On 8 Nov 2008, at 00:09, Matt Kettler wrote:
Matt Kettler wrote:
Neil wrote:
So maybe this is moving slightly off on a tangent, but:
Why does auto-learn sometimes learn spam with a rating of X, but not
spam with a rating of X+Y? Where's it's methodology?
First, there's several rules invo
Matt Kettler wrote:
> Neil wrote:
>
>> So maybe this is moving slightly off on a tangent, but:
>> Why does auto-learn sometimes learn spam with a rating of X, but not
>> spam with a rating of X+Y? Where's it's methodology?
>>
>
> First, there's several rules involved here.
>
> To autolearn
Neil wrote:
>
> So maybe this is moving slightly off on a tangent, but:
> Why does auto-learn sometimes learn spam with a rating of X, but not
> spam with a rating of X+Y? Where's it's methodology?
First, there's several rules involved here.
To autolearn as spam *ALL* of the following must be me
On 7 Nov 2008, at 23:43, Neil wrote:
On 7 Nov 2008, at 23:40, Matt Kettler wrote:
Neil wrote:
I'm wondering about the best way to train my Bayes filter (per-user
filtering).
I have a Junk folder, and it contains roughly three categories of
mail
(to my mind, at least):
A. Mail SpamAssass
On 7 Nov 2008, at 23:40, Matt Kettler wrote:
Neil wrote:
I'm wondering about the best way to train my Bayes filter (per-user
filtering).
I have a Junk folder, and it contains roughly three categories of
mail
(to my mind, at least):
A. Mail SpamAssassin marked spam and auto-learned as spam.
Neil wrote:
> I'm wondering about the best way to train my Bayes filter (per-user
> filtering).
>
> I have a Junk folder, and it contains roughly three categories of mail
> (to my mind, at least):
> A. Mail SpamAssassin marked spam and auto-learned as spam.
> B. Mail SpamAssassin marked spam, but d
I'm wondering about the best way to train my Bayes filter (per-user
filtering).
I have a Junk folder, and it contains roughly three categories of mail
(to my mind, at least):
A. Mail SpamAssassin marked spam and auto-learned as spam.
B. Mail SpamAssassin marked spam, but did not autolearn.
C
Shawn Berg wrote:
> I recently had to entirely re-IP a network including the server running
> Spamassassin. When I run sa-update, it just hangs at the command prompt
> with a flashing cursor; same thing happens when I run sa-update –D but
> only after it calls the updates.spamassassin.org channel…
I recently had to entirely re-IP a network including the server running
Spamassassin. When I run sa-update, it just hangs at the command prompt
with a flashing cursor; same thing happens when I run sa-update -D but
only after it calls the updates.spamassassin.org channel...
Checking my firewall
Benny Pedersen <[EMAIL PROTECTED]> wrote:
> On Fri, November 7, 2008 19:31, mouss wrote:
>
> >>> postmaster@
> >> http://rfc-ignorant.org/policy-postmaster.php
> > the rfci policy applies to postmaster as a recipient. nobody can force
> > you to accept mail _from_ postmaster.
>
> how can anyone
> how can anyone solve anything when postmasters cant talk together ?
>
> doh
>
>
> --
> Benny Pedersen
>
*snip* advertisement and link
benny,
do you trust emails from some postmaster at some domain and spend lots of
time answering them?
yeah, right.
and btw benny, please stop spamming us
It sounds obvious now.
BUT , before I added the UDP dns firewall rules. I could successfully do :
lookups using the host command ,
lookups with the example snippet in the Net::DNS man page
all DNS & RBL tests with my older SA installation ( 3.0.4 )
... So I didn't think that I needed that UDP
Benny Pedersen wrote:
On Fri, November 7, 2008 22:38, Daniel Bourque wrote:
[3033] dbg: dns: Net::DNS version: 0.59
update this one
*nod* Daniel, you may also want to look into upgrading SA itself;
unfortunately most distribution-provided packages tend to go stale after
a new patchlevel SA
Daniel Bourque wrote:
After some playing around, turns out that Net::DNS performs certain test
with via UDP port 53, therefore, I had to accept UDP packets from my
nameserver's udp:53
... u... *yes*, you have to accept UDP packets on port 53 O_o
*Most* DNS traffic is UDP. If you're
Thanks for the reply.
Ok, I upgraded
[4918] dbg: dns: Net::DNS version: 0.63
but I still saw the same issue.
