Hi,
>> Well, what's the missing 120 MB? The journal? Do a complete sync and
>> then delete it.
>
> Probably the signatures in bayes_seen - there's no mechanism for ageing
> them out.
And I assume that isn't a problem then?
>> "too big" is not an absolute figure. If you store 1-occurence tokens
>
On Mon, 29 Mar 2010, Brent Kennedy wrote:
Ya know, this got me thinking. Wonder if I could create a VM with all the
settings and a script to customize the setup. Then organizations could just
deploy the VM. Sort of an all in one deployment. Just update the VM
template every now and then. Ah
On 3/29/2010 11:40 AM, Kaleb Hosie wrote:
> I'm having a problem with the trusted_networks option. Right now I have it
> set to:
>
> trusted_networks 10.0.1/24
>
> In postfix, I need to have spamassassin listed under
> "smtpd_recipient_restrictions" so that it will only scan incoming emails
> ho
Graylisting does work. We have been using SQLGrey
(http://sqlgrey.sourceforge.net/) for three years now. The minute I turned
it on, spam to my junk email folder(what SA used to catch) dropped by 90%.
SQLGrey sits at the MTA level, so it hits the sender when they connect and
before they actually s
On 2010-03-30 00:12, John Hardin wrote:
While greylisting will help, it won't spank the offender in that manner.
It will postpone the message very early in the SMTP exchange, not after
the body has been received.
Unless the greylisting is done *after* receiving the body. Of course,
this will
> We've got plenty of time, but I suggest not waiting until it becomes a
> big problem before desperately rushing to fix it :)
Depends on how one defines where a problem starts to become 'big'.
For me the problem of large messages was big enough early last year so
that I had to implement a so
On Mon, 29 Mar 2010, Brent Kennedy wrote:
My suggestion would be to use graylisting, force them to send that 1MB
message twice.
While greylisting will help, it won't spank the offender in that manner.
It will postpone the message very early in the SMTP exchange, not after
the body has been r
On Mon, 2010-03-29 at 23:01 +0200, Mathias Homann wrote:
> I think it has, I get about 2-5 mega spams per day by now.
> and I can't do greylisting because I have to fetchmail from a central
> mail server at my hoster that is not under my direct control.
> And no, moving from a vhost to a root ser
On Mon, 2010-03-29 at 16:57 -0400, Charles Gregory wrote:
> The spams I've seen so far look more 'amateur' than 'pro'. Easily tracable
> IP's. Blacklistable domains. I'm just throwing my idea into the queue now
> so that it can be smoothly integrated with a future release. We've got
> plenty of
Am Montag 29 März 2010 schrieb Karsten Bräckelmann:
> On Mon, 2010-03-29 at 16:23 -0400, Brent Kennedy wrote:
> > Wow, I knew this was coming at some point. I just figured it was
> > too expensive.
>
> You did read the entire thread, right? :) There's nothing new
> about this. Moreover, this sti
On Mon, 29 Mar 2010, Karsten Bräckelmann wrote:
You did read the entire thread, right? :) There's nothing new about
this. Moreover, this still is a rare occurrence. Note even Charles, who
started this thread, claims to have received *one* such spam. And it
appears to be his first. ;)
Last Sept
On Mon, 2010-03-29 at 16:05 -0400, Jason Bertoch wrote:
> > Btw, the three rules JM_SOUGHT_FRAUD_{1,2,3} have a score of zero
> > as per Justin's request (Bug 6155 c 38, c72, c89, c124).
> > Not sure if people using the channel realize that scores
> > need to be bumped up. Btw, I prefer to avoid t
On Mon, 2010-03-29 at 16:23 -0400, Brent Kennedy wrote:
> Wow, I knew this was coming at some point. I just figured it was too
> expensive.
You did read the entire thread, right? :) There's nothing new about
this. Moreover, this still is a rare occurrence. Note even Charles, who
started this t
Wow, I knew this was coming at some point. I just figured it was too
expensive.
My suggestion would be to use graylisting, force them to send that 1MB
message twice. Course zombie bots don't do that generally, so you would
never even have to deal with it. You could also use the botnet plug-in
On 2010/02/01 10:30 AM, Mark Martinec wrote:
Update returned sought rules 1/31/2010.
Actually back since Jan 6. :) Re-viewed about 1k fraud spam the
following days, for the Sought Fraud sub-set.
