On Jul 15, 2009, at 3:25 AM, Bernd Petrovitsch wrote:
What could be new in "spam filtering" as such in 2003?
The Patent Office is manned by monkeys. Worse, they are ignorant
monkeys. Have you seen the patent on swinging? Yes, as in the
playground/backyard swing.
--
Sent from my iPhone
Thank you everyone for your feedback/suggestions.
We will try what Karsten is suggesting and post our results here so future
viewers of this post can see if it works out.
Many thanks,
Jason Fenton
-Original Message-
From: Karsten Bräckelmann [mailto:guent...@rudersport.de]
Sent: Thurs
On Wed, 15 Jul 2009, John Hardin wrote:
On Wed, 15 Jul 2009, MrGibbage wrote:
I just got one a few minutes ago that had a link like this:
www[dot]da39[dot]com
and yes, that is a "quote". They actually obfuscated the . with [dot]
Anyone ready to tackle that one?
The link below has been
On Wed, 15 Jul 2009, MrGibbage wrote:
I wonder if the spammers are reading this forum. That seemed awful fast.
Of course they are.
--
John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79
On Wed, 2009-07-15 at 17:28 -0700, Derek Harding wrote:
> Benny Pedersen wrote:
> > submit it at there page, then its will be listed in sa, hopefully me :-)
You haven't followed the uribl list recently. For a couple of days now,
manually submitting URIs is disabled.
Also, this is a literal [dot],
On Thu, July 16, 2009 02:28, Derek Harding wrote:
> But it's not a URI it's just some text. I don't see how SA is ever
> going to submit that to any URIBL.
no you need to submit, not have sa submit it, maybe future request to
autosubmit, but this will properly turn down uribl.com even
more, as
Benny Pedersen wrote:
On Thu, July 16, 2009 02:14, MrGibbage wrote:
uribl did not hit on any of the "real" uri's in the message.
Not sure why you think they would have been triggered by the
www[dot]da39[dot]com though. SA wouldn't have sent them that URI to even
check, would it? Or am I mi
On Thu, July 16, 2009 02:14, MrGibbage wrote:
>
> uribl did not hit on any of the "real" uri's in the message.
>
> Not sure why you think they would have been triggered by the
> www[dot]da39[dot]com though. SA wouldn't have sent them that URI to even
> check, would it? Or am I mistaken?
>
> Here
On Thu, July 16, 2009 01:51, MrGibbage wrote:
>
> I just got one a few minutes ago that had a link like this:
> www[dot]da39[dot]com
>
> and yes, that is a "quote". They actually obfuscated the . with [dot]
> Anyone ready to tackle that one?
if http://www.uribl.com/ is not down try
--
xpoint
> put any custom rules in the database, and modify the spamd? start
> scripts to write the custom rules to flat files. modify your update
> program to signal a spamd reload every time you modify the rules, or,
> use unison. we use unison (not for our VPS spam clusters) but for
> syncing flat file
Patrick Saweikis wrote:
Has anyone had any experience trying to make spamassassin use a mysql
database for it's ruleset instead of text files? We are planning on
making our anti-spam solution redundant, and it would be nice to have
this in a database instead of copying files around when we
Has anyone had any experience trying to make spamassassin use a mysql
database for it's ruleset instead of text files? We are planning on
making our anti-spam solution redundant, and it would be nice to have
this in a database instead of copying files around when we make changes.
On 15/07/09 4:11 PM, "Justin Mason" wrote:
> Hi Damian --
>
> Our first impression: somebody other than us is suing somebody other
> than us about a matter that may be entirely unrelated to anything we
> produce. Unless we have a specific reason to believe that a specific
> patent is likely to
On Wed, 2009-07-15 at 21:50 +0200, Michelle Konzack wrote:
> for some minutes I have gotten a bunch of spams using:
>
> How to Satisfy a Woamn sexually - eLading Her Mind.www[dot]ku17[dot]net
There's yet a human comprehensible obfuscation to come up with, which
we've not seen years ago already. ;
On Wed, 15 Jul 2009, Michelle Konzack wrote:
How to Satisfy a Woamn sexually - eLading Her Mind.www[dot]ku17[dot]net
The "[dot]" is literal?
