Should I set the BAYES_99 score high enough to trigger as spam?
I get plenty of spam getting through which does not get caught because BAYES_99
is the only rule which fires and it is not set to score at or above the
threshold.
Dumb question:
How can I set the autolearn thresholds?
On Aug 15, 2012, at 15 2:18 PM, John Hardin wrote:
> Setting the ham default threshold to -3 or even -5 seems prudent (_much_
> better than the current 0.1)
How can I disable the DNSWL rule/plugin or whatever. Not just give it a
low/zero score but disable it completely.
I am tired of seeing RCVD_IN_DNSWL_BLOCKED in my headers.
Hmm...
can you explain further?
> sha256 checksum and add to local clamav (.hb?) file?
On May 29, 2012, at 12:47 PM, Michael Scheidell wrote:
> On 5/29/12 2:44 PM, JP Kelly wrote:
>> I've been getting a fair amount of spam which contains a large image which
>> causes SA
I've been getting a fair amount of spam which contains a large image which
causes SA to bypass scanning due to the large file size.
Has anyone found a way to combat these types of spam?
JP Kelly
I tried escaping both the # and the " but no joy.
jp
On Feb 16, 2012, at 10:44 PM, Benny Pedersen wrote:
> Den 2012-02-17 06:53, JP Kelly skrev:
>> No didn't work.
>> with --lint I got:
>> warn: config: invalid regexp for rule HTML_TEXT_WHITE_SHORT:
>&g
No didn't work.
with --lint I got:
warn: config: invalid regexp for rule HTML_TEXT_WHITE_SHORT: /style=\"color:
missing or invalid delimiters
On Feb 16, 2012, at 7:53 PM, Benny Pedersen wrote:
> Den 2012-02-17 02:12, JP Kelly skrev:
>
>> How do I implemen
ok I'm a dummy.
How do I implement this?
On Feb 16, 2012, at 5:03 PM, John Hardin wrote:
> rawbody HTML_TEXT_WHITE_SHORT /style="color#FFF;/
t/alternative;
boundary="=_Part_9404548_33090959.9063490075401"
Bounces-to: da5f1995b875ded4537402d6b10da455cf04fa500aa...@bounces.amazon.com
X-AMAZON-MAIL-RELAY-TYPE: notification
X-AMAZON-RTE-VERSION: 2.0
On Mar 6, 2011, at 12:33 PM, Karsten Bräckelmann wrote:
> On Sun, 2011-03-06 at 11:39
1, at 11:33 AM, Karsten Bräckelmann wrote:
> On Sun, 2011-03-06 at 10:51 -0800, JP Kelly wrote:
>> I just found an incoming message which is ham but marked as spam.
>> It received a score of 14 because it is in the auto white-list.
>> Shouldn't it receive a negative sco
I just found an incoming message which is ham but marked as spam.
It received a score of 14 because it is in the auto white-list.
Shouldn't it receive a negative score?
Content analysis details: (7.1 points, 5.0 required)
pts rule name description
-- --
doh!
I guess if I read the subject line that would have helped.
On May 7, 2008, at 11:15 AM, JP Kelly wrote:
where is this line found?
On May 6, 2008, at 3:01 PM, Robert Müller wrote:
So for testing purposes I modified the line
old:
header __BOUNCE_FROM_DAEMON From =~ /(?:(?:daemon|deamon
where is this line found?
On May 6, 2008, at 3:01 PM, Robert Müller wrote:
So for testing purposes I modified the line
old:
header __BOUNCE_FROM_DAEMON From =~ /(?:(?:daemon|deamon|majordomo|
postmaster|virus|scanner|devnull|automated-response|SMTP.gateway|
mailadmin|mailmaster|surfcontrol|
nevermind.
i replaced the subroutine in VBounce.pm with the modified one on
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5884
hopefully this will work.
thanks.
jp
On May 5, 2008, at 12:52 PM, JP Kelly wrote:
Pardon my ignorance, but can someone explain how to implement the
fix for
Pardon my ignorance, but can someone explain how to implement the fix
for this?
JP Kelly
On May 2, 2008, at 9:37 AM, Jesse Stroik wrote:
Stefan,
Fantastic. This works. Thanks for pointing me in the right
direction.
Best,
Jesse
Stefan Jakobs wrote:
On Friday 02 May 2008 17:24, Jesse
yay i finally had the pleasure of getting joe jobbed!
so i am looking at vbounce. i think it is working but when i
intentionally bounce to myself the by sending to a non existent
address, whitelist_bounce_relays does not seem to trigger. searching
the archives i noticed that this may have
i keep getting spam with low scores from what seems to be the same or
similar sources.
they all have a bunch of random words and a link to a throwaway domain
(currently blogspot)
also they always seem to be from an address at yahoo.co.uk
anyone else having trouble with these?
any possible sol
thanks for the rule ,looks like a good one.
can you point me to jennifer's rules?
thanks.
jp
On Mar 3, 2008, at 2:56 PM, Loren Wilton wrote:
body LW_WORDLIST_15P /(?:\b(?!(?:from|that|have|this|were|with)\b)
[a-z]{4,12}\s+){15}/
describe LW_WORDLIST_15P string of 15+ random words
score LW_
does anyone know of a rule that might catch this kind of spam which
contains a lot of non words
a grammar checking rule or plugin would be nice too since many spams
contain a lot of nonsense.
