Linda Walsh wrote:
>
> I see 3 DB's in my user directory (.spamassassin).
>
> auto-whitelist(~80MB)
> bayes_seen(~40MB)
> bayes_toks(~20MB)
>
> Was trying to find relation of 'bayes_expiry_max_db_size' to the physical
> size of the above files.
expiry will only affect bayes_toks. Curren
On Wed, 25 Mar 2009, jcput...@mail.centreweb.co.za wrote:
Hi i am getting spam from windows live accounts, spamassassin shows no
hits
something it comes from live spaces, i have a rule to stop that but
other pass.. please help
Search the SA list archive for "uri spaces live com". There have
On 24-Mar-2009, at 18:47, jcput...@mail.centreweb.co.za wrote:
Hi i am getting spam from windows live accounts, spamassassin shows
no hits
We just discussed this and someone posted:
#spaces.live.com spam
uri URI_LIVEDOTCOM /\bspaces\.live\.com\b/i
scoreURI_LIVEDOTCOM #
describe URI_L
On Wed, 25 Mar 2009, jcput...@mail.centreweb.co.za wrote:
Can spamassassin miss hits or rules if it is running on a slow machine?
No, but a message may skip SA if SA is overloaded due to running on a slow
machine. You need to take into account your email volume.
The most important thing to
On 29-Mar-2009, at 16:42, JC Putter wrote:
uri __GOOGLEGROUPS_15 m'http://[^.]{15}\.googlegroups\.com'i
meta NN_GOOGLEGROUPS_15 __GOOGLEGROUPS_15 && __GOOGLEGROUPS_NUM
describe NN_GOOGLEGROUPS_15 Contains a suspicious googlegroups URI.
scoreNN_GOOGLEGROUPS_15 2
but now i am gettin
I see 3 DB's in my user directory (.spamassassin).
auto-whitelist (~80MB)
bayes_seen (~40MB)
bayes_toks (~20MB)
Was trying to find relation of 'bayes_expiry_max_db_size' to the physical
size of the above files. I'm finding some answers, I've run into some
seeming "contradictions".
On Wed, 25 Mar 2009, jcput...@mail.centreweb.co.za wrote:
> Hi i am getting spam from windows live accounts, spamassassin shows no hits
>
> something it comes from live spaces, i have a rule to stop that but other
> pass.. please help
Sorry, the crystal ball is out of order. Would you be so ki
egroups URI.
scoreNN_GOOGLEGROUPS_15 2
but now i am getting a new type of one which the rules doesnt catch
"http://groups.google.com/group/
can someone please help me write a rule for this link?
__ Information from ESET NOD32 Antivirus, version of virus signature
database 3973 (20090329)
oops. Sorry for the multiple mails, folks -- my list moderation
mistake.
--j.
On Sun, Mar 29, 2009 at 01:31, Dennis German
wrote:
> I believe this is another cPanel issue.
> Attempting to run sa-update displays:
> mkdir /etc/mail: Permission denied at /usr/bin/sa-update line 1226
> How can I
http://codepad.org/W53onqK9
i gave on this kind of spam. its impossible to train bayes and changing
to fast to make custom rules. matching senders doesnt work either
becouse those are sent using live.com, gmail, sourceforge, etc
Jack Raats wrote:
Today I received two messages with a kinds of new(?) spam.
The messages, html ones, contained the word viagra made by colouring cells
in a table.
The message also contained a link to a blog (live.com). The rest of the
message contained a text to mislead the bayes filtering.
> Have you restarted amavisd-new since you added the @lookup_sql_dsn?
Yes, I did.
What I tried for example is to add a score -111 to GTUBE manually in the
local.cf. That does work.
I think that makes sure that amavis(using SA) uses the latest local.cf,
right?
> > > > BTW: spamassassin should not
Hi i am getting spam from windows live accounts, spamassassin shows no hits
something it comes from live spaces, i have a rule to stop that but other
pass.. please help
Can spamassassin miss hits or rules if it is running on a slow machine?
I believe this is another cPanel issue.
Attempting to run sa-update displays:
mkdir /etc/mail: Permission denied at /usr/bin/sa-update line 1226
How can I determine that last time sa-update was run?