I've updated my obfuscated-URI sandbox rules.
--
John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
jhar...@impsec.orgFALaholi
Am 2009-07-15 16:00:13, schrieb Karsten Bräckelmann:
> On Wed, 2009-07-15 at 06:34 -0700, Evan Platt wrote:
> > >but quite a lot of spam gets through by using arbitrary addresses in the To
> > >field and a 'good' address in the Envelope-to field.
> > >
> > >How can I rectify this?
> >
> > Why is y
Hi Damian --
Our first impression: somebody other than us is suing somebody other
than us about a matter that may be entirely unrelated to anything we
produce. Unless we have a specific reason to believe that a specific
patent is likely to be enforced against either us or a downstream user
(and,
Hello,
for some minutes I have gotten a bunch of spams using:
How to Satisfy a Woamn sexually - eLading Her Mind.www[dot]ku17[dot]net
Argh! OK such crap was catched by some other procmail recipes, but
it would be nice, ic SA could handel it
Thanks, Greetings and nice Day/Evening
Miche
On Wed, 2009-07-15 at 14:24 -0400, Charles Gregory wrote:
> Please ignore. I use a generator. To avoid needless discussion of its
> syntax, here are the actual rules from my generated .cf file...
Actually, in this very rule, the negative look-ahead is useless and
won't match the remaining part of
On Wednesday 15 July 2009, Charles Gregory wrote:
>On Tue, 14 Jul 2009, Damian Mendoza wrote:
>> Anyone else being sued by Southwest Technology Innovations regarding spam
>> filtering? It’s odd that they would name my old company (Workgroup
>> Solutions) since they have very few installations (2 pe
On Wed, 15 Jul 2009, Karsten Bräckelmann wrote:
body =~ /(?!www\.[a-z]{2,3}[0-9]{2,3}\.(com|net|org))
This is invalid.
Please ignore. I use a generator. To avoid needless discussion of its
syntax, here are the actual rules from my generated .cf file...
body LOC_09061901 /(?!w
On Wed, 2009-07-15 at 13:53 -0400, Charles Gregory wrote:
> I recently posted a revised rule for detecting the [SNIPPED] spams
> with a PerlRC "negative look-ahead assertion" (?!).
>
> body =~ /(?!www\.[a-z]{2,3}[0-9]{2,3}\.(com|net|org))
This is invalid.
> www[^a-z0-9]{1,9}([a-z]{2,3}
On Tue, 14 Jul 2009 13:39:56 +0100 (GMT+01:00)
peter pilsl wrote:
>
> I have some serious problems with my Spam-Detection. I use a milter
> wrapped around Mail::SpamAssassin and occassionaly a Mail slips
> through with a quite low spamscore despite the fact that a later
> check gives it a high s
On Tue, 14 Jul 2009, Damian Mendoza wrote:
Anyone else being sued by Southwest Technology Innovations regarding spam
filtering? It’s odd that they would name my old company (Workgroup
Solutions) since they have very few installations (2 person reseller)
compared to the others named. Any opinions
On Tue, 2009-07-14 at 15:12 +0300, Jari Fredriksson wrote:
> > google found me nothing authoritative on this, so I
> > figured asking is the way to go...
> >
> > Is it good/bad/etc to share out a MySQL Bayes DB from a
> > central host to multiple machines running spamd?
>
> It is good.
ACK. And t
Please do SUBSCRIBE to a mailing-list before posting. You'll miss
replies otherwise. See some archives for answers.
http://markmail.org/thread/qqz66sriqktg5tkx
On Mon, 2009-07-13 at 16:08 -0300, Michael 'Moose' Dinn wrote:
> google found me nothing authoritative on this, so I figured asking is
Please do SUBSCRIBE to a mailing-list before posting. You'll miss
replies otherwise. See some archives for answers.
http://markmail.org/thread/iv2qbtqie7szvy5a
On Tue, 2009-07-14 at 16:13 +0100, Steve wrote:
> This is very pretty;
[...]
