'm getting 'SA
> TIMED OUT' messages all over the place, and referring to rules as
> well as Bayes. So, I'm just as confused as ever, and don't know
> what's going on.
>
> More analysis needed, I su
And you have added all the users, that need access to the users group in
/etc/group?
IE your /etc/group file contains a line like:
users:x:100:user1,user2,user3,user4,useretc
Yes.
If so, than it is spamassassin that does not switch the user context
correctly.
It looks a bit like it. I've
> -Original Message-
> From: Rene Caspari [mailto:[EMAIL PROTECTED]
> Sent: dinsdag 21 november 2006 12:09
> To: users@spamassassin.apache.org
> Subject: SPF and SMTP AUTH
>
>
> I have a little problem with SPF:
>
> For domain.tld there is a SPF record, which says that
> mail.domain.tl
On Tue, 21 Nov 2006, Evan Platt wrote:
> So used to be mail from Richard Smith, subject "Me again Richard". Now
> they're using the last name, ie "Me again Smith"
Their fake Received: line is still the same.
Tony.
--
f.a.n.finch <[EMAIL PROTECTED]> http://dotat.at/
BAILEY: CYCLONIC BECOMING N
The files you are looking for are bayes_toks and bayes_seen
They may be in /root/.spamassassin/
Try to find those files in a spamassassin default directory somewhere and cp
them to that directory.
First try to find them and do a:
locate -u#catalogs all the files on your ser
What tool, or maybe I already have it and don't know it, can I use to get email
stastics on my server and domains? Like total emails, those tagged as spam, etc?
I have FC2, qmail, Spamassassin 3.1.7
Is sa-tools helpful? Is it worth installing?
Thanks,
Wes
---
Anyhow, you can use:
/^Me again/
it looks for "Me again" at the beginning of the expression; it detects
"Me again", but also "Me again Richard", etc.
Theo Van Dinter wrote:
On Tue, Nov 21, 2006 at 12:33:36PM -0800, Evan Platt wrote:
So used to be mail from Richard Smith, subject "Me again Ri
41 matches
Mail list logo
