On Jan 9, 2008 3:23 PM, Stefan Suurmeijer <[EMAIL PROTECTED]> wrote:
> Well, I think you're now telling spamd it should always run as nobody, I can
> understand why that fixes the user unknown problem. But I need spamd to run
> as the user the mail is intended for so I can use per-user settings.
I
On Jan 7, 2008 6:59 PM, Stefan Suurmeijer <[EMAIL PROTECTED]> wrote:
[snip]
> Jan 8 00:47:29 smtp1 spamd[11786]: spamd: handle_user unable to find user:
[snip]
>
> This happens for every mail received: unable to find user ''
I've been having the same problem.. I think I just fixed it, though
I'm
On 10/12/07, Michael Parker <[EMAIL PROTECTED]> wrote:
> Two options, since you're using spamc/spamd.
>
> 1) Put user configs into SQL and for user nobody set use_bayes 0, you
> might get similar results if you give user nobody an actual home
> directory and a user_prefs file, but I've never tried
On 10/12/07, John D. Hardin <[EMAIL PROTECTED]> wrote:
> Some options:
>
> (1) turn off autolearn.
>
> (2) if you suspect auto-mistraining then adjust your auto-training
> thresholds.
>
> (3) zap nobody's bayes database nightly (hourly?) in cron.
Yeah, I'm turning on autozap today :P
> John Hard
Hi all,
Quick question. Is it possible to set up spamassassin to use Bayes
only if the -u option is passed via spamc? I'm using simscan to call
spamassassin and if the user is not specified, it falls back to the
nobody account. The bayesian database fills up with tons of tokens
that I believe a
On 7/16/07, Matthias Schmidt [c] <[EMAIL PROTECTED]> wrote:
I know that .
I just meant it's not possible in the real world to prevent "clients"
from talking to port 25 (of course as long as it is not closed by some
isp) or to distinguish a mail-bot from a real server just through the
port the
On 7/16/07, John Rudd <[EMAIL PROTECTED]> wrote:
You can get this same effect without caring about the port number. Just
require SMTP-AUTH for relaying. This is easily achieved, you just
remove any hosts you don't directly control from your relay domain(s).
That means your clients (no matter wh
On 6/21/07, Daryl C. W. O'Shea <[EMAIL PROTECTED]> wrote:
I'd just use sa-update on all of them. You could do sa-update on one
and then rsync the files around, though, if you wanted.
If you're daring, you can try an NFS mount as well. Although, with
either of these (rsync or nfs), doesn't SA
On 5/20/07, night duke <[EMAIL PROTECTED]> wrote:
But i have a problem if i want to move all the spam messages to each spam
folder of each user i must touch each .qmail and create one .procmailrc for
each user.
Nope, you can use maildrop and create a single mailfilter rule. Place
it in the .qm
On 5/14/07, Christopher X. Candreva <[EMAIL PROTECTED]> wrote:
This looks like what is being called "Snowshow" spammers on Spam-L . They
will have a rather large block and just cycle through until their whols
space is used up, then get more.
Ugh.. I had heard about this tactic some time ago, b
ammers at he /24 level (rather than the host
level).
https://sourceforge.net/projects/deny-spammers/
-faisal
On May 13, 2007, at 12:15 AM, Jason Frisvold wrote:
> On 5/12/07, Jason Frisvold <[EMAIL PROTECTED]> wrote:
>> I installed the botnet plugin today, but it's not goin
ammers at he /24 level (rather than the host
level).
https://sourceforge.net/projects/deny-spammers/
-faisal
On May 13, 2007, at 12:15 AM, Jason Frisvold wrote:
> On 5/12/07, Jason Frisvold <[EMAIL PROTECTED]> wrote:
>> I installed the botnet plugin today, but it's not goin
On 5/12/07, Jason Frisvold <[EMAIL PROTECTED]> wrote:
I installed the botnet plugin today, but it's not going to help
anyway.. The IPs these are coming from resolve to a variety of
different hostnames, all without triggering botnet at all.
Here's a sample of the hits I'
On 5/12/07, Matthias Haegele <[EMAIL PROTECTED]> wrote:
I am not sure if the botnet plugin would catch these, but are you using
the botnet plugin at all and sare-rules (www.rulesemporium.com).
I installed the botnet plugin today, but it's not going to help
anyway.. The IPs these are coming fro
On 5/12/07, Faisal N Jawdat <[EMAIL PROTECTED]> wrote:
On May 11, 2007, at 10:54 PM, Jason Frisvold wrote:
> It appears that each mail is sent by a unique IP, so it doesn't look
> like a simple firewall rule will stop this.
