-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ok, as soon as I hit Send, I realized this is only half the answer.
The second half is: GnuPG - http://www.gnupg.org/
David Goldsmith
David Goldsmith wrote:
> http://wiki.apache.org/spamassassin/RuleUpdates
>
> David Goldsmith
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
http://wiki.apache.org/spamassassin/RuleUpdates
David Goldsmith
Don O'Neil wrote:
> What is gpg and where do I get it? I couldn't find any reference to it on
> the spamassassin.org page.
>
> -Original Message-
>
Listed in DCC
(http://rhyolite.com/anti-spam/dcc/)
0.8 DIGEST_MULTIPLEMessage hits more than one network digest check
- -0.0 NO_RECEIVEDInformational: message has no Received headers
Using SA 3.1.8, SARE, DCC, Pyzor, Razor
David Goldsmith
-BEGIN PGP SIGNATURE--
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jim Maul wrote:
> David Goldsmith wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> Here is how this message scored:
>>
>> X-Spam-DCC: PacNet-SG: iceman11.giac.net 1358; Body=65 Fuz1=65 Fuz2=51
break 5.0 points for anyone?
David Goldsmith
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.3rc2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFF7aXa417vU8/9QfkRAvXbAKClnfNGXJ7+Mkl+rWvNMgMtk5aRYQCgmotU
nIs5jZZjvjdb0PzohvFZJbk=
=RCUf
-END PGP SIGNATURE-
X-Spam-Checker-Version:.*iceman11
| /usr/bin/spamc -d -u spamass
If the message does not contain that list id, and it hasn't already been
scanned by our SA, then passit to SA.
David Goldsmith
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.3rc2 (MingW32)
Comment: Using GnuPG with Mozilla
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
C. Bensend wrote:
>It would be helpful if there were some list of all the macros that
> can be used, but I didn't find that either... Is there such a thing?
> I've been through the wiki and Mail::SpamAssassin::Conf and such...
perldoc Mail::Spam
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
C. Bensend wrote:
> Hey folks,
>
>I'm running 3.1.8 on OpenBSD 4.0-STABLE, with sa-update snagging
> updates and a subset of the SARE rules. YAY sa-update, what a
> snazzy addition to SpamAssassin. :)
>
>I have report_safe set to 0 via SQL
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jim Maul wrote:
> Jim Maul wrote:
>> David Goldsmith wrote:
>>> -BEGIN PGP SIGNED MESSAGE-
>>> Hash: SHA1
>>>
>>> Setup:SA 3.1.8, Pyzor, Razor, DCC, iXhash
>>> Botnet, FuzzyOCR 3
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Setup: SA 3.1.8, Pyzor, Razor, DCC, iXhash
Botnet, FuzzyOCR 3.5.1, SARE rules, some misc rules
This message got 0 points. Does it score over 5 for anyone?
http://members.cox.net/dgoldsmi/spam/lowscore01.txt
Thanks,
David Goldsmith
2588380
Feb 27 15:00:02 iceman11 spamd[15809]: config: score set 3 chosen.
The 15809 child was finished at this time and it looks like the parent
process was doing some housecleaning work regarding the child process.
But this shouldn't affect other incoming connections, right?
Any ideas why
ld be in our quarantine area and could be retrieved for
X days.
Thanks,
David Goldsmith
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.3rc2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFF40sy417vU8/9QfkRAvMtAJ0aeWlttkG/rfs3lmt92ohvjBmu9ACgoFWN
f8MQvXpdz+k7wck0
code to
determine if there were new rules and restart SA on your own if needed.
David Goldsmith
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.3rc2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFF4fLY417vU8/9QfkRAoHsAJ4q2gMWxcvmAnp1wDpaaPDFrXOlcgCgtil6
fV9p
25 19:24:25 [15469] Processing Message with ID
"<[EMAIL PROTECTED]>" (David Goldsmith <[EMAIL PROTECTED]> ->
David Goldsmith <[EMAIL PROTECTED]>)
2007-02-25 19:24:25 [15469] fname: "crookedjpg.jpg" => "crookedjpg.jpg"
2007-02-25 19:24:25 [1
sts only via SMTP
* 0.6 AWL AWL: From: address is in the auto white-list
- From my FuzzyOCR.log file:
2007-02-25 19:04:47 [15469] Starting FuzzyOcr...
