Where is the configuration parameter that governs where bayes_toks is
stored for global use (not per user)? I am on an AWS Linux EC2
environment. I've seen comments on the net that say it's in
/.spamassassin and other comments that say it's in /root/.spamassassin.
But I've tried copying my p
Are you using or able to use 3.4.3-rc6 because there is a new feature
for this that you can implement called subjprefix that can mark external
emails with External in the subject. Depends on your usage.
On 11/21/2019 1:24 PM, Dave Goodrich wrote:
> Good day,
>
> I know I will incur some wrath for
On 2019-11-22 01:00, Martin Gregorie wrote:
describe SPOOFED_MAYOR Check for spoofed mail from the Mayor
header __SM1 From:name =~ /^John M Mayor$/
header __SM2 From:addr =~ /^john\@cityhall\.com$/
meta SPOOFED_MAYOR (__SM1 && ! __SM2) || ! _SM1
scoreSPOOFED_MAYOR 5.0
On Thu, 2019-11-21 at 14:22 -0700, Grant Taylor wrote:
> I like the logic.
>
> Unfortunately, you need to be very careful as you start to run into
> all the text permutations / homograph attacks.
>
Fair comment. What you saw was hacked together to show the principle,
but not tested.
Here's a te
On Thu, 2019-11-21 at 14:22 -0700, Grant Taylor wrote:
> On 11/21/19 12:14 PM, Martin Gregorie wrote:
> > describe SPOOFED_MAYOR Check for spoofed mail from the Mayor
> > header __SM1 From:name /display name/
> > header __SM2 From:addr /email address/
> > meta SPOOFED_MAYO
On Thu, 21 Nov 2019 11:12:47 -0800
Alan Hodgson wrote:
> Make sure your real mail streams are authenticated with DKIM and
> you're setup to use the whitelist_from_dkim rule; which I believe
> requires the header added by opendkim on received mail.
It doesn't.
On Thu, 21 Nov 2019 20:51:38 +
Riccardo Alfieri wrote:
> On 21/11/19 19:02, Jerry Malcolm wrote:
>
> >
> > X-SpamAssassin_109: Content preview: Just to Say
> > Hellohttp://www.eyestrongpro.icu/l/lt172P21166EE1247K/1884YQ6160P10097IT163UE64992145HF620698297
> > X-SpamAssassin_110:Unsubscr
On 11/21/19 12:14 PM, Martin Gregorie wrote:
describe SPOOFED_MAYOR Check for spoofed mail from the Mayor
header __SM1 From:name /display name/
header __SM2 From:addr /email address/
meta SPOOFED_MAYOR
(__VM1 && ! __VM2)
scoreSPOOFED_MAYOR 5.0
I like the logic.
Un
On 21/11/19 22:02, Benny Pedersen wrote:
thats why is say not using spamassassin, spamassassin add headers that
begin with X-Spam
I think he is calling spamc, that connects to spamd, that by default in
many distributions starts with "--local" (never understood why)
Headers are probably ad
On Thu, 2019-11-21 at 13:56 -0600, Jerry Malcolm wrote:
> I just want to know if everyone who installs SA is expected to go in
> and modify all of the rule scores in order to get more that 1-2%
> effectiveness of SA? I can't believe that is the case. Is there
> really not a single rule that come
Riccardo Alfieri skrev den 2019-11-21 21:51:
Check here for hints:
https://cwiki.apache.org/confluence/display/spamassassin/UsingNetworkTests
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
localhost.junc.eu
X-Spam-Status: Yes, score=6.8, required=5.0, Autolearn=no
autolearn_force
Jerry Malcolm skrev den 2019-11-21 21:31:
I'm not sure what you mean by not using SpamAssassin, rather a glue
(??). I am calling SA from Apache JAMES. I'm simply adding the SA
results as headers in the email I'm not doing anything that would
affect the score of an email.
mailling list need m
On 21/11/19 19:02, Jerry Malcolm wrote:
X-SpamAssassin_109: Content preview: Just to Say
Hellohttp://www.eyestrongpro.icu/l/lt172P21166EE1247K/1884YQ6160P10097IT163UE64992145HF620698297
X-SpamAssassin_110:Unsubscribe Here [...]
It looks to me that you are not using network checks. eyest
I'm not sure what you mean by not using SpamAssassin, rather a glue
(??). I am calling SA from Apache JAMES. I'm simply adding the SA
results as headers in the email I'm not doing anything that would
affect the score of an email.
On 11/21/2019 2:26 PM, Benny Pedersen wrote:
Jerry Malcolm s
Jerry Malcolm skrev den 2019-11-21 20:56:
I realize that some score 0.
good, maybe spammers are testing default scores before thay even try to
send it ?
But that's what I received out of the
box from SA.
as i see headers you are not using spamassassin, but some other glues
that use spam
I realize that some score 0. But that's what I received out of the box
from SA. I could raise the score on "received from an IPv4 address".
But is that really going to help SA differentiate "I want your sex"
content from a billion other emails that come from an IPv4 address.
I guess I'm jus
Jerry Malcolm skrev den 2019-11-21 20:11:
Doesn't this kinda defeat the purpose of Spam Assassin?
you have rules hitting with 0.0, if you change scores on them then it is
detected as spam
sorry for not posting on maillist :=)
On Thu, 2019-11-21 at 13:24 -0500, Dave Goodrich wrote:
>
> Any thoughts on that or has anyone done something similar?
>
I have a similar rule that spotsfires on From: headers with @ in the
name and a space in the address. I wrote it to spot rather obvious false
senders, but something like the fol
On Thu, 2019-11-21 at 13:24 -0500, Dave Goodrich wrote:
> Good day,
> I know I will incur some wrath for this but I have the Mayor breathing
> down my neck. We stop nearly all spam now, but some does get through.
> Mostly it has been mail from gmail and outlook servers that pass DKIM
> and SPF.
> T
Benny,
Doesn't this kinda defeat the purpose of Spam Assassin? Yes, I could
add a rule that says if the body has the word Asian in it, then add
5.0. That would fix this one. I could also make .icu TLD score 5.
That will mean if I ever get this email again, it will indeed be caught
as spam
Good day,
I know I will incur some wrath for this but I have the Mayor breathing down my
neck. We stop nearly all spam now, but some does get through. Mostly it has
been mail from gmail and outlook servers that pass DKIM and SPF.
This morning a large number of messages appearing to come from th
I recently migrated SA to a new environment with a clean install. I
added the KAM rules and a short rules file of my own. But I'm obviously
missing some pretty basic rules that I believe I had in the old
environment. Just as an example (one of hundreds...), today I received
an email about As
22 matches
Mail list logo
