On Thursday 28 June 2007, JOYDEEP wrote:
> Dear list,
>
> I am using suse 9.3 and confused with postfix+spamassassin+amavisd-new
>
> I have first installed amavisd-new and perl-spamassassin. Then I find
> the /etc/mail/spamassassin/local.cf file
> I manually added an email address as black listed a
Dear list,
I am using suse 9.3 and confused with postfix+spamassassin+amavisd-new
I have first installed amavisd-new and perl-spamassassin. Then I find
the /etc/mail/spamassassin/local.cf file
I manually added an email address as black listed and start
amavisd-new. then I check the email and fin
On Thu, 28 Jun 2007, Tom Allison wrote:
cannot write to /var/www/.spamassassin/user_prefs: No such file or directory
failed to create default user preference file
/var/www/.spamassassin/user_prefs
I never ever ever ever want to try to create a user_prefs file.
How do I make sure I never do t
On Thu, Jun 28, 2007 at 05:18:50PM -0700, ahattarki wrote:
> [4724] dbg: http: GET request,
> http://spamassassin.apache.org/updates/MIRRORED.BY
> [4724] dbg: http: request failed, retrying: 500 Can't connect to
> spamassassin.apache.org:80 (connect: Unknown error): 500 Can't connect to
> spamassas
ahattarki wrote:
[4724] dbg: http: GET request,
http://spamassassin.apache.org/updates/MIRRORED.BY
[4724] dbg: http: request failed, retrying: 500 Can't connect to
spamassassin.apache.org:80 (connect: Unknown error): 500 Can't connect to
spamassassin.apache.org:80 (connect: Unknown error)
Any
We are currently running - SpamAssassin for Win32 v3.1.7.0
downloaded sa-update sa-update v3.1.7.0
After running D:\SpamAssassin>sa-update.exe --nogpg
I get the following error -
http: request failed: 500 Can't connect to spamassassin.apache.org:80
(connect:
Unknown err
On Thu, 2007-06-28 at 18:56 -0500, Lindsay Haisley wrote:
> By running a curl hit repeatedly on the RE server I reproduced the
> problem.
By running this test a couple of times I'm apparently now blocked by
RE :-P
Oh well .
Hope the info I sent was useful.
--
Lindsay Haisley | "In an
On Thu, 2007-06-28 at 17:31 -0500, Dallas Engelken wrote:
> This must be an issue that needs to be raised with Prolexic, as they are
> doing the DDoS protection for rulesemporium.com.
>
> Can anyone reproduce this redirect outside of RDJ, and give me a dump of
> the full transaction including ht
cannot write to /var/www/.spamassassin/user_prefs: No such file or directory
failed to create default user preference file /var/www/.spamassassin/user_prefs
I never ever ever ever want to try to create a user_prefs file.
How do I make sure I never do this?
OliverScott wrote:
Assuming that you have managed to get SA to add headers to messages which is
thinks are spam, and are looking to add a header to ALL messages so you can
see what rules are firing on your HAM, then you can do the following. This
may not be what you are after, but may be of some
Apparently SA 3.2.1 is more finicky than 3.1.8 about the user the daemon
runs as. If no -u option is given to spamd when it starts, then its
child processes run as root, which works, but the bayes module won't
cooperate. If a spamd child is running as root, the bayes filter uses
the user spec'd t
This must be an issue that needs to be raised with Prolexic, as they are
doing the DDoS protection for rulesemporium.com.
Can anyone reproduce this redirect outside of RDJ, and give me a dump of
the full transaction including http headers?
I'd rather fix the actual problem and not patch aroun
Robert Schetterer wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dallas Engelken schrieb:
John Thompson wrote:
Raymond Myren wrote:
Just today I started receiving spam mails with attached .pdf files with
a spam image.
Any ideas how to stop this spam type?
On Thursday 28 June 2007 17:02, Lindsay Haisley wrote:
> I don't know what would be gained by a random wait.
The idea of a random wait for contention resolution is long standing. It's
built into the TCP/IP protocol for example.