2007-02-25 19:04:47 [15469] Processing Message with ID
"<[EMAIL PROTECTED]>" (David Goldsmith <[EMAIL PROTECTED]> ->
/lib/spamassassin/3.xx/saupdates_openprotect_org* with the
latest SARE rules.
If you do this, you can delete any SARE rulesets from you
/etc/mail/spamassassin directory (70_sare_*, 99_sare_*)
Any local rulesets you create, or modifications to core/SARE rules,
should go in files in /etc/mail/
er than completely nuking my current bayes
database, that I can reduced its size significantly back down to around
100K tokens?
Thanks,
David Goldsmith
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.3rc2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFF4ciD417vU8/9QfkRAnqB
can be
retrieved from the quarantine if a user calls to complain that a message
wasn't received.
David Goldsmith
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.3rc2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFF4EdB417vU8/9QfkRArc8AKCXHWanNmt1BrRkxPGUMk9ATWaCBwCgmIHC
QIx8WoDsboUiRPyRi6wBxRE=
=ZAek
-END PGP SIGNATURE-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
David Goldsmith wrote:
> Check your mail log for error messages like this one:
>
> spamd[12960]: prefork: server reached --max-children setting, consider
> raising it
>
> We've been running spamd with '-m8'
some of the network checks we are doing are taking
longer thus tying up the spawned spamd child processes longer. I bumped
our -m arg from 8 to 12 (still got the error) and then to 24 -- that
seems to have helped.
David Goldsmith
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.3rc2 (MingW32)
Com
,DIGEST_MULTIPLE,FORGED_RCVD_HELO,RAZOR2_CHECK,RCVD_IN_BL_SPAMCOP_NET,TW_DR
scantime=6.2,size=1553,user=spamass,uid=501,required_score=5.0,rhost=iceman12-ext.giac.net,raddr=65.173.218.113,rport=33629,mid=<[EMAIL
PROTECTED]>,bayes=0.9999991,autolearn=spam
I don't have any erro
ET recently, but even without it, it
still would have scored 8.7.
David Goldsmith
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.3rc2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFF3lpz417vU8/9QfkRAtrgAJkB5JOPXbHz4cO5dE9XuzoyCGE5LgCgkzC5
XxgfM/kl9BUqatLtlN0T0EA=
=jv6g
-END PGP SIGNATURE-
e to bump the
scores up over the 5.0 threshold?
If your run this message through your SA setup, does it score above 5?
Thanks,
David Goldsmith
==
Return-Path: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
X-Spam-DCC: sonic.net: iceman14.giac.net 1117; Body=many Fuz1=man
ng negative
> scores and not matchign any of the SARE rules. Any one with same
> experience?
>
> raj
I have had several get through to me. I use the SARE rulesets, DCC,
Pyzor and Razor. We use a number of DNSBL with Qmail but not the
SpamCop BL.
David Goldsmith
==
Message
pamd process running on the localhost.
If you want it to randomly connect to either box, add the -H switch.
David Goldsmith
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.3rc2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEn85B417vU8/9QfkRAujTAJ9lT6IaHVB1clyyAXMBh
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
jamluv wrote:
> spamc isnt running at all. when i type spamc 2>&1|tee /tmp/error.log it
> doesnt give any errors in error.log, the prompt just remains blank until i
> pres ctrl+c.
spamc is waiting for input. Change the way you call it to be:
spamc <
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
David Goldsmith wrote:
> Dirk Bonengel wrote:
>>> Marc,
>>>
>>> just drop both files (.cf and .pm) into the directory where your
>>> local.cf is.
>>> One important piece of (missing) info: You must
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dirk Bonengel wrote:
> Marc,
>
> just drop both files (.cf and .pm) into the directory where your
> local.cf is.