I recalled that the problem started after I moved the server on my DMZ.
After some playing around, turns out that Net::DNS performs certain test
with via UDP port 53, therefore, I ha
On Fri, November 7, 2008 22:38, Daniel Bourque wrote:
[3033] dbg: dns: Net::DNS version: 0.59
update this one
--
Benny Pedersen
Need more webspace ? http://www.servage.net/?coupon=cust37098
Hi,
I'm having issues with SA spamassassin-3.2.4-1.el5 , some dnsbl
tests consistantly time out. URI-DNSBL, URI-NS and DNSBL-MX
I can get the URI-NS & URI-DNSBL to work if I replace the
URIDNSBL.pm with the one from spamassassin-3.0.4.
But the DNSBL-MX tests still time out..
I
On 7 Nov 2008, at 09:22, Benny Pedersen wrote:
On Fri, November 7, 2008 10:02, Neil wrote:
My understanding is Mail::SPF is not needed if you have
Mail::SPF::Query installed.
currect, but Mail::SPF::Query does not support SPF rr in dns,
Mail::SPF does
Thanks.
But still; how can I kn
On Fri, November 7, 2008 19:31, mouss wrote:
>>> postmaster@
>> http://rfc-ignorant.org/policy-postmaster.php
> the rfci policy applies to postmaster as a recipient. nobody can force
> you to accept mail _from_ postmaster.
how can anyone solve anything when postmasters cant talk together ?
doh
On Fri, 7 Nov 2008, FractalBob wrote:
Thanks, Mouss, for the pointers, but I still don't understand where the
addresses and phone numbers in 70_sare_evilnum come from. Can SpamAssassin
be configured to scan a message, pick up a domain and then do a WHOIS
search, or did someone go through a few e
Thanks, Mouss, for the pointers, but I still don't understand where the
addresses and phone numbers in 70_sare_evilnum come from. Can SpamAssassin
be configured to scan a message, pick up a domain and then do a WHOIS
search, or did someone go through a few e-mails by hand, query WHOIS using
the do
Benny Pedersen wrote:
On Fri, November 7, 2008 03:33, Michelle Konzack wrote:
I am rejecting ANY (!!!) messages coming from <*.ru> and <*.ua> domains
where the "From:" header is from:
MAILER-DAEMON@
ok
postmaster@
http://rfc-ignorant.org/policy-postmaster.php
the rfci
FractalBob wrote:
Sure, they do spoof, but one could write a script that pokes around the
message content, looking for a URL or signature and use that instead.
I found some rulesets, 70_sare_evilnum*.cf, that seem to do what I want, but
I don't know how to use them; documentation is scarce for S
On Fri, 2008-11-07 at 10:51 -0500, Jean-Paul Natola wrote:
> I'm sorry all, where / how do I add the -u on spamd?
Wherever, however you invoke spamd.
--
char *t="[EMAIL PROTECTED]";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
On Fri, Nov 07, 2008 at 04:45:57PM +0100, mouss wrote:
>
>> With hostnames there is a bigger change of failure (by just using a domain
>> instead of exact hostname, letting f.e. dialup users from the domain forge
>> the path).
>
> not sure I understand. people can't easily forge their rdns (in the
I'm sorry all, where / how do I add the -u on spamd?
Thanks,
Henrik K wrote:
On Fri, Nov 07, 2008 at 04:20:17PM +0200, Henrik K wrote:
On Fri, Nov 07, 2008 at 03:09:29PM +0100, Per Jessen wrote:
I'm not sure I like the ideas of whitelisting based on IP-addresses,
it's too inflexible. Why would you not use hostnames?
Hmm.. ok I think you both (mouss)
Henrik K wrote:
why link that to trusted_networks?
Obviously the whole IP path must be trusted (excluding the last one). You
can use hostnames as well. But then you have to have trust path right, to
trust later hostnames.
maybe I misunderstood your "could even work ...".
And perhaps it cou
Per Jessen wrote:
> Matt Kettler wrote:
>
>> Per Jessen wrote:
>>> Occasionally I'd like to do something like this:
>>>
>>> whitelist_from_rcvd [EMAIL PROTECTED] /^smtp[0-9]+\.orange\.fr$/
>>>
>> One problem.. That involves a regex, but whitelist_from is a "regular
>> user" config option.
