From: "Robert Lopez"
Sent: Friday, 2009/December/04 11:24
On Fri, Dec 4, 2009 at 7:33 AM, Bowie Bailey wrote:
LuKreme wrote:
On 4-Dec-2009, at 01:18, jdow wrote:
With all the animosity on this issue I decided to give the HABEAS
rules a score, a negligible score to be sure, just to see what
From: "Per Jessen"
Sent: Friday, 2009/December/04 11:19
Chr. von Stuckrad wrote:
After all this debate about a negatively scored rule I'd disable it
anyway, because the spammers on the list will target it specifically
now, knowing it works well for them.
The other side of the argument is -
From: "Per Jessen"
Sent: Friday, 2009/December/04 09:11
rich...@buzzhost.co.uk wrote:
This was raised as the IP appeared in HABEAS and for a few hours it
'vanished' from the list. It's back there now, but DateTheUk is now
pumping out via an ip six decimal places up on the last octet.
80.75.6
From:
Sent: Friday, 2009/December/04 06:04
On Fri, 2009-12-04 at 06:55 -0700, LuKreme wrote:
On 3-Dec-2009, at 23:06, R-Elists wrote:
> certainly we understand your point here, yet what about accountability
> for
> Return Path Inc (and other RPI companies) related rules in the default
> Spa
Charles Gregory wrote:
On Fri, 4 Dec 2009, Ted Mittelstaedt wrote:
That wouldn't ever happen because the whole point of the CAN-SPAM
act is to allow the spammers to send out the "first" mail. Direct
e-mail mailers just setup fake company after fake company, so they can
repeatedly spam the "fi
FYI, the original bug is here:
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=3998
All the bitching about it, took me about 30 seconds to find it.
Michael
On Dec 4, 2009, at 12:24 PM, John Hardin wrote:
> On Fri, 4 Dec 2009, J.D. Falk wrote:
>
>> The current defaults for both the HABEAS and BSP rules were set long before
>> Return Path operated either service, so we have no clue where they came from
>> either.
>
> J.D., may I suggest you open a
On 4.12.2009 18:00, Thomas Harold wrote:
> SA had a lot of trouble identifying this as spam. The IP
> (174.139.37.196) is not yet listed in a lot of the DNSBLs. So it only
> scored around a 1.0 on the spam meter.
>
> http://pastebin.com/m1d0a75b7
>
> It uses a block of foreign language spam a
J.D. Falk wrote:
There's only one Safe list (which SA still calls Habeas.) In other words: no
difference between the SOI and COI lists. Or at least, that's how it's
supposed to be -- so Kris's results were somewhat surprising.
*shrug* I haven't seen enough evidence in the mail flow here to
I've just had another one to a honeypot - care of myspace. My dog does
not have a myspace account. Again, this is a harvested email address.
204.16.33.75WHITELISTED:sa-accredit.habeas.com
Whilst I appreciate that nobody would turn their noses up at taking $$$
from someone like mys
On Fri, 4 Dec 2009, Per Jessen wrote:
The other side of the argument is - why does any legitimate company need
to employ a service such as Habeas/Returnpath/whatever?
Any legitimate drug company that wants to send price lists to its
legitimate distributors or end customers, upon request, even
On Fri, 4 Dec 2009, Ted Mittelstaedt wrote:
That wouldn't ever happen because the whole point of the CAN-SPAM
act is to allow the spammers to send out the "first" mail. Direct e-mail
mailers just setup fake company after fake company, so they can
repeatedly spam the "first time" over and over
On Fri, 4 Dec 2009, J.D. Falk wrote:
They have to police themselves, or else they get kicked off the list.
Simple, neh?
Neh. Definitely NEH. That is the logic of spambots. They get on there,
abuse the heck out of it until someone files a complaint and then they get
cut off, but not before mil
On Fri, Dec 4, 2009 at 7:33 AM, Bowie Bailey wrote:
> LuKreme wrote:
>> On 4-Dec-2009, at 01:18, jdow wrote:
>>
>>> With all the animosity on this issue I decided to give the HABEAS
>>> rules a score, a negligible score to be sure, just to see what the
>>> state of HABEAS is for me today.
>>>
>>>
On Fri, 4 Dec 2009, J.D. Falk wrote:
The current defaults for both the HABEAS and BSP rules were set long
before Return Path operated either service, so we have no clue where
they came from either.
J.D., may I suggest you open a SA Bugzilla ticket suggesting that the
scores be reviewed in li
On Fri, 4 Dec 2009, Charles Gregory wrote:
On Fri, 4 Dec 2009, John Hardin wrote:
Both would have to be done any time a new address was added to the mailing
list. And there would have to be some watchdog ensuring the MSP doesn't
relax the policy over time.
