I've been thinking it could easily be a full time job to read spam,
write sa rules, test sa rules, etc.
There isn't enough time in my day for that, so I'm pretty much running
SA un-customized. I do have bayes, which I do train with my own spam &
ham, but I don't have a good population of user
i wouldnt know what to do with it. and have no time or desire to learn
about it.
i think you might have accidentally put your finger on the problem ive
been having with them. i think maybe they seem to expect that most their
customers have dedicated IT departments that can deal with something lik
Have you tried compiling the rules with sa-compile. It speeds up
everything.
I'm afraid I don't know the answer to what that specific test does.
Hi,
I use SpamAssassin version 3.3.1 running on Perl version 5.10.1,
amavisd-new-2.8.0-8.el6 as before-queue filter.
Today for unknown reason i n
SpamAssassin can not drop a mail - it will always produce its output and not
producing it is treated as an error.
If you call SpamAssassin directly from within Postfix, you can use a
header check to discard the message on a high score.
Yeah, I'm surprised how many people answered "no" to thi
On 10/30/2013 3:07 PM, RW wrote:
On Wed, 30 Oct 2013 20:13:40 +0100
Matus UHLAR - fantomas wrote:
On Wed, 30 Oct 2013 11:44:19 -0400
David F. Skoll wrote:
On Wed, 30 Oct 2013 11:06:35 -0500
Adam Moffett wrote:
I'm reasonably sure that user@ip makes a valid address, but even
if it
absolutely right, thanks for jogging my memory.
My reading of RFC5321 seems to indicate that"user@1.2.3.4" is NOT a
valid address. It should instead be written as"user@[1.2.3.4]"
I'm reasonably sure that user@ip makes a valid address, but even if it
is I don't think I've ever observed it anywhere.
I'm certain that double @ format you mention is invalid unless one of
the @'s is inside of quotation marks or parenthesis. e.g.:
"Ihave@inMyUsername"@somewhere.com or
MyU
Here's an argument for *not* making your email address "fi...@example.com",
"l...@example.com" or something like that.
I believe an email to me starting "Dear Dfs," has 100% probability of
being spam. If my email address were "da...@roaringpenguin.com"
instead, I'd get a lot of FPs on "Dear Davi
I think I'd have to read Chinese to tackle that accurately.
So, you should probably try using ok_locales, and if it doesn't work,
create your own rules to match these spams, if you can find good common
patterns that don't seem likely to match non-spams (or match all Chinese
email if that's what
on Chinese, I don't see examples of
problems with that language.
On 08/21, Adam Moffett wrote:
I have a user who seems to get 4-5 messages per day with Chinese
characters for the subject and body. They come from a variety of
domains and IP's so I guess she somehow got onto a list used to s
I have a user who seems to get 4-5 messages per day with Chinese
characters for the subject and body. They come from a variety of
domains and IP's so I guess she somehow got onto a list used to spam
Chinese speaking people.
If I paste them into Google Translate they seem to be roughly the sam
On 11/23/2011 02:22 PM, Christian Grunfeld wrote:
Undoubtedly it is *easier*, just as I can easily eliminate all my spam by
unplugging the ethernet cable. Just keep in mind this method would only be
useful for people who already know who they want to talk to.
And that is the big % of what peopl
Undoubtedly it is *easier*, just as I can easily eliminate all my spam
by unplugging the ethernet cable. Just keep in mind this method would
only be useful for people who already know who they want to talk to.
The idea is as simple as: past days was easier to blacklist...nowdays
is easier to
An interesting idea. Sort of a challenge and response with the onus
on the recipient. But I think this is handled by auto whitelist which
SpamAssassin was one of the first to implement.
Regards,
KAM
I don't think AWL does with the original poster is describing, but
implementation would
AFAIK, 169.254/16 is the autoconfiguration range for private networks
that don't have a DHCP server.
That said, I have seen people use it for other internal purposes and it
isn't usually an issue.
so, what brain decided it would be ok to use 169.* addresses for their
internal ip's?
was it
On 07/29/2011 02:13 PM, Kelson Vibber wrote:
> Also, to complete the system, I recall there were some AV-mailets at the age.
If possible use> them before SA to catch message carrying viruses.
Absolutely - we've got ClamAV running first, before anything touches SA, and
using some of the SaneS
That's interesting.
