Hi,
I am doing exactly that for my personal mailbox, and it took me a few months to
define all
my exceptions (mostly mailing list and forum related).
Are you sure you want to do this for hundreds of domains
Wolfgang Hamann
>> This is a multi-part message in MIME format.
>>
>> --_=_NextP
Duncan Findlay wrote:
Anyways... maybe I should get back to doing something useful like
studying for tomorrow's exam...
Boo exams... road trip! I hear the 401 is fun at this time of year. ;)
Daryl C. W. O'Shea wrote:
>
> [EMAIL PROTECTED] dos]$ grep " CF_URLS\[" rules_du_jour | grep -v
> RULESEMPORIUM
>
> CF_URLS[7]="http://mywebpages.comcast.net/mkettler/sa/antidrug.cf";
>
>
> antidrug.cf isn't being updated ever again and it's not for use with
> SA 3.x or later (which excludes it's
On Thu, Dec 07, 2006 at 08:56:45PM +1300, Jason Haar wrote:
> If all SA users set sa-update to run hourly - then when an update comes
> out, you will have *all* SA users contacting the same sites
> simultaneously for the downloads. Och...
That's a good point. Those of us packaging SpamAssassin
On Thu, Dec 07, 2006 at 10:47:01AM -0500, Fred T wrote:
> > Considering headers are not part of the body, I'd say that if body rules
> > match against the subject, then either the documentation in the wiki is
> > misleading and needs to be changed, or there's a problem with the body
> > rules behav
On Thu, Dec 07, 2006 at 01:38:54PM -0500, Jim Maul wrote:
> >>I dont think anyone is using spamd to call SpamAssassin.
> oh? Care to explain how spamd would call spamassassin? That would be a neat
> trick ;)
Alright... I'm being pedantic, but you're confusing "spamassassin" and
"SpamAssassin".
On Thu, 7 Dec 2006, Steven Stern wrote:
> David B Funk wrote:
> > If you buy into the spamcop premium service one of the things that
> > you gain is the ability to modify their report and add such notices.
> > Best to send it directly to Google's abuse address.
> Spamcop sent a report to both sha
On Thu, 7 Dec 2006, Jean-Paul Natola wrote:
> > > Can I blacklist a message without blacklisting the sender?
> >
> > Sure. Write a rule for that message-ID header and give it a score of
> > 1000 or so (adding insult to injury).
> >
> > I'm not exactly well versed, scratch that , I DO NOT KNOW how
Michael Schaap wrote:
John Rudd wrote:
It would be great if Botnet could do something similar, like:
2.0 BOTNET The submitting mail server looks like
part of a Botnet
[ip=12.34.56.789 rdns=dhcp12.34.example.org]
Any tips on how to do that? :-}
On Tuesday 05 December 2006 3:31 pm, Rosenbaum, Larry M. wrote:
> Has anybody come up with a rule for these yet? I tried the following:
>
> body ORNL_B0RKEN1 /^\d{3,5}\n{1,3}$/s
> describe ORNL_B0RKEN1 B0rken spamware, message just contains a short
> number
> scoreORNL_B0RKEN1 1
>
I believ
John Rudd wrote:
It would be great if Botnet could do something similar, like:
2.0 BOTNET The submitting mail server looks like part
of a Botnet
[ip=12.34.56.789 rdns=dhcp12.34.example.org]
Any tips on how to do that? :-}
Well, I had a look,
On Thu, 7 Dec 2006, Jean-Paul Natola wrote:
> > Apparently a remote server is having issues-
> > It keeps sending this message here-
> >
> > [EMAIL PROTECTED]
> >
> > Can I blacklist a message without blacklisting the sender?
>
> Sure. Write a rule for that mess
Michael Schaap wrote:
John Rudd wrote:
The next version of the Botnet plugin for Spam Assassin is ready. The
install instructions are in the Botnet.txt file, and in the INSTALL file.
Great work!
To Do before 1.0:
(...)
There's another thing that would be really nice to have. You k
David B Funk wrote:
> On Thu, 7 Dec 2006, Steven Stern wrote:
>
>> John D. Hardin wrote:
>>> On Thu, 7 Dec 2006, Steven Stern wrote:
>>>
I've been getting lots of these "get out of debt" messages. It
looks like the last stop before getting here is a gmail server.