Is every single message coming from a unique IP, o
Greetings,
I'm seeing incoming spam at a rate of 2-3 a minute per user and I'm
having trouble properly identifying these as spam with spamassassin.
Or, alternatively, blocking them.
It appears that each mail is sent by a unique IP, so it doesn't look
like a simple firewall rule will stop this.
Greetings,
Am I correct in saying that the "proper" way to set a default
required_score is in the /etc/mail/spamassassin/local.cf file?
I'm running SA 3.2.0 and I seem to be unable to change the default
required_score. I'm using spamc/spamd for processing via simscan.
Per-user rules are enabled
On 11/29/06, Steven Stern <[EMAIL PROTECTED]> wrote:
after sa-update runs, restart spamassassin and it will use the new rules
in /var/lib/spamassassin.
I have this as a cron job:
30 3 * * * sa-update && spamassassin --lint && /etc/init.d/spamassassin
restart
Oh? I thought you needed to spec
Greetings,
I noticed tonight that my bayes_vars table has a large number of
entries for users that are not on my system at all. It seems that SA
is autolearning bayes for non domain users? Is that a known issue?
--
Jason 'XenoPhage' Frisvold
[EMAIL PROTECTED]
Greetings,
After struggling a bit with Bayes in general and trying to figure out
a way to make things run a bit faster, I've done some serious digging
and I want to clarify a few things before I make a mess of my Bayes
DB...
I have everything currently set up to use a MySQL database. The
bayes_
On 11/26/06, Matt Kettler <[EMAIL PROTECTED]> wrote:
Erm.. That's not half old and half new...That's all the same age,
because that's an almost completely empty database. It's only got the
learning from ONE message in it. There are only 72 tokens, and they're
all the same age (oldest and newest a
On 11/26/06, Matt Kettler <[EMAIL PROTECTED]> wrote:
No, you can leave SA running.. however, while it's running sa-learn will
have the R/W lock on the bayes database, so no autolearning will happen
unless you're using the bayes_learn_to_journal option. (normally only
atime updates are journaled.)
On 11/26/06, Matt Kettler <[EMAIL PROTECTED]> wrote:
Yes, you can do that.. you can set: bayes_auto_expire 0 and have a
cronjob call sa-learn --force-expire.
Is this a recommended thing?
Make sure you run the --force-expire as the proper userid.
run sa-learn --dump magic, as I asked. If you n
Wow.. that sucked.. Finished message below.. My apologies for the
previous unfinished message.
On 11/26/06, Jason Frisvold <[EMAIL PROTECTED]> wrote:
On 11/25/06, Matt Kettler <[EMAIL PROTECTED]> wrote:
> Bayes_toks should trim itself automatically.
I understand that, but I w
On 11/25/06, Matt Kettler <[EMAIL PROTECTED]> wrote:
Bayes_toks should trim itself automatically.
I understand that, but I was wondering if it's possible to halt that
and do a manual expire at specific intervals so I can control the load
on the system. Expiry seems to take a while...
Have yo
On 11/24/06, Matt Kettler <[EMAIL PROTECTED]> wrote:
It's not "fixed", it's only hack-fixed. There is no real expiry of
bayes_seen, nor the AWL, in SA 3.1.x.
It's now safe to delete bayes_seen, you won't corrupt your whole bayes
DB if you do that. That's the only fix I know of that's been applie
No takers on this? Have I hit upon a FAQ question? I swear I looked
and searched and I didn't find suitable answers...
On 11/23/06, Jason Frisvold <[EMAIL PROTECTED]> wrote:
Greetings,
Just a few quick questions. First, I noticed that prior to 3.1.0
bayes_seen was not auto expir
On 11/23/06, Jack Gostl <[EMAIL PROTECTED]> wrote:
I'm trying to understand saupdate and how to use it. I have two questions.
I'm running AIX 5.3.
Question 2:
After running saupdate, I assume that all I have to do is to restart spamd.
How can I force spamd to restart and reload its rules? Can
Greetings,
Just a few quick questions. First, I noticed that prior to 3.1.0
bayes_seen was not auto expiriing. That bug is marked as fixed, so is
it safe to say that bayes_seen is now expiring automatically and that
a 20+ meg bayes_seen file is valid?
Next, the bayes_tok database is over 3 Gig
On 3/23/06, Abel Jeffcoat <[EMAIL PROTECTED]> wrote:
> All,
>
> I have gotten a couple of replies, (thank you) but I thought I could be
> more clear.
