I ran some tests which indicate one may not have subsequent '-' after
'X-' in header lines:
given this "message":
X-SpamASN: AS3701 140.211.0.0/16
X-Spam-ASN: AS3701 140.211.0.0/16
body...
and those rules:
header _LOCAL_XAS1 X-SpamASN =~ /AS3701 /
de
Hi again,
I checked the rule now by inserting a line like
ASN: AS3701 140.211.0.0/16
in the test-msg, modified the asn-rule to
header TEST_AS3701 ASN =~ /^AS3701 /
describe TEST_AS3701Sender IP in AS from friendly SA user
score TEST_AS3701 -0.1
tested, and ...
X-Spam-Status: No
Karsten Bräckelmann wrote:
Frank Gadegast skrev den 2013-04-24 16:45:
header LOCAL_AS6697 X-Spam-ASN =~ / AS6697 /
The ASN plugin documentation [1] shows the AS number at the beginning of
the header's value. The leading space prevents your header rule from
matching, and should instead eve
Well,
in the bayes case, the table is bayes_token and indeed
Mail::SpamAssassin::BayesStore::SQL is INSERTING into the table via
_put_tokens().
my $insertsql = "INSERT INTO bayes_token
(id, token, spam_count, ham_count, atime)
VALUES (?,?,?,?,?)";
so,
Karsten Bräckelmann skrev den 2013-04-25 01:04:
space needs to be excaped, [...]
Just... No.
okay no, always good to have more then one input to be sure
--
senders that put my email into body content will deliver it to my own
trashcan, so if you like to get reply, dont do it
On Thu, 2013-04-25 at 01:04 +0200, /me fat-fingered:
> > > header LOCAL_AS6697 X-Spam-ASN =~ / AS6697 /
>
> The ASN plugin documentation [1] shows the AS number at the beginning of
> the header's value. The leading space prevents your header rule from
> matching,
and the RE should instead ev
> Frank Gadegast skrev den 2013-04-24 16:45:
>
> > header LOCAL_AS6697 X-Spam-ASN =~ / AS6697 /
The ASN plugin documentation [1] shows the AS number at the beginning of
the header's value. The leading space prevents your header rule from
matching, and should instead even anchor the RE at the
On Thu, 25 Apr 2013, Benny Pedersen wrote:
Frank Gadegast skrev den 2013-04-24 16:45:
header LOCAL_AS6697 X-Spam-ASN =~ / AS6697 /
/\ AS6697\ /
or /\bAS6697\b/
--
John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
jhar...@impsec.orgFALaholic #11174 pgpk -
Frank Gadegast skrev den 2013-04-24 16:45:
header LOCAL_AS6697 X-Spam-ASN =~ / AS6697 /
/\ AS6697\ /
space needs to be excaped, does it match ?
spamassassin 2>&1 -D -t msg | grep LOCAL_ | less
describe LOCAL_AS6697 Sender IP in AS-block from BELBAK.BY
score LOCAL_AS6697 9.0
--
On 4/24/2013 2:42 PM, psychobyte wrote:
> Hi,
>
> I've noticed that SA is getting a lot of "Duplicate entry" errors for
> AWL and bayes plugins. I can verify that the sql schema is up to date
> for SA 3.3.1-r4 and I've tried retraining the bayes db. Any hints on how
> to troubleshoot this?
>
>
On 04/24/2013 08:16 PM, Andrew Talbot wrote:
As far as Bayes, don't get me started! :) I work for an Email Service
Provider and about 2 million messages go through our servers every day, so
we have Bayes turned off because it would be too computationally expensive.
I wish we could turn it on - i
On Wed, 24 Apr 2013, Andrew Talbot wrote:
Hi again, John -
It's a good idea to add the realtime rules to the beginning of the filter. I
didn't realize that would have such an impact.
It will have *some* impact. How much will depend on how many alternates
and how complex they are. It might al
On Wed, 2013-04-24 at 12:32 -0400, Andrew Talbot wrote:
> I have my customized deployment split up into a bunch of separate CF
> files (by category) and I have those further split up into rules based
> on score.
>
I also use very long rules, mainly due to spamiferous mailing lists,
because all the
Hi,
I've noticed that SA is getting a lot of "Duplicate entry" errors for
AWL and bayes plugins. I can verify that the sql schema is up to date
for SA 3.3.1-r4 and I've tried retraining the bayes db. Any hints on how
to troubleshoot this?
AWL:
Apr 24 11:31:57 mserv amavisd[24336]: (24336-05
Hi again, John -
It's a good idea to add the realtime rules to the beginning of the filter. I
didn't realize that would have such an impact. And the (?=x) tip is a good
one too; thank you for that.
As far as Bayes, don't get me started! :) I work for an Email Service
Provider and about 2 million
On Wed, 24 Apr 2013, Andrew Talbot wrote:
John,
Thanks for your prompt response!
A lot of the rules are big jumbles of rules we are generating in real time
and adding to as things come in. Like I said in my original question, we
have them separated into separate cf files by category, and withi
John,
Thanks for your prompt response!
A lot of the rules are big jumbles of rules we are generating in real time
and adding to as things come in. Like I said in my original question, we
have them separated into separate cf files by category, and within those cf
files they are separated by score
On 4/24/2013 12:12 PM, hospice admin wrote:
> Hi,
>
> we're having problems with an outfit called 'Bite Sized Seminars' in the
> UK, who seem to be sending mail out through another company called
> 'Communicado'. A quick google suggests we aren't the only ones.
>
> We have developed a number of
On Wed, 24 Apr 2013, Andrew Talbot wrote:
Hey, all -
I have my customized deployment split up into a bunch of separate CF files
(by category) and I have those further split up into rules based on score.
So, I have a bunch of stuff like:
header RULE_1 Subject =~ /\b(this|that|theother|blah|bla
On Wed, 2013-04-24 at 17:12 +0100, hospice admin wrote:
> we're having problems with an outfit called 'Bite Sized Seminars' in
> the UK, who seem to be sending mail out through another company called
> 'Communicado'. A quick google suggests we aren't the only ones.
>
> We have developed a number o
Hey, all -
I have my customized deployment split up into a bunch of separate CF files
(by category) and I have those further split up into rules based on score.
So, I have a bunch of stuff like:
header RULE_1 Subject =~ /\b(this|that|theother|blah|blah)/i
score RULE_1 1
describe RULE_
On 04/24/2013 06:12 PM, hospice admin wrote:
Hi,
we're having problems with an outfit called 'Bite Sized Seminars' in the UK,
who seem to be sending mail out through another company called 'Communicado'. A
quick google suggests we aren't the only ones.
We have developed a number of rules that i
Hi,
we're having problems with an outfit called 'Bite Sized Seminars' in the UK,
who seem to be sending mail out through another company called 'Communicado'. A
quick google suggests we aren't the only ones.
We have developed a number of rules that identify their mail by looking for
their phone
Hi all,
I like to set extra score on mail coming from some ASns
using the asn.pm
Lets say I like to reject all mail from BELPAK.BY I wrote
header LOCAL_AS6697 X-Spam-ASN =~ / AS6697 /
describe LOCAL_AS6697 Sender IP in AS-block from BELBAK.BY
score LOCAL_AS6697 9.0
but the X-Spam-A
24 matches
Mail list logo