I believe this is another cPanel issue.
Attempting to run sa-update displays:
mkdir /etc/mail: Permission denied at /usr/bin/sa-update line 1226
How can I determine that last time sa-update was run?
I believe this is another cPanel issue.
Attempting to run sa-update displays:
mkdir /etc/mail: Permission denied at /usr/bin/sa-update line 1226
How can I determine that last time sa-update was run?
I believe this is another cPanel issue.
Attempting to run sa-update displays:
mkdir /etc/mail: Permission denied at /usr/bin/sa-update line 1226
How can I determine that last time sa-update was run?
Single-user, vanilla install with two exceptions: the install will check our
two whitelists and give a pass (-100) to any of our clients so we don't
bounce their mail.
I hope you're not actually considering bouncing spam. That statement
sounds like it.
Either jecect them at smtp time or sile
Where can i past the raw header? pastebin triggers it as spam
there is more then one pastebin. just like there is more then one OS.
try:
http://rafb.net/paste/
http://codepad.org/
http://paste.nn-d.de/
http://www.copypaste.at/
http://paste.uni.cc/
etc etc
__ Information from ESET
> sa-update
mkdir /etc/mail: Permission denied at /usr/bin/sa-update line 1226
There is no /etc/mail directory available. (I believe the /etc directory I
can view is artifical)
I cannot make a mail directory.
I suspect this is another cPanel (shared host) problem.
Is there a way I can d
At 01:22 PM 3/29/2009, you wrote:
dude, shut up and mind your own business. (and i mean that in the most
constructive manner)
You come to a list asking for help, you make whatever you state your
own business.
But with your attitude you aren't going to get anymore help from me.
you dont kno
>
> Oh, come on, Robert -- I didn't say your way is abusive, just
> overkill.
>
> The most part of this discussion isn't specific to you, nor
> SA. It's a well-known, general problem when running update
> services. It isn't meant to be a decree either, it's partly
> my opinion, partly best-p
Evan Platt a écrit :
> At 08:19 AM 3/29/2009, you wrote:
>
>> Evan,
>>
>> naw, hourly is just fine.
>>
>> we update "sought ruleset" at the same time.
>>
>> i spose i could change it, yet spam is not a once a day thing.
>>
>> spam is all day every day, so hourly is the least i want to see things
>
On Sun, 2009-03-29 at 13:05 -0700, RobertH wrote:
> > From: Karsten Bräckelmann
> > The real impact isn't the DNS query, but whenever an update
> > has been pushed. If everyone would check once an hour, the
> > full load would have to be shouldered in 60 minutes, as
> > opposed to evenly distri
>
> Checking once an hour is obscene.
>
>
Evan,
dude, shut up and mind your own business. (and i mean that in the most
constructive manner)
you dont know me, you do not admin this business, and we are not stupid and
have been doing this for longer than many on this list have been alive.
i
Karsten Bräckelmann a écrit :
> On Sun, 2009-03-29 at 20:44 +0200, mouss wrote:
>> Karsten Bräckelmann a écrit :
>
>>> It's the same classic problem with uninspired admins, running such cron
>>> jobs strictly at a full hour.
>> In most cases, it's not the admins fault. many systems allow adding cr
> Mouss wrote:
> In most cases, it's not the admins fault. many systems allow
> adding cron jobs by simply putting a file in a
> /some/path/hourly and so on instead of editing /etc/crontab
> (or running the crontab command). This is nice (exceptionally
> for packages when editing files is p
At 08:19 AM 3/29/2009, you wrote:
Evan,
naw, hourly is just fine.
we update "sought ruleset" at the same time.
i spose i could change it, yet spam is not a once a day thing.
spam is all day every day, so hourly is the least i want to see things
updated.
But you're not seeing things updated
> From: Karsten Bräckelmann
> Heh, true. And he could run sa-update even more frequently.
> After all, the DNS answer is cached for an hour... ;)
>
> The real impact isn't the DNS query, but whenever an update
> has been pushed. If everyone would check once an hour, the
> full load would hav
On Sun, 2009-03-29 at 20:44 +0200, mouss wrote:
> Karsten Bräckelmann a écrit :
> > It's the same classic problem with uninspired admins, running such cron
> > jobs strictly at a full hour.