I'm pretty sure one of my users was getting those same emails. One user
out of several thousand, but she was getting hundreds of messages per day.
They were coming from different IP's, but they were all in the same /23:
Inmotion, Inc. INMOTION-173-245-203-0-23 (NET-173-245
I'm expecting that bayes can do its work for long time, i'm working on
mail with many, many words.
Your watchdog idea is a valid one, but if you can improve bayes
performance it may become a non-issue. Have you tried moving bayes to a
MySQL database? It consumes more disk space and memory, b
Discussion on the dev list points to a lack of sufficient ham in the
corpus which is necessary to generate score updates and publish new
rules. There was a recent drive for new submitters, but I'm still
trying to figure out how I can rearrange my configuration in order to
help.
http://wiki
"while the OP uses" OP means ?
Original Poster.
I think this entire thread should be "expired".
It's already specified in RFC's 1327 and 2076 and no MUA supports it
because it's a dumb idea.
I can't believe 3 days later it's still being talked about like it's a
serious thing.
Regarding the side discussion on copyrights: If anybody went in
That's good. The only useful list (BogusMX) can be discovered without
querying rfc-ignorant anyway. Just get the MX records for the sending
domain (which are almost certainly in cache) and make sure they resolve
to real IP addresses.
We reject domains that publish MX records in 127/8 or the R
no thunderbird need a plugin to do this
However, the original poster (adfam moffett) uses thunderbird 3.1.7 too, so
he can have the list-reply function
Yes I have a "reply list" button, but this is the only list I'm on where
I have to use it. I have gotten into the habit of just hitting
"r
I looked at a few messages and didn't see any reply-to: header.
When I click reply on someone's message here it I am replying to them
only since they're obviously the sender.
Is there any particular reason there can't be a reply-to: header added
by the listserv?
On 01/11/2011 03:24 PM, Jari Fredriksson wrote:
On 11.1.2011 21:24, Mauricio Tavares wrote:
Am I correct? What would stop someone from trying to fake the
originating IP to fit the ones in the above list?
If I am not mistaken, the IP protocol and SMTP. Someone might fake the
address when sending
The PTR is set by the ISP, not the spammer. My guess would be that the
period for a PTR would be a policy of a particular network operator or
group of operators. So matching it in spam assassin would be scoring
messages on the ISP they came from rather than their spaminess.
I'm starting
On 7/21/2010 12:45 PM, Karsten Bräckelmann wrote:
On Wed, 2010-07-21 at 12:25 -0400, Adam Moffett wrote:
I've seen people post in the past that SA will demime text attachments,
and now someone says it won't.
Ted was answering a question about binary attachments
I've seen people post in the past that SA will demime text attachments,
and now someone says it won't.
What's the real story?
It doesn't. At least, not like what you are thinking.
As you know an encoded attachment is a series of lines like:
XXHUBKJVHLSJFWSJNDL:SANFKJHSBFSLJRWKSBF
DSKJNBF
2010-07-08 09:05:01 1OWqmi-0005N3-JU /*SA: Action: flagged as Spam but
accepted: score=4.0 required=4.0 */(scanned in 0/0 secs | Message-Id:
20100708130436.52c7d1cb1...@mail.microton.com.br). From
(host=NULL [189.26.124.122]) for a...@plexicomm.net
The above is a line from my Exim log file.
My default config does not appear to be using bayes. How do I enable
it?
use_bayes and bayes_auto_learn are on by default.
I think using the packages on a Ubuntu system they'll default to off.
There could be others that do that.
The documentation simply says "run sa-learn". Doe
I don't know if it is safe. I suspect it will function normally, but I
think you'd be in danger of losing a few messages on an unexpected reboot.
I had a very dramatic performance improvement by switching bayes and awl
databases to MySQL instead of the default BerkeleyDB. It costs more
RAM,
My philosophy in the past has always been not to scan outgoing emails
because my users are not likely to be spamming.
However, a couple of issues recently with spambots and SMTP AUTH with
weak passwords has me reconsidering that stance.
Is anyone here currently scanning their outgoing mail wi
These issues came up when I was trying to address performance problems,
I hope they aren't major RTFM items.
1) I used sa-compile as suggested by the FAQ and the CPU load dropped
*dramatically*. The question is do I have to run that every time I
sa-update or will it happen automatically?
2)
33 matches
Mail list logo
