On Fri, Aug 03, 2007 at 10:59:31PM -0400, Dan Mahoney, System Admin wrote:
> >>Is there some default mechanism loading these things (for example, I
> >>notice loadplugin Mail::SpamAssassin::Plugin::DKIM is only in v312.pre),
> >>and is it safe to remove the old ones?
>
> So then, what if, for exam
On Mon, Jul 23, 2007 at 09:50:26PM -0400, Matt Kettler wrote:
>George Georgalis wrote:
>> On Mon, Jul 23, 2007 at 11:46:58AM -0400, George Georgalis wrote:
>>
>>> How can I disable the use of ~/.spamassassin altogether?
>>>
>>
>> nevermind...
>>
>> --siteconfigpath=$CONF
>
>Actually, that o
On Fri, 3 Aug 2007, Theo Van Dinter wrote:
On Fri, Aug 03, 2007 at 06:49:58PM -0400, Dan Mahoney, System Admin wrote:
I've got some stale v3xx.pre files around, and I notice that they load
plugins that are NOT loaded by v320.pre
Of course.
Is there some default mechanism loading these thing
On Friday 03 August 2007, Michael Scheidell wrote:
> (yes, spf is broken) especially when companies like hallmark, who know
> they are being used as 'phishing' targets list the whole world as
> authoritative mail servers.
>
> I say damn them all, blacklist hallmark till they at least fix their spf
Theo Van Dinter wrote:
> All pre files are used. Nothing is automatically loaded. There are
> multiple files, based on the release where the plugins that are loaded by
> that file were in. This way, we can add new plugins and the new pre file
> will get installed, and there's no issue with chang
Dan Mahoney, System Admin wrote:
> http://wiki.apache.org/spamassassin/SareChannels
> I notice the above page is immutable, for some reason.
Pages are not editable until you login. Login and the immutable page
will become an edit button.
Bob
On Fri, Aug 03, 2007 at 06:49:58PM -0400, Dan Mahoney, System Admin wrote:
> I've got some stale v3xx.pre files around, and I notice that they load
> plugins that are NOT loaded by v320.pre
Of course.
> Is there some default mechanism loading these things (for example, I
> notice loadplugin Mai
I notice the above page is immutable, for some reason.
I noticed, upon trying to use the instructions at
http://saupdates.openprotect.com/, that there IS no DNS record for 3.2.2
updates there, and I cannot edit the page to reflect this.
Nor is there an easy piece of contact information on tha
Hello all,
I've got some stale v3xx.pre files around, and I notice that they load
plugins that are NOT loaded by v320.pre
Is there some default mechanism loading these things (for example, I
notice loadplugin Mail::SpamAssassin::Plugin::DKIM is only in v312.pre),
and is it safe to remove the
Did you use the ports? If you used the ports, it would at least attempt
to pull in all the dependencies.
Since I maintain the Freebsd SA port, it it doesn't work, maybe we can
find out why.
Try the ports first.
Do a ports update, then cd /usr/ports/mail/p5-Mail-SpamAssassin
Do a make config to
Hi all,
this is sort of a re-post , as I never saw a reply.
I've tried every single version after 3.1.8 and it fails to work-
It keeps connections open in the FIN_WAIT state and never closes them,
then just times out everything
I just tried to upgrade to 3.2.1 and got the same result- s
On Fri, Aug 03, 2007 at 11:17:30PM +0200, Matus UHLAR - fantomas wrote:
> also, not everyone is using SARE rules, and I think that until SA devels
> won't trust them to include them into SA, many admins will not install them.
fwiw, it has nothing to do with trust. SA (and all the rules, etc,)
are
> -Original Message-
> From: McDonald, Dan [mailto:[EMAIL PROTECTED]
> Sent: Friday, August 03, 2007 2:45 PM
> To: users@spamassassin.apache.org
> Subject: Re: hallmark greeting card spam and broken spf records.
>
> On Fri, 2007-08-03 at 13:26 -0400, Michael Scheidell wrote:
> > (yes,
> Rocco Scappatura schrieb:
> >It is possible to block the spam sent by GreetingCards.com which invites
> >the receiver to access an URL and browse the ecard?
