We are looking at doing some testing w/ Postini as our "outside" spam
filter. Currently we are running SA 3.0.4 internally, with the milter-
spamc/sendmail combo.
What is the "best" way to temporarily disable SA so it is removed
from the "test"? If we simply "stop" spamd, will mail simply "
We want to do some testing of our email system with, and without, SA
intercepting the mails. Currently, we have SA 304 installed and
running with sendmail, using the milter-spamc "hook".
I just want to verify that if one manually "shuts down" the spamd
daemon, that the emails would be event
We have been using Razor2 for some time on SA 3.0.4. I was recently
reading about DCC. We have never tried it, so I was wondering about
opinions as to its use. How effective is it? Should it be used with,
or in place of, Razor?
Currently, about 30% of the "spam" that sneaks through our setup of
spamassassin 3.0.4 is flagged as RAZOR2_CHECKED, but still scores
below 5.0 ( it varies from 2-4) . We have the rules_du_jour script
running updates regularly, and bayes is trained.
Does it make sense to "bump up" the RAZO
To start with, I apologize for the utter lack of information in what
follows. I am headed out of town, and promised I would see if I could
find any ( as the old saying goes) "breadcrumbs" to follow
We started using milter-spamc 0.25 and SA 3.0.4 to send spam email to
an Exchange server
We are using SA 3.0.4 w/ milter-spamc 0.25Started seeing some of these in the last day or two in the maillog...any ideas?ction=eoh, continueJul 29 18:57:21 email1 spamd[13210]: Cannot open bayes databases /etc/mail/spamassassin/bayes_* R/W: tie failed: Permission denied
absolutely no way to get
SpamAssassin to delete emails or even drop them.
{^_^}
- Original Message -----
From: "Dr Robert Young" <[EMAIL PROTECTED]>
Have a virus scanner that correctly identified the email as having a
virus attachment, but it still passed along the "clean
5, at 4:13 PM, Rick Macdougall wrote:
Dr Robert Young wrote:
We had a very short spam come in (actually it had a virus
attachment named "updated-password.zip"). There is not much to
grab onto
Content analysis details: (1.5 points, 5.0 required)
We had a very short spam come in (actually it had a virus attachment named "updated-password.zip"). There is not much to grab ontoContent analysis details: (1.5 points, 5.0 required) pts rule name description -- --
he razor type query test. ____________ Dr. Robert Young ALI Database Consultants 1151 Williams Dr Aiken SC 29803 USA WWW: http://www.aliconsultants.com Tele: 1-803-648-5931 Toll free in US: 1-866-257-8970 Fax:1-803-641-0345 Email: [EMAIL PROTECTED] "Source of Rdb Controller,
I have some entries in the auto-whitelist that are "bogus" and give
strong negative scores. How would one remove them w/out doing a
"clean" or re-creating the auto-whitelist from scratch?
I left out the second part of the milter-spamc 0.25 build from the
first posting (sorry about that...my fault). The first posting was
for the Libsnert library needed by milter-spamc. This one is for the
"milter-spamc" itself.
In addition to the earlier changes (gcc 3.3 and -o) , you must
API
Berkeley DB..: not found
libmilter: no
CFLAGS...: -D_REENTRANT -g -Wall -fvolatile
LDFLAGS..:
LIBS.: -lpthread
But at least it gets to the end without bombing out!!
Thanks to Anthony Howe for his help in pointing me in the right
direction.
________
Has anyone built this milter for SpamAssassin under Mac/X 10.3 or
later? If so, is it available for download as binary? I get errors on
a simple ./configure with gcc 4.0.0 on Mac/X 10.4.2
gh "each and every" rule and
test listed , on each email?
On Jul 15, 2005, at 12:56 PM, Daryl C. W. O'Shea wrote:
Dr Robert Young wrote:
.
{whatever}
inserting "" in the middle of "key words"
When you pass an email through Spa
.
{whatever}
inserting "" in the middle of "key words"
____________
Dr. Robert Young
ALI Database Consultants
1151 Williams Dr
Aiken SC 29803
USA
WWW: http://www.aliconsultants.com
Tele: 1-803-648-5931
Toll free in US: 1-86
Is there a good way to handle spam where the bulk of the "ad" is a
image file (jpg, gif, etc) that is attached to the email so that it
"displays" when the user opens the email?
