- not sure what else I can add to
catch these ones.
Thanks,
Alexis Manning
---
X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on NOSE2
X-Spam-Level:
X-Spam-Status: No, score=4.7 required=7.5tests=BAYES_99=3.5,
RCVD_IN_FIVETEN_SPAM=1.2 autolearn=no version=3.1.7
X-Spam-Relay: GB
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
says...
> It could be. SA will only use headers it can trust for this test. Once
> you go back far enough the message has been on an untrusted server, that
> Recieved header (and all the others) could be forged, thus can't be used
> here.
Hmm, tha
I have the following entry in my local.cf and it doesn't seem to be
hitting. I've looked at the documentation and it looks like I'm doing
it right, but obviously not! Any thoughts?
I do note that that correspondant is starting their email address with a
capital letter, but surely this test is
[EMAIL PROTECTED] says...
> Alexis Manning wrote:
> > It seems that if USER_IN_WHITELIST is triggered then the message won?t
> > be auto-learned.
> >
> That is incorrect, however USER_IN_WHITELIST does not count toward any
> autolearning decisions.
[...]
> As far a
It seems that if USER_IN_WHITELIST is triggered then the message won't be
auto-learned.
X-Spam-Status: No, score=-100.0 required=7.5tests=BAYES_50=0.001,
HTML_MESSAGE=0.001,USER_IN_WHITELIST=-100 autolearn=no
version=3.1.7
I have a fair number of people in my whitelist and I wo
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
says...
> This wasn't always the case, but it seems to start around the 1st of
> April. I can't find anything via google on this, or on the wiki.
>
> Any clues ?
When I've hacked about with the rules and introduced something malformed
I someti
I
was wondering if anyone had worked out any stats for how an average
spam's score evolves over time as it's added to the various RBLs?
Cheers,
Alexis Manning
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
> Alexis Manning wrote:
> > I'm using FuzzyOCR 3.4.2 - does 3.5.1 have any additional support for
> > animated GIFs?
>
> Yes, it uses gifsicle.
Ah... thanks! Ran into problems last time I tried upgrading,
[EMAIL PROTECTED] says...
> Is anyone able to catch this image using Fuzzy?
For some reason the image wasn't attached for me, but if it's the
abcpill.com one which uses an animated gif with crooked writing, my
3.4.2 doesn't catch it either.
-- A.
[EMAIL PROTECTED] says...
> > This is probably related to the Security Bug that was fixed in 3.1.8.
> >
> > So to re-iterate: 3.1.8 was a SECURITY release and you should
> upgrade.
> > Real soon.
>
> I looks more closely at the sample email and it is not the same as the
> Bug I mentioned. Sorry
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
says...
> Alexis Manning wrote:
> > The glaring weirdness with this email is obviously the RSET in the To
> > field - I don't know whether that was originally in the email or
> > inserted by Mercury when it d
I received an odd email that makes spamd fall over. I'm using the SAWin32
port, and was wondering whether other users could also see the same problem
with this message or whether the problem is peculiar to the Windows port.
The glaring weirdness with this email is obviously the RSET in the To
[EMAIL PROTECTED] says...
> I believe there a way to use sa-update to get the SARE rules from
> saupdates.openprotect.com.
There's a good guide here: http://daryl.dostech.ca/sa-update/sare/sare-
sa-update-howto.txt
HTH
-- A.
[EMAIL PROTECTED] says...
> Am I worrying over nothing? I do seem to get spam only on those
> accounts for which greylisting is inactive, but on those I get a LOT
> that SA fails to tag, including just about every one of those image
> spams with the 2K or so of seemingly randomish text in th
[EMAIL PROTECTED] says...
> [...] some mailing list also corrupt signatures,
> and some people use gmail/yahoo sending address even when posting
> through some other ISP. Before this practice is rooted out,
> one should probably not score invalid signature from these
> two domains too harshly.
Tha
[EMAIL PROTECTED] says...
> Alexis Manning wrote:
[DK/DKIM plugins]
> > Is anyone using these and can suggest appropriate scores for these
> > plugins, or are these really just too unripe for serious use at the
> > moment?
>
> Why don't you keep an eye on the ac
I enabled the DK/DKIM plugins in my SA 3.1.7 setup and I see that the
default scores for their tests are negligible, presumably because
they're still a bit experimental.
Is anyone using these and can suggest appropriate scores for these
plugins, or are these really just too unripe for serious u
[EMAIL PROTECTED] says...
> Matt Kettler writes:
> > But you can use the command-line to force an alternate user_prefs file,
> > and have that file contain a "use_auto_whitelist 0". Assuming you're
> > using the "spamassassin" command line script for your second scan, the
> > -p option will over-ri
Matt Kettler wrote:
> But you can use the command-line to force an alternate user_prefs file,
> and have that file contain a "use_auto_whitelist 0". Assuming you're
> using the "spamassassin" command line script for your second scan, the
> -p option will over-ride the user_prefs file with any other
I use SA as an enduser. In my setup, messages in a certain score range
arent delivered to the mailbox but are held for a few hours so they can be
resubmitted, giving DNSBLs/DCC a chance to pick up on new spam. The idea
here is that very high scoring messages (for me >15) are dumped in a folder
t
Thomas Bolioli <[EMAIL PROTECTED]> wrote:
> Right you are... Then I have another issue. My RBL checks are not firing
> off...
If you're not seeing *any* BLs ever firing in your SA-marked up mails then
it'd sound like a DNS issue, e.g. misconfigured firewall or router.
If you're seeing some interm
[EMAIL PROTECTED] wrote:
> I am trying to get lookups against cbl (http://cbl.abuseat.org/) and
> it does not seem to be working.
Not a direct answer to your rules question, but isn't the CBL already
included in the XBL check?
-- A.
Eddie <[EMAIL PROTECTED]>wrote:
> I'm also guessing that if I'm pulling down mail, from a POP mailbox at my
ISP,
> there's really no way to use greylisting at all. Because the mail has
> already been accepted by my ISP.
Although it's not strictly 'greylisting', if you can find some way to delay
[Apologies if this is received more than once - apache.org doesn't like my
local mailserver!]
Does anyone have any data on high-scoring false positives? Currently I
have my required score set to 7.5.
Under 7.5 gets delivered normally. Anything between 7.5 and 15 gets put
into a folder that I
24 matches
Mail list logo
