On 12/10/2022 03:35, Henrik K wrote:
On Tue, Oct 11, 2022 at 09:29:18AM +0300, Henrik K wrote:
KAM channel (https://mcgrail.com/template/kam.cf_channel) users might
want
to check their rules..
KAM_deadweight2_sub.cf contains this:
meta __RCVD_IN_SORBS 0
meta __RCVD_IN_ZEN 0
meta __RCVD_IN_M
On Tue, Oct 11, 2022 at 09:29:18AM +0300, Henrik K wrote:
>
> KAM channel (https://mcgrail.com/template/kam.cf_channel) users might want
> to check their rules..
>
> KAM_deadweight2_sub.cf contains this:
>
> meta __RCVD_IN_SORBS 0
> meta __RCVD_IN_ZEN 0
> meta __RCVD_IN_MSPIKE_B 0
> meta __RCVD_
Kevin A. McGrail skrev den 2022-10-11 18:30:
no one cares
You seem not to care to report it to the correct place. Apache.org is
just another user of the tool. The Project doesn't manage the
installation. Please report this to Apache Infrastructure.
i dont want to spam random email adresses
On Tue, Oct 11, 2022 at 12:33:19PM -0400, Kevin A. McGrail wrote:
>
> On 10/11/2022 2:29 AM, Henrik K wrote:
> > Seems it's been disabling many active and useful DNSBL/WL lookups for a long
> > time?
>
> Correct. We found they had overlap or didn't add to the accuracy of
> categorization so disa
Matus UHLAR - fantomas wrote:
Hello,
I have quite pretty archive of phish mail (bank and mail accounts),
where many words and phrases repeat.
I was thinking about processing them manually and creating rules, but
that would be much work.
I remember that SOUGHT ruleset used to contain phrases
On 10/11/2022 5:38 AM, Matus UHLAR - fantomas wrote:
Are these still working or do they have any new versions?
Does anyone have hints how to process phish archive?
I mean, I apparently could manually weed out any repeated non-phish
phrases to avoid FPs or check them manually what mail they hit
On 10/11/2022 2:29 AM, Henrik K wrote:
Seems it's been disabling many active and useful DNSBL/WL lookups for a long
time?
Correct. We found they had overlap or didn't add to the accuracy of
categorization so disabling rules is a key part of reducing weight of
rule scanning and improving ef
On 10/11/2022 4:03 AM, Benny Pedersen wrote:
Henrik K skrev den 2022-10-11 08:29:
KAM channel (https://mcgrail.com/template/kam.cf_channel) users might
want
to check their rules..
KAM_deadweight2_sub.cf contains this:
meta __RCVD_IN_SORBS 0
meta __RCVD_IN_ZEN 0
meta __RCVD_IN_MSPIKE_B 0
met
On Tue, Oct 11, 2022 at 02:54:08PM +0200, Damian wrote:
> > > # __SA4 injected inside amavis via $suppl_attrib->{rule_hits}
> > > meta SA4 __SA4
> > > score SA4 1
> > > describe SA4 dummy
> > yields
> > > SA dbg: rules-all: unrun dependencies prevented meta SA4 from
> > > running: __SA4
>
> The a
On 11/10/2022 15:08, Henrik K wrote:
This is because __RCVD_IN_DNSWL is not supposed to be a meta. KAM channel
overrides it to "disable" the rule. I just posted on the list about that..
Oh, right! Thanks for the pointer. Didn't catch up to this point yet.
Greetings, Wolfgang
On Tue, Oct 11, 2022 at 02:36:59PM +0200, Wolfgang Breyha wrote:
> On 11/10/2022 13:29, Henrik K wrote:
> > You can also need to use -D rules,rules-all to see any "unrun" rules.
>
> I tried that using "all,rules,rules-all" and I think I found an other
> problem with RCVD_IN_DNSWL* rules.
>
> If I
# __SA4 injected inside amavis via $suppl_attrib->{rule_hits}
meta SA4 __SA4
score SA4 1
describe SA4 dummy
yields
SA dbg: rules-all: unrun dependencies prevented meta SA4 from
running: __SA4
The above is slightly misleading, even in SA3 one had to predeclare a
default via
meta __SA4 0
me
On 11/10/2022 13:29, Henrik K wrote:
You can also need to use -D rules,rules-all to see any "unrun" rules.
I tried that using "all,rules,rules-all" and I think I found an other
problem with RCVD_IN_DNSWL* rules.
If I run with a testmail I see:
# spamassassin -D all,rules,rules-all &1|grep R
Should be fixed in rc4.
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8060
There remains a bug in the context of $suppl_attrib.
# __SA4 injected inside amavis via $suppl_attrib->{rule_hits}
meta SA4 __SA4
score SA4 1
describe SA4 dummy
yields
SA dbg: rules-all: unrun dependencies preve
On 11/10/2022 13:29, Henrik K wrote:
Would need exact sample of ruleset, this is too vague to work on. What are
all the __SUBMETAs?