For example, say my cron job runs at 3 am. Lot's of them probably
On Thu, 2007-06-28 at 16:32 -0500, Michael Parker wrote:
> I can't recall a bug open for anything like this. Please visit
> http://issues.apache.org/SpamAssassin/ and file a complete bug report.
> Please describe the exact problem you are seeing as well as full debug
> output. A random thread on
On Thursday 28 June 2007 16:39, Theo Van Dinter wrote:
> On Thu, Jun 28, 2007 at 04:33:43PM -0500, Larry Starr wrote:
> > Do I need to remove the rules, in /etc/mail/spamassassin, to prevent the
> > older rules from overriding any updates that may come in?
>
> Yes.
I suspected as much.
Thank you,
On Thu, Jun 28, 2007 at 04:33:43PM -0500, Larry Starr wrote:
> Do I need to remove the rules, in /etc/mail/spamassassin, to prevent the
> older
> rules from overriding any updates that may come in?
Yes.
--
Randomly Selected Tagline:
"I lost my foo." - Theo
pgpgySBNRd9Tg.pgp
Des
I have a question regarding this.
I have set up the sa_update channel for the SARE rules and run it.
Everything worked OK BUT, I notice that sa_update is installing the rules
in /var/lib/spamassassin/3.001007, while rulesdujour was instaling them in
"/etc/mail/spamassassin".
Do I need to remove
Lindsay Haisley wrote:
> On Thu, 2007-06-28 at 15:43 -0400, Theo Van Dinter wrote:
>> On Thu, Jun 28, 2007 at 02:27:36PM -0500, Lindsay Haisley wrote:
>>> So what's the best fix for this? Should one just freeze SA at an
>>> earlier version on a production server until this is fixed upstream? Is
>
John Rudd wrote:
The "policy" here is NOT the recipient's policy, the sendering network
owner's policy.
That was a rather mangled sentence...
The "policy" that is the P in PBL is not the recipient's spam/abuse/etc.
policy, it's the sending network owner's policy about who should or
should
On Thu, 2007-06-28 at 15:46 -0400, Phil Barnett wrote:
> I'm going to try this, but with a 5 minute wait. I run it in the middle of
> the
> night anyway, who cares how long it takes.
>
> Actually, the proper response might be a random wait.
The HTML that gets sent by SARE is:
If this were
On Thu, 2007-06-28 at 15:43 -0400, Theo Van Dinter wrote:
> On Thu, Jun 28, 2007 at 02:27:36PM -0500, Lindsay Haisley wrote:
> > So what's the best fix for this? Should one just freeze SA at an
> > earlier version on a production server until this is fixed upstream? Is
> > upstream aware of the p
On Thu, 2007-06-28 at 23:18 +0300, Jari Fredriksson wrote:
> > sa-update and rules_du_jour deal with different rules repositories.
> I
> > use both.
>
> sa-update can use both, if I'm not mistaken. I distantly remember
> configuring it to do so.
http://saupdates.openprotect.com/ has instructions
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dallas Engelken schrieb:
> John Thompson wrote:
>> Raymond Myren wrote:
>>
>>
>>> Just today I started receiving spam mails with attached .pdf files with
>>> a spam image.
>>> Any ideas how to stop this spam type?
>>>
>>
>> Nothing, yet. But sin
On Thu, 2007-06-28 at 21:33 +0200, Mark Martinec wrote:
> > So what's the best fix for this? Should one just freeze SA at an
> > earlier version on a production server until this is fixed upstream?
> > Is upstream aware of the problem and working on a fix for it?
>
> Find out where the problem li
On Thursday 28 June 2007 15:22, Lindsay Haisley wrote:
> Attached is a proposed patch for /var/lib/spamassassin/rules_du_jour
> which addresses the problem of the refresh URL which Rules Emporium
> sometimes sends out instead of a valid cf file. Basically, this patch
> greps the downloaded file fo
Lindsay Haisley wrote:
> On Thu, 2007-06-28 at 15:39 -0400, Theo Van Dinter wrote:
>> Why not just use sa-update and not deal with this?