>
> I'm looking for a tool that will all users to adminstor their blacklist
> and/or whitelist. I use Qmail and have mail delivered to a Spam folder.
On 3/21/06, Duane Hill <[EMAIL PROTECTED]> wrote:
> Dell PowerEdge 2550, Dual P4 2.4 ghz, 2 gig ram, hardware raid5, 4x74
> gig 10,000 rpm scsi III drives from Seagate. Hopefully I can get the
> ram upgraded to 4 gig eventually.
I'm not using anything quite as powerful, but innodb has made a
ma
On 3/21/06, Andrew Donkin <[EMAIL PROTECTED]> wrote:
> Jason, if you haven't moved to innodb already, try "SHOW PROCESSLIST"
> in mysql. Do you have many threads locked on "SELECT FROM
> bayes_token" and "INSERT INTO bayes_token"?
Yep, that's it completely.
> I had about 100 threads locked, so I
On 3/21/06, Duane Hill <[EMAIL PROTECTED]> wrote:
> I am using a per-user configuration here and my DB size currently is
> sitting at just over 10 gig. All of the tables within the MySQL schema
> are using the InnoDB storage instead of the MyISAM. I am also using
> the SA plugin for cachin
On 3/21/06, Gary W. Smith <[EMAIL PROTECTED]> wrote:
> It appears that you are user per user bayes. If you have a large number
> of users and performance is becoming an issue you might want to change
> over to site wide bayes and disable per user.
How are you training Bayes? Do you allow the use
Greetings,
I'm looking for some fine tuning help. It seems that we are currently
I/O limited due to the massive load spamassassin puts on the bayes
database. The database is currently about 3.5 Gig, including indices.
I have a few questions regarding the operation of Bayes.
1) How effective is
On 1/15/06, Andrew Donkin <[EMAIL PROTECTED]> wrote:
> If you have fewer than 65,000 accounts you could halve the size of the
> id columns.
>
> That took 25% off my bayes_token data file and index. Since MySQL
> likes to keep indexes in VM, I think it was worthwhile.
Excellent information, thanks
On 1/12/06, Michael Parker <[EMAIL PROTECTED]> wrote:
> You shouldn't check mail for non-existent users.
We don't. :) Old users who don't have accounts anymore, but who's
account data still exists in spamassassin.. This data is never
checked, but merely takes up space..
> The best way to clear
On 1/12/06, Matthias Keller <[EMAIL PROTECTED]> wrote:
> Sorry i accidently sent the previous (incomplete) message...
>
> I'm by no means a bayes specialist but i dont think it's a good idea
> just to delete the oldest entries since SA provides its own mean of
> purging...
Gotcha.. I kinda knew a
Hi all,
I've been investigating some recent slowness issues with our mail
servers and I noticed that the spamassassin database is getting rather
large. We process approximately 300,000 mails a day (or more). The
bayes_token database is over 1.8 Gig at the moment. (Actually, 1.8 Gig
for the data,
On 12/27/05, Loren Wilton <[EMAIL PROTECTED]> wrote:
> Close, but not quite.
>
> (?:[\\/]|per)
>
> The (?:) is bracketing. A normal pair of parends would be 'capturing' and
> keep track of what was found within the grouping. The ?: modifier tells
> Perl to not bother capturing the contents, since
On 12/27/05, Mark R. London <[EMAIL PROTECTED]> wrote:
> What does m{} do, like in the following test?
>
> body DRUG_DOSAGEm{[\d\.]+ *\$? *(?:[\\/]|per) *d.?o.?s.?e}i
Looks like a case insensitive match .. Let's see..
[\d\.]+ matches a digit or a period one or more times
* (that's s
On 9/23/05, Matthew Yette <[EMAIL PROTECTED]> wrote:
> For those who went from 3.0.4 to the latest release candidate, would you say
> it's a worthy upgrade? Where do you see the largest benefits? Is it overall
> a good move if you're currently pretty satisfied with 3.0.4?
I've only done this so fa
On 8/1/05, email builder <[EMAIL PROTECTED]> wrote:
> Even if I had forgotten the -A, I think I would have been seeing connection
> refused notices, but right now, it just seems to time out. I'm pretty sure
> this is a LVS question more than a spamc/d question, since I've no problems
> with the la
On 5/6/05, Chris Santerre <[EMAIL PROTECTED]> wrote:
> Side note: He recently asked for feedback of things you would like to see
> added to a second addition. So if you got any, fire him a quick email.
