Slightly off-topic from SpamAssassin specifically. But I have a
question about certain email addresses triggering spam filter scores. I
know anybody can create any rule they want to. I just want to
understand best practices and recommendations.
I work for a medium size but growing company t
ally appreciate your additional clarification
of /usr being static, etc. But not knowing that the local.cf header
is a bit misleading.
Again, thank you so much for the detailed explanations.
Jerry
On 10/20/2021 1:39 PM, Bill Cole wrote:
On 2021-10-20 at 12:50:17 UTC-0400 (Wed, 20 Oct 2
As I said in a previous post, I'm installing clean. I'm looking for a
way to validate the installation and make sure that everything with SA
is working as it should. I'm pretty confident I've got the basic SA
function working. But along with the bayes issue from a couple of posts
back, I can
I have read that I should add customization to local.cf. But on AWS
Linux I have a local.cf in /usr/share/spamassassin. It says this is the
place to make changes. But there's another local.cf in
/etc/mail/spamassassin that looks like it has some customization in it
as well. It says the valu
I am starting over with a clean install of SA on an AWS Linux2 EC2. I'm
am struggling with getting Bayes set up correctly. I have a very old
bayes_toks file from a Jam Windows install from about 4 years ago. I
created a userId for spamd, and I put the bayes_toks file in
/home/spamd/bayes. I
I am starting over with a clean install of SA on an AWS Linux2 EC2. I'm
am struggling with getting Bayes set up correctly. I have a very old
bayes_toks file from a Jam Windows install from about 4 years ago. I
created a userId for spamd, and I put the bayes_toks file in
/home/spamd/bayes. I
Thanks for the quick response. I'll definitely start playing with that.
On 10/11/2021 10:28 PM, David B Funk wrote:
On Mon, 11 Oct 2021, Jerry Malcolm wrote:
I am getting tons of emails that are very obviously spam (elongation,
russian beauties, etc) that are getting a -5 score add
I am getting tons of emails that are very obviously spam (elongation
rituals, russian beauties, etc) that are getting a -5 score added on the
white list test:
CVD_IN_DNSWL_HIRBL: Sender listed at https://www.dnswl.org/, high trust
I'm curious about the usefulness of a white list that so many s
I am getting tons of emails that are very obviously spam (elongation, russian
beauties, etc) that are getting a -5 score added on the white list test:
CVD_IN_DNSWL_HIRBL: Sender listed athttps://www.dnswl.org/, high trust
I'm curious about the usefulness of a white list that spammers have obvio
On 9/24/2020 8:17 AM, RW wrote:
On Wed, 23 Sep 2020 13:47:23 -0500
Jerry Malcolm wrote:
But gmail, outlook, and a bunch of other MTAs won't accept it and
bounce it back (with no reason attached). I'm hosting on AWS. So
the recommendation was to proxy my outbound mail through
Bob... wow. I really appreciate the analysis. This is (or will be as
soon as dig into everything you've explained) incredibly useful. Thank
you so much.
Jerry
On 9/24/2020 8:23 PM, Bob Proulx wrote:
Jerry Malcolm wrote:
I have a question about how SA's DKIM rules apply to virtu
On 9/24/2020 10:54 AM, Alan Hodgson wrote:
Or is there some criteria to determine which domain name
should have the DKIM signature? Is there a penalty score if one or
the other is missing?
It's doesn't make much difference, unless there's a whitelist involved.
If you publish a DMARC record, D
I have a question about how SA's DKIM rules apply to virtual hosting.
If "myhosting.com" hosts and sends mail for "JoesFlowers.com", does SA
check the signature for "myHosting.com", for "JoesFlowers.com", or
both? Or is there some criteria to determine which domain name should
have the DKIM s
They are totally an online company. All mail is handled through my server.