> Can we change the header layout with SA to format it sim
Please do SUBSCRIBE to a mailing-list before posting. You'll miss
replies otherwise.
http://markmail.org/thread/ijbolyz67uj4ijw5
On Mon, 2009-07-13 at 18:42 -0700, Fenton, Jason (interVations) wrote:
> Is there a way to set SpamAssassin to save and attached the original
> message as HTML instea
On Wed, 2009-07-15 at 06:21 -0700, John Hardin wrote:
> On Wed, 2009-07-15 at 13:58 +0200, Karsten Bräckelmann wrote:
>
> > (c) If all else fails, do provide all custom settings relevant to the
> > subject at hand. And of course, a raw sample [2] or two, showing all
> > headers unmunged.
> >
> >
On Wed, 2009-07-15 at 06:34 -0700, Evan Platt wrote:
> >but quite a lot of spam gets through by using arbitrary addresses in the To
> >field and a 'good' address in the Envelope-to field.
> >
> >How can I rectify this?
>
> Why is your MTA not verifying addresses, and rejecting mail to non
> valid
On Wed, Jul 15, 2009 at 14:38, Michael Scheidell wrote:
> 'them'?
>
> men in black?
>
> freebsd? or CPAN maintainer of Term:ReadKey?
Up to you. ;) I'd recommend the latter.
--j.
> ps, out of office messages, read receipt and FPS on vabounce. OOO messages,
> and RR messages cannot be whiteliste
'them'?
men in black?
freebsd? or CPAN maintainer of Term:ReadKey?
ps, out of office messages, read receipt and FPS on vabounce. OOO
messages, and RR messages cannot be whitelisted by the sending mta since
they never include the original message. I think I started some patches
on it, but O
At 11:14 PM 7/14/2009, you wrote:
No doubt this has been discussed before and apologies for any repetition, but
I can't find the answer in the archive.
I have set SA to reject all mail that isn't addressed to specific addresses,
No, SpamAssassin isn't rejecting the mail, something els
the progress indicators use Term::ReadKey, which (looking at its
source) appears to call "resize" under certain circumstances. you
should probably file a bug with them
On Wed, Jul 15, 2009 at 14:28, Michael Scheidell wrote:
> wondering..
>
> am I missing something? 'resize: not found'
>
> go
wondering..
am I missing something? 'resize: not found'
google didn't find anything.
this is on all freebsd systems.
happens on 32bit (i386) version 6.4, 64bit (amd64), 6.4 and 7.1
re2c version 0.13.5
sa-compile > /dev/null
[5449] info: generic: base extraction starting. this can take a
On Wed, 2009-07-15 at 13:58 +0200, Karsten Bräckelmann wrote:
> (c) If all else fails, do provide all custom settings relevant to the
> subject at hand. And of course, a raw sample [2] or two, showing all
> headers unmunged.
>
> guenther
>
> [1] Do not post them directly to the list, upload it
On Wed, 2009-07-15 at 08:30 -0400, Daniel Schaefer wrote:
> > > * 4.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100%
> > > * 1.2 ADVANCE_FEE_2 Appears to be advance fee fraud (Nigerian 419)
> > > * 2.9 KAM_LOTTO1 Likely to be a e-Lotto Scam Email
> >
> > Is your header format
Message original
Sujet : Re: URI-DNSBL problem with spamassassin 3.2.5
De : Dan Schaefer
Dan Schaefer wrote:
Please, can someone feed http://pastebin.ca/1495707 into
spamassassin 3.3.0 and see how it works ?
Hi!
pts rule name description
Dan Schaefer wrote:
Hi!
Please, can someone feed http://pastebin.ca/1495707 into spamassassin
3.3.0 and see how it works ?
