We're having a problem with the FH_RANDOM_SURE rule causing false positives.
It has a subrule __ALL_RANDOM, which is:
header __ALL_RANDOM ALL =~
/(?:[%\#\[\$]R?A?NDO?M?|\%(?:CUSTOM|FROM|PROXY|X?MESSA|MAKE_TXT|FROM_USER))/i
We have a user "ndrier", so legitimate email sometimes has a
hrase, and it has an
awfully high score (2.199). I can well imagine people getting mail from their
stock broker or the like with this phrase in it somewhere. Any chance the score
can at least be reduced?
--
Brian Bebeau
Security Researcher - Spiderlabs Research
Trustwave
bbeb...@tru
for it to a large number of scanners. If
this
went through, we'd need a good amount of notice to put that in place.
--
Brian Bebeau
Security Researcher
Spiderlabs Research
Trustwave
bbeb...@trustwave.com
This transmission may contain information that is privileged, confidential,
and/or
> after an apt-get upgrade FuzzyOCR has stopped working. I get the
> following error in the log:
>
> FuzzyOCR: 2011-06-22 17:00:38 [3057] /usr/bin/jpegtopnm: Returned
> [2048], skipping...
I had this problem too, after upgrading SA to 3.3.x and FuzzyOCR to 3.6.0.
Upgrading netpbm fixed it for me.
Look in the source directory for spamc. Use the libspamc API. That’s what I do.
It’s pretty simple.
From: Christopher Dobbs [mailto:crdo...@lybredyne.net]
Sent: Sunday, July 25, 2010 12:39 PM
To: users@spamassassin.apache.org
Subject: Writing an MTA
I am writing an MTA that uses mysql as a backe
> I have qmail running with the
>
> :allow,QMAILQUEUE="/usr/bin/qmail-spamc"
>
> in /etc/tcp.smtp
>
> I have some hams/spams that I want to run sa-learn against, but I
> can't figure out which database it is qmail filters through. Is it the
> db of the user "spamd", "root" or some qmail
omputer, not letting me
even move the mouse. Needless to say, that won't fly for
production use. So I could really use some way to tell it
to give up. If the only way is to not scan messages over a
certain size, I guess I'll have to live with that, but I
need to be able to tell TPTB that tha