On 9/23/2020 5:54 PM, Ángel wrote:
On 2020-09-23 at 14:46 -0500, Jerry Malcolm wrote:
My client is massively invested in AWS with many servers, databases,
and services unrelated to mail. Moving to another platform is
On 9/23/2020 2:38 PM, Grant Taylor wrote:
On 9/23/20 1:22 PM, Jerry Malcolm wrote:
With all of the gyrations I had to go through to be able to use SES
along the monitoring Amazon does with SES, I'm kinda surprised that
it would be flagged as a spam source.
I don't know about SE
On 9/23/2020 2:33 PM, iulian stan wrote:
Most of the time the IPs from AWS are already blacklisted and you
cannot do anything.
I'm curious why such a blanket statement. Why does AWS have such a bad
reputation? With companies like Netflix and Dropbox using AWS, why are
they considered across
On 9/23/2020 2:11 PM, John Hardin wrote:
On Wed, 23 Sep 2020, Jerry Malcolm wrote:
On 9/23/2020 12:46 PM, John Hardin wrote:
On Wed, 23 Sep 2020, Jerry Malcolm wrote:
I am sending test emails from one of my hosting environments to
another of my hosting environments. I get this line in the
On 9/23/2020 1:51 PM, Marc Roos wrote:
I'm hosting on AWS. So the recommendation was to proxy my outbound
mail through AWS's SES server so it :?
appeared that the mail came from 'trusted' Amazon.
Ehhh, amazon cloud messages are flagged by us as spam, and some ranges
are even blocked. I woul
On 9/23/2020 12:46 PM, John Hardin wrote:
On Wed, 23 Sep 2020, Jerry Malcolm wrote:
I am sending test emails from one of my hosting environments to
another of my hosting environments. I get this line in the SA report:
1.6 FORGED_MUA_MOZILLA Forged mail pretending to be from Mozilla
I
I am sending test emails from one of my hosting environments to another
of my hosting environments. I get this line in the SA report:
1.6 FORGED_MUA_MOZILLA Forged mail pretending to be from Mozilla
I am sending from Thunderbird. So it's coming from Mozilla. But it is not
forged mail pr
I'm curious about the DNSWL rule. I have a brand new domain and just
created mail server for it. I sent a test email to another one of my
servers which processes mail through SA. On that test email on the
recipient side I get:
-5.0 RCVD_IN_DNSWL_HI RBL: Sender listed at
https://www.d
.
Jerry
On 11/26/2019 11:15 PM, Jerry Malcolm wrote:
This is getting stranger by the minute... After playing around and
verifying permissions and everything, I actually started getting a
bayes score item for each email. So I celebrated and went to dinner.
Came back a few hours later and
else
related to bayes in the log after the first 30 minutes.
Anybody have any idea about why it would work for 30 minutes, then just
bypass from then on?
Jerry
On 11/26/2019 6:29 PM, Jerry Malcolm wrote:
On 11/25/2019 3:02 PM, Mikael Syska wrote:
Try and run:
sa-learn --dump magic
Shou
f either "spamd" user or your own runs it ... you should get the
same result ...
( I'm actually running it in PgSQL, can't remember what the file based
is called )
mvh
Mikael Syska
On Sun, 24 Nov 2019 19:35:16 +0100 *Jerry Malcolm
* wrote
Thanks
Thanks again to everyone who helped me get everything up and running
over the past couple of days.
Now that I have SA finding my bayes database, I'm curious about bayes
reporting. My bayes db is not new. I migrated my previous bayes db
from my old installation. And I've been training it wit
On 11/23/2019 3:24 PM, RW wrote:
On Sat, 23 Nov 2019 13:07:02 -0600
Jerry Malcolm wrote:
Bob & John Thanks so much for the info. But as if I wasn't dazed
& confused enough already, I have discovered a new variable to the
whole thing. I have set up a couple of sandbox EC2 i
On 11/23/2019 3:00 PM, Bob D wrote:
On 11/23/19 1:07 PM, Jerry Malcolm wrote:
Bob & John Thanks so much for the info. But as if I wasn't dazed
& confused enough already, I have discovered a new variable to the
whole thing. I have set up a couple of sandbox EC2 instances
user 'spamd'.
