Julian Yap wrote:
> I'm running SpamAssassin 3.3.2 port revision 6 (latest from FreeBSD
> ports) on FreeBSD 8.2-RELEASE 64-bit.
>
> I recently upgraded my Perl from 5.10 to 5.14 but I needed to
> downgrade because SpamAssassin was crashing on a daily basis. See
> bug:
> https://issues.apache.org/
On 4/10/2012 10:50 PM, Julian Yap wrote:
> Hmm, thanks for the info. It certainly explains things. Yeah,
> SpamAssassin previously used to blaze through mail scans (everything
> scanned in less than 3 seconds) on the same hardware. It's annoying
> that Perl is getting slower over time and there's
On Tue, Apr 10, 2012 at 4:28 PM, Michael Parker wrote:
> On Apr 10, 2012, at 4:12 PM, Julian Yap wrote:
>
>> I'm running SpamAssassin 3.3.2 port revision 6 (latest from FreeBSD
>> ports) on FreeBSD 8.2-RELEASE 64-bit.
>>
>> I recently upgraded my Perl from 5.10 to 5.14 but I needed to
>> downgrade
On Apr 10, 2012, at 4:12 PM, Julian Yap wrote:
> I'm running SpamAssassin 3.3.2 port revision 6 (latest from FreeBSD
> ports) on FreeBSD 8.2-RELEASE 64-bit.
>
> I recently upgraded my Perl from 5.10 to 5.14 but I needed to
> downgrade because SpamAssassin was crashing on a daily basis. See
> bu
p5-Mail-SpamAssassin-3.3.2_6.
--
Michael Scheidell, CTO
>|SECNAP Network Security
-Original message-
From: Julian Yap
To: Michael Scheidell
Cc: "users@spamassassin.apache.org"
Sent: Wed, Apr 11, 2012 00:35:04 GMT+00:00
Subject: Re: New versions of Perl are slower
On Tue, Apr 10, 201
On Tue, Apr 10, 2012 at 12:49 PM, Michael Scheidell
wrote:
> On 4/10/12 5:12 PM, Julian Yap wrote:
>> I'm running SpamAssassin 3.3.2 port revision 6 (latest from FreeBSD
>> ports) on FreeBSD 8.2-RELEASE 64-bit.
>>
>> I recently upgraded my Perl from 5.10 to 5.14 but I needed to
>> downgrade becaus
On 4/10/2012 6:29 PM, RW wrote:
> On Tue, 10 Apr 2012 17:58:51 -0400
> Rob McEwen wrote:
>> Meanwhile, the snowshoe spammer's DNS server happens to be messed up,
>> overloaded, and returns answers within about 4 seconds.
> But unless I'm misunderstanding, the NS lookups would be done on the
> TLDs
On 4/10/12 5:12 PM, Julian Yap wrote:
I'm running SpamAssassin 3.3.2 port revision 6 (latest from FreeBSD
ports) on FreeBSD 8.2-RELEASE 64-bit.
I recently upgraded my Perl from 5.10 to 5.14 but I needed to
downgrade because SpamAssassin was crashing on a daily basis. See
bug:
https://issues.apa
On Tue, 10 Apr 2012 17:58:51 -0400
Rob McEwen wrote:
> Meanwhile, the snowshoe spammer's DNS server happens to be messed up,
> overloaded, and returns answers within about 4 seconds.
But unless I'm misunderstanding, the NS lookups would be done on the
TLDs nameservers, rather than the spammer's
On 4/10/2012 3:16 PM, Axb wrote:
> On 04/10/2012 08:07 PM, Rob McEwen wrote:
>
>> (b) If anyone programs this idea into SA, or anywhere else, then
>> this should be a separate step AFTER regular URI checkinggiving
>> the message a chance to "short circuit" out of processing if it
I'm using a combination of Ubuntu and Debian servers for scanning email
with spamc/spamd. I'm running the following version:
spamd -V
SpamAssassin Server version 3.3.1
running on Perl 5.10.1
with SSL support (IO::Socket::SSL 1.33)
with zlib support (Compress::Zlib 2.02)
I've been noticing
I'm running SpamAssassin 3.3.2 port revision 6 (latest from FreeBSD
ports) on FreeBSD 8.2-RELEASE 64-bit.
I recently upgraded my Perl from 5.10 to 5.14 but I needed to
downgrade because SpamAssassin was crashing on a daily basis. See
bug:
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=674
On 04/10/2012 10:59 PM, Kevin A. McGrail wrote:
On 4/10/2012 4:31 PM, McGranahan, Jamen wrote:
Sorry for the newbie question here, but are there any test messages we
can use to verify our spamassassin installation is working correctly?