Could they have an
On Thursday December 7 2006 18:21, Fred T wrote:
> > -0.0 P0F_UNIX OS fingerprint BSD/Solaris/HP-UX/Tru64
> I'm curious about P0F_UNIX could you share this rule with me? And any
> similar fingerprint rules? Thanks!
The rules are quite straightforward (see below) - just matching
on
Loren Wilton wrote:
Nasty to do without using a plugin or eval rule, but it can be done.
The following is off the top of my head, and I almost guarantee it won't
work correctly without testing and some minor tweak somewhere. But you
can try it and/or fool with it if you like.
header __SENT_T
John Rudd wrote:
The next version of the Botnet plugin for Spam Assassin is ready. The
install instructions are in the Botnet.txt file, and in the INSTALL file.
Great work!
To Do before 1.0:
(...)
There's another thing that would be really nice to have. You know how
the DNS rules'
Trying to catch spoofed ToCcNasty to do without using a plugin or eval rule,
but it can be done.
The following is off the top of my head, and I almost guarantee it won't work
correctly without testing and some minor tweak somewhere. But you can try it
and/or fool with it if you like.
header __
Jonas Eckerman wrote:
This really would be more on topic on the MIMEDefang list, but here goes...
You have a small but significant typo in your code:
if ($hits >= req) {
You forgot the "$" in "$req".
The effect of the above comparison is that all mail that scores above 0
On Thu, 7 Dec 2006, Steven Stern wrote:
> John D. Hardin wrote:
> > On Thu, 7 Dec 2006, Steven Stern wrote:
> >
> >> I've been getting lots of these "get out of debt" messages. It
> >> looks like the last stop before getting here is a gmail server.
> >> Could they have an open relay?
> >
> > Have
Having it set up automagically is a great idea. But it is worth considering
as a config option IMO. After all, it is already necessary in many cases to
config trusted_networks and internal_networks. So it isn't like SA will
always run optimally without some local user input.
I'd simply sugg
> In my mail setup, it is gospel that (ignoring BCC and mailing lists)
> the full email address in the Delivered-To will match an email address
> in the ToCc.
> Example below.
>
> Return-Path: <[EMAIL PROTECTED]>
> Delivered-To: [EMAIL PROTECTED]
> Received: from mx01.domain.ext (unknown [172.1
Yes, you are probably right. But: there must be a reason why the
rule no_real_name exists?
Yes. It successfully HELPS to detect spam. It is not, on its own, a good
method to detect spam. That is why it normally has a low score.
And if there is a rule (written or not)
that From: headers s
At 02:52 PM 12/7/2006, you wrote:
Have you notified <[EMAIL PROTECTED]>?
You're kidding right?
I've given up on e-mailing google about blogspot pages, or anything
else. They could care less.
John D. Hardin wrote:
On Thu, 7 Dec 2006, Steven Stern wrote:
I've been getting lots of these "get out of debt" messages. It
looks like the last stop before getting here is a gmail server.
Could they have an open relay?
Have you notified <[EMAIL PROTECTED]>?
You betcha! And al
Subject says it all. How can I tell if DDC is running and working on my system?
Thanks
On Thu, 7 Dec 2006, Steven Stern wrote:
> I've been getting lots of these "get out of debt" messages. It
> looks like the last stop before getting here is a gmail server.
> Could they have an open relay?
Have you notified <[EMAIL PROTECTED]>?
--
John Hardin KA7OHZhttp://ww
Halid Faith wrote:
> I use spamassassin3.1.7
>
> I go through some mails.
> I see a mail in /var/log/spamd.log as below Wed Dec 6 13:33:49 2006
> [4484] info: spamd: result: Y 15 -
> EXTRA_MPART_TYPE,FRONTPAGE,HTML_MESSAGE,INVALID_DATE,MIME_BOUND_NEXTPART
>
,MIME_QP_LONG_LINE,MSGID_MULTIPLE_AT,SA
On Fri, 8 Dec 2006, Halid Faith wrote:
> I go through some mails.
