On Wed, 17 Oct 2007, Henrik Krohns wrote:
On Tue, Oct 16, 2007 at 06:16:49PM -0400, Dan Mahoney, System Admin wrote:
dnswl.org is either full of it, or not well maintained.
I've gotten at least 20 spams which I see are listed in dnswl.org as "low
trust" (which still merits -1.0).
Umm, did yo
On Wed, 17 Oct 2007, Matthias Leisi wrote:
I forwarded over 200 of them earlier today (as an attachment -- total
email size was about one meg).
It would have been from this address.
-Dan
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dan Mahoney, System Admin schrieb:
dnswl.org is either
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dan Mahoney, System Admin schrieb:
> dnswl.org is either full of it, or not well maintained.
>
> I've gotten at least 20 spams which I see are listed in dnswl.org as
> "low trust" (which still merits -1.0).
All different IP addresses or some specifi
Steve Ingraham wrote:
> I cannot help but comment on this post.
Neither can I.
> I am one of those ignorant people that is subscribed to this list
> (along with several others) for the purpose of asking questions of
> you experts out there because I do not fully understand how it is
> working. B
I just got information from the open suse group where I can get
3.2.3.11, I have update my spamassassin, and I am not getting those ugly
errors, but I am still getting this one, which was drive me crazy before...
2.5 FM_NO_FROM_OR_TO FM_NO_FROM_OR_TO
-0.0 NO_RECEIVED Information
cpayne wrote:
> Is there a way I can take this
>
> X-Spam-Status: No, score=(1.1), required=1.5,
> tests=BAYES_50,Magi_Body_Chuck,
> NO_RECEIVED,TO_CC_NONE, autolearn=no, bayes score = 0.5000,
> version=3.1.8
> date scan = Mon, 15 Oct 2007 15:38:39 -0400
>
Have you already customized your a
Justin Mason wrote:
> Mark Wendt (Contractor) writes:
>
>> I've started seeing some spam come through that gets labeled with
>> "RCVD_IN_DNSWL_MED RBL: Sender listed at http://www.dnswl.org/";,
>> which imparts a negative score if the relay is listed in their
>> db. Here at the Lab, we have
cpayne wrote:
>>
> Cool I just found a source rpm and I am building 3.2.3.10 so hopefully
> this will help my issue thanks guys.
>
> By the way, I notices no one answer the part about the script.
You mean this one:
--
If questions, anyone know of script that works
On 8/13/07 at 4:01 PM +0100 Justin Mason wrote:
>I've been working on a new way to auto-generate body rules recently...
Are these rules restricted to Spamassassin 3.2 or newer?
The following is what I get when I dig 8.1.3.sought.rules.yerp.org. Notice
the NXDOMAIN.
Thanks for the great work!
N
Justin Mason wrote:
cpayne writes:
Matt Kettler wrote:
Thanks, guys the problem is that for SuSE 10.0 3.1.8 is the max, and the
last time I update a 10.0 to the lastest everything broke. And the major
thing for me that perl is still at 5.8.7, don't you have to be 5.8.8 or
higher for the laste
Steve Ingraham wrote:
> I just wanted to add my agreement to your statements and to ask that
> some posters try to treat all of us asking these supposedly "stupid"
> questions to understand that we really do struggle with
> understanding how all of these systems function.
I see a lot of silly ques
The UUism Networks MailScanner believes that the attachment to this message
sent to you
From: [EMAIL PROTECTED]
Subject: 40comcast.net detected as URI
may be Unsolicited Commercial Email (spam). Unless you are sure that this
message is incorrectly thought to be spam, please delete this
dnswl.org is either full of it, or not well maintained.
I've gotten at least 20 spams which I see are listed in dnswl.org as "low
trust" (which still merits -1.0).
Could we maybe please add a feature to spamassassin -r (or some other hook
to the generic whitelisting code) which reports this t
cpayne writes:
> Matt Kettler wrote:
> Thanks, guys the problem is that for SuSE 10.0 3.1.8 is the max, and the
> last time I update a 10.0 to the lastest everything broke. And the major
> thing for me that perl is still at 5.8.7, don't you have to be 5.8.8 or
> higher for the lastest stuff.
nope
On Tue, Oct 16, 2007 at 04:52:41PM -0400, cpayne wrote:
> but I have found out that
> sa-update places the lastest greatest updates in /var/lib/spamassasin
> and suse by default places the test files into /usr/share/spamassassin I
> think that is the problem. So know I have to figure out how to kil
Matt Kettler wrote:
Michael Scheidell wrote:
3.18 is unsupported.
please update to latest versions.
Well, it's as supported or unsupported as any other version of
SpamAssassin is. No version of SpamAssassin is "supported" by the SA
team beyond the advice given on this list. (sure, s
> -Original Message-
> From: Clay Davis [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, October 16, 2007 3:33 PM
> To: users@spamassassin.apache.org
> Subject: RE: unsubscribed
>
>
> Steve, I hope you didn't misunderstand me... I AGREE with you! Clay
>
No! My apologies for the misunderstan
Steve, I hope you didn't misunderstand me... I AGREE with you!
