On 1/3/07, Gary V <[EMAIL PROTECTED]> wrote:
>It finally finished the restore.
>
>For the sake of information to help future users
>
>The "backup" file being used to restore into the new SQL database was
>99MB and took 17hrs to import on my AMD 1.2Ghz machine with 1GB of
>RAM.
>
>Dave
Could
On Wed, 3 Jan 2007 11:42:41 -0700, "Jeff Hrdy"
<[EMAIL PROTECTED]> wrote:
>It does help. The architecture we will be recommending is for high-volume
>environments and will have a stack of spam and antiV infront of it:
>
>Greylisting
>Bayesian filter
>RBL
>DNS checks
>ClamAV
>etc.
>
>...all befor
It finally finished the restore.
For the sake of information to help future users
The "backup" file being used to restore into the new SQL database was
99MB and took 17hrs to import on my AMD 1.2Ghz machine with 1GB of
RAM.
Dave
Could be your database was not expiring. Probably a good ide
On 1/3/07, Michael Parker <[EMAIL PROTECTED]> wrote:
Big Wave Dave wrote:
>
>
> What am I missing?
>
> I'd be thankful for any input.
You're not missing anything. The import takes a long time to run. Its
doing a lot of updates which are expensive in SQL. The good news is
that you can pretty m
On Wed, Jan 03, 2007 at 05:44:34PM -0600, Chris wrote:
> On Tuesday 02 January 2007 3:54 pm, Bob McClure Jr wrote:
> > sa-stats.pl as distributed with SA v3.1.7 blows out a ton of
> >
> > WARNING: ignoring future date in syslog line: Dec 31 20:26:56 bubba
> > spamd[7149]: prefork: child states: II
Justin Mason wrote:
> Matt Kettler writes:
>
>> Justin Mason wrote:
>>
>>> To be honest, I intended them as a whitelist ;)
>>>
>>> If a message never touched an untrusted host (ALL_TRUSTED), in
>>> a correctly-configured trust setup, is that not safe to whitelist?
>>>
>>>
>>>
>> O
Bowie Bailey wrote:
If you are going to try this, you will definately want to check word
boundaries like this:
header BAD_WORDS Subject =~ /\bbadword\b/i
The "\b" on either side will ensure that you don't match the string as part
of another word. (Anyone been to Essex? :)
Even that isn't foo
On Tuesday 02 January 2007 3:54 pm, Bob McClure Jr wrote:
> sa-stats.pl as distributed with SA v3.1.7 blows out a ton of
>
> WARNING: ignoring future date in syslog line: Dec 31 20:26:56 bubba
> spamd[7149]: prefork: child states: II
>
> and the like, and ends up reporting zeros for results. Anoth
Bret Miller wrote:
I am looking for an easy way for my spamassassin to relearn messages
marked as spam that users would like to get. Would it be
safe and avoid
bayesian poisoning if I were to setup an email box such as
[EMAIL PROTECTED] and have users forward nonspam emails to this email
addre
[EMAIL PROTECTED] wrote:
Running spamassassin 3.0 and I'm invoking it through amavisd. When I train
the spamassassin using sa-learn for ham and spam respectively, it seems to
only work for the ham not the spam. The command runs fine, but spam e-mail
that I trained spamassassin with still show up
On Wed, 3 Jan 2007, Alexander Veit wrote:
> However, our incoming mail gateway that runs SA is located in the
> DMZ, whereas user mailboxes are on severs that belong to the
> internal network. I think in this scenario it's easier to work
> with spam reporting mails and the scipts that where posted
Alexander Veit wrote:
> Bowie Bailey wrote:
> > [...]
> > Not really. It's actually a fairly good system if you have an IMAP
> > server.
> >
> > You create IMAP folders for spam and ham. These can be shared or
> > individual for each user. The users then copy any mis-categorized
> > mail to t
Bowie Bailey wrote:
[...]
Not really. It's actually a fairly good system if you have an IMAP server.
You create IMAP folders for spam and ham. These can be shared or individual
for each user. The users then copy any mis-categorized mail to these
folders. A program on the SpamAssassin server
Kurt Buff wrote:
Missed the beginning of this conversation.