Are my assumptions reasonably close? Is it possible that this process
could be made a bit easier for 'stupid idiots' like me? :-)
Thanks so much. I could NOT have done without your help.
Jerry
On 11/23/2019 1:56 PM, Jerry Malcolm wrote:
All righty...
On 1
All righty...
On 11/23/2019 1:37 PM, Bob D wrote:
Jerry,
Let's back up a bit.
Let us see your distro via the command lsb_release -a
bash: lsb_release: command not found -- is that in a certain
folder I need to cd to?
Also the version via uname -r
4.14.154-128.181.amzn2
Bob & John Thanks so much for the info. But as if I wasn't dazed &
confused enough already, I have discovered a new variable to the whole
thing. I have set up a couple of sandbox EC2 instances just to play. I
didn't realize it at first, but one is AWS Linux 1 and the other is AWS
Linux 2
Meanwhile, back at the ranch I still have the one outstanding
question from before the 'interruption'
I know it may be the unpardonable sin according to some to ask a
question without having a PhD in Linux. But after 30+ years in Windows
and (yes) OS/2 design and development for IBM,
Thank you for the information. I apologize for taking the bait. It just
totally blindsided me that anyone here would initiate such a vicious
personal attack. Feel free to delete the recent chain of responses from
the users group.
Jerry
On 11/22/2019 8:48 PM, Ralph Seichter wrote:
* Jerry
e here.
On 11/22/2019 6:10 PM, Reindl Harald wrote:
Am 23.11.19 um 01:03 schrieb Jerry Malcolm:
What a wonderful way to be treated by a know-it-all arrogant asshole to
someone who has a problem with your stupid program and simply wants
answers.
it's NOT my program
I DIDN'T DO A T
OF THE BOX UNMODIFIED are you having trouble with
I guess I'm just a stupid idiot for thinking anything you'd write would
work out of the box.
On 11/22/2019 5:56 PM, Reindl Harald wrote:
Am 23.11.19 um 00:54 schrieb Jerry Malcolm:
I don't appreciate you implying I'm a stupid
appeared in the log file when I ran
it out of the box. Why don't you read the full thread before INSULTING
people.
On 11/22/2019 5:17 PM, Reindl Harald wrote:
Am 22.11.19 um 23:06 schrieb Jerry Malcolm:
Well, I thought I finally had everything resolved. When I run
spamassassin -D --
-init/.spamassassin/bayes_toks
When running the same SA as a service, it's NOT looking for bayes in
/root/.spamassassin. Rather it's trying to find it in some random name
temp folder.
What am I doing wrong this time?
Thx
On 11/22/2019 1:38 PM, Jerry Malcolm wrote:
Kris,
This was exactly
. I
just moved my bayes_toks file to the folder SA is saying it wants to use.
My last problem (for today) is figuring out how to get my old bayes_toks
into a format that the current SA likes. I posted that in a separate
thread. Thank you again.
Jerry
On 11/22/2019 1:17 PM, Kris Deugau wro
You are correct that I had not moved my bayes db. I have the bayes_toks
file. But as I expected, the log says:
warn: bayes: cannot open bayes databases
/root/.spamassassin/bayes_* R/O: tie failed:
Googling this, I'm pretty sure this means that I have a db version
mismatch. I was o
Thanks for the quick response... see below:
On 11/22/2019 12:25 PM, Matus UHLAR - fantomas wrote:
On 22.11.19 12:14, Jerry Malcolm wrote:
I am trying to add bayes to SA. I see in the docs that there is a
use_bayes parm and the path parm. I made the changes to
/usr/share/spamassassin
I am trying to add bayes to SA. I see in the docs that there is a
use_bayes parm and the path parm. I made the changes to
/usr/share/spamassassin/local.cf. But I see no change. I am not sure
it's even loading that config file. I've got debug on, and the log
doesn't tell me that it's reading
Where is the configuration parameter that governs where bayes_toks is
stored for global use (not per user)? I am on an AWS Linux EC2
environment. I've seen comments on the net that say it's in
/.spamassassin and other comments that say it's in /root/.spamassassin.