Would it be ok to send you my ruleset with test.eml offlist? I do not want
to send them here publicly or to bugzilla, because they contain a lot of
local brandi
On Tue, Oct 11, 2022 at 01:09:03PM +0200, Wolfgang Breyha wrote:
>
> And I've still cases were a simple ">" is not evaluated as well...
>
> I have
> meta __META1 (__SUBMETAX + . + __SUBMETAXN)
> with
> dbg: rules: ran meta rule __META1 ==> got hit (5)
>
> I have
> meta __META2 (__SUBMET
On 11/10/2022 13:22, Henrik K wrote:
Remains unclear if you applied the patch from
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8059 ?
I applied both on rc3 via .spec:
+ echo 'Patch #1 (SA4rc3_uridnsbl.patch):'
Patch #1 (SA4rc3_uridnsbl.patch):
+ /usr/bin/patch --no-backup-if-mismatch -p
On Tue, Oct 11, 2022 at 01:09:03PM +0200, Wolfgang Breyha wrote:
> On 11/10/2022 12:23, Henrik K wrote:
> > Should be fixed in rc4.
> >
> > https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8060
>
> Well, this indeed fixes this test case. But my initial problem which I
> though is described in t
On 11/10/2022 12:23, Henrik K wrote:
Should be fixed in rc4.
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8060
Well, this indeed fixes this test case. But my initial problem which I
though is described in this test case is not fixed yet:(
So __SA4TA1 gets not evaluated neither in this
On Tue, Oct 11, 2022 at 11:52:17AM +0200, Matus UHLAR - fantomas wrote:
> > On Sat, Oct 01, 2022 at 04:42:09PM +0200, Matus UHLAR - fantomas wrote:
> > > perhaps these all should replace _DKIMDOMAIN_ by _AUTHORDOMAIN_ and
> > > AND-ed
> > > with DKIM_VALID_AU.
> > >
> > > can these checks be mad
On Tue, Oct 11, 2022 at 12:21:23PM +0300, Henrik K wrote:
> On Tue, Oct 11, 2022 at 10:48:26AM +0200, Wolfgang Breyha wrote:
> > On 11/10/2022 06:59, Henrik K wrote:
> > > On Tue, Oct 11, 2022 at 12:50:38AM +0200, Wolfgang Breyha wrote:
> > > >
> > > > And another quite simple ruleset...
> > > > m
On Sat, Oct 01, 2022 at 04:42:09PM +0200, Matus UHLAR - fantomas wrote:
perhaps these all should replace _DKIMDOMAIN_ by _AUTHORDOMAIN_ and AND-ed
with DKIM_VALID_AU.
can these checks be made the way DNS queries are done only when
DKIM_VALID_AU matches?
perhaps playing with priority
On 07.10
Hello,
I have quite pretty archive of phish mail (bank and mail accounts), where
many words and phrases repeat.
I was thinking about processing them manually and creating rules, but that
would be much work.
I remember that SOUGHT ruleset used to contain phrases that appear
repeatedly, so I
On Tue, Oct 11, 2022 at 10:48:26AM +0200, Wolfgang Breyha wrote:
> On 11/10/2022 06:59, Henrik K wrote:
> > On Tue, Oct 11, 2022 at 12:50:38AM +0200, Wolfgang Breyha wrote:
> > >
> > > And another quite simple ruleset...
> > > meta __SA4TA3_1 6
> > > meta __SA4TA3_2 2
> > > meta __SA4TA3(__S
But no line für SA4TA3 and no report or final score.
Same on Debian bookworm:
root@91d4e83fb538:/# cat /etc/spamassassin/70_meta_undefined.cf
meta __SA4TA3_1 6
meta __SA4TA3_2 2
meta SA4TA3 (__SA4TA3_1 > 2) && (__SA4TA3_2 > 1)
score SA4TA3 0.1
describe SA4TA3 dummy
root@91d4e83fb538:/# s
On 11/10/2022 06:59, Henrik K wrote:
On Tue, Oct 11, 2022 at 12:50:38AM +0200, Wolfgang Breyha wrote:
And another quite simple ruleset...
meta __SA4TA3_1 6
meta __SA4TA3_2 2
meta __SA4TA3(__SA4TA3_1 > 2) && (__SA4TA3_2 > 1)
doesn't set __SA4TA3. This was working an SA3.4 as well.
Works
Henrik K skrev den 2022-10-11 08:29:
KAM channel (https://mcgrail.com/template/kam.cf_channel) users might
want
to check their rules..
KAM_deadweight2_sub.cf contains this:
meta __RCVD_IN_SORBS 0
meta __RCVD_IN_ZEN 0
meta __RCVD_IN_MSPIKE_B 0
meta __RCVD_IN_MSPIKE_L 0
meta __RCVD_IN_DNSWL 0
S
27 matches
Mail list logo
