My FC6 box updated spamassassin to spamassassin-3.2.0-39.fc6 yesterday.
Ever since, none of my spam is getting caught. I'm trying very hard
to diagnose the problems. but feeding spam to spamc manually, it looks
like spamd is no longer putting in the header with the stars so
procmail can tell
Hi,
I am having real problems in getting SA 3.2.0 to perform Bayes or RBL
checks. For some reason they just do not fire at all. If I run a lint
there are no warnings and all pre-requisities are okay.
What could I be doing wrong ? All worked fine on 3.1.8. I have even
tried a clean install to
Gabriel Millerd wrote:
On 5/11/07, Daryl C. W. O'Shea <[EMAIL PROTECTED]> wrote:
> the "\d+_scores.cf" rules also can be a pain with sa-update which is a
> big part of the juggling.
Care to elaborate?
If you have a minimal configuration the mass-check scores will likely
bomb on your lint ch
On Sat, May 12, 2007 at 09:22:37AM +1000, Pete Russell wrote:
> His question may have been pretty basic, born of laziness. But when you
> respond with "man sa-update" or RTFM, then you end up with a mailing
> list archive full of useless info, lowering its value as a useful resource.
>
> Ignore
On May 11, 2007, at 10:54 PM, Jason Frisvold wrote:
It appears that each mail is sent by a unique IP, so it doesn't look
like a simple firewall rule will stop this.
Is every single message coming from a unique IP, or is it just that
they're widely distributed?
-faisal
Greetings,
I'm seeing incoming spam at a rate of 2-3 a minute per user and I'm
having trouble properly identifying these as spam with spamassassin.
Or, alternatively, blocking them.
It appears that each mail is sent by a unique IP, so it doesn't look
like a simple firewall rule will stop this.
On Sat, 12 May 2007, Pete Russell wrote:
His question may have been pretty basic, born of laziness. But when you
respond with "man sa-update" or RTFM, then you end up with a mailing list
archive full of useless info, lowering its value as a useful resource.
Ignore or respond with something us
On 5/11/07, Daryl C. W. O'Shea <[EMAIL PROTECTED]> wrote:
> the "\d+_scores.cf" rules also can be a pain with sa-update which is a
> big part of the juggling.
Care to elaborate?
If you have a minimal configuration the mass-check scores will likely
bomb on your lint check. The names of the tw
His question may have been pretty basic, born of laziness. But when you
respond with "man sa-update" or RTFM, then you end up with a mailing
list archive full of useless info, lowering its value as a useful resource.
Ignore or respond with something useful. (In my opinion)
Duane Hill wrote:
O
Daryl C. W. O wrote:
>
> Ernie Dunbar wrote:
>>
>>
>> Ken A wrote:
May 11 12:00:09 pop spamd[47940]: dns: sendto() failed: No route to
host
Host: 190.57.78.66.bl.spamcop.net. at
/usr/local/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/DnsResolver.pm
line
340, line
Gabriel Millerd wrote:
In v3.2 it seems the reading of the /etc/mail/spamassassin/*.(pre|cf)
files is less forgiving. You used to be able to have the all in one
.cf file before v3.2. Likely your header rules are in a .cf file and
the sa-update is just reading the .pre file.
You could never put
In v3.2 it seems the reading of the /etc/mail/spamassassin/*.(pre|cf)
files is less forgiving. You used to be able to have the all in one
.cf file before v3.2. Likely your header rules are in a .cf file and
the sa-update is just reading the .pre file.
I had to juggle the /etc/mail/spamassassin fi
Ernie Dunbar wrote:
Ken A wrote:
May 11 12:00:09 pop spamd[47940]: dns: sendto() failed: No route to host
Host: 190.57.78.66.bl.spamcop.net. at
/usr/local/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/DnsResolver.pm
line
340, line 137.
It might be a good idea to change DnsResolver.pm to mak
Kevin W. Gagel wrote:
- Original Message -
Most common usage is:
$ sa-update
Or, if you want to see what it's doing:
$ sa-update -D
Unless you are adding extra channels or doing something strange with it,
you shouldn't need more than that.
OK, got all those RTFM answers :-) -
Ken A wrote:
>
>> May 11 12:00:09 pop spamd[47940]: dns: sendto() failed: No route to host
>> Host: 190.57.78.66.bl.spamcop.net. at
>> /usr/local/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/DnsResolver.pm
>> line
>> 340, line 137.
>>
>> Of course, hosts like 190.57.78.66.bl.spamcop.net are D
Ernie Dunbar wrote:
We just put our mailserver (with SpamAssassin of course) behind a firewall,
and now we get many many interesting error messages from spamd telling me
that there's no route to some host or other. I tweaked the DnsResolver.pm
module to show what host it was trying to route to, a
-Oorspronkelijk bericht-
Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Verzonden: vrijdag 11 mei 2007 23:01
Aan: users@spamassassin.apache.org
Onderwerp: RE: SA Rules Auto-Update ?