If it's about 'naughty' words, then I've got a word for you:
Scunthorpe
It's a small town in the UK, and their local government had almost no
incoming mail when they implemented a naive naughty word filter, until the
Thomas Bolioli wrote:
I was curious what the process was for plugins that get included into
the core distribution. Also, how are the scores determined? Is is best
guess or is there actually a statistical analysis done with a corpus
to determine the most efficient scoring for a particular rule s
Thomas Bolioli writes:
> I was curious what the process was for plugins that get included into
> the core distribution.
It's on a case-by-case basis -- some plugins will work well, but not
all. Typically we'd hash it out here and/or in an enhancement request
on the bugzilla...
> Also, how are
I was curious what the process was for plugins that get included into
the core distribution. Also, how are the scores determined? Is is best
guess or is there actually a statistical analysis done with a corpus to
determine the most efficient scoring for a particular rule set? Also,
does that sc
Running spamassassin 3.0 and I'm invoking it through amavisd. When I
train
the spamassassin using sa-learn for ham and spam respectively,
it seems to
only work for the ham not the spam. The command runs
fine, but spam e-mail
that I trained spamassassin with still show up
untagged as spam. The
On Wed, Jan 03, 2007 at 12:51:09PM -0800, Bret Miller wrote:
> There was a script posted a while back as an example of how you could
[...]
> my @message = ;
[...]
> my $msg = Mail::SpamAssassin::Message->new(
> {
>'message' => [EMAIL PROTECTED],
> }
fwiw, Message will read from S
Below is a link to archive posts by myself explaining how we do this.
Basically forward as attachment feeds to a script that strips out the
attachment and stores it. Separate cron job sa-learns the stored
messages. The main script could probably be modified to feed sa-learn
directly, cutting out
> > > Forwarding is not a good idea, it adds and or changes the
> headers in
> > > the mail.
> >
> > Forward as attachment(s) could be a solution since original mail
> > headers are kept intact. I've asked a similar question on this list
> > some days ago, but nobody could say if there's a common
> I am looking for an easy way for my spamassassin to relearn messages
> marked as spam that users would like to get. Would it be
> safe and avoid
> bayesian poisoning if I were to setup an email box such as
> [EMAIL PROTECTED] and have users forward nonspam emails to this email
> address and then
Alexander Veit wrote:
> Nigel Frankcom wrote:
> > Forwarding is not a good idea, it adds and or changes the headers in
> > the mail.
>
> Forward as attachment(s) could be a solution since original mail
> headers are kept intact. I've asked a similar question on this list
> some days ago, but nobod
Nigel Frankcom wrote:
Forwarding is not a good idea, it adds and or changes the headers in
the mail.
Forward as attachment(s) could be a solution since original mail headers
are kept intact. I've asked a similar question on this list some days
ago, but nobody could say if there's a common pra
On Wed, 3 Jan 2007, Paul Andrews wrote:
> After whitelisting my own email address,
The canonical answer: Don't Do That. The headers are too easy to
forge.
You should only use the authenticated whitelists (i.e.
whitelist_from_spf, whitelist_from_rcvd).
--
John Hardin KA7OHZ
Folks:
I just got a spam at work from Jim Walsh <[EMAIL PROTECTED]> - sent to a
nonexistent address in a dead domain that's been on a convenience
forward for more than two years.
Apparently nasi.us sells mailing lists. The fact that they spammed me
at *that* address makes me question the quality
At 11:03 AM 1/3/2007, you wrote:
These words do not actually appear much in spam. You may be able to filter
out mail from obnoxious clients with this approach. These types of words
are used more often in casual emails than in spam. "Enhancement" spams may
have some of these words, but they ten
Chris Santerre wrote:
> From: sergio [mailto:[EMAIL PROTECTED]
> >
> > Hello spamassasin_list,
> >
> > I want filter messages with some bad words. How can configure yhe
> > SA to do that? Thanks.
>
> Its not really meant to do it, but you can. You first right a rule to
> match bad words in
It does help. The architecture we will be recommending is for high-volume
environments and will have a stack of spam and antiV infront of it:
Greylisting
Bayesian filter
RBL
DNS checks
ClamAV
etc.
...all before SA gets ahold of it.
