Re: Shortcircuit Rules

Hi, > I use a number of shortcircuits but they are not in SA they are > in sendmail.cf  They are subject line checks.  I started this > with the Viagra spam, looking at the common permutations of viagra > spelling, such as v!agra, etc. > > Why not block it at the MTA before it even gets to SA - if

Re: Auth questions

> But I think the trouble is that SPF_FAIL and DKIM_SIGNED without > DKIM_VERIFIED doesn't necessarily mean it's not being spoofed, right? > > For that reason I really haven't been able to make scoring decisions > on either of them. Both the DKIM_SIGNED and the DKIM_VERIFIED (now renamed to DKIM

Re: Auth questions

Hi, > I think the point is that the Habeas headers are no longer used (because > they were too easy to fake).  The new Return Path system is now IP > based.  So any email that has a Habeas header was either created by a > previous Habeas customer who has not updated their configuration, or a > spa

Re: "Bayes Starter DB"

On Thu, 29 Oct 2009 15:07:08 -0400 Adam Katz wrote: > Since we have corpus data, we should be able to restrict it to the > body a few select headers (presumably done for the GA regarding Bayes > rule scoring anyway?) and present it to the community in some way... > > Of course, this might presen

Re: Thread-Index discrepancy

Never mind, they should represent each other subtracting from 100%, which they do. Nothing to see here...

Thread-Index discrepancy

Masscheck Detail from DateRev 20091028-r830464-n SPAM% HAM% S/ORANK SCORE NAME 97.5085 71.0054 0.5790.49 (n/a) __MISSING_THREAD 2.4915 28.9946 0.0790.38 (n/a) __HAS_THREAD_INDEX http://ruleqa.spamassassin.org/20091028-r830464-n/__MISSING_THREAD/detail http:/

"Bayes Starter DB"

Since we have corpus data, we should be able to restrict it to the body a few select headers (presumably done for the GA regarding Bayes rule scoring anyway?) and present it to the community in some way... Of course, this might present (single-word?) privacy issues for the corpus providers and mig

Re: emails lost

Khaled Hussein wrote: Hi all, i am recently added saupdates.openprotect.com channel to my server but after that i am receiving complains from one customer that he received emails like 123...@domain.com as ifax , the digits are the

Re: Shortcircuit Rules

Alex wrote: Hi, I'm interested in experimenting with shortcircuiting, and wondered if anyone had some examples they're using that they could share? My $0.02 I use a number of shortcircuits but they are not in SA they are in sendmail.cf They are subject line checks. I started this with the

Re: Auth questions

On Thu, 29 Oct 2009, Alex wrote: Anyone can add a Habeas header. ?At best, it means they've got an outdated configuration; at worst, it means they're spammers trying to get past filters. Isn't SPF and DKIM essentially as easily defeated? SPF and DKIM have different goals than Habeas. They s

Re: Auth questions

Alex wrote: >> Anyone can add a Habeas header. At best, it means they've got an outdated >> configuration; at worst, it means they're spammers trying to get past >> filters. >> >> https://senderscore.org/lookup.php?lookup=208.85.50.30 reveals that the >> 208.85.50.30 is not currently accredited un

Shortcircuit Rules

Hi, I'm interested in experimenting with shortcircuiting, and wondered if anyone had some examples they're using that they could share? If I understand correctly, the tests involving simple parsing instead of those involving network connections work best due to the inherent overhead with network

Re: Auth questions

Hi, > Anyone can add a Habeas header.  At best, it means they've got an outdated > configuration; at worst, it means they're spammers trying to get past > filters. > > https://senderscore.org/lookup.php?lookup=208.85.50.30 reveals that the > 208.85.50.30 is not currently accredited under the "Retu

Re: Do not use openprotect!

On 10/29/2009 11:33 AM, Adam Katz wrote: There are other channels of note, namely 2tld, sought, and my own. I've got a list of channels I recommend on my site (see my sig). How is your registration to be able to commit your rules to masscheck going? I personally wouldn't be comfortable usin

Do not use openprotect!

Khaled Hussein wrote: > i am recently added saupdates.openprotect.com channel to my server > but after that i am receiving complains from one customer that he > received emails like 123...@domain.com as ifax , the digits are the > fax number, but after the message enter the mail queue it > disappe

Re: emails lost

Hi! Spamassassin doesnt delete mail. This is most likely a issue with the tools you use around it? MailScanner? Bye, Raymond. On Thu, 29 Oct 2009, Khaled Hussein wrote: Hi all,  i am recently added saupdates.openprotect.com channel to my server but after that i am receiving complains from

emails lost

Hi all, i am recently added saupdates.openprotect.com channel to my server but after that i am receiving complains from one customer that he received emails like 123...@domain.com as ifax , the digits are the fax number, but after the message enter the mail queue it disappeared, here are the logs

Re: sa-update randomly stops

On Tue, 2009-10-27 at 18:52 -0400, Adam Katz wrote: > McDonald, Dan wrote: > > I run sa-update and sa-compile from a cron job at a regular interval. > > > >gpg: WARNING: unsafe permissions on homedir > > `/etc/mail/spamassassin/sa-update-keys' > >[8641] info: generic: base extract