Clay
>>> "Steve Ingraham" <[EMAIL PROTECTED]> 10/16/2007 4:10 PM >>>
> -Original Message-
> From: Clay Davis [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, October 16, 2007 2:16 PM
> To: Bob Proulx; users@spamassassin.apache.or
Paul Griffith wrote:
Hi,
I want to add a patch to 20_ratware.cf so I can extend
FORGED_MUA_OUTLOOK to handle the new Outlook Message-ID format. Can I
just redefine the supporting meta rule __FORGED_OE and let SA take care
of the rest ?
Redefining the rule in your site config (often located
> -Original Message-
> From: Clay Davis [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, October 16, 2007 2:16 PM
> To: Bob Proulx; users@spamassassin.apache.org
> Subject: Re: unsubscribed
>
>
> Bob,
>
> I agree and have for a long time. I am always a little taken
> aback when an "unsubs
On Tue, 16 Oct 2007 14:57:00 -0400, Joseph Brennan <[EMAIL PROTECTED]>
wrote:
--On Tuesday, October 16, 2007 12:59 -0400 Paul Griffith
<[EMAIL PROTECTED]> wrote:
Hi,
I want to add a patch to 20_ratware.cf so I can extend
FORGED_MUA_OUTLOOK
to handle the new Outlook Message-ID format. C
Bob,
I agree and have for a long time. I am always a little taken aback
when an "unsubscriber" get hammered with sarcasm on this list...
Plus, I have always "assembled first and read the directions later"...
especially on Christmas Eve, when the pressure is on! It's human
nature... but, then, s
--On Tuesday, October 16, 2007 12:59 -0400 Paul Griffith
<[EMAIL PROTECTED]> wrote:
Hi,
I want to add a patch to 20_ratware.cf so I can extend FORGED_MUA_OUTLOOK
to handle the new Outlook Message-ID format. Can I just redefine the
supporting meta rule __FORGED_OE and let SA take care of the
No donations
IT departments managed by folks with corporate backgrounds don't even
have a procedure for sending off checks in arbitrary amounts solely
because somebody thinks it would be a nice thing to do.
Just say that large sites have to pay for rsync and put a price on it.
That turns it i
=?ISO-8859-1?Q?Luis_Hern=E1n_Otegui?= writes:
> Hi, everybody, sa-compile was running allright in my systems, and the
> saturday it began to spit out this output (from sa-compile -D):
there are a number of bugs in sa-compile that are fixed in SVN
trunk-- please apply the patches from
http://issue
Hi, everybody, sa-compile was running allright in my systems, and the
saturday it began to spit out this output (from sa-compile -D):
cd /tmp/.spamassassin28680clJUyOtmp
cd Mail-SpamAssassin-CompiledRegexps-body_0
Wide character in print at /usr/local/bin/sa-compile line 379, <$fh> line 4428.
re2c
> I am also running an old version (3.1.7 on Ubuntu 7.04). Between SA and
> Thunderbird's own spam features, I am detecting something between 75%
> and 80% of spam. How much better is 3.2.x?
On my small system (5 users) spam detection is above 99% accuracy for my
own mail account. Less than 1
Hi,
I want to add a patch to 20_ratware.cf so I can extend FORGED_MUA_OUTLOOK
to handle the new Outlook Message-ID format. Can I just redefine the
supporting meta rule __FORGED_OE and let SA take care of the rest ?
see patch here:
http://issues.apache.org/SpamAssassin/attachment.cgi?id=416
On Tue, Oct 16, 2007 at 10:44:45AM -0500, Mike Jackson wrote:
> happen, and I couldn't figure it out. I figure it would either override
> the dynamic score and always apply -100 if there's a match in the AWL
> database, or that the forced score would be ignored. So, which is it, or
> an answer C
IMO, one of the best and _easiest_ things any site can do to show love
to any blacklist service is: run a local mirror. Even better is to run
a publicly accessible mirror ... but a local mirror lessens your impact
on the service you're consuming. Ask them when and often you can pull
the mir
Since the last DDOS it would have been nice if the big guys ran local
mirrors instead of making the problem worse. No donations and hammering away
at the server I wonder why small RBLs drop off the planet.
I salute every one who has donated time, machines, banwidth, and love to
URIBL. The res
At 15:52 15-10-2007, Mark Martinec wrote:
Also, not to forget that mailman in its current version invalidates and
removes DKIM signatures, while this mailing lists stays faithful and keeps
messages intact and retains original signatures. (there is supposedly some
mailman patch floating around to
I work for a large managed hosting company. One of my fellow techs saw a
customer put the following in their /etc/mail/local.cf:
score AWL -100
He asked me (I have a reputation as the local SA "expert") what would
happen, and I couldn't figure it out. I figure it would either override
the dyn
On 16.10.07 10:46, Kent Borg wrote:
> I am also running an old version (3.1.7 on Ubuntu 7.04). Between SA and
> Thunderbird's own spam features, I am detecting something between 75%
> and 80% of spam. How much better is 3.2.x?