> I see a mail in /var/log/spamd.log as below
> Wed Dec 6 13:33:49 2006 [4484] info: spamd: result: Y 15 -
> EXTRA_MPART_TYPE,FRONTPAGE,HTML_MESSAGE,INVALID_DATE,MIME_BOUND_NEXTPART
> ,MIME_QP_LONG_LINE,MSGID_MULTIPLE_AT,SARE_GIF_A
I use spamassassin3.1.7
I go through some mails.
I see a mail in /var/log/spamd.log as below
Wed Dec 6 13:33:49 2006 [4484] info: spamd: result: Y 15 -
EXTRA_MPART_TYPE,FRONTPAGE,HTML_MESSAGE,INVALID_DATE,MIME_BOUND_NEXTPART
,MIME_QP_LONG_LINE,MSGID_MULTIPLE_AT,SARE_GIF_ATTACH,SARE_OBFUGIRLS,SUBJ
I've been getting lots of these "get out of debt" messages. It looks
like the last stop before getting here is a gmail server. Could they
have an open relay?
Received: from ccim-mx2.cciminstitute.com ([10.0.2.10]) by
ccim-exchange.cciminstitute.com with Microsoft SMTPSVC(6.0.3790.1830);
On Thu, 7 Dec 2006, Jean-Paul Natola wrote:
> > Apparently a remote server is having issues-
> > It keeps sending this message here-
> >
> > [EMAIL PROTECTED]
> >
> > Can I blacklist a message without blacklisting the sender?
>
> Sure. Write a rule for that message-ID header and give it a score
> Apparently a remote server is having issues-
> It keeps sending this message here-
>
> [EMAIL PROTECTED]
>
> Can I blacklist a message without blacklisting the sender?
Sure. Write a rule for that message-ID header and give it a score of
1000 or so (adding insult to injury).
I'm not exactly
On Thu, 7 Dec 2006, Jean-Paul Natola wrote:
> Apparently a remote server is having issues-
> It keeps sending this message here-
>
> [EMAIL PROTECTED]
>
> Can I blacklist a message without blacklisting the sender?
Sure. Write a rule for that message-ID header and give it a score of
1000 or so (
On Fri, 8 Dec 2006, Robert S wrote:
> > Determine what is passing messages to SA and tell it to not do that
> > with locally-sources messages. If you use procmail to launch spamc
> > this is pretty easy to do.
>
> I use procmail. I could do this in /etc/procmailrc:
>
> :0fw: spamassassin.lock
>
Subject: Re: blacklist messagID ?
On Thu, 2006-12-07 at 16:00 -0500, Jean-Paul Natola wrote:
> Apparently a remote server is having issues-
> It keeps sending this message here-
>
> [EMAIL PROTECTED]
>
> Can I blacklist a message without blacklisting the sender?
Is the sending host someone tha
On Thu, 2006-12-07 at 16:00 -0500, Jean-Paul Natola wrote:
> Apparently a remote server is having issues-
> It keeps sending this message here-
>
> [EMAIL PROTECTED]
>
> Can I blacklist a message without blacklisting the sender?
Is the sending host someone that you care about receiving messages
Apparently a remote server is having issues-
It keeps sending this message here-
[EMAIL PROTECTED]
Can I blacklist a message without blacklisting the sender?
Jean-Paul Natola
Network Administrator
Information Technology
Family Care International
588 Broadway Suite 503
New York, NY 10012
On Dec 5, 2006, at 4:17 PM, Daryl C. W. O'Shea wrote:
Jo Rhett wrote:
While you are fixing bugs related to authentication, any chance
you'll fix the SPF plugin to skip checks on authenticated
delivery? Or have an option to enable this behavior?
Or do you want a patch from me? It'll take me
Absolutely!
All you have to do is set up your spamassassin email server as a
smarthost (gateway) email server then forward all scanned email to your
exchange or groupwise server.
- Darren.
From: Development [mailto:[EMAIL PROTECTED]
Sent: Thursday, Dec
Determine what is passing messages to SA and tell it to not do that
with locally-sources messages. If you use procmail to launch spamc
this is pretty easy to do.
