On 10/16/2014 7:14 PM, Duane Hill wrote:
Are you sending the unsubscribe request from an address subscribed?
Yes
On 10/15/14, 11:35 AM, Dave Warren wrote:
On 2014-10-15 10:16, Kevin A. McGrail wrote:
I've looked into this and tested the process without issue. The only
issue I've seen to date is someone who joined who did not know what
email address they joined as and does not know how to read the email
On 10/15/14, 10:09 AM, Reindl Harald wrote:
and *why* do you NOT state that in your *first* message?
That was my first message.
On 9/25/14, 2:00 PM, Reindl Harald wrote:
irrelevant - every list has a welcome message and there is no logic in
ask other members to unsubscribe yourself, one did also not ask them
for subscribe https://www.google.at/search?q=spamassassin+mailing+list
https://wiki.apache.org/spamassassin/Maili
LuKreme wrote:
In my mailspool they are a spam indicator and I
have them scored as such:
score HABEAS_ACCREDITED_COI 1.0
score HABEAS_ACCREDITED_SOI 1.5
It's very simple, Habeas headers are a fairly strong indicator of spam
in my mail spool. I search all the mail for habeas headers and it
sh
Benny Pedersen wrote:
On Thu, July 16, 2009 02:14, MrGibbage wrote:
uribl did not hit on any of the "real" uri's in the message.
Not sure why you think they would have been triggered by the
www[dot]da39[dot]com though. SA wouldn't have sent them that URI to even
check, would it? Or am I mi
Dennis Hardy wrote:
Hi, I'm getting hammered by snowshoe spam :-(
Any thoughts/advice are appreciated :-)
When this started happening to us the only solution I found was manual
CIDR blocks.
Yea I know very last millennium but I didn't find anything else to work
with. Some particular sno
On Wed, 2008-09-03 at 14:13 +1200, Michael Hutchinson wrote:
> Check out http://wiki.apache.org/spamassassin/WritingRules for writing
> custom rules. I learnt how to do it from that page, and then by looking
> at how everyone else makes rules (check out the ones that already come
> with Spamassassi
On Tue, 2008-08-26 at 14:31 -0500, Curtis LaMasters wrote:
> I'm having a pretty hard time with this one for some reason, mainly
> because I don't understand regex. I have a large number of emails
> that are getting past my spamassassin setup (Maia Mailguard 1.02a) as
> well as my Barracuda. I wo
On Mon, 2008-03-31 at 16:32 -0700, SM wrote:
> Hi Vitas,
> At 09:27 31-03-2008, [EMAIL PROTECTED] wrote:
> >So, as I've found in RFC's all header fields in message should be
> >encoded to 7-bit data. In addition my SMTP server does *not* support
> >8-bit MIME for incoming e-mail.
>
> The message
On Wed, 2008-02-27 at 08:21 +, Anthony Peacock wrote:
>
> For anyone interested here is the full email (well one of them)...
>
> http://www.chime.ucl.ac.uk/~rmhiajp/habeas-misfire.eml
>
Looks to me as though someone has found a way to abuse ning.com's
platform/systems. I suspect they'd be v
SpankTheSpam wrote:
but the message sent from polish servers gets NO additional scoring because
of that rule. I can see URICountry in spamassassin -D -t < testmessage:
URICountry doesn't score based on country of origin (that's
RelayCountry). URICountry scores based on the country in which UR
JP Kelly wrote:
that makes sense to me but after that it says "THE CODE" followed by a
bunch of code.
i am unclear on what needs to be done with this code.
Typically you put it in a file called something like URICountry.pm and
then load it in your local.cf or vN.pre (eg. v320.pre) using the
lo
On Sun, 2007-08-26 at 12:37 -0700, John D. Hardin wrote:
> On Sat, 25 Aug 2007 [EMAIL PROTECTED] wrote:
>
> > And no wonder you don't seem to get many new customers from
> > elsewhere anyway, I bet. They can't get a word in edgewise. But
> > never mind. You won't see this message either.
>
> Whoa
On Mon, 2007-06-18 at 17:38 -0700, Jonathan Nichols wrote:
> Just a quick question to those that are using those two together.
>
> I have:
> $max_servers = 10;
> $max_requests = 15;
>
> in amavisd.conf.