Uh-huh. For a -4 in my mail filte
Chr. von Stuckrad wrote:
> After all this debate about a negatively scored rule I'd disable it
> anyway, because the spammers on the list will target it specifically
> now, knowing it works well for them.
The other side of the argument is - why does any legitimate company need
to employ a service
Charles Gregory wrote:
All this debate about 'legitimate' mail services like 'returnpath'
being abused by 'sneaky' spammers. How is that possible? There should be
easy ways to prevent it. Here's a few ideas:
As soon as any whitelist service like 'returnpath' accepts a client,
they perform th
On Dec 4, 2009, at 1:18 AM, jdow wrote:
> And JD, I don't see on your site what it "costs" people to get listed
> on your DNS approval lists other than some tests and documentation. Is
> it possible spammers simply submit some buttered up documentation, get
> approved, and accept getting it knocke
On Fri, 04 Dec 2009, rich...@buzzhost.co.uk wrote:
> Point 4 -
> All that is largely irrelevant to this list, but my point of interest is
> why a commercial white list appears in Spamassassin with the default
> scores set the way they are? It's perfectly reasonable to ask. It could
> be expanded t
On Fri, 4 Dec 2009, Greg Troxel wrote:
A problem with the spam%/ham% checking methodology is that it makes the
accreditation look reasonable for corpuses that have lots of requested
commercial mail. That's certainly fine for those people, but the
outcomes seem very different for those that don't
Charles Gregory wrote:
> I don't care. Spamassassin does not have an 'opinion'. It has a
> methodology.
Umm, it also has a set of rules which essentially make up the
SA "opinion".
/Per Jessen, Zürich
On Fri, 4 Dec 2009, rich...@buzzhost.co.uk wrote:
I disagree. I think a spam filter should do it's best to give a
reasonable weight to both whitelists and blacklists.
In which case how about including several other whitelists and not just
giving advantage to one?
SA also scores negatively for
On Fri, 4 Dec 2009, John Hardin wrote:
Both would have to be done any time a new address was added to the
mailing list. And there would have to be some watchdog ensuring the MSP
doesn't relax the policy over time.
Uh-huh. For a -4 in my mail filter? They oughta! :)
It's a great idea. The prob
On Fri, 4 Dec 2009, rich...@buzzhost.co.uk wrote:
. the default for a spam filter should not be to give
any weight to a white list unless the user modifies the config
themselves specifically. It can be seen to be suspicious and offering a
pecuniary advantage to those involved and using it.
On Fri, 4 Dec 2009, rich...@buzzhost.co.uk wrote:
Okay, let's be methodical. Let us indeed start with those.
Did anyone else get them?
No answer.
If, so, how did they score?
No answer.
If not, then why did only Richard get them?
No answer.
Point 1 - The Subject that was changed on the
I have been reading other threads about white list problems.
In the past week this college has been phished very successfully two times.
Each time the rules I added to increase the score of college specific
phishing email were counter balanced.
On Saturday night it was the white-list score from RC
On Fri, 2009-12-04 at 18:11 +0100, Per Jessen wrote:
> rich...@buzzhost.co.uk wrote:
>
> > This was raised as the IP appeared in HABEAS and for a few hours it
> > 'vanished' from the list. It's back there now, but DateTheUk is now
> > pumping out via an ip six decimal places up on the last octet.
Jason Bertoch wrote:
> Bowie Bailey wrote:
>> In this case, there are a few people complaining about the Habeas
>> rules, but just as many people who do not see any problems.
>>
> Silence does not necessarily mean assent. I disabled the Habeas rules
> long ago and therefore have no useful data
rich...@buzzhost.co.uk wrote:
> This was raised as the IP appeared in HABEAS and for a few hours it
> 'vanished' from the list. It's back there now, but DateTheUk is now
> pumping out via an ip six decimal places up on the last octet.
>
> 80.75.69.195 WHITELISTED:sa-accredit.habeas.c
Bowie Bailey wrote:
In this case, there are a few people complaining about the Habeas
rules, but just as many people who do not see any problems.
Silence does not necessarily mean assent. I disabled the Habeas rules
long ago and therefore have no useful data to add to the thread. If
speaki
John Hardin writes:
> On Fri, 4 Dec 2009, Charles Gregory wrote:
>
>> 2) Perform their OWN 'opt-in' mailout to that list.