I use procmail. I could do this in /etc/procmailrc:
:0fw: spamassassin.lock
* < 256000
* ! From: .*mydomain.com
| /usr/bin/spamc
..
Jim Maul wrote:
oh? Care to explain how spamd would call spamassassin? That would be a
neat trick ;)
Neat, but really simple with the plugin interface. :)
Nah, that's overdone.
The "linux-based' is waaay too much said... :-)
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, December 07, 2006 7:43 PM
To: users@spamassassin.apache.org
Subject: our latest award!
I think I noted this honour on the dev list a
On Thu, 7 Dec 2006, Jeff Chan wrote:
On Wednesday, December 6, 2006, 2:19:11 PM, Richard Alloway wrote:
Any idea what could be wrong? I'm rapidly running out of ways to try to
increase performance here.
Net::DNS uses the first server in your resolv.conf . Make sure
that server works, is loc
On 12/7/06, Kelly Jones <[EMAIL PROTECTED]> wrote:
Spamassassin has lots of tests for fake HELOs. If someone says "HELO
hotmail.com", but aren't connecting from a Hotmail IP address, they
get dinged (spam score is increased).
Recently, someone connected our server, call it mx.xyz.com, and said
"
Development wrote:
I would like to know if it is possible to use spamassassin on one server
to filter mail and then deliver it to a seperate mail server on the
network running exchange, groupwise, etc?
Hi,
Easiest way is to setup a Unix based MTA (I prefer the Qmail/Simscan
setup, but what e
Jim Maul writes:
> Justin Mason wrote:
> > Jim Maul writes:
> >> Kelson wrote:
> >>> Jason Haar wrote:
> May I propose that sa-update should become merged into spamd? (or
> daemonized)
> >>> Merging would be bad. There are plenty of us using methods other than
> >>> spamd to call SpamAs
On 7 Dec 2006 [EMAIL PROTECTED] wrote:
> >>
> >> On Wed, 6 Dec 2006, Kelly Jones wrote:
> >>
> >> > Recently, someone connected our server, call it mx.xyz.com, and said
> >> > "HELO mx.xyz.com". Spamassassin didn't ding it for doing this.
> >>
> >> IMHO this is worthy of a 500 reject at the MTA
I would like to know if it is possible to use spamassassin on one server to
filter mail and then deliver it to a seperate mail server on the network
running exchange, groupwise, etc?
YES
I use it to filter my mail - then pass it to exchange-
But the server that has SA must have an MTA and sinc
I think I noted this honour on the dev list a week or two ago -- but the
_physical_ award for 'Best Linux-based Anti-spam Solution' from the Linux
New Media Awards 2006 just turned up, and that warrants another post ;)
Take a look: http://taint.org/2006/12/07/140259a.html
w00t,
--j.
Justin Mason wrote:
Jim Maul writes:
Kelson wrote:
Jason Haar wrote:
May I propose that sa-update should become merged into spamd? (or
daemonized)
Merging would be bad. There are plenty of us using methods other than
spamd to call SpamAssassin.
I dont think anyone is using spamd to call Spam
I know this may sound weird but,
I have this message ( a valid one) that keeps coming in
The senders machine is off so I'm not really sure whats going on
Its been happening for about 36 hours now- its odd that this message is in
both the mainlog AND the rejectlog-
My thought is if I deny that
(I had a bout of insomnia last night, and got more done than I had
pre-announced yesterday...)
The next version of the Botnet plugin for Spam Assassin is ready. The
install instructions are in the Botnet.txt file, and in the INSTALL file.
For those who don't know what Botnet is, it's a pl
Jim Maul writes:
> Kelson wrote:
> > Jason Haar wrote:
> >> May I propose that sa-update should become merged into spamd? (or
> >> daemonized)
> >
> > Merging would be bad. There are plenty of us using methods other than
> > spamd to call SpamAssassin.
>
> I dont think anyone is using spamd to
I would like to know if it is possible to use spamassassin on one server to
filter mail and then deliver it to a seperate mail server on the network
running exchange, groupwise, etc?
Kelson wrote:
Jason Haar wrote:
May I propose that sa-update should become merged into spamd? (or
daemonized)
Merging would be bad. There are plenty of us using methods other than
spamd to call SpamAssassin.
