clamdscan: 0.90/2560. spamassassin: 3.1.8. perlscan: 1.25-st-qms
(sa_delete=10)
local.cf:
required_score 5
bayes_auto_learn 1
bayes_auto_learn_threshold_nonspam -0.001
bayes_auto_learn_threshold_spam 9.0
score DCC_CHECK 4
score RAZOR2_CHECK 4
score BAYES_99 10
score BAYES_95 6
score BAYES_80 3
s
On Wed, 4 Apr 2007, maillist wrote:
I have seen a few people present, on this mail list, nicely detailed graphs,
that obviously were the result of some server output, but they focused on
email, mainly spam. I am interested in having the same. Does anyone have any
recommendations for a good p
Jim Knuth wrote:
Heute (05.04.2007/02:34 Uhr) schrieb Luis Hernán Otegui,
Well, if you have Postfix and Amavis, I've tried amavis-stats (a little bit
old now, and frankly, never worked correctly on my Debian-based servers).
I'm currently using Mailgraph, from the Debian package. Works like a
Heute (05.04.2007/02:34 Uhr) schrieb Luis Hernán Otegui,
> Well, if you have Postfix and Amavis, I've tried amavis-stats (a little bit
> old now, and frankly, never worked correctly on my Debian-based servers).
> I'm currently using Mailgraph, from the Debian package. Works like a charm
> almost o
Well, if you have Postfix and Amavis, I've tried amavis-stats (a little bit
old now, and frankly, never worked correctly on my Debian-based servers).
I'm currently using Mailgraph, from the Debian package. Works like a charm
almost out-of-the-box. Though it should be available as a package for
ano
I have seen a few people present, on this mail list, nicely detailed
graphs, that obviously were the result of some server output, but they
focused on email, mainly spam. I am interested in having the same.
Does anyone have any recommendations for a good package that can do this?
All I curre
Larry Nedry writes:
> On 4/4/07 at 10:40 AM +0100 Justin Mason wrote:
> >Could you try adding --restart=1000?
>
> In 3.1.18 mass-check will hang at the point where it should restart.
>
> >Also, could you try with the rc1 of SpamAssassin 3.2.0, or SVN trunk?
> >I think Theo fixed bugs in this cod
On Wed, 4 Apr 2007, Dean Clapper wrote:
> A couple of emails are getting through that are being marked as
> not spam but is clearly spam. The problem is the spammers put in
> the from line our domain. However, the return path is something
> totally different.
>
> Is there a good way to handle t
On 4/4/07 at 10:40 AM +0100 Justin Mason wrote:
>Could you try adding --restart=1000?
In 3.1.18 mass-check will hang at the point where it should restart.
>Also, could you try with the rc1 of SpamAssassin 3.2.0, or SVN trunk?
>I think Theo fixed bugs in this code.
Thanks, I downloaded the lastes
A couple of emails are getting through that are being marked as not spam
but is clearly spam. The problem is the spammers put in the from line our
domain. However, the return path is something totally different.
Is there a good way to handle these messages that get through?
thanks
Dean
On 4 Apr 2007, at 17:11, Bart Schaefer wrote:
On 4/3/07, JOYDEEP <[EMAIL PROTECTED]> wrote:
how can I configure spamassassin to look after the spam and ham
folder
of all the cyrus mail boxes,
so that all the users has their own spamassasin trainer ? it is
something like white box and black bo
--- Michael Grant <[EMAIL PROTECTED]> wrote:
> On 4/4/07, J. <[EMAIL PROTECTED]> wrote:
> >
> > --- Matt Kettler <[EMAIL PROTECTED]> wrote:
> >
> > > J. wrote:
> > > > I've been doing this sort of thing to block connections which
> is
> > > > somewhat more satisfying than just scoring the email h
On 4/3/07, JOYDEEP <[EMAIL PROTECTED]> wrote:
how can I configure spamassassin to look after the spam and ham folder
of all the cyrus mail boxes,
so that all the users has their own spamassasin trainer ? it is
something like white box and black box per user
could any one kindly suggest me how to
Hello, all you happy people,
I have in my possession a legitimate e-mail with
Message-ID: <[EMAIL PROTECTED]>
but no sign that it comes from a Microsoft product.
As far as I can see, this one header is causing it to get
2.8 RATWARE_OUTLOOK_NONAME Bulk email fingerprint (Outlook no name)
On Wed, 4 Apr 2007, guenther wrote:
> Also, since you are specifically aiming at *large* mail, keep in
> mind that there usually is a max size for mail to be scanned at
> all. IMHO SA is not the best candidate for this kind of "gathering
> logs".
Agreed. You might be better served just by analysi
ram wrote the following on 4/4/2007 12:56 AM -0800:
On Tue, 2007-04-03 at 13:15 -0700, Bill Landry wrote:
Dave Pooser wrote the following on 4/3/2007 11:19 AM -0800:
I'm seeing a bunch of spam using URLs from domains created on the same day
or in the past day or two. I don't know how re
Please resist the urge to top-post.