> Looking to take it to a more advanced level.
Ahh.. very cool.. Where do I send the info? :)
On 5/6/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> Just curious if there's anybody here who ordered Alistair MacDonald's SA book
> from Pakt and whether they remember how long after ordering did it take to
> arrive.
I ordered 2 of them... (home and office) ...
I think it only took a few
On Wed, 02 Feb 2005 21:20:50 -0500, Matt Kettler <[EMAIL PROTECTED]> wrote:
> Hmm.. so zombies are going to start using the legit mailserver instead of
> acting as a direct delivery... Hmm.. Well, we should see the DUL RBL hits
> drop off pretty fast. Won't affect SURBL hits though.
Or see legit m
On Mon, 22 Nov 2004 11:47:11 -0600, Jon Dossey
<[EMAIL PROTECTED]> wrote:
>
> Me again - FC2, sendmail 8.13.1, spamassassin 3.0.1 (via spamass-milter
> 0.2.0)
>
> I've got two e-mail gateways running this configuration (more or less).
> Is there any way to keep the Bayesian databases synchronized
On Wed, 27 Oct 2004 22:51:39 -0700, Robert Menschel <[EMAIL PROTECTED]> wrote:
> Hello Jason,
Hello :)
> No problem at all. I feed all spam from three domains into sa-learn
> for all three domains. Depending upon timing and other considerations,
> it's possible for a specific spam to reach domai
Hi all,
I have a question regarding the bayesian filter, specifically the
learning function. I use the sasql plugin for Squirrelmail which
creates "Learn Spam" and "Learn FP" folders. I also have a procmail
script that moves spam to a Spam folder.
I was thinking about combining the Spam and Lea
> yeah, me too. maybe we can get one or two standing beside the
> new logo ;)
Agreed.. When I heard about the new logo, I had high hopes for a new
ninja look.. My heart fell when I saw that the ninjas were gone...
Don't get me wrong, the new logo is really nice, but I just loved
those ninjas..
On Tue, 12 Oct 2004 22:58:43 -0500, Dallas L. Engelken <[EMAIL PROTECTED]>
wrote:
> John, if you need expiry right now, you can use my patch on bug 3802 if
> you want. It will basically do what Michael is talking about except for
> purging count=1 entries.
>
> http://bugzilla.spamassassin.org/sh
On Tue, 12 Oct 2004 22:04:49 -0500, Michael Parker <[EMAIL PROTECTED]> wrote:
> How odd, I was just writing a blurb about this in my ApacheCon
> presentation. In the future, AWL will have some sort of expiration,
> in the mean time, with SQL, I've had great success with a lastupdate
> of type TIME
Is there any accepted method for expiring AWL entries? I'm currently
using the SQL implementation of AWL.
If there was no accepted method, my plan was to add a TIMESTAMP field
to the database and expire old records...
Thanks!
--
Jason 'XenoPhage' Frisvold
[EMAIL PROTECTED]
On Tue, 12 Oct 2004 07:31:36 -0700, p dont think
<[EMAIL PROTECTED]> wrote:
> FYI, we are planning to extend the following wrapper method by spitting
> out a temporary conf file with the correct username in it, and deleting
> the conf file when done:
>
> http://jousset.org/pub/sa-postfix.en.html
> You mean this?
> http://bugzilla.spamassassin.org/show_bug.cgi?id=3766
Awesome, thanks for the link :)
It's always interesting to watch the flow of thinking for something
like this... I can agree with both sides of the permissions issue...
In my case, the only users with direct access to the
On Mon, 11 Oct 2004 09:38:32 -0400, Jason Frisvold <[EMAIL PROTECTED]> wrote:
> But therein lies the problem... I don't have a local.cf file for each
> user because the users are virtual. I was hoping to avoid using
> local.cf files because I'm using SQL to allow shar
On Mon, 11 Oct 2004 09:15:20 -0400 (EDT), Keith Hackworth
<[EMAIL PROTECTED]> wrote:
> I ran into the same problem. All I had to do was set the
> bayes_sql_override_username value in my local.cf and it took care of it
> for me. When I do a sa-learn [spam|ham], it loads in as the user I
> specifie
Hi all,
I'm trying to implement SQL Bayes and I need a little help. I have
the bayes database set up and it does seem to work properly. However,
sa-learn seems to be placing the ham and spam into the database for
the user the command is run as. How do I override the username so
that the ham/spa
58 matches
Mail list logo