I dont think anyone is using spamd to call SpamAssassin.
This really would be more on topic on the MIMEDefang list, but here goes...
You have a small but significant typo in your code:
> if ($hits >= req) {
You forgot the "$" in "$req".
The effect of the above comparison is that all mail that scores above 0 (zero)
are considered spam.
R
>>
>> On Wed, 6 Dec 2006, Kelly Jones wrote:
>>
>> > Recently, someone connected our server, call it mx.xyz.com, and said
>> > "HELO mx.xyz.com". Spamassassin didn't ding it for doing this.
>>
>> IMHO this is worthy of a 500 reject at the MTA level. There is NO
>> legitimate reason for J. Random
John D. Hardin wrote:
> On Wed, 6 Dec 2006, Kelly Jones wrote:
>
>> Recently, someone connected our server, call it mx.xyz.com, and said
>> "HELO mx.xyz.com". Spamassassin didn't ding it for doing this.
>
> IMHO this is worthy of a 500 reject at the MTA level. There is NO
> legitimate reason for
Andrea Bencini wrote:
I am looking for local.cf documentation to understand which are the
variables to set in this file.
Can you help me?
Thank
Andrea
man Mail::SpamAssassin::Conf
On Thu, 7 Dec 2006, Robert S wrote:
> I'm trying to stop SA from incorrectly labeling local messages as
> spam. The most common target is a weekly script that notifies the
> user of quarantined spams. The subject lines of each message fire off
> a false positive.
Determine what is passing messa
Jason Haar wrote:
May I propose that sa-update should become merged into spamd? (or
daemonized)
Merging would be bad. There are plenty of us using methods other than
spamd to call SpamAssassin.
--
Kelson Vibber
SpeedGate Communications
On Wed, 6 Dec 2006, Kelly Jones wrote:
> Recently, someone connected our server, call it mx.xyz.com, and said
> "HELO mx.xyz.com". Spamassassin didn't ding it for doing this.
IMHO this is worthy of a 500 reject at the MTA level. There is NO
legitimate reason for J. Random User out on the internet
I am looking for local.cf documentation to understand which are the
variables to set in this file.
Can you help me?
Thank
Andrea
Hello Alan,
Wednesday, November 29, 2006, 8:23:14 PM, you wrote:
> -0.0 P0F_UNIX OS fingerprint BSD/Solaris/HP-UX/Tru64
I'm curious about P0F_UNIX could you share this rule with me? And any
similar fingerprint rules? Thanks!
--
Best regards,
Fredma
Yes, I was thinking about this solution.
But isn't it network ressource hungry ?
And if I would like to keep a files based bayes db, what should be the
good manner to migrate one to another server ?
Thanks Sietse for the advice.
Sietse van Zanen a écrit :
> Sure, use MySQL for bayes storage and
Robert S wrote:
I'm trying to stop SA from incorrectly labeling local messages as
spam. The most common target is a weekly script that notifies the
user of quarantined spams. The subject lines of each message fire off
a false positive.
What is the correct way of whitelisting local mail?
The
Fred T wrote:
Hello Kelly,
Friday, November 24, 2006, 8:28:38 PM, you wrote:
I know that most (90%+) email sent now is spam, but what are the
numbers for people who use spam filtering?
Well, I run a small ISP with about 3,000 mailboxes, we receive about
50k messages per day. Of that
[EMAIL PROTECTED] wrote:
>> The list managers are the first ones who have to change.
>>
>>
>
> Yes, you are probably right. But: there must be a reason why the
> rule no_real_name exists? And if there is a rule (written or not)
> that From: headers should contain a real name, I want to follow
Hello Kelly,
Friday, November 24, 2006, 8:28:38 PM, you wrote:
> I know that most (90%+) email sent now is spam, but what are the
> numbers for people who use spam filtering?
Well, I run a small ISP with about 3,000 mailboxes, we receive about
50k messages per day. Of that, on average 39-44k ar
off-topic) spamcop =?windows-1251?B?4vrv8O7x6A==?=
Was that really your subject, did you type that? I think the
=?windows-1251?B?4vrv8O7x6A==?= is the double encoded part.