____________
Dr. Robert Young
ALI Database Consu
nd oranges?
____
Dr. Robert Young
ALI Database Consultants
1151 Williams Dr
Aiken SC 29803
USA
WWW: http://www.aliconsultants.com
Tele: 1-803-648-5931
Toll free in US: 1-866-257-8970 Fax:1-803-641-0345
Email: [EMAIL PROTECTED]
"Source of
Is there a rule that would allow one to score an email with an embedded
graphic to a negative spam value, no matter what else was in the
body???
Dr. Robert Young
ALI Database Consultants
1151 Williams Dr
Aiken SC 29803
USA
WWW: http
One more whitelist question
if the whitelist database file is "deleted", then spamassassin will
create a new one ( by itself) and start collecting information from the
beginning, correct?
____
Dr. Robert Young
AL
,
mailer=relay, pri=34540, relay=exchange.gold.com [36.110.112.37],
dsn=2.0.0, stat=Sent (OK)
Jul 13 16:48:18 email1 sendmail[20539]: j6DKkGNJ020346: done;
delay=00:02:01, ntries=1
[EMAIL PROTECTED] /root]#
Dr. Robert Young
ALI Database C
Is there a way to remove an entry from a user's individual and/or a
system wide whitelist db?
____
Dr. Robert Young
ALI Database Consultants
1151 Williams Dr
Aiken SC 29803
rn enabled", but my first inclination is
that one might want access to the spam at a future date in an
"unaltered" state.
Which would be better based on people's past experience?
____________
Dr. Robert Young
ALI Database Consultants
1
I was wondering since our whitelist database is currently > 8Mb and
when looking at it, a vast majority are only /1 scores...
On Jul 14, 2005, at 7:31 AM, Kai Schaetzl wrote:
Dr Robert Young wrote on Wed, 13 Jul 2005 22:00:04 -0400:
How often should one "clean" the whiteli
How often should one "clean" the whitelist ?
eceived" line I am wondering about matching with the
white list......
____
Dr. Robert Young
ALI Database Consultants
1151 Williams Dr
Aiken SC 29803
USA
WWW: http://www.aliconsultants.com
Tele: 1-803-648-5931
Toll free in US: 1-866-257-8970 Fax:1-803-641-0345
Email: [EMAIL PROTECTED]
"Source of Rdb Controller, software for database analysis &
performance tuning"
detailed" results of spam scoring to be returned (which test contributed which score to the total) for ALL email ( spam and non-spam)??
________
Dr. Robert Young
ALI Database Consultants
1151 Williams Dr
Aiken SC 29803
USA
WWW: http://www.aliconsul
I think I know the answer here, but does spamd scan attachments if you
are using milter-spamc v 0.25 as the sendmail-> spamd "link"??
________
Dr. Robert Young
ALI Database Consultants
1151 Williams Dr
Aiken SC 29803
U
Is there a way to mark as spam an email which contains basically
nothing but an image.tiff file which is, itself, the "spam" message
being displayed as a graphic?
____
Dr. Robert Young
ALI Database Consultants
1151 Williams D
in? so it doesnt run ??
________
Dr. Robert Young
ALI Database Consultants
1151 Williams Dr
Aiken SC 29803
USA
WWW: http://www.aliconsultants.com
Tele: 1-803-648-5931
Toll free in US: 1-866-257-8970 Fax:1-803-641-0345
Email: [EMAIL PROTECTED]
"
Is there documentation available on all the prerequisites and setup
necessary for it to operate correctly?
On Jul 9, 2005, at 8:39 PM, Theo Van Dinter wrote:
On Sat, Jul 09, 2005 at 07:47:22PM -0400, Dr Robert Young wrote:
Is there any information available on what configuration your
Is there any information available on what configuration your firewall
needs in order to make use of SURBL in SA 3.0.4? Forts, etc??
..but the wording is just 'suggestive' enough to make me worry!
On Jul 9, 2005, at 2:42 PM, jdow wrote:
That, sir, appears to be a problem with your milter or sendmail config.
What does that second entry mean to you?
