On 05/26/2010 07:32 PM, John Hardin wrote:
> On Wed, 26 May 2010, Karsten Br�ckelmann wrote:
>
>> The correct answer to both these statements is -- because it is in the
>> mirrors list. ;)
>>
>> $ lynx -dump http://yerp.org/rules/MIRRORED.BY
>> http://yerp.org:8080/rules/stage/ weight=10
>> http:/
On Wed, 26 May 2010, Karsten Br?ckelmann wrote:
The correct answer to both these statements is -- because it is in the
mirrors list. ;)
$ lynx -dump http://yerp.org/rules/MIRRORED.BY
http://yerp.org:8080/rules/stage/ weight=10
http://yerp.org/rules/stage/
...a botched attempt to set up Coral
On Wed 26 May 2010 07:39:53 PM CEST, RW wrote
# save rule as 99_local_bugs_331.cf
# SA = 3.3.1
if (version == 3.003001)
uri __PROTOCOL_OK m{^https?://\w+}
meta PROTOCOL_FIX (!__PROTOCOL_OK)
describe PROTOCOL_FIX protocol in uri is not lowercase
score PROTOCOL_FIX 5.0
endif #
Hello List Folks,
I have used procmail in the past to move mail to a spam file on the
server but I am wondering if there is another way.
I found
http://wiki.apache.org/spamassassin/IntegratedSpamdInPostfix?action=fullsearch&context=180&value=move+spam+to+folder&titlesearch=Titles
and used
On Wed, 2010-05-26 at 11:14 -0700, R-Elists wrote:
> > Yes, it is a known issue. Fixed in SVN already, and will be
> > shipped with the next release 3.3.2.
>
> when will 3.3.2 be pushed out?
We're gearing up towards a release. See the dev list. ;)
--
char *t="\10pse\0r\0dtu...@ghno\x4e\xc8\x7
>
> Yes, it is a known issue. Fixed in SVN already, and will be
> shipped with the next release 3.3.2.
>
>
when will 3.3.2 be pushed out?
- rh
On 05/26/2010 05:29 PM, Karsten Bräckelmann wrote:
Also, these Hotmail injected footers always use long-ish URIs with a
path, no? In that case, a meta with __URI_NO_PATH could help. Something
like this.
uri __URI_NO_PATH m~^https?://[^/]+/?$~
That's possibly a good idea. I was thinking
> From: Jason Bertoch [mailto:ja...@i6ix.com]
> Sent: Wednesday, May 26, 2010 3:34 PM
> On 2010/05/25 7:02 PM, Karsten Bräckelmann wrote:
> > On Wed, 2010-05-26 at 10:35 +1200, Jason Haar wrote:
> >
> > Not as far as ok_locales and the respective CHARSET_FARAWAY rules are
> > concerned, IIRC. They
On Tue, 25 May 2010 22:01:12 +0200
Benny Pedersen wrote:
> On Tue 25 May 2010 08:38:29 PM CEST, Karsten Bräckelmann wrote
>
> > On Tue, 2010-05-25 at 14:20 +0200, Benny Pedersen wrote:
> >> i see spam mails that using Http://example.com
> >
> > Yes, it is a known issue. Fixed in SVN already, and
On Wed, 2010-05-26 at 11:22 -0600, Philip Prindeville wrote:
> On 5/26/10 11:06 AM, Mikael Syska wrote:
> > > Anyone else seeing the following in their cron logs:
> > >
> > > http: GEThttp://yerp.org:8080/rules/stage/330948267.tar.gz request
> > > failed:
> > > 500 Can't connect to yerp.org:808
On 5/26/10 11:06 AM, Mikael Syska wrote:
Hi,
On Wed, May 26, 2010 at 6:59 PM, Philip Prindeville
wrote:
Anyone else seeing the following in their cron logs:
http: GEThttp://yerp.org:8080/rules/stage/330948267.tar.gz request failed:
500 Can't connect to yerp.org:8080 (connect: Connection
Hi,
On Wed, May 26, 2010 at 6:59 PM, Philip Prindeville
wrote:
> Anyone else seeing the following in their cron logs:
>
> http: GEThttp://yerp.org:8080/rules/stage/330948267.tar.gz request failed:
> 500 Can't connect to yerp.org:8080 (connect: Connection refused): 500 Can't
> connect to yerp.org
> > I see quite a few of these from hotmail orginating from China.
> X-Originating-IP: [123.161.74.4]
>
> is listed in Spamhaus (SPL) and I deep parse headers so I got a hit on this.
Unlike PBL and XBL, Spamhaus SBL is safe for deep-parsing. Which SA does
for this part (only) of ZEN.
> Unfortun
On 05/26/2010 09:33 PM, Lennart Johansson wrote:
My first post, please don't kill me for doing some things wrong.
I see quite a few of these from hotmail orginating from China.
http://pastebin.com/q308E7ZG
SA score:
Score Matching Rule Descriptioncached not
result=0.002
Is there any way to take a domain listed with util_rb_2tld, and
"un-2tld" it (similar to how you can unwhitelist stock whitelist entries
if they don't work well with your mail)?
I recently came across a "free-subsite" domain that seems to be part of
a cluster of **very** similar sites which I'
On Wed, 2010-05-26 at 16:05 +0200, Jan-Kaspar Münnich wrote:
> Setup: Postfix 2.7.0 with spampd proxy.
>
> Postfix seems to just don't send these mails to the proxy, without any
> warning in the logs.
If, as you say, SA never gets these messages for scanning, it cannot be
a problem with SA or its
Benny Pedersen wrote:
> On Tue 25 May 2010 10:01:12 PM CEST, Benny Pedersen wrote
>
>> # save rule as 99_local_bugs_331.cf
>> # SA = 3.3.1
>> if (version == 3.003001)
>> uri __PROTOCOL_OK m{^https?://\w+}
>> meta PROTOCOL_FIX (!__PROTOCOL_OK)
>> describe PROTOCOL_FIX protocol in uri is
Hello,
for the first time two weeks ago I received a kind of spam that SA doesn't
check at all. Similar ist always the URL one-liner and a faked yahoo.com
sender. If manually checked by SA, it gets score >40:
http://pastebin.com/4arTzeRu
Setup: Postfix 2.7.0 with spampd proxy.
Postfix seems t
On 2010/05/25 7:02 PM, Karsten Bräckelmann wrote:
On Wed, 2010-05-26 at 10:35 +1200, Jason Haar wrote:
Not as far as ok_locales and the respective CHARSET_FARAWAY rules are
concerned, IIRC. They have been written long ago to trigger on the
char-sets used. They don't detect the char-set based on
On Tue 25 May 2010 10:01:12 PM CEST, Benny Pedersen wrote
# save rule as 99_local_bugs_331.cf
# SA = 3.3.1
if (version == 3.003001)
uri __PROTOCOL_OK m{^https?://\w+}
meta PROTOCOL_FIX (!__PROTOCOL_OK)
describe PROTOCOL_FIX protocol in uri is not lowercase
score PROTOCOL_FIX 5.0
20 matches
Mail list logo
