In an older episode (Friday, 3. August 2007 01:46), Theo Van Dinter
wrote:
> BTW: full rules are horrible. You want mimeheader (and the
> MIMEheader plugin), part of the standard distribution.
Thanks for the info!
wolfgang
Idiot, at least read the thread before commenting on something a month
old.
--
Michael Scheidell, CTO
SECNAP Network Security Corporation
Keep up to date with latest information on IT security: Real time
security alerts:
http://www.secnap.com/news
___
Michael Scheidell wrote:
I suppose spamassassin.apache.org should be listed in the blacklist for
sending this email to his secondary (according some some people who
obviously don't understand how the real world works)
I'm sorry, perhaps you can clarify your statement. Are you suggesting
that
On Fri, Aug 03, 2007 at 12:37:45AM +0200, wolfgang wrote:
> > > like to know how can I write a spamassassin rule to assign a score
> > > to just having a zip attachment.
> >
> > fullLOCAL_ZIP_ATT m/Content-(?:Disposition|Type).{1,40}
> > (name=\"?.{1,50}\.)?zip\"?/is
BTW: full rules ar
On Thu, 2 Aug 2007 at 13:45 -0400, [EMAIL PROTECTED] confabulated:
Greetings,
Is anyone else getting these UCE messages?
I received one message myself. I completely overlooked it as being spam
based on the fact I had dealt with a product they had/have.
---
_|_
(_| |
atm, you need to patch the source, and rebuild ... e.g.,
cd /top/of/fresh/src/tree/for/spamassassin
wget -k -O bug5574_patch4077.patch
"http://issues.apache.org/SpamAssassin/attachment.cgi?id=4077&action=view";
patch -p0 < bug5574_patch4077.patch
config, build & install
fwiw, works peachy-keen w
I guess I'm going to have to show how dumb I am here, but how does one apply
the patch that has been mentioned to take care of the Pyzor and DCC problem?
First of all, where is the MANIFEST file mentioned? Secondly, I have a Util.pm
located here /usr/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin, b
In an older episode (Thursday, 2. August 2007 08:22), wolfgang wrote:
> > I would
> > like to know how can I write a spamassassin rule to assign a score
> > to just having a zip attachment.
>
> Try something like
>
> fullLOCAL_ZIP_ATT m/Content-(?:Disposition|Type).{1,40}
> (name=\"?.{1
Plugins aren't automatically loaded, you have to have a "loadplugin" line
in a
*.pre file.
Oh that's right. I totally forgot about that.
Whoops. My bad.
Somewhat related: search for:
added a global configuration variable @additional_perl_modules
in:
http://www.ijs.si/software/amavisd/releas
On Thu, 2 Aug 2007 12:24:37 -0700 (PDT)
User for SpamAssassin Mail List <[EMAIL PROTECTED]> wrote:
>
> Hello,
>
> We are running a Debian Sarge system here with spamassassin
> version Version: 3.0.3-2sarge1.
>
> I tried to put these plugins (ImageInfo and loadplugin) into my
> system and got th
Theo Van Dinter wrote:
On Thu, Aug 02, 2007 at 12:27:55PM -0700, Jonathan Nichols wrote:
I tried dumping the PDFInfo.pm plugin there, but it's still not loading
it. I also have a copy in /etc/mail/spamassassin along with the cf file,
but no dice so far.
Plugins aren't automatically loaded, yo
As a follow up. I found a Logger.pm on the system but it was not in the
"/usr/share/perl5/Mail/SpamAssassin/" directory. I did find one in the
"/usr/share/perl5/Razor2" directory. I made copy of this Logger.pm file
and placed it in the "Mail/SpamAssassin/" directory like it was looking
for in the
On Thu, Aug 02, 2007 at 12:27:55PM -0700, Jonathan Nichols wrote:
> I tried dumping the PDFInfo.pm plugin there, but it's still not loading
> it. I also have a copy in /etc/mail/spamassassin along with the cf file,
> but no dice so far.