>
> But the box's load average seems to be hovering around 2.00 all the
> time. Sometimes a
On Tue, 2007-04-17 at 16:52 +0530, BG Mahesh wrote:
>
> hi
>
> I want to pass the comments/text entered by users on a form to
> SpamAssassin for approval. If it approves it only then I want to
> accept the text, else I want to inform the user that the text is Spam
> and reject the user's comments
Marc Perkel wrote:
I don't understand why you think SAV is a louse anti-forgery tool. It
forces spammers to have to find real email addresses to forge.
So here's a little thought experiment for you.
As you know more and more spam is sent by botnets from compromised
machines. Those bots know a
On Fri, 2007-03-02 at 13:08 -0500, Don Ireland wrote:
> Is there a way to have my PHP Script feed a message to SA to be
> scanned? I can save the message as a text file if that'll help.
#!/usr/bin/php -q
/tmp/sa.$$") || die("Error opening temp file: /tmp/sa.$$");
print TMP $mess . "\r\n";
clos
On Fri, 2007-03-02 at 12:40 -0800, Derek Harding wrote:
> On Fri, 2007-03-02 at 13:08 -0500, Don Ireland wrote:
> > Is there a way to have my PHP Script feed a message to SA to be
> > scanned? I can save the message as a text file if that'll help.
>
>
>
> #!/us
On Thu, 2007-02-01 at 16:02 -0800, Rich Shepard wrote:
> On Thu, 1 Feb 2007, z3r0 wrote:
>
> > My hosting is cool, but I'm spammed. Never thought custom rules where
> > something beyond common users, but seems like it is. Perhaps living with
> > pharmaceutical messages in inbox is not so bad when
On Sun, 2006-11-12 at 17:26 -0800, John Rudd wrote:
> http://people.ucsc.edu/~jrudd/spamassassin/RelayChecker.tar
I've been running this for a few days now and am finding it to be pretty
effective, especially against the bots that are producing all the image
spam.
Currently it's running about 87
On Thu, 2006-11-16 at 10:57 -0800, Evan Platt wrote:
>
> Imagine if ABC Corp is already public, and along comes XYZ, Inc,
> about to go public. XYZ competes with ABC. ABC hires Spammer in
> to spam for 'XYZ'. So now it looks like XYZ is
> spamming. The FTC crawls all over XYZ, who of course pl
Benny Pedersen wrote:
header URICOUNTRY_GB eval:check_uricountry('URICOUNTRY_GB')
what if a spammer sends mails from another ip outside GB ?
imho such rules only changes the problem, not solving it :(
URICOUNTRY scores on spams that URIs hosted in a given country rather
than spam tha
On Mon, 2006-11-06 at 23:55 -0800, Derek Harding wrote:
> >
> Anyone dumb enough to block outright on the spamcop BL deserves whatever
> they don't get.
Sorry for the delay. I need to apologise for the short temperedness of
my response. I should have tempered my response and
Gary W. Smith wrote:
Was the SA group listed by spamcop last month? I just now received
this for messages from October 26th.
Who cares?
<[EMAIL PROTECTED]>:
209.209.82.24 does not like recipient.
Remote host said: 554 5.7.1 Service unavailable; Client host
[140.211.11.2] blocked using
On Mon, 2006-11-06 at 15:49 -0800, Evan Platt wrote:
> Just to clarify.. Yes, these would definitely be targeted addresses.
> I grepped my mail log for common spam I get and I'll add those.
There is one problem with this approach though. All spam is learned. I
tried this and I suspect that the la
On Mon, 2006-11-06 at 14:34 -0800, John Rudd wrote:
> >
> > Alternatively, create a single sa-honeypot user and redirect all your
> > targeted bad addresses to that account, and then run sa-learn --spam
> > against that one mailbox from cron.daily.
> >
>
> And then an important email comes into
On Fri, 2006-10-13 at 15:22 -0600, Chris Stone wrote:
> On Fri, 2006-10-13 at 10:38 -0400, Dylan Bouterse wrote:
> > I’m trying to write a rule to score src=cid” but I can’t seem to get
> > it right. Can somebody shed some light on what I’d use for the
> > 20_phrases.cf file so I can start scoring
On Wed, 2006-08-16 at 17:22 +0200, decoder wrote:
> Well, you can read about the hashcash system at hashcash.org,
> basically, it is a per recipient hash generation that assures that a
> specific amount of time was required to compute this hash per
> recipient. Spammers don't have this time, they s
On Wed, 2006-08-02 at 16:37 -0400, Tom Ray wrote:
> Anyone serious about stopping SPAM should not use SpamCop. They have no
> real checking method, it's like AOL's spam blocking method...they just
> let users submit what they think is spam and then block it. It's
> pointless. There's not even a
John Rudd wrote:
No, 70 would still be 70. 07 would become 00. And 07 is a pretty
faint red. Looking at it now, I can't distinguish it from black.