> One important piece of (missing) info: You must be running SA v 3.1.0 or
> higher (not 3.0 as stated). If this is a problem I can easily
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Over the last day or two, we've started receiving LOTS of messages that
have no message body, just headers. I've added a meta rule to check for
the presence of 3 or more of the following: FORGED_RCVD_HELLO,
MISSING_SUBJECT, EMPTY_MESSAGE, TO_CC_NONE.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
A message with this set of SA headers just made it through to my mailbox.
X-Spam-Flag: YES
X-Spam-Checker-Version: SpamAssassin 3.1.3 (2006-06-01) on
iceman12.giac.net
X-Spam-Level: **
X-Spam-Status: Yes, score=7.0 required=6.8 tes
estions, see
>>> [EMAIL PROTECTED] for details."
>>>
>>> Actually, the better way to phrase this is that I want each domain owner
>>> able to edit their own version of that. I do virtual email hosting but I
>>> run each domain under it's own
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
David Goldsmith wrote:
> Running my sample message thru 'dccproc < foo | more', I still see it
> appears to query DCC since it is adding the 'X-DCC-##-Metrics:' header.
>
> I looked through the 'dcc_conf&
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Matt Kettler wrote:
> David Goldsmith wrote:
>> I just got a posting from the pen-test Security Focus mailing list.
>> Here are the scores it got:
>>
>> X-Spam-Level: **
>> X-Spam-Status: No, score=6.1 required
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Gary Forrest - Netnorth wrote:
> Hi All
>
> When SA finds a email to be spam, and ' report_safe ' is sent to 1
> SA generates a ' content preview ' section.
>
> Can this function be turned off ?
Sure. Set 'report_safe' to 0.
Or if you are asking sp
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Toni Casueps wrote:
>
> Sometimes I can't find in the message body where is the string that
> matched the spam regex. I have tried KRegExpEditor but I enter the regex
> and no string in the messages gets highlighted, as if there were no
> matches.
> H
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ben Lentz wrote:
> Greetings list,
> I've been reading a pretty active and recent thread from one of the
> sa-users mailing list archives that talks about a high rate of these
> stock spams that are getting through. I, too, am currently suffering
> fro
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Bowie Bailey wrote:
> Jim Knuth wrote:
>> Heute (07.06.2006/20:56 Uhr) schrieb Screaming Eagle,
>>
>>> All,
>>> I am getting this type of spam:
>>> X-Spam-Status: No, score=1.6 required=8.0
>>> tests=BAYES_50,DRUGS_MUSCLE,
>>> FORGED_RCVD_HELO,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I just got a posting from the pen-test Security Focus mailing list.
Here are the scores it got:
X-Spam-Level: **
X-Spam-Status: No, score=6.1 required=6.8 tests=DCC_CHECK,NO_REAL_NAME,
UNPARSEABLE_RELAY,URIBL_BLACK autolearn=no version=3.1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chris wrote:
> I've got a spam message that I believe was mis-tagged with an advance fee
> tag. I've uploaded it here, if it can't be downloaded I'll send it direct.
>
> http://www.verzend.be/v/9403665/mistagged.txt.html
>
> If anyone knows of a bet
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
We have had SpamAssassin running for sometime. Until yesterday, we were
currently running 3.1.0 and were (and still are) using the RulesDuJour
script to pull updated SARE rulesets as well.
After updating to SpamAssassin 3.1.3 yesterday, and browsing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Matt Kettler wrote:
> David Goldsmith wrote:
>> A messages that just made it through to my mailbox had the following SA
>> headers:
>>
>> X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13)
>> X-Spam-Level: ***
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
A messages that just made it through to my mailbox had the following SA
headers:
X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13)
X-Spam-Level:
X-Spam-Status: No, score=4.5 required=7.0 tests=BAYES_50,HTML_40_50,
HTML_MESSAGE,URIBL
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Kenneth Porter wrote:
> --On Thursday, June 01, 2006 1:41 PM -0400 DAve
> <[EMAIL PROTECTED]> wrote:
>
>> Currently 3.0.4 on the toasters, 3.0.2 on the MailScanner boxes. These
>> may or may not get updates this month. I've never been fond of "update"
43 matches
Mail list logo