>
> In most cases, it's not the admins fault. many systems allow adding cron
> jobs by simply putting a fil
Karsten Bräckelmann a écrit :
> On Sun, 2009-03-29 at 18:14 +0100, Justin Mason wrote:
>> on the other hand, the sa-update architecture can cope with it just fine. ;)
>
> Heh, true. And he could run sa-update even more frequently. After all,
> the DNS answer is cached for an hour... ;)
>
> The re
On Sun, 2009-03-29 at 18:14 +0100, Justin Mason wrote:
> on the other hand, the sa-update architecture can cope with it just fine. ;)
Heh, true. And he could run sa-update even more frequently. After all,
the DNS answer is cached for an hour... ;)
The real impact isn't the DNS query, but whenever
on the other hand, the sa-update architecture can cope with it just fine. ;)
2009/3/29 Karsten Bräckelmann :
>> > Isn't that a tad overkill?
>
> It is. :)
>
>> > http://wiki.apache.org/spamassassin/RuleUpdates
>> >
>> > How often should I run sa-update?
>> >
>> > As often as you like. It typically
On Sun, 2009-03-29 at 09:20 -0700, RobertH wrote:
> >
> > Indeed. Either Robert is running some really old SA version,
> > or updating is plain broken on his machine.
> >
> > Well, or he deliberately put those rules back in locally...
The latter -- according to the other sub-thread all these ru
>
> Indeed. Either Robert is running some really old SA version,
> or updating is plain broken on his machine.
>
> Well, or he deliberately put those rules back in locally...
i believe i have checked all the rules.
we run 3.2.5
most of the rules were addons.
here is
[r...@ac updates_spamas
>
> Nope, you don't. You got a problem with your custom rules.
>
>
> > here is what it is tripping on...
> >
> > 0.7 FH_HOST_EQ_D_D_D_D Host starts with d-d-d-d
> > 1.2 HOST_EQ_STATIC HOST_EQ_STATIC
> > 0.7 FH_HOST_EQ_D_D_D_DBHost is d-d-d-d
> > 1.3 HOST_EQ_CHARTER
On Sat, 2009-03-28 at 23:27 +0100, Matus UHLAR - fantomas wrote:
> > > when did you sa-update for last time? afaik FH_HOST_EQ_*
> > > rules were removed some time ago. Not that current rules
> > > don't have some issues...
> > >
> > > And, of course, you have some rules unknown to me and clean
> > Isn't that a tad overkill?
It is. :)
> > http://wiki.apache.org/spamassassin/RuleUpdates
> >
> > How often should I run sa-update?
> >
> > As often as you like. It typically depends on what time-frame
> > is comfortable for you, and how quickly channels are going to
> > be publishing upda
> From: Evan Platt
>
> Isn't that a tad overkill?
>
> http://wiki.apache.org/spamassassin/RuleUpdates
>
> How often should I run sa-update?
>
> As often as you like. It typically depends on what time-frame
> is comfortable for you, and how quickly channels are going to
> be publishing upda
> From: LuKreme
>
> Why re you running SA over known list messages?
>
LuKreme,
u good question.
we do it cause i havent decided to want, develope & implement, and to use a
way to filter out things i dont want to run through SA on inbound SMTP port
25.
it is easier for me to know every
Karsten Bräckelmann a écrit :
> On Sat, 2009-03-28 at 17:20 -0700, jdpnh wrote:
>> For a long time I have been reviewing the header/source of spam that I
>> received in my inbox. The version/release of SpamAssassin was old - at
>> least 10 releases. I pointed this out to the customer service peop
On 28-Mar-2009, at 17:52, Martin Gregorie wrote:
On Sat, 2009-03-28 at 17:28 -0600, LuKreme wrote:
On 28-Mar-2009, at 15:32, RobertH wrote:
i have problems with the cabletv.org email list.
Why re you running SA over known list messages?
I'm a member of four lists that are not moderated and
43 matches
Mail list logo