Given that, and in light of your comments, what do you think o
On 1/3/07, Michael Parker <[EMAIL PROTECTED]> wrote:
Big Wave Dave wrote:
>
>
> What am I missing?
>
> I'd be thankful for any input.
You're not missing anything. The import takes a long time to run. Its
doing a lot of updates which are expensive in SQL. The good news is
that you can pretty m
On Wed, 03 Jan 2007 17:48:17 +, Ian Eiloart <[EMAIL PROTECTED]>
wrote:
>Hi,
>
>I'm trying to get spamd to read user configurations from LDAP, and I see
>the errors below all the time. Does anyone know the cause? Or better, the
>solution?
>
>I'm using this dsn:
>
>user_scores_dsn "ldap://ldap
Hi,
I'm trying to get spamd to read user configurations from LDAP, and I see
the errors below all the time. Does anyone know the cause? Or better, the
solution?
I'm using this dsn:
user_scores_dsn "ldap://ldap.sussex.ac.uk/ou=mail,o=university of
sussex?spamassassin?uid=__USERNAME__" with t
Big Wave Dave wrote:
>
>
> What am I missing?
>
> I'd be thankful for any input.
You're not missing anything. The import takes a long time to run. Its
doing a lot of updates which are expensive in SQL. The good news is
that you can pretty much use the system while its doing the import
becaus
As mentioned in a previous thread, I'm migrating to SQL based bayes.
I performed the backup from the original bayes DB, which took about a
minute to export.
I then setup the SQL, and now am trying to import into it... but it
has been running for m more than 6 hours!?
When I check MySQL I see:
my
On Wed, 03 Jan 2007 11:50:27 -0500, Kyle Quillen <[EMAIL PROTECTED]>
wrote:
>Hello all,
>
>I am looking for an easy way for my spamassassin to relearn messages
>marked as spam that users would like to get. Would it be safe and avoid
>bayesian poisoning if I were to setup an email box such as
>[EM
Hi everyone,
I think I've got everything set up correctly for postfix + spamassassin
spam filtering, but I'm not getting any BAYES_ tags in the emails I am
receiving. I'd appreciate any help you can give me. Thanks in advance.
I'm running Ubuntu Dapper.
I've set up postfix to call spamassassin
Hello all,
I am looking for an easy way for my spamassassin to relearn messages
marked as spam that users would like to get. Would it be safe and avoid
bayesian poisoning if I were to setup an email box such as
[EMAIL PROTECTED] and have users forward nonspam emails to this email
address and then
Missed the beginning of this conversation.
If it's about 'naughty' words, then I've got a word for you:
Scunthorpe
It's a small town in the UK, and their local government had almost no
incoming mail when they implemented a naive naughty word filter, until they
figured it out.
>> I do NOT recommend doing any of this.
>Why?
Because I know lots of coworkers and friends who might use a few bad words
when describing:
Their boss, their job, spam, the Boston Bruins quality of play this season,
George Bush, and their lack of ability to become invisible.
Just because you h
That worked perfect. Thank you for pointing me in the right direction.
Robert Nicholson-3 wrote:
>
> If you are using report_safe then you can see by looking at
> rewrite_report_safe in Mail::SpamAssassin::PerMsgStatus.pm that it
> orders the attachments such that the report is first and
Our product supports SpamAssassin and comes with the Windows version.
Sometimes in high-volume environments we want to recommend SpamAssassin to run
on its own box in Linux. In this configuration we want to suggest a server
hardware setup--including processor (type and number), Ram, RAID array
HI,
After whitelisting my own email address, it seems that spammers will frequently
put my own email address in the "return path" but not in the "from". Is it
possible for Spam Assassin to make a distinction between the two so that it
will not match the "return address" to the whitelisted addres
Hello Chris,
Wednesday, January 3, 2007, 4:57:02 PM, you wrote:
>
> -Original Message-
> From: sergio [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, January 03, 2007 9:13 AM
> To: spamassasin_list
> Subject: how filter messages by subject
>
>
> Hello spamassasin_list,
>
> -Original Message-
> From: sergio [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, January 03, 2007 9:13 AM
> To: spamassasin_list
> Subject: how filter messages by subject
>
>
> Hello spamassasin_list,
>
> I want filter messages with some bad words. How can configure yhe SA
> to do
Ok my bad. For some reason when it attached the message I didn't
include the original headers of the message so it didn't have the
original content type to display the message/rfc822 attachment.