Your problem might be the result of some incompatibility between slavic -
european character sets. But I'm not suchh an smt
OS - slackware 11.0
MDA - sendmail 8.13.8
mimedefang version 2.58
SpamAssassin version 3.1.7
running on Perl version 5.8.8
I have one user that has to get email forwarded from an old account to
the server that I administer. I have spam going to a spamdrop via
MiMEDefang. So I added this lit
On четвъртък, Декември 07 2006, Sietse van Zanen wrote:
> They contain too little information.
All right - here is more information. I sent a message to a group and
I got it classified as spam. Here is the report:
* 1.7 SUBJECT_ENCODED_TWICE Subject: MIME encoded twice
Here is how the subject
Alan Munday wrote:
Daryl C. W. O'Shea wrote the following on 06/12/2006 17:31:
Is a migration document really necessary? Stop using the rule files
you got via RDJ that you now want to get with sa-update. Start using
sa-update for those rule files. Have some lunch.
Agreed - I do like to l
Sure, use MySQL for bayes storage and have both servers use that DB. Then you
could be fairly sure, both use the same bayes.
I think it should even be possible to dump both databases and migrate into one
SQL db. But I don't use MySQL myself, so I would not know how.
-Sietse
From: Emmanuel L
On Wednesday, December 6, 2006, 2:19:11 PM, Richard Alloway wrote:
> Any idea what could be wrong? I'm rapidly running out of ways to try to
> increase performance here.
Net::DNS uses the first server in your resolv.conf . Make sure
that server works, is local, etc.
Jeff C.
--
Jeff Chan
mailto
Fred T wrote:
> 100% sure of this, I've been writing rules for over 2 years, not that
> big by some standards, but I've come to know for a very long time this
> is how it is.
>
> [...]
>
> I know it's been this way, there's probably a really old bugzilla
> ticket someone can dig up, but it's been
Dear List,
This is sort of a repost of a previous email I sent to this list.
I have two mailserver acting as mail proxies for ou main mailserver.
These two servers have the same sitewide configuration for Spamassassin
and they use site-wide bayes databases.
For a reason I don't really know, the
leemansvg wrote:
> I'm running spamassasint --lint and it comes up saying that its only
> doing local tests. I've enabled dns and I am connected to the
> internet. I've also enabled razor, dcc, and pyzor in the
> spam.assassin.perfs files. Does anyone have an idea where I might
> have a mis-configu
Hello Justin,
Thursday, December 7, 2006, 10:11:45 AM, you wrote:
> yeah -- there are any number of ways to do this, if requiring admin
> configuration is OK -- I'm asking for ways we can automatically
> figure it out from SpamAssassin code, without help. ;)
As someone else pointed out, the best
I'm running spamassasint --lint and it comes up saying that its only doing
local tests. I've enabled dns and I am connected to the internet. I've also
enabled razor, dcc, and pyzor in the spam.assassin.perfs files. Does anyone
have an idea where I might have a mis-configuration. Here's snap in fro
Hello Neal,
Wednesday, December 6, 2006, 11:08:27 AM, you wrote:
>> Except for the problem that body tests include the subject, so there
>> will be non-alpha characters in the body due to the subject inclusion.
> Are you sure about that? I find nothing in the documentation that
> indicates this
On Thursday 07 December 2006 15:11, Justin Mason wrote:
> yeah -- there are any number of ways to do this, if requiring admin
> configuration is OK -- I'm asking for ways we can automatically
> figure it out from SpamAssassin code, without help. ;)
Really and truly, it belongs at the MTA level, n
On Thu, 7 Dec 2006, Matthias Häker wrote:
Richard D Alloway schrieb:
Hi! I have been having loads of problems with spamassassin timing out
during DNS lookups...
If I use
/usr/bin/spamassassin -D < /tmp/spamemail.txt
I see the correct IP used for the nameserver:
[16018] dbg: dns: name se
Jack L. Stone writes:
> On 7 Dec 2006 at 13:21, Justin Mason wrote:
> > Kelly Jones writes:
> > > Spamassassin has lots of tests for fake HELOs. If someone says
> > > "HELO hotmail.com", but aren't connecting from a Hotmail IP
> > > address, they get dinged (spam score is increased).