-- message --
From: [EMAIL PROTECTED]
Subj
thank you guenther!
On Feb 29, 2008, at 5:39 AM, Karsten Bräckelmann wrote:
While I understood this comment more generally, aiming at some rules
to
catch the provided spample -- if you actually are after an RE to score
on China TLDs, here you go. That much should be easy:
uri TLD_CHINA m,h
any takers on this?
On Feb 27, 2008, at 2:31 PM, Chip M. wrote:
The main thing that stands out (to me) is the China TLD in the URL.
We block all those on sight (unless they're in the recipient's
domain skip
list - so far, none of my users have any China TLDs in theirs).
Perhaps one of the
everyday i get 2 or three of these coming through.
it seems like they could/should be caught but they often have very low
scores.
they all have yahoo.co.uk in the from address
---example1---
---
headers
---
From: [EMAIL PROTECTED]
Subje
On Jan 21, 2008, at 9:26 AM, mouss wrote:
JP Kelly wrote:
Enough is enough!
SA has been working so well for me all these years I guess I am
spoiled.
I woke up this morning and had 5 Google spams and one legit email
and I've had it.
I noticed a somewhat lengthy discussion on the su
Enough is enough!
SA has been working so well for me all these years I guess I am spoiled.
I woke up this morning and had 5 Google spams and one legit email and
I've had it.
I noticed a somewhat lengthy discussion on the subject here.
I am not able to write my own rules or regex.
Is there a qu
oice. (e.g. CN, KR, RO, RU, IN etc.)
that makes sense to me but after that it says "THE CODE" followed by
a bunch of code.
i am unclear on what needs to be done with this code.
any light shed on this will be greatly appreciated.
jp kelly
On Oct 20, 2007, at 10:10 PM, Bill Landr
What is the best way to check what plugins SA is using?
Id like to be able to say, if this message has over 5 points
dont deliver it at all.
With procmail installed you can do it.
http://wiki.apache.org/spamassassin/DeletingAllMailsMarkedSpam?
highlight=%28delete%29%7C%28spam%29
here is a way to have all spam forward to another mailbox but the
p
poof!
n a static IP so i believe the DYNAMIC_DHCP
rule shouldn't apply.
But then again maybe it has nothing to do with the my IP
Thanks for your help.
JP Kelly
On Feb 21, 2007, at 1:53 AM, Justin Mason wrote:
yeah, it should be all versions *since* 3.1.0 (note that the
original mail was sent 2
regarding the problem where mail from horde gets hit with
HELO_DYNAMIC_DHCP rule due to sender's IP address.
see below...
do you mean SA 3.1?
On Apr 14, 2005, at 3:08 PM, Justin Mason wrote:
check the bugzilla -- I'm pretty sure this is fixed for 3.1.0.
- --j.
This is the IP from th
AOL in their infinite wisdom has decided to add the header X-Spam-Flag: NO to their outgoing messages.Due to the way I have Spamassassin set up with exim this causes any message from AOL to be considered spam.Is there a way to strip the X-Spam-Flag: NO on RCPT before any other processing is done?
It seems SA is not using the SARE rulesets for me?
I see no mention of SARE in any of my tagged spam.
I have been using rules_du_jour and downloading current rulesets.
Any ideas why SA would not be using SARE rulesets?
I am getting a lot of wrist watch spam with links to web pages which
have
malodorous scripts embedded in them
a typical spam looks like this:
From: [EMAIL PROTECTED]
Subject: FW: Because you deserve something special watch-jewelry
Date: December 12, 2005 7:41:01 AM PST
To: [EMAIL PROTECTED]
is SA 3.1 available through cpan yet?
If not will it be?
Yes I see that during regular spam scanning the bayes_db is working.
Thanks for all your effort!
SpamAssassin ROCKS!
On 25 Sep 2004, at 6:42 PM, Theo Van Dinter wrote:
That's the debug output from the initial "get everything going"
internal
message run. Don't worry about it. :)
--
when starting spamd i get an error in the log:
spamd[1290]: debug: bayes: no dbs present, cannot tie DB R/O:
/tmp/spamd-1290-init/.spamassassin/bayes_toks
I have tried rebuilding the bayes db with sa-learn --sync but I still
get the error
any ideas?
38 matches
Mail list logo