>> "Hello, we at (company eg. Retunrpath) have contracted to operate a
>> mailng list on behalf of (client name). They have provided your
>> address as one t
On Fri, 2009-12-04 at 12:01 -0500, Bowie Bailey wrote:
> rich...@buzzhost.co.uk wrote:
> > That to one side, the default for a spam filter should not be to give
> > any weight to a white list unless the user modifies the config
> > themselves specifically. It can be seen to be suspicious and offeri
rich...@buzzhost.co.uk wrote:
> That to one side, the default for a spam filter should not be to give
> any weight to a white list unless the user modifies the config
> themselves specifically. It can be seen to be suspicious and offering a
> pecuniary advantage to those involved and using it.
>
On Fri, 4 Dec 2009, Charles Gregory wrote:
As soon as any whitelist service like 'returnpath' accepts a client, they
perform the following:
1) Review the client's address list - look for honeypot addresses.
If any are found, clearly the client has not vetted their list.
2) Perform their OW
On Fri, 2009-12-04 at 11:08 -0500, Charles Gregory wrote:
> All this debate about 'legitimate' mail services like 'returnpath'
> being abused by 'sneaky' spammers. How is that possible? There should be
> easy ways to prevent it. Here's a few ideas:
>
> As soon as any whitelist service like 'retur
jdow wrote:
Color me smartassed but I want numbers not accusations. Can the
rhetoric and in bland neutral terms describe what you see in terms of
numbers, possible business relations, however loose, and so forth.
Here's some numbers to play with:
~500K messages delivered daily (as in, passed o
On Fri, 2009-12-04 at 10:50 -0500, Charles Gregory wrote:
> On Fri, 4 Dec 2009, rich...@buzzhost.co.uk wrote:
> > Qualifies what, that I get UBE that is Habeas Accredited? Should I start
> > with the 40 from 'DateTheuk' in the last 8 days?
>
> Okay, let's be methodical. Let us indeed start with th
All this debate about 'legitimate' mail services like 'returnpath'
being abused by 'sneaky' spammers. How is that possible? There should be
easy ways to prevent it. Here's a few ideas:
As soon as any whitelist service like 'returnpath' accepts
a client, they perform the following:
1) Review
SA had a lot of trouble identifying this as spam. The IP
(174.139.37.196) is not yet listed in a lot of the DNSBLs. So it only
scored around a 1.0 on the spam meter.
http://pastebin.com/m1d0a75b7
It uses a block of foreign language spam at the end to get past some SA
checks. Such as HTML_I
I'm just changing the subject line because I find the previous subject
line to be extremely offensive and out of line.
-
As long as we have some spam filters which block some legitimate
confirmed opt-in senders (and/or legit organizations sending to their
unquestionable
On Fri, 4 Dec 2009, rich...@buzzhost.co.uk wrote:
Qualifies what, that I get UBE that is Habeas Accredited? Should I start
with the 40 from 'DateTheuk' in the last 8 days?
Okay, let's be methodical. Let us indeed start with those.
Did anyone else get them?
If, so, how did they score?
If not, t
On Fri, 4 Dec 2009, Yet Another Ninja wrote:
. 'just change the score' is not the correct answer.
the answer is totally correct.
No, it is not. No more than it is correct for a spammer to offer me a
(working) 'unsubscribe' link. I don't want to discover I've been letting
spam in the door
On Fri, Dec 4, 2009 at 14:04, rich...@buzzhost.co.uk wrote:
> On Fri, 2009-12-04 at 06:55 -0700, LuKreme wrote:
> > On 3-Dec-2009, at 23:06, R-Elists wrote:
> > > certainly we understand your point here, yet what about accountability
> for
> > > Return Path Inc (and other RPI companies) related r
LuKreme wrote:
> On 4-Dec-2009, at 01:18, jdow wrote:
>
>> With all the animosity on this issue I decided to give the HABEAS
>> rules a score, a negligible score to be sure, just to see what the
>> state of HABEAS is for me today.
>>
>> In the last four days - nothing either spam or ham.
>>
On Fri, 2009-12-04 at 06:55 -0700, LuKreme wrote:
> On 3-Dec-2009, at 23:06, R-Elists wrote:
> > certainly we understand your point here, yet what about accountability for
> > Return Path Inc (and other RPI companies) related rules in the default
> > Spamassassin configs?
>
>
> My position on HAB
On 4-Dec-2009, at 01:18, jdow wrote:
> With all the animosity on this issue I decided to give the HABEAS
> rules a score, a negligible score to be sure, just to see what the
> state of HABEAS is for me today.
>
> In the last four days - nothing either spam or ham.