Plugins aren't automatically loaded, you have to have a "lo
My logs show this:
Aug 2 12:22:43 mailgate amavis[2883]: (02883-01) extra modules loaded:
Mail/SpamAssassin/Locales.pm, Mail/SpamAssassin/Plugin/Bayes.pm,
Mail/SpamAssassin/Plugin/BodyEval.pm, Mail/SpamAssassin/Plugin/Check.pm,
Mail/SpamAssassin/Plugin/DNSEval.pm,
Mail/SpamAssassin/Plugin/H
Hello,
We are running a Debian Sarge system here with spamassassin version
Version: 3.0.3-2sarge1.
I tried to put these plugins (ImageInfo and loadplugin) into my system and
got the following errors when I restarted:
Aug 2 12:
got it.
rats!, nonetheless...
thx!
On Thu, 2007-08-02 at 12:25 -0600, Reg Clemens wrote:
> I am getting the following error message from my (daily) update of
> SpamAssassin
> Rules
>
> ---
>
> Subject: RulesDuJour/deneb.dwf.com: 404 errors
>
>
>
> The following rules had errors:
> SARE 70_sare_bayes_poison_nxm.cf Ruleset had a
Jonathan Nichols wrote:
I'm still seeing this when I run RDJ manually. I'm not running it from
cron and it's been disabled for weeks.
yes, I emailed the address noted in the error. :)
[11915] warn: config: failed to parse line, skipping: AUTOBAN: Over
500 *.cf requests in 48 hours period - C
I am getting the following error message from my (daily) update of SpamAssassin
Rules
---
Subject: RulesDuJour/deneb.dwf.com: 404 errors
The following rules had errors:
SARE 70_sare_bayes_poison_nxm.cf Ruleset had an unknown error:
curl exit code: 52
curl: (52) Empty reply from server
000
---
snowcrash+sa writes:
> i currently use a cron job to
>
> sa-update --channelfile /usr/local/etc/sa/update-DIST-ch.conf
> sa-update --channelfile /usr/local/etc/sa/update-SARE-ch.conf
>
> pulling updates, as available, into my system-wide rules update directory.
>
> if updates exist, then i
Greetings,
Is anyone else getting these UCE messages?
MGD
Original Message
Subject:spam assassin / Razor
Date: Wed, 1 Aug 2007 13:04:19 -0700
From: Matt Brett <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Hi Martin,
I’m reaching out to all existing Razor users,
This bug exists on a qmail-1.03 install as well.
>>> On 8/2/2007 at 12:40 PM, in message <[EMAIL PROTECTED]>, John Rudd <[EMAIL
>>> PROTECTED]> wrote:
The following received header gets RDNS_NONE:
Received: from [69.12.154.165] (HELO mail.rudd.cc)
by some.internal.test.host (CommuniGate Pro
i currently use a cron job to
sa-update --channelfile /usr/local/etc/sa/update-DIST-ch.conf
sa-update --channelfile /usr/local/etc/sa/update-SARE-ch.conf
pulling updates, as available, into my system-wide rules update directory.
if updates exist, then i compile them,
sa-compile --su
John, could you open this as a bug in bugzilla?
John Rudd writes:
>
>
> The following received header gets RDNS_NONE:
>
> Received: from [69.12.154.165] (HELO mail.rudd.cc)
>by some.internal.test.host (CommuniGate Pro SMTP 5.1.11)
>with ESMTP id 60056 for [EMAIL PROTECTED]; Tue, 31 Jul
The following received header gets RDNS_NONE:
Received: from [69.12.154.165] (HELO mail.rudd.cc)
by some.internal.test.host (CommuniGate Pro SMTP 5.1.11)
with ESMTP id 60056 for [EMAIL PROTECTED]; Tue, 31 Jul
2007 14:05:04 -0700
This is an error in the RDNS_NONE logic. The host in que
lochness wrote:
>
> I'm running on windows and i'm using one software call "NoSpamtoday" that
> software is based on spamassassin I modify local.cf file but in my test I
> have this message bellow I put required_hits on 5 but in the message I have
> 0 so how can I apply my config
NoSpamToday puts
On Thu, Aug 02, 2007 at 12:52:49PM -0300, Rejaine Monteiro wrote:
> How can I create a rule to match no-spam e-mail with have (both)
> words "hello" and "testing" (body or hearder)
>
> I tried to use:
>
> /hello&testing/i
> /hello&&testing/i
> /hello && testing/i
These are regular express
On Thu, Aug 02, 2007 at 04:38:53PM +0100, neil wrote:
> I didnt see anything in the perldoc, but I have heard the idea some
> where. Is this possible? Is is a feature that the devs know about?