On Wed, 2007-04-04 at 06:17 -0700, dougp23 wrote:
> You are right. I don't want to block the mail, but I do want to assign a
> high enough value to it that it would be marked as spam. In this way, I can
> then go to management and show them how much spam this
Humm Ok, I'll upgrade to last version (3.5.1) and make more tests...
Thanks!
René Berber escreveu:
and upgrade to new version, but I'm
already using the last Fuzzry version (OCR 2.3b)
That's not the latest version, go to the FuzzyOcr page again and read what it
says carefully.
Peter Russell wrote:
Sorry last question - seems the parent company is doing spam checks
and adds the spam score to the headers.
How could i add/change the second condition for a spam score greater
than 10.00 ?
the header is X-Spam-Score: *** (11.507)
Many thanks
Pete
To ask th
You cannot configure SA to do that. And if you had read the docs you would have
known that.
The reason you have not gotten an answer to this question twice is that you
just as well could have asked the civil engineers forum how to quickly and
easily build an airplane.
-Sietse
From: JOYDEEP
You are right. I don't want to block the mail, but I do want to assign a
high enough value to it that it would be marked as spam. In this way, I can
then go to management and show them how much spam this worker is sending.
Yes, I do scan outgoing email for viruses using clamd
guenther-2 wrot
adam lanier wrote:
On Tue, 2007-04-03 at 16:06 +, Duane Hill wrote:
On Tue, 3 Apr 2007, adam lanier wrote:
Shouldn't it be:
From !~ /[EMAIL PROTECTED]/i
meta SPAM_FROM_RELAY__GATEWAY_RELAY && __NOT_PAR_DOMAIN
yep, i'm 0 for 2 today, time to keep quiet.
Sorry last question -
On Wed, 2007-04-04 at 05:30 -0700, dougp23 wrote:
> I have a user IN the company, who loves to forward these large messages,
> things like "Check out these so cute puppies", and "Photoshop Magic" and
> what not. Pure drivel.
>
> Anyway, Can I tell SA to "block sending email from jsmith" when "mut
Walter Keen wrote:
I've been told there is some sort of a subscription service for SA rules
to check messages against
Does such a thing exist, I havent had any luck on google...
Yes, I have a service. It is $5000.00 per year, payable up front. I
will run sa-update for you, from anywher
dougp23 wrote:
> I have a user IN the company, who loves to forward these large messages,
> things like "Check out these so cute puppies", and "Photoshop Magic" and
> what not. Pure drivel.
>
> Anyway, Can I tell SA to "block sending email from jsmith" when "mutliple
> jpgs attached" or something
I have a user IN the company, who loves to forward these large messages,
things like "Check out these so cute puppies", and "Photoshop Magic" and
what not. Pure drivel.
Anyway, Can I tell SA to "block sending email from jsmith" when "mutliple
jpgs attached" or something like that?
I would app
Larry Nedry writes:
> Hi All,
>
> I'm trying to use mass-check to test the accuracy of a plugin that I'm
> developing. If I run mass-check without the -j option (single process) it
> takes a few hours for it to finish a corpus of about 60,000 emails. If I
> use the --net option it could a day o
> > But It won't be indiscriminant in my case.. Is there any
> other solution?
>
> Keep messages on the list.
>
> These are very simple messages that are exploiting an image
> hosting service. There are very few spam signs in them. I
> have decided that for the time being none of my users ar
>> Maybe have a look at using "The Day Old Bread List" DNSRBL?
>> More info at http://support-intelligence.com/dob/
>>
> This seems to be a intelligent idea. Can I subscribe to their DOB
> lists alone.
>
> What are the zones to query ?
The webpage states that:
- "The list is currently in ALPHA a
Rocco Scappatura wrote:
full CHIME_BODY_IMAGESHACK/\bhttp:\/\/.*\.imageshack\.us/i
describe CHIME_BODY_IMAGESHACKEmails containing
imageshack.us URLs.
scoreCHIME_BODY_IMAGESHACK2.0
Place these three lines in your local.cf file and restart any
daemons.
You can adjust the s
Is it possible they are coming from zombie machines? Machines which
have been infected by a sort of virus which a spammer can take over
and send out mail from remotely.
Michael Grant
On 4/4/07, J. <[EMAIL PROTECTED]> wrote:
--- Matt Kettler <[EMAIL PROTECTED]> wrote:
> J. wrote:
> > I've bee
On Tue, 2007-04-03 at 13:15 -0700, Bill Landry wrote:
> Dave Pooser wrote the following on 4/3/2007 11:19 AM -0800:
> > I'm seeing a bunch of spam using URLs from domains created on the same day
> > or in the past day or two. I don't know how red.uribl.com works, but I
> > imagine it missed the sam
On Wednesday 04 April 2007 00:48, kiwidesign wrote:
> So this is the case. When spamassassin is run as root, the message gets a
> high score, but when sudo'd as the postfix user, it gets a significantly
> lower score, and two error messages about not being able to write to
> /root/.spamassassin/use
33 matches
Mail list logo