On 1/3/07, Robert Nicholson <[EMAIL PROTECTED]> wrote:
In my log mailbox ie. a mailbox where I record
In my log mailbox ie. a mailbox where I record the original headers
for a message and a comment explaining how it was processed ie. which
rules made it a candidate for rejection or what it matched to
determine which folder it was moved to I do something very similar to
report_safe ie. add a
In my log mailbox ie. a mailbox where I record the original headers
for a message and a comment explaining how it was processed ie. which
rules made it a candidate for rejection or what it matched to
determine which folder it was moved to I do something very similar to
report_safe ie. add a
Hello spamassasin_list,
I want filter messages with some bad words. How can configure yhe SA
to do that?
Thanks.
--
Best regards,
Sergio Bortsov(Global Ukraine Lan ISP), mailto:[EMAIL
PROTECTED]
phones:8(032)2987593;
8(050)3170470.
Matt Kettler writes:
> Justin Mason wrote:
> > To be honest, I intended them as a whitelist ;)
> >
> > If a message never touched an untrusted host (ALL_TRUSTED), in
> > a correctly-configured trust setup, is that not safe to whitelist?
> >
> >
> Only if the trust-path auto-detector code works
Can you post (a link to) an example mesage?
I am pretty sure they are caught in my setup.
-Sietse
From: Jack Gostl
Sent: Wed 03-Jan-07 13:26
To: users@spamassassin.apache.org
Subject: "Dear Homeowner" spam
I've been getting a bunch of spam hawking mortgage rates. You may have seen
it, it s
On Wed, 2007-01-03 at 07:26 -0500, Jack Gostl wrote:
> I'm considering lowering the autolearn threshhold to less than zero. I
> wonder if anyone else has any thoughts on this as well.
I set the autolearn for ham to -10, so it has to be very hammy to get
learned. Seems to work well.
SA should all
I've been getting a bunch of spam hawking mortgage rates. You may have seen
it, it starts with "Dear Homeowner." Tthe only test that flags this
message is "BAYES_50", for all practical purposes a score of 0.
What concerns me the most is that this triggers "autolearn=ham". I later
feed this
-Original Message-
From: Nigel Kendrick [mailto:[EMAIL PROTECTED]
Sent: Wednesday, January 03, 2007 9:11 AM
To: users@spamassassin.apache.org
Subject: FuzzyOCR matches word ""
Hi,
I have just upgraded from FuzzOCR 2.3b to the 3.4.2 devel by copying over
the .cf and .pm files, re-making
-Original Message-
From: Nigel Kendrick [mailto:[EMAIL PROTECTED]
Sent: Wednesday, January 03, 2007 9:11 AM
To: users@spamassassin.apache.org
Subject: FuzzyOCR matches word ""
Hi,
I have just upgraded from FuzzOCR 2.3b to the 3.4.2 devel by copying over
the .cf and .pm files, re-making
[QUOTE]1) why are you passing --siteconfigpath and --configpath to spamd? (This
is generally NOT needed, and usually ill advised unless you have a good
reason to do so). If you add these to your spamassassin call, does it
change the results?
2) when you run your spammassassin tests, have you su
Hi,
I have just upgraded from FuzzOCR 2.3b to the 3.4.2 devel by copying over
the .cf and .pm files, re-making my tweaks to the .cf file and
compiling/installing gifsicle. Following a restart of spamassassin,
everything is kinda working, but the debug log shows that FuzzyOCR is
finding matches for
El mar, 02-01-2007 a las 17:53 +0100, Thomas Schlosser escribió:
> Hi,
>
> I have a SUSE 9.3 mailserver with Postfix and SA 3.1.7 running.
>
> Unfortunately the commands (run as root)
> spamassassin and
> spamc calculate different results. In fact they seem to run different tests.
>
> I poste
I am using a custom script using spamassassin and webredirect.pm while
scanning mails in my honeypots and get all uris that can go into my
self-maintained uribls
Off late I have been seeing too many urls timing out when using
webredirect
I tried using lynx, or wget even these timeout , but when I
58 matches
Mail list logo