> >
> >I mean that spam which has subject similar to:
> >
> >You've received a greeting ecard from a Colleague!
On 03.08.07 17:51, arni wro
On 03.08.07 14:48, Rosenbaum, Larry M. wrote:
> In the SA 3.2.2 announcement was this item:
>
> - bug 5548: Certain mail input can take a long time to scan with 100%
> CPU
> utilisation, due to backtracking in a rule's regexp. fix
>
> but when I went to look up the bug, I didn't have permission
On Fri, Aug 03, 2007 at 03:47:49PM -0500, Eduardo Bejar wrote:
> Now my question is, how can I create one rule that matches when both
> conditions are present on a message? In example: "Match when the message
> contains this on the Subject and is sent to this user"?
perldoc "Mail::SpamAssassin::Co
Hi,
Usually when you create a rule to match a text or pattern on a message, you
create one rule for each field. In example: If you´d like to filter every
message that contains "Medicine" in the From: field, and "Users" in the To:
field, you´d need to create two rules, one to match each field.
Now
I already had a working cpan-compiled 3.2.2 in two of my machines.
Then I lost hard drive from the another, and installed a fresh Debian Etch on a
new disk.
Tests fail now.
It says:
Failed TestStat Wstat Total Fail List of Failed
--
On Fri, 3 Aug 2007, Michael Schout wrote:
> Here is my rule that traps them. I have not seen any get through
> after this:
>
> body LOCAL_POSTCARD_URL m'http://\d+\.\d+\.\d+\.\d+/\?[0-9a-f]{8,}'
> describe LOCAL_POSTCARD_URL Body contains postcard scam url
> scoreLOCAL_POSTCARD_URL 3.
On Fri, 3 Aug 2007, Michael Scheidell wrote:
> Subject: [SPAM]You have recieved a Hallmark E-Card !
http://www.impsec.org/~jhardin/antispam/postcards.cf has been updated
for this subject line, and also for some new domain names.
--
John Hardin KA7OHZhttp://www.impsec.org/~j
In the SA 3.2.2 announcement was this item:
- bug 5548: Certain mail input can take a long time to scan with 100%
CPU
utilisation, due to backtracking in a rule's regexp. fix
but when I went to look up the bug, I didn't have permission. Could
somebody give me more detail on this bug? In parti
On Fri, 2007-08-03 at 13:26 -0400, Michael Scheidell wrote:
> (yes, spf is broken) especially when companies like hallmark, who know
> they are being used as 'phishing' targets list the whole world as
> authoritative mail servers.
>
> I say damn them all, blacklist hallmark till they at least fi
(yes, spf is broken) especially when companies like hallmark, who know
they are being used as 'phishing' targets list the whole world as
authoritative mail servers.
I say damn them all, blacklist hallmark till they at least fix their spf
records: (i suspect its the :12" "9 )? shb a period?
o
Rocco Scappatura schrieb:
It is possible to block the spam sent by GreetingCards.com which invites
the receiver to access an URL and browse the ecard?
I mean that spam which has subject similar to:
You've received a greeting ecard from a Colleague!
BR,
rocsca
I really dont understand (o
Duane Hill wrote:
> There is already a test SA does for a dotted-decimal IP in a URL:
Yeah, I was afraid of false positives by raising the score of that rule.
So I made my own rule that only matches these specific urls (with the
MD5 sum) instead.
Regards,
Michael Schout
On Fri, 3 Aug 2007 at 08:03 -0500, [EMAIL PROTECTED] confabulated:
Rocco Scappatura wrote:
It is possible to block the spam sent by GreetingCards.com which invites
the receiver to access an URL and browse the ecard?
All of the ones I have received have a url with a numeric ip, followed
by usu
>Hello,
>did anyone notice that mail from list is bmarked as SPF_FAIL?
>spamassassin.apache.org text "v=spf1 mx -all"
>spamassassin.apache.org. 3597 IN MX 10 mx1.us.apache.org.
>spamassassin.apache.org. 3597 IN MX 10 mx1.eu.apache.org.
>mx1.us.apache.org. 3597I
Rocco Scappatura wrote:
> It is possible to block the spam sent by GreetingCards.com which invites
> the receiver to access an URL and browse the ecard?