(70 is 0111 so the lower 3 or 4 bits are already 0's, whereas 07
is 0111 .. THAT becomes 0 and is indistinguishable from
black
John Rudd wrote:
On Aug 1, 2006, at 10:30 PM, Derek Harding wrote:
John Rudd wrote:
Um, how exactly will they fail?
How about a nice black & white speckled image with red text on it?
Explain to me how you think it will fail?
So you're dropping three bits? White is FF, Bla
[EMAIL PROTECTED] wrote:
Hi,
a friend of mine is using outlook "stationary" with a logo.
This would hit the rule ... I am not sure whether many senders do that, however
Stationery and image sig files are the two main false positives that I
can think of. However I think those uses are fairly r
John Rudd wrote:
Um, how exactly will they fail?
How about a nice black & white speckled image with red text on it?
BTW I think the OCR approach is unlikely to succeed due to processing
constraints.
Derek
Rob Mangiafico wrote:
Anyone else find this to be a good rule to catch these image stock spams
without too much collateral damage?
After writing this I did some checks on the SA public corpus. The rule
didn't hit on any of the hard ham. It didn't hit much of the spam either
since very litt
On Tue, 2006-08-01 at 17:49 -0400, Theo Van Dinter wrote:
>
> Except now you've also delayed your valid mail by 30 minutes or an hour
> which sucks (and is sometimes completely unacceptable).
True though it would be more accurate to say that you've delayed some of
your valid mail by 30 minutes to
On Mon, 2006-07-31 at 19:03 -0500, Tim wrote:
> Thanks for the tip. That sounds pretty effective, actually. Care to
> share your rule?
Sure thing:
rawbody INLINE_IMAGE/src\s*=\s*["']cid:/i
describe INLINE_IMAGE Inline Images
score INLINE_IMAGE 1.5
I haven't tested this against the SA c
On Mon, 2006-07-31 at 18:34 -0500, Tim wrote:
>
> But I find it amusing that people here are more interested in
> telling
> spammers how they can defeat an algorithm instead of the other
> way around. 99% of the techniques in SpamAssassins hvae an easy
> workaround - does that stop anybody from
This may be more a dev question but I thought I'd start here.
I've been seeing this rule (SUBJECT_ENCODED_TWICE) trigger recently and
it is confusing me.
3.1.0 defines it as :header SUBJECT_ENCODED_TWICE Subject:raw =~ /=
\?\S+\?[BQ]\?.*=\?\S+\?[BQ]\?/i
It checks for a subject line having two
Markus Mayer wrote:
What I would like to do now is to somewhat combine the two approaches:
parse mail-bodies for URIs (just as it's done with the Geocities
example), then use the IP the link resolves to with the countries
blackhole-list to find out if the site is in China, Korea or any of the
oth
On Sun, 2005-08-21 at 20:05 -0400, Eric A. Hall wrote:
> What's the benefit of using this instead of the uridnsbl plugin? The code
> below will look for the IP address behind a URI and then query the
> cn-kr.blackholes.us RBL to see if that addr is in China:
This one doesn't require a DNS lookup w
On Mon, 2005-08-08 at 15:53 -0500, [EMAIL PROTECTED] wrote:
> >
> > It allows rules such as:
> > uricountry URICOUNTRY_CN CN
> > header URICOUNTRY_CN eval:check_uricountry('URICOUNTRY_CN')
> > describeURICOUNTRY_CN Contains a URI hosted in China
> > tflags URICO
On Sun, 2005-08-07 at 12:27 -0400, Greg Allen wrote:
> They are also using non-Geocities addresses now. Most of the IPs they
> use seem to been from China, so you could RBL china at the front end,
> if you are allowed to block China that is... (my users won't let me
> block China...uggh)
>
>
> --
43 matches
Mail list logo