Btw, the three rules JM_SOUGHT_FRAUD_{1,2,3} have a score of zero
as per Justin's request (Bug 61
On Mon, 2010-03-29 at 13:52 -0400, Jason Bertoch wrote:
> I recently received a FP report on an e-mail that hit on, among other
> things, FREEMAIL_ENVFROM_END_DIGIT. This rule has a score of 1.6, which
> seems maybe a little high. Henrik mentioned the same thing in comment
> 185 [1] of Bug 615
On 3/29/10 1:52 PM, Jason Bertoch wrote:
I recently received a FP report on an e-mail that hit on, among other
things, FREEMAIL_ENVFROM_END_DIGIT. This rule has a score of 1.6,
which seems maybe a little high. Henrik mentioned the same thing in
comment 185 [1] of Bug 6155 which is closed as r
Philipp,
> why does
>
> spamc[28825]: [ID 702911 mail.error] skipped message, greater than max
> message size (512000 bytes)
>
> have to be log level error?
>
> Instead of error would "warn" not be enough?
That was fixed in 3.3.0:
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5325
Hi
why does
spamc[28825]: [ID 702911 mail.error] skipped message, greater than max
message size (512000 bytes)
have to be log level error?
Instead of error would "warn" not be enough?
thanks,
Philipp
I recently received a FP report on an e-mail that hit on, among other
things, FREEMAIL_ENVFROM_END_DIGIT. This rule has a score of 1.6, which
seems maybe a little high. Henrik mentioned the same thing in comment
185 [1] of Bug 6155 which is closed as resolved/fixed. The assumption
was that t
Aw, is that shouting really necessary? Oh, yes, it is indeed -- you are
trying to get heard over on the dev list, so you need to be quite loud
from here... ;)
The dev list is what you want.
On Mon, 2010-03-29 at 13:09 -0400, Charles Gregory wrote:
> Literally, Mega-Spam. I just got a spam with
On 3/29/10 1:09 PM, Charles Gregory wrote:
Literally, Mega-Spam. I just got a spam with 1MB of images.
My suggestion has been made before, but I would like to ask that it
now be taken a bit more seriously. SA needs an option to allow efficient
'partial' scanning of large e-mails, so that, fo
Literally, Mega-Spam. I just got a spam with 1MB of images.
My suggestion has been made before, but I would like to ask that it now
be taken a bit more seriously. SA needs an option to allow efficient
'partial' scanning of large e-mails, so that, for example, we can
peform all the valuable hea
> On 29.3.2010 18:40, Kaleb Hosie wrote:
> > I'm having a problem with the trusted_networks option.
> Right now I have it set to:
> >
> > trusted_networks 10.0.1/24
> >
> > In postfix, I need to have spamassassin listed under
> "smtpd_recipient_restrictions" so that it will only scan
> incoming ema
On Mon, 2010-03-29 at 11:40 -0400, Kaleb Hosie wrote:
> I'm having a problem with the trusted_networks option. Right now I have
> it set to:
>
> trusted_networks 10.0.1/24
> When I try to use this option; I login through telnet port 25, and send
> the test spam string (from the 10.0.1.0 subnet) i
On 29.3.2010 18:40, Kaleb Hosie wrote:
> I'm having a problem with the trusted_networks option. Right now I have it
> set to:
>
> trusted_networks 10.0.1/24
>
> In postfix, I need to have spamassassin listed under
> "smtpd_recipient_restrictions" so that it will only scan incoming emails
> how
I'm having a problem with the trusted_networks option. Right now I have it set
to:
trusted_networks 10.0.1/24
In postfix, I need to have spamassassin listed under
"smtpd_recipient_restrictions" so that it will only scan incoming emails
however it would be handy to get this option working if at
On Mon, 29 Mar 2010 13:03:59 +0200
Kai Schaetzl wrote:
> Alex wrote on Sun, 28 Mar 2010 13:38:25 -0400:
>
> > I have a bayes db that's about 160MB with a 40MB token db on a
> > system with about 100k messages per day.
>
> Well, what's the missing 120 MB? The journal? Do a complete sync and
> th
Alex wrote on Sun, 28 Mar 2010 13:38:25 -0400:
> I have a bayes db that's about 160MB with a 40MB token db on a system
> with about 100k messages per day.
Well, what's the missing 120 MB? The journal? Do a complete sync and then
delete it.
I've just raised the max_db_size set
> to 1.1M tokens (
29 matches
Mail list logo