> Should I raise it as a feature request?
I'm still rather annoyed about this whole thing, but you can
Hi,
How can I create a rule to match no-spam e-mail with have (both)
words "hello" and "testing" (body or hearder)
I tried to use:
/hello&testing/i
/hello&&testing/i
/hello && testing/i
but not working...
I need to match messages with have hello and testing in any position,
like
It´s working now! As i posted before. No more 120mb> spamd childs, now they
are at 28-30mb of RES size.
David Baron wrote:
>
> In a "split" configuration, where would these warn sets be placed?
> The sections of the combined "exim4.conf.template" also correspond to the
> individual files for
Hi;
With short circuit you can stop scanning when certain tests are met.
Eg user is whitelisted.
I'm seeing lots of spam with scores (50+ points) above my cut off and
reject score.
Is there a way for shortcircuit to see the current score and stop if it
is above a certain cut off ?
I don't
In a "split" configuration, where would these warn sets be placed?
The sections of the combined "exim4.conf.template" also correspond to the
individual files for splits. So ... where did you do this?
Note that I am not using the 850_exim4-config_spamcheck_router but currently
using procmail to r
Sorry for the caps! In my config should be like this, Im not very experienced
in exim rules:
warn
condition = ${if <={$message_size}{200K}}
condition = ${if eq {${acl_m0}}{1}{1}{0}}
spam = ${acl_m1}/defer_ok
log_message = "SpamAssassin as ${acl_m1} detected message as spam"
Please do not abuse the subject line with excessive capitals and exclamation
marks.
On Thursday 02 August 2007 15:14, Diego H. wrote:
> Below is my spamassassin rules at exim, seems that SA is scanning
> everything and I want to limit the scanning size up to 100k, no more. I
> read that there is
On Thu, 2 Aug 2007, Sg wrote:
> .htm is a attaching file. We are using 3.1.7 version. We didnt
> configure anything, default configurations only.
Please keep this on-list so that others can help as well.
Please post a complete copy of the spam email on a webserver somewhere
so that we can look a
Try to upgrade to SA 3.2.2. there was a fix for messages that take too long
for scan.
Néher Márton wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hi all!
>
> I would like to ask for your help about an sa problem.
> Somethimes (random or when a lots of mails arrive) some spamd
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi all!
I would like to ask for your help about an sa problem.
Somethimes (random or when a lots of mails arrive) some spamd children
gets stucked in, what pushes up the load (~40), and enormously eats memory
(~6-7Gb). It started about 1-2 weeks ago
Below is my spamassassin rules at exim, seems that SA is scanning everything
and I want to limit the scanning size up to 100k, no more. I read that there
is a rule called message_size but I dont know where to insert it in my
config:
Thanks in advance!!
warn
condition = ${if eq {${acl_m0}}{1}
On Thu, Aug 02, 2007 at 04:15:21AM -0400, Michael W Cocke wrote:
> These blasted PDF spams are driving me mad! Any ideas for a rule that
> would trip if there's no text in the body, just a PDF attachment ?
run sa-update. There's been a rule in the channel for a while now.
--
Randomly Selected
Jeremy Fairbrass escribió:
If you're using the PDFinfo plugin, you should see a rule called GMD_PDF_EMPTY_BODY on those spams - it should fire on any message
containing a PDF and a blank body. Obviously you can modify that rule's score if you want to make it higher, or meta it with other
rules.
hi there,
i configured my spamd that it scans all emails that go in and out. the then
spawned spamd process is owned by the mailuser itself (in my case its
mail008).
The funny thing is, that everything runs fine with my other 500 spamd users
/ processes, but this single user creates an incredibl
Answer to my own question...