- Original Message -
>Most common usage is:
>
>$ sa-update
>
>Or, if you want to see what i
On Friday 11 May 2007 5:00 pm, Kevin W. Gagel wrote:
> - Original Message -
>
> >Most common usage is:
> >
> >$ sa-update
> >
> >Or, if you want to see what it's doing:
> >
> >$ sa-update -D
> >
> >Unless you are adding extra channels or doing something strange with it,
> >you shoul
Theo Van Dinter-2 wrote:
>
> On Fri, May 11, 2007 at 01:34:06PM -0700, Ernie Dunbar wrote:
>> Of course, hosts like 190.57.78.66.bl.spamcop.net are DNSBL blacklist
>> members, and they resolve to nothing at all, which is why there is no
>> route
>> to host. But why is spamd suddenly spewing the
- Original Message -
>Most common usage is:
>
>$ sa-update
>
>Or, if you want to see what it's doing:
>
>$ sa-update -D
>
>Unless you are adding extra channels or doing something strange with it,
>you shouldn't need more than that.
OK, got all those RTFM answers :-) - I get that...
Kevin W. Gagel wrote:
> > sa-update
>
> Usage info is located where?
Most common usage is:
$ sa-update
Or, if you want to see what it's doing:
$ sa-update -D
Unless you are adding extra channels or doing something strange with it,
you shouldn't need more than that.
--
Bowie
On Fri, May 11, 2007 at 01:34:06PM -0700, Ernie Dunbar wrote:
> Of course, hosts like 190.57.78.66.bl.spamcop.net are DNSBL blacklist
> members, and they resolve to nothing at all, which is why there is no route
> to host. But why is spamd suddenly spewing these errors now? It didn't do
> this befo
We just put our mailserver (with SpamAssassin of course) behind a firewall,
and now we get many many interesting error messages from spamd telling me
that there's no route to some host or other. I tweaked the DnsResolver.pm
module to show what host it was trying to route to, and I got this output:
On Fri, 11 May 2007, Kevin W. Gagel wrote:
- Original Message -
sa-update
Usage info is located where?
% man sa-update
On Friday 11 May 2007 3:04 pm, Kevin W. Gagel wrote:
> - Original Message -
>
> >sa-update
>
> Usage info is located where?
>
> =
> Kevin W. Gagel
> Network Administrator
> Information Technology Services
> (250) 562-2131 local 448
> My Blog:
> http://mail.cn
- Original Message -
>sa-update
Usage info is located where?
=
Kevin W. Gagel
Network Administrator
Information Technology Services
(250) 562-2131 local 448
My Blog:
http://mail.cnc.bc.ca/blogs/gagel
On Fri, May 11, 2007 at 02:20:55PM -0400, Daniel Aquino wrote:
> I think I remember reading that SA Rules can be updated from Official Repos
> ?
sa-update
--
Randomly Selected Tagline:
"If all the girls who attended the Harvard-Yale game were laid end to end,
I wouldn't be surprised." -
I think I remember reading that SA Rules can be updated from Official Repos ?
[EMAIL PROTECTED] wrote:
> I'm using FuzzyOCR which works great. However, lately I've been seeing
> annoying Outlook users using some kind of plugin which seem to add an
> image, and it has the text "Free emoticons, download here" (or
> something), mostly it's in my language and then it has the tex
Ok it looks like using sa-learn created the databases fine even with
only 1 ham/spam...
I didn't even realize my reply's were not being sent to the thread I started...
Sorry!
Daniel Aquino wrote:
> > run these commands as the defang user.
>
> Would it be bad to use "root" because defang is not a real user..
"spamd" will not run as root. If you try it, it will switch to
"nobody".
You can deal with this two ways:
If your mail accounts are owned by real users on the s
Does anyone know what is injecting this "3793/xpopup.js" and
"_popupControl()" all over the place. There's usually a http://127.0.0
.1 in front of the port :3793
I'm seeing it in webpages and email (not mine! google for it and you'll
see what a mess it's making).
I've searched and all I see
Daniel Aquino wrote:
> I really don't know if I can extract emails from Outlook 2003 into a
> standard mbox format...
Maildir is the preferred format. You can extract emails from Outlook,
but Outlook and Exchange tend to rewrite portions of the message which
makes this less than ideal for SA's pu
Daniel Aquino wrote:
> > 1) What (exactly) did you do?
>
> # local.cf config file at this url
> http://pastie.caboo.se/60756
>
> > What user is SA running as? What are the permissions on the bayes
> > directory?
>
> drwx-- 2 defang defang 4096 2007-05-11 10:48
> /var/spool/MD-Databases/
Luis Hernán Otegui wrote:
> First, RTFM.
> Second, Google.
> Third, oh, well... You NEED to feed Bayes a significant amount of
> data, so it knows what is spam and waht is ham, due to the fact that
> the kind of spam and ham you receive is different from the ones I get
> on my servers. Then it will
Kevin W. Gagel schrieb:
Matthias,
Worked fine for me. Try it again if it still doesn't work for you - I've
uploaded a copy to my public share at:
http://mail.cnc.bc.ca/users/gagel/Botnet.tar
Thx alot. It was a temporarily problem, it is good to have an
alternative download location.