>>
Sure, they do spoof, but one could write a script that pokes around the
message content, looking for a URL or signature and use that instead.
I found some rulesets, 70_sare_evilnum*.cf, that seem to do what I want, but
I don't know how to use them; documentation is scarce for SpamAssassin. Does
a
On Fri, November 7, 2008 03:33, Michelle Konzack wrote:
> I am rejecting ANY (!!!) messages coming from <*.ru> and <*.ua> domains
> where the "From:" header is from:
>
> MAILER-DAEMON@
ok
> postmaster@
http://rfc-ignorant.org/policy-postmaster.php
> noreply@
>
On Fri, Nov 07, 2008 at 04:20:17PM +0200, Henrik K wrote:
> On Fri, Nov 07, 2008 at 03:09:29PM +0100, Per Jessen wrote:
> >
> > I'm not sure I like the ideas of whitelisting based on IP-addresses,
> > it's too inflexible. Why would you not use hostnames?
>
> Hmm.. ok I think you both (mouss) a
On Fri, November 7, 2008 10:02, Neil wrote:
> My understanding is Mail::SPF is not needed if you have
> Mail::SPF::Query installed.
currect, but Mail::SPF::Query does not support SPF rr in dns, Mail::SPF does
--
Benny Pedersen
Need more webspace ? http://www.servage.net/?coupon=cust37098
On Fri, November 7, 2008 09:43, mouss wrote:
> - since spammers often forge the sender address, you don't really care
> of the corresponding whois infos.
whois 127.0.0.1
let them forge it :)
--
Benny Pedersen
Need more webspace ? http://www.servage.net/?coupon=cust37098
On Fri, Nov 07, 2008 at 03:09:29PM +0100, Per Jessen wrote:
> Henrik K wrote:
>
> > Then instead of asking for a lacking addition to a poor whitelisting
> > method (in this case), we should enhance whitelist_from_rcvd to
> > process received paths:
> >
> > whitelist_from_rcvd [EMAIL PROTECTED] 1.
On Fri, Nov 07, 2008 at 03:07:59PM +0100, mouss wrote:
>>
>> Then instead of asking for a lacking addition to a poor whitelisting method
>> (in this case), we should enhance whitelist_from_rcvd to process received
>> paths:
>>
>> whitelist_from_rcvd [EMAIL PROTECTED] 1.2.3.4 2.3.4.5
>
> why? I woul
On 07.11.08 12:45, Samy Ascha, Xel Media B.V. wrote:
> I have recently setup a mailbox and a sa-learn script to start
> teaching SpamAssassin. This was all no problem, but:
>
> We have an MX group of usually about 3 MTAs, which all run their own
> content filter (amavis) and thus use their own
Henrik K wrote:
> Then instead of asking for a lacking addition to a poor whitelisting
> method (in this case), we should enhance whitelist_from_rcvd to
> process received paths:
>
> whitelist_from_rcvd [EMAIL PROTECTED] 1.2.3.4 2.3.4.5
>
Should this be read to mean "whitelist from foobar if it
Henrik K wrote:
On Fri, Nov 07, 2008 at 02:38:22PM +0100, Per Jessen wrote:
Henrik K wrote:
On Fri, Nov 07, 2008 at 02:22:08PM +0100, Per Jessen wrote:
Yes, I saw that in the code - still, having a
whitelist_from_rcvdregex
would be very useful, people relay via their providers quite a lot.
I
On Fri, Nov 07, 2008 at 02:38:22PM +0100, Per Jessen wrote:
> Henrik K wrote:
>
> > On Fri, Nov 07, 2008 at 02:22:08PM +0100, Per Jessen wrote:
> >> Yes, I saw that in the code - still, having a
> >> whitelist_from_rcvdregex
> >> would be very useful, people relay via their providers quite a lot.
Henrik K wrote:
> On Fri, Nov 07, 2008 at 02:22:08PM +0100, Per Jessen wrote:
>> Yes, I saw that in the code - still, having a
>> whitelist_from_rcvdregex
>> would be very useful, people relay via their providers quite a lot.
>> I guess I'll have to write something up.