All of the ones I have received have a url with a numeric ip, followed
by usually a 32 character string in the url (MD5 hash?).
Here is my rule
My setup is as follows:
postfix
maildrop
spamc called by maildrop. Rule in .mailfilter file
One of the rules we have is
-
if (/^X-Spam-Flag: *YES/)
{
exception {
to "[EMAIL PROTECTED]"
}
}
else
{
exception {
to "$DEFAULT/Maildir/"
}
}
Basically some users want s
On Thu, 2 Aug 2007 12:24:37 -0700 (PDT)
User for SpamAssassin Mail List <[EMAIL PROTECTED]> wrote:
>
> Hello,
>
> We are running a Debian Sarge system here with spamassassin version
> Version: 3.0.3-2sarge1.
My word, get yourself 3.1.7 from Sarge backports and run sa-update
before you do anythi
Anyone else getting flooded with these this morning? My filter box is getting
hammered.
<¤#/srv/gw/mvndom/wptemp/43ccc243.qm8
Spamassassin is using a lot of resources, in particular,
high CPU for spamd running as one of my users. I am
now seeing spam leak through. I have replaced the spamd
option '-m5' with '--round-robin' in my start up script to
no effect. Other users demand for spamd appears normal.
I am using Rules
Hi
I'd start by only using a couple of RBL's (give the others zero scores in
local.cf).
I'd also check how you're calling SA? I'd not call SA for large emails (above
100k) so save a lot of time.
--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300
> -Orig
I haven't seen this but it seems like you use Razor and you have a
relationship with them. I'm not sure I would consider this UCE and that's a
pretty strong accusation to make.
However, there is always the possibility there is a rogue employee doing
dumb things. How do you believe Razor/Clou
Hello,
did anyone notice that mail from list is bmarked as SPF_FAIL?
spamassassin.apache.org text "v=spf1 mx -all"
spamassassin.apache.org. 3597 IN MX 10 mx1.us.apache.org.
spamassassin.apache.org. 3597 IN MX 10 mx1.eu.apache.org.
mx1.us.apache.org. 3597IN
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi!
I have upgraded to 3.2.2, but still not better, just not the same. With
3.2.1 the high load and memory eating was immediate, but with 3.2.2 it is
very heavy. I send you pictures about my stats, i have 2x3Ghz CPU, 4G ram,
and 8G swap, and about
How about creating a rule wherein if the email contains attachment and the
body is blank. I need some help I creating this rule.
-Original Message-
From: wolfgang [mailto:[EMAIL PROTECTED]
Sent: Friday, August 03, 2007 12:09 PM
To: users@spamassassin.apache.org
Subject: Re: zip spams
In
Frank Bures wrote:
After yesterday upgrade to 3.2.2 I am seeing these in the logs (upon spamd
restart):
spamd[19878]: rules: meta test FM__TIMES_2 has dependency
'FH_HOST_EQ_D_D_D_D' with a zero score
spamd[19878]: rules: meta test FM_SEX_HOST has dependency
'FH_HOST_EQ_D_D_D_D' wit
Try this (for replacing your the three meta rules):
metaRCVD_IN_LRBL_W (__RCVD_IN_LRBL_W && !__RCVD_IN_LRBL_B)
describeRCVD_IN_LRBL_W Local RBL Whitelist
tflags RCVD_IN_LRBL_W net
score RCVD_IN_LRBL_W -7
metaRC
metaRCVD_IN_LRBL_W __RCVD_IN_LRBL_W && !__RCVD_IN_LRBL_B
describeRCVD_IN_LRBL_W Local RBL Whitelist
tflags RCVD_IN_LRBL_W net
score RCVD_IN_LRBL_W -7
metaRCVD_IN_LRBL_B !__RCVD_IN_LRBL_W && __RCVD_IN_LR
Hi,
I have written the following ruleset for our local RBL server :-
header __RCVD_IN_LRBL
eval:check_rbl('LRBL','dnsrbl.local.com.')
tflags __RCVD_IN_LRBL net
header __RCVD_IN_LRBL_Beval:check_rbl_sub('LRBL', '127.0.0.2')
tflags __R
41 matches
Mail list logo