> > >
> > >
On 7 Dec 2006 at 13:21, Justin Mason wrote:
>
> Kelly Jones writes:
> > Spamassassin has lots of tests for fake HELOs. If someone says
> > "HELO hotmail.com", but aren't connecting from a Hotmail IP
> > address, they get dinged (spam score is increased).
> >
> > Recently, someone connected our s
Think of this anology:
If somebody calls me on my home phone, I immediately see his nr. (If I don't
see a nr. I don't pick up my phone at all). Now, the first thing I'd expect
someone to say when I pick up is his name. If people start talking to me
without stating who they are, it is commercia
On Thu, Dec 07, 2006 at 09:31:36AM +, Justin Mason wrote:
> > and got freshclam to run as a daemon - so it
> > could randomly sleep between lookups - and thus spread the load.
>
> I can think of a useful modification -- change sa-update so that, if it's
> run non-interactively, it sleeps for a
Justin Mason wrote the following on 07/12/2006 13:21:
This is a great spam-sign alright, but I don't know of a way to detect
what the local site's HELO is, bar each site writing their own rules to do
so.
Bayes does a good job of figuring this out, btw.
Any suggestions?
A script that telnets
* [EMAIL PROTECTED] wrote (07/12/06 12:03):
The list managers are the first ones who have to change.
Yes, you are probably right. But: there must be a reason why the
rule no_real_name exists? And if there is a rule (written or not)
that From: headers should contain a real name, I want to follo
They contain too little information.
-Sietse
From: Kamen TOMOV
Sent: Thu 07-Dec-06 14:34
To: users@spamassassin.apache.org
Subject: false positives
Hi,
I constantly have problems with spamcop these days. Could you tell me
what's wrong with my messages so that I can fix it?
Thanks,
--
Камен
Hi,
I constantly have problems with spamcop these days. Could you tell me
what's wrong with my messages so that I can fix it?
Thanks,
--
Камен
On Thu, 2006-12-07 at 03:12 -0700, Jason Marshall wrote:
> > Perhaps SA was too busy and those messages timed out and weren't scanned ?
> > Maybe those messages were greater than 250K (default max scan size) ?
>
> I have the same sort of problem, though it's on linux rather than windows.
> Sever
Kelly Jones writes:
> Spamassassin has lots of tests for fake HELOs. If someone says "HELO
> hotmail.com", but aren't connecting from a Hotmail IP address, they
> get dinged (spam score is increased).
>
> Recently, someone connected our server, call it mx.xyz.com, and said
> "HELO mx.xyz.com". Sp
Thanks for your reply
Its not that the server is to busy-I can put any one of those emails in the
receive directory when no other emails are in the que-and being scanned and it
still gets passed through.
Size is not an issue, the emails are 26k.
More details-
I have spamassassin intigrated
I want the IT staff to change this, but they require some "proof" that the
full name should be there(!).
>That is definite proof of an incompetent IT staff..
>The list managers are the first ones who have to change.
>
Yes, you are probably right. But: there must be a reason why the
rule no_real_name exists? And if there is a rule (written or not)
that From: headers should contain a real name, I want to follow it.
And to follow it I need to convince my
I'm trying to stop SA from incorrectly labeling local messages as
spam. The most common target is a weekly script that notifies the
user of quarantined spams. The subject lines of each message fire off
a false positive.
What is the correct way of whitelisting local mail?
trusted_networks 192.1
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]
> Sent: Thursday, December 07, 2006 5:54 AM
> To: users@spamassassin.apache.org
> Subject: Help with understanding a rule
>
> "
> Content analysis details: (3.0 points, 3.0 required)
>
> pts rule name
Noel Jones schrieb:
> * NEVER * use "sendmail -t" to reinject mail coming from the network.
> Doing so will send mail to everyone listed in the To: header, which
> doesn't have anything to do with who should receive the mail.
>
> As the guide said, use "sendmail -oi -f ${sender} -- ${recipient}".
1 - 100 of 108 matches
Mail list logo
