On Tue, June 18, 2013 4:36 pm, RW wrote:
> One thing to watch out for is that a mailbox may contain hidden deleted
> mail that remains there until the mail client compacts/expunges the
> mailbox. For that reason I prefer explicit training folders rather than
> folders where misclassified mails have
On Tue, 18 Jun 2013 13:13:56 -0600 (MDT)
Amir Caspi wrote:
> Well, I'm not really concerned about getting any header-related SA
> rules to hit, for these tests. As I mentioned previously, my primary
> concern right now is the disconnect between the Bayes score during
> the automatic MTA delivery
"Now I just have to figure out my Bayes problem..."
Amir, When you do work that out, please let us know. We get LOTS of Spam
getting through and John said that it is the BAYES_00 which is causing the
problem. Restarting training seems a bit extreme. We cannot monitor every
hosted user, obvious
On Tue, 2013-06-18 at 20:01 +0100, Martin Gregorie wrote:
> BTW, I just ran through 848 messages on this fairly average host (Lenovo
> R61i [Intel Core Duo at 1.6GHz, 3GB RAM) running Fedora 18. The first
> run averaged 1095 mS/message and the second averaged 96 mS/message, so I
> don't think John'
On Tue, June 18, 2013 1:01 pm, Martin Gregorie wrote:
> The main thing I notice is that there are only two Received: headers,
> and no envelope-From so IMO you're hoping for too much from the
> header-related SA rules simply because there's very little for SA to get
> its teeth into.
Well, I'm not
On Tue, 2013-06-18 at 11:18 -0600, Amir 'CG' Caspi wrote:
> At 8:58 AM -0400 06/18/2013, Ben Johnson wrote:
> >a.) You are copying/pasting the body of the email, but not the headers.
>
> No, I am copying the headers... however, I am using Eudora (ancient,
> I know) as a mail client, and it's poss
Replies to multiple folks below...
At 1:42 PM -0400 06/18/2013, Kris Deugau wrote:
Try opening the on-disk file with Notepad (or your favourite text editor
on *nix). If you see the same thing you see when you hit the "blah blah
blah" button in Eudora, you should be OK. If not...
I've done th
On 2013-06-13 18:49, John Hardin wrote:
On Thu, 13 Jun 2013, Alex wrote:
There's anecdotal reports that spammers focus on backup MX hosts in the
hopes they are less-well-protected. You might also try changing the MX
weighting and see if that causes the spam to concentrate on a
specific MX
hos
On 6/18/2013 1:18 PM, Amir 'CG' Caspi wrote:
> At 8:58 AM -0400 06/18/2013, Ben Johnson wrote:
>> a.) You are copying/pasting the body of the email, but not the headers.
>
> No, I am copying the headers... however, I am using Eudora (ancient, I
> know) as a mail client, and it's possible the hea
On Tue, 18 Jun 2013, Axb wrote:
On 06/18/2013 07:24 PM, John Hardin wrote:
On Tue, 18 Jun 2013, Amir 'CG' Caspi wrote:
> At 10:13 AM -0700 06/18/2013, John Hardin wrote:
> > On Mon, 17 Jun 2013, Amir 'CG' Caspi wrote:
> > > Any idea why it failed to hit, and does this need another rule
> >
On 06/18/2013 07:18 PM, Amir 'CG' Caspi wrote:
Either way, I am _trying_ to copy the entire message. Not sure what is
misformatted there. If you take a look at my two pasted examples (links
below for convenience), those are direct copy/paste from Eudora's "raw
source" view. Any idea what is ma
Amir 'CG' Caspi wrote:
> At 8:58 AM -0400 06/18/2013, Ben Johnson wrote:
>> a.) You are copying/pasting the body of the email, but not the headers.
>
> No, I am copying the headers... however, I am using Eudora (ancient, I
> know) as a mail client, and it's possible the headers are not properly
>
On 06/18/2013 07:24 PM, John Hardin wrote:
On Tue, 18 Jun 2013, Amir 'CG' Caspi wrote:
At 10:13 AM -0700 06/18/2013, John Hardin wrote:
On Mon, 17 Jun 2013, Amir 'CG' Caspi wrote:
> Any idea why it failed to hit, and does this need another rule
revision?
Yep, and yep. Revision committed. Init
At 10:24 AM -0700 06/18/2013, John Hardin wrote:
The earlier version wasn't allowing for some punctuation in the
gibberish. There may be a period of whack-a-mole here, I was
conservative in the change I made.
Makes sense. Both of those examples are good for creating an
HTML_COMMENT_GIBBERISH
On Tue, 18 Jun 2013, Amir 'CG' Caspi wrote:
At 10:13 AM -0700 06/18/2013, John Hardin wrote:
On Mon, 17 Jun 2013, Amir 'CG' Caspi wrote:
> Any idea why it failed to hit, and does this need another rule revision?
Yep, and yep. Revision committed. Initial comment gibberish rule committed.
Than
At 8:58 AM -0400 06/18/2013, Ben Johnson wrote:
a.) You are copying/pasting the body of the email, but not the headers.
No, I am copying the headers... however, I am using Eudora (ancient,
I know) as a mail client, and it's possible the headers are not
properly formatted. For example, for Sp
At 10:13 AM -0700 06/18/2013, John Hardin wrote:
On Mon, 17 Jun 2013, Amir 'CG' Caspi wrote:
Any idea why it failed to hit, and does this need another rule revision?
Yep, and yep. Revision committed. Initial comment gibberish rule committed.
Thanks for the revision. Do you want to explain w
On Mon, 17 Jun 2013, Amir 'CG' Caspi wrote:
At 10:48 AM -0700 06/17/2013, John Hardin wrote:
On Mon, 17 Jun 2013, Amir 'CG' Caspi wrote:
> I am now seeing STYLE_GIBBERISH hitting on a lot of spam in the past day
> or so, since the new rules hit the distribution. So far, all TPs, no
> FPs.
On 6/18/2013 5:31 AM, Amir 'CG' Caspi wrote:
> At 4:37 PM -0400 06/14/2013, Alex wrote:
>> On Fri, Jun 14, 2013 at 4:18 PM, Amir 'CG' Caspi
>> wrote:
>> > I wonder if there's some
>> > difference between running spamassassin manually on the message versus
>> > running spamd.
>>
>> I think the
At 4:37 PM -0400 06/14/2013, Alex wrote:
On Fri, Jun 14, 2013 at 4:18 PM, Amir 'CG' Caspi wrote:
> I wonder if there's some
> difference between running spamassassin manually on the message versus
> running spamd.
I think the only difference would be if spamd somehow didn't recognize
all the
20 matches
Mail list logo