Many thanks for your help
Eddy
pts rule name description
--
--
0.0 HTML_MESSAG
Hi!
Please, can someone feed http://pastebin.ca/1495707 into spamassassin
3.3.0 and see how it works ?
Many thanks for your help
Eddy
pts rule name description
--
--
0.0 HTML_MESSAGE BODY: HTM
Message original
Sujet : Re: URI-DNSBL problem with spamassassin 3.2.5
Date : 2009-07-14 11:07
but Ido not find any timing.log file on my current directory or
anywhere on my system!!
Did I missed something ?
I doubt all the necessary hooks are in place for that plugin to work
* 4.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100%
* 1.2 ADVANCE_FEE_2 Appears to be advance fee fraud (Nigerian 419)
* 2.9 KAM_LOTTO1 Likely to be a e-Lotto Scam Email
Is your header formatted like this in Thunderbird or are you using a
different MUA? If Thunderbir
* 4.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100%
* 1.2 ADVANCE_FEE_2 Appears to be advance fee fraud (Nigerian 419)
* 2.9 KAM_LOTTO1 Likely to be a e-Lotto Scam Email
Is your header formatted like this in Thunderbird or are you using a
different MUA? I
On Wed, 2009-07-15 at 08:36 +0200, Benny Pedersen wrote:
[ munged, pasted lottery spam body removed ]
What the...?! You mean the general rules, chanted over and over again,
to NOT dump spam here, don't apply to you? You've been around long
enough, to know how to behave. Or, well, maybe /you/ don'
On Tue, 2009-07-14 at 23:14 -0700, Herb Eppel wrote:
> No doubt this has been discussed before and apologies for any repetition, but
> I can't find the answer in the archive.
>
> I have set SA to reject all mail that isn't addressed to specific addresses,
SA does not reject, bounce, deliver nor d
On Wed, 2009-07-15 at 02:32 -0700, HerbEppel wrote:
[]
> Danke für Deine Antwort and thanks for the Envelope-to explanation, but I
> thought I had already set SA to accept only mails to actual mailboxes and
> I'm not quite sure where else to look (and I'm not sure what MTA is, sorry).
"Mail Tr
Hi Damian,
The content of this message should not be taken as advice. Please
seek proper legal advice.
At 11:59 14-07-2009, Damian Mendoza wrote:
Anyone else being sued by Southwest Technology Innovations regarding
spam filtering? It's odd that they would name my old company
(Workgroup Solu
Bernd Petrovitsch wrote:
>
> On Tue, 2009-07-14 at 23:14 -0700, HerbEppel wrote:
>> No doubt this has been discussed before and apologies for any repetition,
>> but
>> I can't find the answer in the archive.
>>
>> I have set SA to reject all mail that isn't addressed to specific
>> addresses,
On Tue, 2009-07-14 at 11:59 -0700, Damian Mendoza wrote:
> Anyone else being sued by Southwest Technology Innovations regarding
> spam filtering? It’s odd that they would name my old company
> (Workgroup Solutions) since they have very few installations (2 person
> reseller) compared to the others
On Tue, 2009-07-14 at 23:14 -0700, HerbEppel wrote:
> No doubt this has been discussed before and apologies for any repetition, but
> I can't find the answer in the archive.
>
> I have set SA to reject all mail that isn't addressed to specific addresses,
> but quite a lot of spam gets through by u
Anyone else being sued by Southwest Technology Innovations regarding spam
filtering? It's odd that they would name my old company (Workgroup Solutions)
since they have very few installations (2 person reseller) compared to the
others named. Any opinions or feedback?
http://www.faqs.org/patents/
On Tue, Jul 14, 2009 at 22:04, Spiro Harvey wrote:
> Did you know...?
>
> Emails like yours are what we're trying to block on a daily basis.
This is distinctly unhelpful. Please be courteous when dealing with
public mailing list inquiries, especially when you have no relation to
the Apache SpamAs
52 matches
Mail list logo