I installed the most current stable version just today on a
On 4/10/2012 4:31 PM, McGranahan, Jamen wrote:
Sorry for the newbie question here, but are there any test messages we
can use to verify our spamassassin installation is working correctly?
I installed the most current stable version just today on a RedHat 5
box and updated it, but would like
Sorry for the newbie question here, but are there any test messages we can use
to verify our spamassassin installation is working correctly? I installed the
most current stable version just today on a RedHat 5 box and updated it, but
would like to test it to verify it is working correctly. Is t
On 04/10/2012 08:07 PM, Rob McEwen wrote:
(b) If anyone programs this idea into SA, or anywhere else, then
this should be a separate step AFTER regular URI checkinggiving
the message a chance to "short circuit" out of processing if it
already scored high enough after URI
Are these options to sa-learn deprecated?
On Tue, 10 Apr 2012, Thomas Johnson wrote:
On Tue, Apr 10, 2012 at 7:08 AM, Bowie Bailey wrote:
That sounds like it might be good rule-fodder. "subject", "Subject",
and "SUBJECT" are possibly valid, but the other funky capitalizations
might be worth a few points.
And how would one write a r
On 4/10/2012 11:42 AM, Thomas Johnson wrote:
> Any other ideas on these pill spams? What are they scoring for anyone else?
Hi. I've been following this thread. Here are some (random) thoughts &
suggestions:
(1) In some of those examples Thomas provided, at least one of the
assigned name servers
On Mon, Apr 9, 2012 at 3:33 PM, Alex wrote:
> +1 for these. I've seen a ton of these, and the only protection I have
> is a local URIBL I've built for the many new domains that haven't yet
> been added to the public URIBLs.
>
> Yours don't have any spamassassin/amavisd headers. How are you process
On Tue, Apr 10, 2012 at 7:08 AM, Bowie Bailey wrote:
> That sounds like it might be good rule-fodder. "subject", "Subject",
> and "SUBJECT" are possibly valid, but the other funky capitalizations
> might be worth a few points.
And how would one write a rule for that? It's not a header rule tha
On Tue, 2012-04-10 at 15:11 +0100, corpus.defero wrote:
> Good afternoon,
>
> I have this hit:
> 0.4 INVALID_DATE Invalid Date: header (not RFC 2822)
>
> Catching on:
> Date: Tue, 10 Apr 12 11:36:40 +0200
>
> Which in turn is produced by this line off PHP code:
> $headers .= "Date: ".d
Good afternoon,
I have this hit:
0.4 INVALID_DATE Invalid Date: header (not RFC 2822)
Catching on:
Date: Tue, 10 Apr 12 11:36:40 +0200
Which in turn is produced by this line off PHP code:
$headers .= "Date: ".date(DATE_RFC822)."\n";
Unless I've gone made, the issue is the year being 2
On 4/9/2012 5:39 PM, Thomas Johnson wrote:
> Getting a bunch of these, and I'm getting very low scores, using the
> latest spamassassin rules, and the most common third-party rulesets.
>
> Also using spamhaus, investment and other DNSBLs, but my users seem to
> be getting these before the urls are
Den 2012-04-10 11:14, Tom Kinghorn skrev:
if the 1st 2 conditions are met, then score 0.01 (RULE 1) BUT if the
3 conditions are met, then score 0.25 (RULE 2) AND NOT 0.01 (RULE 1)
Is this possible?
add "&& !__HEADER_PVT_1" to meta BODY_RULE
On Tue, 10 Apr 2012 11:14:19 +0200
Tom Kinghorn wrote:
> Morning list
>
> I was wondering if it is possible to achieve the following:
>
> create a meta rule to match 2 items.
> assign a score to the test
> BUT if a 3rd item is matched, ignore the first score and assign the
> higher score
Just m
On 04/10/2012 12:00 PM, joea wrote:
Aside - I originally sent this last evening, it was rejected to the subject
line. Let's hope this one is acceptable.
I get a few of those emails with zip attachments, slipping thru. Scanner, Airline
tickets, etc. I guess these are "malware" rather tha
Aside - I originally sent this last evening, it was rejected to the subject
line. Let's hope this one is acceptable.
>>
I get a few of those emails with zip attachments, slipping thru. Scanner,
Airline tickets, etc. I guess these are "malware" rather than SPAM, so I began
looking at amavis.
I don't think you can ignore any rule. So I want to suggest workaround : If
both rules will be applied, final score will be 0.26 (RULE 1 + RULE 2). If
you don't want the score 0.26, you should change the score of RULE 2 to
0.24 so that your final score will remain 0.25.
-Swati R
On Tue, Apr 10, 2
Morning list
I was wondering if it is possible to achieve the following:
create a meta rule to match 2 items.
assign a score to the test
BUT if a 3rd item is matched, ignore the first score and
assign the higher score
30 matches
Mail list logo