I tend to see little clusters of
On 3-Dec-2009, at 23:06, R-Elists wrote:
> certainly we understand your point here, yet what about accountability for
> Return Path Inc (and other RPI companies) related rules in the default
> Spamassassin configs?
My position on HABEAS is well-know by anyone who cares (I score it +0.5 and
+2.0)
On Fri, 2009-12-04 at 11:28 +0100, Yet Another Ninja wrote:
> > The correct answer will be precisely why this state of affairs exists.
>
> - because developers think/have thought its a good idea.
>
> - because nobody other than you makes such a noise about it. And YOU who
> are so against, hav
On Fri, 2009-12-04 at 04:16 -0800, jdow wrote:
> From: "Yet Another Ninja"
> Sent: Friday, 2009/December/04 02:28
>
>
> > On 12/4/2009 10:57 AM, rich...@buzzhost.co.uk wrote:
> > > FINAL
> >> This is not a social club, it's a question and issues list for
> >> Spamassassin. My question and issue
Jason Carson wrote:
> Hello everyone,
>
> Is it necessary to clear the database...
>
> sa-learn --clear
>
> ...before I run the following to train SpamAssassin's bayesian classifier...
>
> sa-learn --spam /home/jason/.maildir/.Spam/cur/
>
>
No. That would be ill advised.
Running --clear deletes
Outlook Express spell checker, that is Procmail not your stupid
substitution however apt it might be.
{+_+}
- Original Message -
From: "jdow"
Sent: Friday, 2009/December/04 04:16
Heh, at this site procaine sits in front of SA. It has a few email
From: "Yet Another Ninja"
Sent: Friday, 2009/December/04 02:28
On 12/4/2009 10:57 AM, rich...@buzzhost.co.uk wrote:
> FINAL
This is not a social club, it's a question and issues list for
Spamassassin. My question and issue is why, by default, does
Spamassassin use the HABEAS white list, and
From:
Sent: Friday, 2009/December/04 01:57
On Fri, 2009-12-04 at 00:18 -0800, jdow wrote:
From: "LuKreme"
Sent: Thursday, 2009/December/03 20:55
> On Dec 3, 2009, at 13:43, "rich...@buzzhost.co.uk"
>
> > wrote:
>> On Thu, 2009-12-03 at 11:23 -0700, J.D. Falk wrote:
>>> On Dec 2, 2009, at
On 12/4/2009 10:57 AM, rich...@buzzhost.co.uk wrote:
> FINAL
This is not a social club, it's a question and issues list for
Spamassassin. My question and issue is why, by default, does
Spamassassin use the HABEAS white list, and why is it out of the box set
with a score to favour delivery of the
On Fri, 2009-12-04 at 00:18 -0800, jdow wrote:
> From: "LuKreme"
> Sent: Thursday, 2009/December/03 20:55
>
>
> > On Dec 3, 2009, at 13:43, "rich...@buzzhost.co.uk" > > wrote:
> >> On Thu, 2009-12-03 at 11:23 -0700, J.D. Falk wrote:
> >>> On Dec 2, 2009, at 12:59 AM, rich...@buzzhost.co.uk wrot
> Kris Deugau wrote:
>> (Please keep the discussion on-list.)
On 04.12.09 09:31, Edward Prendergast wrote:
> Sorry about that - just hit 'reply' without checking where the message
> was actually going.
you seem to use ThunderBird - there is "reply-to-list" extension available
for thunderbird th
Kris Deugau wrote:
(Please keep the discussion on-list.)
Sorry about that - just hit 'reply' without checking where the message
was actually going.
Edward Prendergast wrote:
Kris Deugau wrote:
Edward Prendergast wrote:
@@INSTALLSITELIB@@ /opt/perl5/lib/5.10.1/x86_64-linux
^^^
On 03.12.09 20:58, Jason Carson wrote:
> Is it necessary to clear the database...
>
> sa-learn --clear
>
> ...before I run the following to train SpamAssassin's bayesian classifier...
>
> sa-learn --spam /home/jason/.maildir/.Spam/cur/
no, and don't do that unless you believe your database is r
From: "LuKreme"
Sent: Thursday, 2009/December/03 20:55
On Dec 3, 2009, at 13:43, "rich...@buzzhost.co.uk" wrote:
On Thu, 2009-12-03 at 11:23 -0700, J.D. Falk wrote:
On Dec 2, 2009, at 12:59 AM, rich...@buzzhost.co.uk wrote:
Look, get a room. Or at least take this twisted courtship dance
60 matches
Mail list logo