{^_^}
- Original Message -
From: "Dr Robert Young&q
I just upgraded a box that had a "broken" Sa 2.63 to SA 3.0.4
I noticed the following in the maillog...is this normal for a very
"low" activity system. The "no active filter" has me worried.
Using spamassassin and spamc to send in the "sample" emails" showed
them to be working, but that does
Anyone have information on which ports would need to be opened for
rules_du_jour to function?
Is there a particular "port" and/or "protocol (TCP/UDP) that must be
opened on any firewalls that might be on the network for the plugin to
work?
On Jul 8, 2005, at 6:25 PM, Matt Kettler wrote:
Dr Robert Young wrote:
I have been looking at the incorporation or SURBL in
I have been looking at the incorporation or SURBL into the SA 3.0.4
release (I will say up front I am very early on the learning curve for
SA).
I have read that the SURBL support is built in by default in SA 304,
and I can see where the plugin is loaded in init.pre.
However, is there any oth
I am just becoming familiar with SpamAssassin, so I am sure this may
appear to be an "obvious" issue to those familiar with the tool. I am
just learning the ins and outs however.
I downloaded many of the SARE rulesets (not bigevil however), and I am
running "spamassassin -D --lint". It seems
In configuring the rules_du_jour script for rule updates, I am a bit
concerned over my interpretation of the SA_RESTART parameter. It sounds
like it is a call to the routine to "stop and then re-start" the spamd
daemon. But the rules_du_jour example "kills" the spamd process with
killall (ie
My error...I meant to say the milter-spamc v 0.25
On Jul 5, 2005, at 11:24 AM, Andy Jezierski wrote:
Dr Robert Young <[EMAIL PROTECTED]> wrote on 07/05/2005 10:22:45 AM:
> In my initial foray into Spamassassin (2.63 to start, V3 later), I am
> trying to get the spamc compo
In my initial foray into Spamassassin (2.63 to start, V3 later), I am
trying to get the spamc component linking sendmail and spamd to work. I
have verified that the spamc->spamd is working by running it manually
on the command line. I have sendmail compiled with -DMILTER, but I seem
to be havi
I have verified that the installation I am taking over has Spamssassin
2.63. It was trained (I presume) on good & bad emails about 1-2 yrs
ago. SPAM has been "automatically" collected from users and fed back
into the system. However, there has been no updating on the "good"
email training.
Ov
I pulled the rules_du_jour script down and ran it. I get
exec: wget -N http://sandgnat.com/rdj/rules_du_jour >
/home/rcyoung/Mail-SpamAssassin-2.63/RulesDuJour/wget.log 2>&1
wget_output: --20:38:10-- http://sandgnat.com/rdj/rules_du_jour
=> `rules_du_jour'
Resolving sandgnat.com...
Being new to SA, I thought I would inquire as to the frequency of
training/rules updates required for SA. I know the spammers are an
industrious lot, so existing rules and stats would eventually loose
their effectiveness. However, what have people found to be a good
training/update schedule in
Has anyone set up a database/clearing house of "rules" etc that are
associated with Spamassassin? Something like Perl's CPAN?
I have Perl 5.8.3 installed. I am going to be installing SA 2.6, and
then perform an upgrade to SA 3.0 as part of a test before attempting a
"real" upgrade on an existing production system.
I noted in O'Reilly's Spamassassin book that Sys::Syslog is listed as
being required. I also saw this o
Does anyone have an old copy of milter-spamc ( the 0.25 or higher
"free" versions" ) lying about they could email as a zipped attachment
along with its associated files?
I was looking to "try it out" w/ spamassassin, but the latest version
from snertsoft must be licensed and costs $$$. I woul
;t provide any details. In the past I've upgraded from 2.6x to 3.0x without any problems using milter-spamc 0.25.
Although on the new machine I'm putting together it won't compile, so I'm switching over to spamass-milter.
Andy
__
_______
Dr. Robert Young
Does anyone have information on the installation/upgrade of V3 of
Spamassassin, on a system already running V2? Should the new version
go "on top" of the older one, or as a separate product install? Any
issues one should be aware of?
I am installing on RedHat 6.2 and using a fairly recent ve
50 matches
Mail list logo