But I've tried copying my p
I'm not sure what you mean by not using SpamAssassin, rather a glue
(??). I am calling SA from Apache JAMES. I'm simply adding the SA
results as headers in the email I'm not doing anything that would
affect the score of an email.
On 11/21/2019 2:26 PM, Benny Pedersen wrote:
believe that is the case. Is there really
not a single rule that comes with SA that detects "hard all night",
"grow your member", and "I want your sex"?
On 11/21/2019 1:37 PM, Benny Pedersen wrote:
Jerry Malcolm skrev den 2019-11-21 20:11:
Doesn't this kin
ect SA to
have something that would catch this other than a suspicious TLD without
me having to go into the bowels of the rules and do my own scoring. I
think I'm missing something.
On 11/21/2019 12:44 PM, Benny Pedersen wrote:
Jerry Malcolm skrev den 2019-11-21 19:02:
X-SpamAssassin
I recently migrated SA to a new environment with a clean install. I
added the KAM rules and a short rules file of my own. But I'm obviously
missing some pretty basic rules that I believe I had in the old
environment. Just as an example (one of hundreds...), today I received
an email about As
On 9/28/2019 9:38 AM, Matus UHLAR - fantomas wrote:
On 28 Sep 2019, at 0:24, Jerry Malcolm wrote:
Understood. I'm definitely stopping and starting the spamd
service. (Although it's called the spamassassin service, it is
definitely starting and stopping spamd.
I've done a
On 9/28/2019 12:35 AM, Bill Cole wrote:
On 28 Sep 2019, at 1:21, Jerry Malcolm wrote:
On 9/27/2019 11:49 PM, Bill Cole wrote:
On 28 Sep 2019, at 0:24, Jerry Malcolm wrote:
Understood. I'm definitely stopping and starting the spamd
service. (Although it's called the spamassass
On 9/27/2019 11:49 PM, Bill Cole wrote:
On 28 Sep 2019, at 0:24, Jerry Malcolm wrote:
Understood. I'm definitely stopping and starting the spamd service.
(Although it's called the spamassassin service, it is definitely
starting and stopping spamd.
I've done a ton of dig
e.
Thx
Jerry
On 9/27/2019 11:40 PM, LuKreme wrote:
On Sep 27, 2019, at 13:14, Jerry Malcolm wrote:
I am trying to change the results threshold from 5.0 to 4.0.
Do you have a really good reason that you have researched and really examined
for doing this based on years of experience with Spam
to log config file processing.
Add the following to your spamd start up command line arguments:
--debug config
Then restart and look at the logging output to see which config files
it's processing and in which order.
On Fri, 27 Sep 2019, Jerry Malcolm wrote:
Hi Bill, Thanks for th
Oh yes... and the location of the actual SA startup command file as
well.
Thx
On 9/27/2019 7:01 PM, Jerry Malcolm wrote:
Thanks. I'll try all of that. But unfortunately I'm coming into AWS
Linux from a Windows background. I'm having a heck of a time finding
the config
ch config files
it's processing and in which order.
On Fri, 27 Sep 2019, Jerry Malcolm wrote:
Hi Bill, Thanks for the quick response.