>
> sa-update and rules_du_jour deal with different rules repositories. I
> use both.
sa-update can use both, if I'm not mistaken. I distantly remember config
On Thu, 2007-06-28 at 15:39 -0400, Theo Van Dinter wrote:
> Why not just use sa-update and not deal with this?
sa-update and rules_du_jour deal with different rules repositories. I
use both.
--
Lindsay Haisley | "In an open world,| PGP public key
FMP Computer Services |who nee
[EMAIL PROTECTED] schrieb:
Sounds more like "if we didn't rely on other people to have seen this
particular abusive host before us and our learning system to have seen
past examples of spam that looks a whole lot like this one from headers
alone to detect this particular spam, we'd fail to catch
[EMAIL PROTECTED] wrote:
Actually, it didn't. The assertion is that if someone else hadn't seen
this exact message first, then SA wouldn't have caught it.
No, the assertion is that if someone else hadn't seen prior abuse from
the sending host first (not this exact message), then SA wouldn't ha
On Thu, Jun 28, 2007 at 02:27:36PM -0500, Lindsay Haisley wrote:
> So what's the best fix for this? Should one just freeze SA at an
> earlier version on a production server until this is fixed upstream? Is
> upstream aware of the problem and working on a fix for it?
You need to debug your instal
On Thu, Jun 28, 2007 at 02:22:32PM -0500, Lindsay Haisley wrote:
> Attached is a proposed patch for /var/lib/spamassassin/rules_du_jour
> which addresses the problem of the refresh URL which Rules Emporium
> sometimes sends out instead of a valid cf file.
Why not just use sa-update and not deal wi
> So what's the best fix for this? Should one just freeze SA at an
> earlier version on a production server until this is fixed upstream?
> Is upstream aware of the problem and working on a fix for it?
Find out where the problem lies. When the component that needs fixing
is known, then something
So what's the best fix for this? Should one just freeze SA at an
earlier version on a production server until this is fixed upstream? Is
upstream aware of the problem and working on a fix for it?
On Thu, 2007-06-28 at 13:51 -0500, John Thompson wrote:
> Eray Aslan wrote:
> > On 28.06.2007 08:14,
Attached is a proposed patch for /var/lib/spamassassin/rules_du_jour
which addresses the problem of the refresh URL which Rules Emporium
sometimes sends out instead of a valid cf file. Basically, this patch
greps the downloaded file for the string "META HTTP-EQUIV", which should
never occur in a v
Eray Aslan wrote:
> On 28.06.2007 08:14, Lindsay Haisley wrote:
>> On Wed, 2007-06-27 at 22:24 -0500, Lindsay Haisley wrote:
>>> I just upgraded from SA 3.1.8-gr1 to SA 3.2.1-gr1 (Gentoo) and notice
>>> that I'm no longer getting any BAYES_NN test notices in my X-Spam-Status
>>> summary in my mail
I currently have a test environment setup, pulling the emails from our server
using fetchmail.
About every 500 emails an email will error and bounce to sender with
can't create user output file. Command output: procmail: Error while
writing to "/var/mail/testuser"
/var/mail
Everything els
arni wrote:
> [EMAIL PROTECTED] schrieb:
>> Actually it did, take away the spamtrap fed blackholes (PBL and SPAMCOP)
>> and the spamtrap fed BAYES as well and it scores a whopping 3.1 thanks
>> to the BOTNET plugin (which is amazing btw). That hit was all from
>> late-receiver effect.
>>
> That sou
> Actually, it didn't. The assertion is that if someone else hadn't seen
> this exact message first, then SA wouldn't have caught it.
No, the assertion is that if someone else hadn't seen prior abuse from
the sending host first (not this exact message), then SA wouldn't have
caught that particul
John Thompson wrote:
Raymond Myren wrote:
Just today I started receiving spam mails with attached .pdf files with
a spam image.
Any ideas how to stop this spam type?
Nothing, yet. But since these appear to be an image file encapsulated in
a .pdf, it may be possible to get FuzzyOCR to
Souza,
Looks Spamassassin can't talk to the spamd daemon. You sure it's running?
ps auxw | grep spamd
Best,
Ryan
Souza Simbota wrote:
Hello.
I have been getting the below error messages in my paniclog. What
could be the cause. Am using Exim 4.63 on debian server with
Spamassissin 3.2.