#PDFInfo - tags pdf based spam
#
loadplugin Mail::SpamAssassin::Plugin::PDFInfo
/usr/local/saplugins/PDFInfo.pm
:-)
on 8/2/07 6:30 AM, MIKE YRABEDRA at [EMAIL PROTECTED] wrote:
> on 8/2/07 5:55 AM, Justin Mason at [EMAIL PROTECTED] wrote:
>
>>> In my Debian et
Hi,
What im trying to do:
Add a url in spamassassin's "report" function.
For example:
##
clear_report_template
report Spamassassin thinks this is spam
report If you trust this email-address you can click on the link below.
report http://www.whitelist.me/?emailaddress=_EMAIL_SENDER
where _EMAILSE
on 8/2/07 5:55 AM, Justin Mason at [EMAIL PROTECTED] wrote:
>> In my Debian etch installation it's
>> /usr/share/perl5/Mail/SpamAssassin/Plugin/
>
> actually, it's better not to use that location. That's where
> SpamAssassin installs its distribution-packaged modules, and it
> may delete the con
Probably a stupid question, but where do I put the PDFInfo.pm file?
I put it is /etc/mail/plugins/...
But that does not work.
I will continue googling in the meantime
on 8/2/07 5:09 AM, Michael W Cocke at [EMAIL PROTECTED] wrote:
> Thanks, both of you. Looks like an update to pdfinfo snuc
Sebastian Ries writes:
> Hi
>
> > Excume my lack of knowlegde but where is the plugin directory for SA?
> >
> > I tried putting it in /usr/local/etc/mail/spamassassin/
> > then in /etc/mail and then in /usr/local/share/spamassassin
> >
> > When I restart spamd, it does not like when I put the pat
Hi
> Excume my lack of knowlegde but where is the plugin directory for SA?
>
> I tried putting it in /usr/local/etc/mail/spamassassin/
> then in /etc/mail and then in /usr/local/share/spamassassin
>
> When I restart spamd, it does not like when I put the path to
> /usr/local/share/spamassassin in
Hello,
Please ignore, have just found out the location. Sorry to have bothered!
Zbigniew Szalbot
On Thu, 2 Aug 2007 11:45:13 +0200, Zbigniew Szalbot
<[EMAIL PROTECTED]> wrote:
>
> Hello,
>
> On Thu, 2 Aug 2007 10:37:27 +0200 (CEST), Jeroen Tebbens
> <[EMAIL PROTECTED]> wrote:
>> Hi,
>>
>> Get
Hello,
On Thu, 2 Aug 2007 10:37:27 +0200 (CEST), Jeroen Tebbens
<[EMAIL PROTECTED]> wrote:
> Hi,
>
> Get the plugin PDFinfo
>
> http://www.rulesemporium.com/plugins/
>
> And it will give you more control about PDF spam. It has a rule for empty
> body emails with PDF attachment (GMD_PDF_EMPTY_B
Thanks, both of you. Looks like an update to pdfinfo snuck out while
I wasn't looking. I've made the adjustments.
Mike-
On Thu, 2 Aug 2007 10:39:20 +0200, you wrote:
>"Michael W Cocke" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]
>> These blasted PDF spams are driving me mad!
"Michael W Cocke" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]
> These blasted PDF spams are driving me mad! Any ideas for a rule that
> would trip if there's no text in the body, just a PDF attachment ?
>
> (I'm using the PDFinfo plugin now, but I don't really understand it)
>
> Th
Hi,
Get the plugin PDFinfo
http://www.rulesemporium.com/plugins/
And it will give you more control about PDF spam. It has a rule for empty
body emails with PDF attachment (GMD_PDF_EMPTY_BODY) and give it a score
to your liking.
/Jeroen
On Thu, 2 Aug 2007, Michael W Cocke wrote:
These blas
These blasted PDF spams are driving me mad! Any ideas for a rule that
would trip if there's no text in the body, just a PDF attachment ?
(I'm using the PDFinfo plugin now, but I don't really understand it)
Thanks!
Mike-
--
If you're not confused, you're not trying hard enough.
--
Please note -
On Wed, 1 Aug 2007, Howard Rifkind wrote:
We finally got SpamAssassin going with Squirrelmail.
A number of message which spamassassin identified a
spam has showen up in users mail boxes.
Is there a way to get mail identified as spam to go to
a seperate folder for each user?
This is kind of li
54 matches
Mail list logo