It contains more actual and some new rules. but I can't tell you "how
Henrik Krohns wrote:
On Tue, Oct 16, 2007 at 12:18:06AM -0600, Chris 'Xenon' Hanson wrote:
That's just a source code search engine. It's showing files it found in
SVN on the SpamAssassin site, here:
http://svn.apache.org/viewvc/spamassassin/rules/trunk/sandbox/jm/20_sought.cf?view=log
Unfor
My SA setup is way better than that on it's own, but I have lots of 3rd parts
rules in the mix..
--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300
> -Original Message-
> From: Kent Borg [mailto:[EMAIL PROTECTED]
> Sent: 16 October 2007 15:46
> To: us
I am also running an old version (3.1.7 on Ubuntu 7.04). Between SA and
Thunderbird's own spam features, I am detecting something between 75%
and 80% of spam. How much better is 3.2.x?
Thanks,
-kb
Oli Schacher wrote:
I've just heard that uribl.com is implementing ACLs for heavy hitters.
For those running ISP/ASPs doing millions of queries you may want to
watch your logs.
They not blocking queries (yet?) but return a "REFUSED"
I believe we are already blocking some major heavy hitters
I've just heard that uribl.com is implementing ACLs for heavy hitters.
For those running ISP/ASPs doing millions of queries you may want to
watch your logs.
They not blocking queries (yet?) but return a "REFUSED"
Regards,
Oli
Hi,
Some e-mails did not go through it. As we can see in line of the header below:
(clamdscan: 0.90.3/. spamassassin: 3.2.1.
Clear:RC:0(200.236.162.2):SA:0(?/?):. Processed in 20.839116 secs); 16 Oct 2007
00:05:15 -
The header of the message nor has the line "X-Spam-Flag". Is
Mark Wendt (Contractor) writes:
> I've started seeing some spam come through that gets labeled with
> "RCVD_IN_DNSWL_MED RBL: Sender listed at http://www.dnswl.org/";,
> which imparts a negative score if the relay is listed in their
> db. Here at the Lab, we have an email gateway at the front,
Mark Wendt (Contractor) wrote:
I've started seeing some spam come through that gets labeled with
"RCVD_IN_DNSWL_MED RBL: Sender listed at http://www.dnswl.org/";
> Can someone point me in the right
direction as to how and where I can turn off this rule if it can be
turned off?
In local.cf:
Quoting "Mark Wendt (Contractor)" <[EMAIL PROTECTED]>:
> I've started seeing some spam come through that gets labeled with
> "RCVD_IN_DNSWL_MED RBL: Sender listed at http://www.dnswl.org/";,
> which imparts a negative score if the relay is listed in their
> db. Here at the Lab, we have an email g
I've started seeing some spam come through that gets labeled with
"RCVD_IN_DNSWL_MED RBL: Sender listed at http://www.dnswl.org/";,
which imparts a negative score if the relay is listed in their
db. Here at the Lab, we have an email gateway at the front, which is
the single point of entry for
Thank you both for your posts I'll go off and find out about these issues.
I'll report back if and when I find a solution.
Martin
Matt Kettler-3 wrote:
>
> MartyG wrote:
>> I have recently moved to a new VPS, everything has been setup for me and
>> is
>> working well except Spamassassin. (I'
I believe SA uses Bayes out of the box, but what I don't get is how will
Bayes know it's spam (to train on, versus ham)
You tell it.
Bayes won't kick in on a new installation until you have manually fed it AT
LEAST 200 each hams and spams. You do this by deciding yourself if a
message is h
I remember it follows RFC specification. So, no blank lines in the headers.
cpayne wrote:
Is there a way I can take this
X-Spam-Status: No, score=(1.1), required=1.5,
tests=BAYES_50,Magi_Body_Chuck,
NO_RECEIVED,TO_CC_NONE, autolearn=no, bayes score = 0.5000,
version=3.1.8
date scan =
Henrik Krohns writes:
> http://taint.org/2007/08/15/004348a.html
Ah, my auto-generated ruleset! Yes, please try it out -- it works very
well indeed ;)
(If anyone gets any FPs from it, I'd appreciate if you could package them
up as an mbox, zip it, and mail it to me to avoid them in future. But
Is there a way I can take this
X-Spam-Status: No, score=(1.1), required=1.5, tests=BAYES_50,Magi_Body_Chuck,
NO_RECEIVED,TO_CC_NONE, autolearn=no, bayes score = 0.5000,
version=3.1.8
date scan = Mon, 15 Oct 2007 15:38:39 -0400
and make it look like this...
X-Spam-Status: No, sc
49 matches
Mail list logo