Raymond Myren wrote:
> Just today I started receiving spam mails with attached .pdf files with
> a spam image.
> Any ideas how to stop this spam type?
Nothing, yet. But since these appear to be an image file encapsulated in
a .pdf, it may be possible to get FuzzyOCR to parse them for spam text.
This problem is probably due to the way Rules Emporium is handling
traffic. If requests come too fast from the same address, or if their
server is busy, they send an HTML redirect page instructing the client
to try again in 0.1 second. Curl and wget don't understand "" and simply store the refres
To be more accurate, that is the LEAST you have to do.
You should also read through the documentation and the Botnet.cf file to
be sure that it is properly set up for your environment. The default
will _probably_ work just fine for you, but it may not. It's best to
read through and be sure.
Hello.
I have been getting the below error messages in my paniclog. What could be
the cause. Am using Exim 4.63 on debian server with Spamassissin 3.2.0 and
Clamav 0.90.3:
2007-06-27 08:08:30 1I3QfW-0002IM-O6 spam acl condition: error reading from
spamd socket: Connection timed out
2007-0
For future references by others, documentation purposes at the list and to
avoid this question from being posted again, all you do to enable Botnet on
your server is download the Botnet.tar, decompress it, copy Botnet.pm and
Botnet.cf to /etc/mail/spamassassin and bounce qmail.
Thanks Matt.
--
Jonathan Allen wrote:
Adam,
This seems to be something to do with the huge AWL files we had - I've
scheduled a weekly run of the trim_whitelist script (I had problems
getting check_whitelist to process the broken file) and I've not seen
the problem since. As a bonus, the AWL files are now t
Adam,
> This seems to be something to do with the huge AWL files we had - I've
> scheduled a weekly run of the trim_whitelist script (I had problems
> getting check_whitelist to process the broken file) and I've not seen
> the problem since. As a bonus, the AWL files are now tens of megabytes,
> Also, I get this one:
>
> [22120] warn: config: failed to parse line, skipping: blacklist from
> [EMAIL PROTECTED]
>
You're missing an underscore.. It's "blacklist_from" not "blacklist from"
D'OH
--
View this message in context:
http://www.nabble.com/Errors-in-local.cf-tf3994100.html
Jason Heiser wrote:
We get order acknowledgment e-mails from a specific e-mail address for
orders placed on our website. A couple of days ago, these messages
stopped arriving. Somebody noticed this, I went looking for them, I
found them in our spam folder. For some reason, this address in the
dougp23 wrote:
> I am getting some errors when i do
>
> spamassassin --lint
>
> Things like:
>
> 22120] warn: Unrecognized escape \V passed through in regex; marked by <--
> HERE in m/(?i)\V <-- HERE iagra\b/ at
> /usr/lib/perl5/vendor_perl/5.8.5/Mail/SpamAssassin/Conf/Parser.pm line 969.
> [
>
> I
I am getting some errors when i do
spamassassin --lint
Things like:
22120] warn: Unrecognized escape \V passed through in regex; marked by <--
HERE in m/(?i)\V <-- HERE iagra\b/ at
/usr/lib/perl5/vendor_perl/5.8.5/Mail/SpamAssassin/Conf/Parser.pm line 969.
[
Is it due to this rule in my local.
>>
>Daryl is right, there is no fix due in 3.2.2 - I got the RDJ and the
>sa-update errors confused. I guess maybe I should dye my hair blonde.
>
>Apologies for any confusion I've caused.
>
Geez - blonde it is - it's sa-compile not sa-update!
I wonder if McDonalds have any jobs going :-/
Kind r
On Wed, 27 Jun 2007 16:42:39 -0400, "Daryl C. W. O'Shea"
<[EMAIL PROTECTED]> wrote:
>Nigel Frankcom wrote:
>> On Wed, 27 Jun 2007 08:48:02 -0400, David Boltz <[EMAIL PROTECTED]>
>> wrote:
>>
>>> I?ve been getting the lint failures found below on my Rules Du Jour
>>> updates for a few weeks now.
54 matches
Mail list logo