I'll k
Matthias,
Worked fine for me. Try it again if it still doesn't work for you - I've
uploaded a copy to my public share at:
http://mail.cnc.bc.ca/users/gagel/Botnet.tar
I'll keep it there till next week.
- Original Message -
From: Matthias Haegele <[EMAIL PROTECTED]>
To: SpamAssassin
Subj
First, RTFM.
Second, Google.
Third, oh, well... You NEED to feed Bayes a significant amount of
data, so it knows what is spam and waht is ham, due to the fact that
the kind of spam and ham you receive is different from the ones I get
on my servers. Then it will start auto learning on that basis. B
Daniel Aquino wrote:
> I setup Bayes and whitelist db paths in my local.cf
> The whitelist db created succesfully but the bayes_* db's did not...
More information please... Just saying that it doesn't work isn't very
helpful.
Before we can help you, we need the two basic pieces of information:
> -Original Message-
> From: Daniel Aquino [mailto:[EMAIL PROTECTED]
> Sent: Friday, May 11, 2007 10:05 AM
> To: users@spamassassin.apache.org
> Subject: Test?
>
>
> Is this how I send to the list ?
Yes, and its better then the old way of posting. Which required bringing a
shrubbery an
Have you trained the bayes database? Is this a fresh install? It needs
at least 200 spam and 200 ham messages to get it going. However, the
more ham and spam you can feed it, the better it will perform...
Luix
2007/5/11, Daniel Aquino <[EMAIL PROTECTED]>:
I setup Bayes and whitelist db paths i
OK, Got it. Anyway, I tracked down the timing issues which drove me to
disable DNS tests to a problem with my nameservers. Now the scanning
times reported by Amavis are similar to the other servers I have. BTW,
thanks for the tip, I've disabled CBL testings in Postfix.
Luix
2007/5/11, Randal, Ph
I setup Bayes and whitelist db paths in my local.cf
The whitelist db created succesfully but the bayes_* db's did not...
Daniel Aquino schrieb:
Is this how I send to the list ?
Congratulations you have made it ;-).
--
Grüsse/Greetings
MH
Dont send mail to: [EMAIL PROTECTED]
--
ZEN includes CBL, so you've got a duplicate test there.
CBL isn't tested in spamassassin (except via XBL).
You'll need something like this to stop the spamhaus tests:
score __RCVD_IN_ZEN 0.0
score RCVD_IN_SBL 0.0
score RCVD_IN_XBL 0.0
score RCVD_IN_PBL 0.0
score URIBL_SBL 0.0
Cheers,
Phil
--
Is this how I send to the list ?
On Fri, 11 May 2007, Luis Hern?n Otegui wrote:
Hi, list, I'm currently running zen.spamhaus.org and cbl.abuseat.org
as RBLs over Postfix, how can I disable them in SA? (I mean, if I'm
already blocking connections which got listed in those RBLs, why let
SA check them? I suppose it should lower sc
>
> A small problems ;=)
>
> Before, my spamassassin server are in front ends .. all messages
> going directly to my spamassassin server and the result are very good.
>
> Now, it's a smtp relay server that receive the email and after sent to
> my spamassassin (the relay don't have filter or oth
Hi, list, I'm currently running zen.spamhaus.org and cbl.abuseat.org
as RBLs over Postfix, how can I disable them in SA? (I mean, if I'm
already blocking connections which got listed in those RBLs, why let
SA check them? I suppose it should lower scan times...)
Thanks,
Luix
--
---
simply remove "gratis" from your wordlist and you'll be done...
I think even without "gratis" in the wordlist FuzzyOCR will do a great job on
"real" spam ;-)
Ove
> -Ursprüngliche Nachricht-
> Von: news [mailto:[EMAIL PROTECTED] Im Auftrag von
> [EMAIL PROTECTED]
> Gesendet: Freitag, 1
Hey,
I'm using FuzzyOCR which works great. However, lately I've been seeing
annoying Outlook users using some kind of plugin which seem to add an
image, and it has the text "Free emoticons, download here" (or something),
mostly it's in my language and then it has the text "gratis".
The word
Matthias Haegele wrote:
Hello!
http://people.ucsc.edu/~jrudd/spamassassin/Botnet.tar
link seems to be dead, since John Rudd is not listed at people, the link
perhaps moved?
Any tips?
That's still the right/current URL.
Just looks like people.ucsc.edu might be down right now.
Hello!
http://people.ucsc.edu/~jrudd/spamassassin/Botnet.tar
link seems to be dead, since John Rudd is not listed at people, the link
perhaps moved?
Any tips?
--
Grüsse/Greetings
MH
Dont send mail to: [EMAIL PROTECTED]
--
54 matches
Mail list logo