>
> If the originator is s
On Fri, Nov 07, 2008 at 02:22:08PM +0100, Per Jessen wrote:
> Matt Kettler wrote:
>
> > Per Jessen wrote:
> >> Occasionally I'd like to do something like this:
> >>
> >> whitelist_from_rcvd [EMAIL PROTECTED] /^smtp[0-9]+\.orange\.fr$/
> >>
> > One problem.. That involves a regex, but whitelis
Matt Kettler wrote:
> Per Jessen wrote:
>> Occasionally I'd like to do something like this:
>>
>> whitelist_from_rcvd [EMAIL PROTECTED] /^smtp[0-9]+\.orange\.fr$/
>>
> One problem.. That involves a regex, but whitelist_from is a "regular
> user" config option.
>
> In general, regular express
Per Jessen wrote:
> Occasionally I'd like to do something like this:
>
> whitelist_from_rcvd [EMAIL PROTECTED] /^smtp[0-9]+\.orange\.fr$/
>
One problem.. That involves a regex, but whitelist_from is a "regular
user" config option.
In general, regular expressions are intentionally not used in
Michelle Konzack writes:
> Am 2008-10-30 08:53:17, schrieb Greg Troxel:
> > So I wonder if domains with no
> > vowels are normal in Germany (they are not normal in the US).
>
> In germany there are many domains ending withwhich is a
> "limited liability company". Also I know Austrian a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dear members,
I have recently setup a mailbox and a sa-learn script to start
teaching SpamAssassin. This was all no problem, but:
We have an MX group of usually about 3 MTAs, which all run their own
content filter (amavis) and thus use their ow
Am 2008-11-01 17:00:09, schrieb Martin Gregorie:
> I've started to see Casino spam in the last week and noticed, that of
You mean this "Royal Casino" thing from whgich I get all 2 hours one?
I like to have the rule since my current spamassassin let it through...
Thanks, Greetings and nice Day/Eve
Am 2008-10-31 13:31:16, schrieb Kai Schaetzl:
> Easy:
> Remote Sensing Solutions GmbH ->
> Remote Sensing Solutions Ltd ->
> rssltd.com
But you know, that a GmBH is very different from a Ltd?
They have different status.
Thanks, Greetings and nice Day/Evening
Michelle Konzack
Systemadmini
Am 2008-10-30 08:53:17, schrieb Greg Troxel:
> So I wonder if domains with no
> vowels are normal in Germany (they are not normal in the US).
In germany there are many domains ending withwhich is a
"limited liability company". Also I know Austrian and Swiss domains
with it.
Maybe the
Hi Chris.
I have gotten over 200.000 of them with more then 2700 MByte...
Now it is reduced to less then 200 backscatter per day.
I am rejecting ANY (!!!) messages coming from <*.ru> and <*.ua> domains
where the "From:" header is from:
MAILER-DAEMON@
postmaster@
noreply
On 7 Nov 2008, at 04:33, Matus UHLAR - fantomas wrote:
On 07.11.08 04:02, Neil wrote:
Is there a way to check if SPFs and DKIMs are being checked by
SpamAssassin?
Here is, I believe, the relevant spamassassin -D --lint output as far
as modules go:
[19018] dbg: dns: is Net::DNS::Resolver ava
On 06.11.08 17:00, Joe Dragotta wrote:
> With the forwarding to SA active in both the system and user level
> procmailrc files, I was noting some odd behavior. The system level
> filtering was correctly tagging about 90% of the spam as spam and
> sending it to /dev/null/, and therefore was not
> FractalBob wrote:
> >Can SpamAssassin be configured to use the domain in the sender e-mail
> >address
> >or in the message content itself as an input parameter to, say, a WHOIS
> >search, in order to locate either the sender or his ISP? I know this would
> >be expensive, since it would require g
FractalBob wrote:
Can SpamAssassin be configured to use the domain in the sender e-mail address
or in the message content itself as an input parameter to, say, a WHOIS
search, in order to locate either the sender or his ISP? I know this would
be expensive, since it would require going out to the
Per Jessen wrote:
Occasionally I'd like to do something like this:
whitelist_from_rcvd [EMAIL PROTECTED] /^smtp[0-9]+\.orange\.fr$/
The situation is that domain.fr is relaying mail through their provider,
which has a number of smtp servers named smtpNN.orange.fr. If I were
to stick to the cu
Occasionally I'd like to do something like this:
whitelist_from_rcvd [EMAIL PROTECTED] /^smtp[0-9]+\.orange\.fr$/
The situation is that domain.fr is relaying mail through their provider,
which has a number of smtp servers named smtpNN.orange.fr. If I were
to stick to the current whitelist_from
56 matches
Mail list logo