I'm using Apache James 3.3.0. I investigated the class that calls
spamd. There is a class SpamAssassinInvoker in the James
distribution that
t();
String s = null;
while ((s = in.readLine()) != null) {
On 9/27/2019 3:21 PM, Bill Cole wrote:
On 27 Sep 2019, at 15:14, Jerry Malcolm wrote:
I am setting up SA on an AWS Linux EC2. I am trying to change the
results threshold from 5.0 to 4.0. I went to
/usr/share/spamassassin/local.cf, unc
I am setting up SA on an AWS Linux EC2. I am trying to change the
results threshold from 5.0 to 4.0. I went to
/usr/share/spamassassin/local.cf, uncommented and changed:
"required_score 4.0". But when I stop and start the service and process
an email through it, headers still say 5.0 as the
table
Subject:
Date: Sun, 20 May 2018 20:37:59 +
To: "Jerry Malcolm, 2nd Generation Video Productions"
Reply-To: "Marcie Dancy"
X-Mailer: iPhone Mail (15A432)
X-AntiAbuse: This header was added to track abuse, please include it with any
abuse report
X-AntiAbuse: Primary Hos
On 11/25/2017 12:02 PM, David Jones wrote:
On 11/25/2017 11:41 AM, Jerry Malcolm wrote:
Thanks so much for all the info. I have installed KAM rules, and
I've started becoming a ninja writing my own (simple) rules. MUCH
improved results (amazing when you finally learn what your
Thanks so much for all the info. I have installed KAM rules, and I've
started becoming a ninja writing my own (simple) rules. MUCH improved
results (amazing when you finally learn what your doing)
I figure before this is all over with, I'm going to have to become very
knowledgeable about
On 11/21/2017 3:52 PM, Bowie Bailey wrote:
On 11/21/2017 4:01 PM, Jerry Malcolm wrote:
I have been using SpamAssassin in my hosting environment for several
years. It catches thousands of spam messages (thank you...). But my
concern is that it doesn't catch a couple of hundred message
I have been using SpamAssassin in my hosting environment for several
years. It catches thousands of spam messages (thank you...). But my
concern is that it doesn't catch a couple of hundred messages per day.
I have the Bayesian filter working, with a simple way to train it. I
have sent over
I didn't "misguide" anyone. Even if you can't think of a reason to use
it or don't want to use it, then don't use it. There's no reason to
disparage the service. It found all kinds of problems with my email. I
fixed them. I haven't had any problems since.
Don't misguide people!
On 9/20/
My recommendation as a first step is to go to mail-tester.com. They will
tell you to send an email to a temp email address, and they will analyze
and grade your email as to 'spamy-ness'. Outlook, gmail, etc were
flagging a lot of my emails. After I finally fixed everything and got
mail-tester.
with them. But I'm still getting negative
scores on them. So I simply wanted to be able to do a bit of research
disecting the score to see why the score is what it is.
Thanks again.
Jerry
On 8/7/2017 1:33 PM, David B Funk wrote:
On Mon, 7 Aug 2017, Jerry Malcolm wrote:
I'm invoking
On Aug 7, 2017, at 2:00 PM, Jerry Malcolm wrote:
I'm invoking spamd using:
CHECK SPAMC/1.2\r\n
I'm getting the expected response such as:
Spam: False ; -1.8 / 4.0
I am trying to figure out how to get the TESTS= results of the individual tests
returned as well.
did you try SYMBO
I'm invoking spamd using:
CHECK SPAMC/1.2\r\n
I'm getting the expected response such as:
Spam: False ; -1.8 / 4.0
I am trying to figure out how to get the TESTS= results of the individual tests
returned as well.
(e.g.tests=[AWL=-1.103, BAYES_00=-2.599,
HTML_MESSAGE=0.001,URIBL_BLACK=1.955,
really reading the file?
On 7/8/2017 2:14 PM, Jerry Malcolm wrote:
Thanks for the info. Unfortunately, I don't have a clue how to
interpret a regex expression. I couldn't find any reference to
mbox_format_from_regex in the 3.1.x Mail::SpamAssassin::Conf that came
up when I google
2017
Can someone who speaks regex tell me if this syntax is my problem, and
if so, point me to where I can find the correct regex that matches this
that I can copy/paste?
Thanks.
Jerry
On 7/8/2017 8:45 AM, RW wrote:
On Sat, 8 Jul 2017 01:57:47 -0500
Jerry Malcolm wrote:
Below is a co
Below is a complete log dump from the -D option on sa-learn. I am
really curious that the file name I passed in is never even mentioned in
the log. Is that expected? Do I have some sort of syntax error passing
the mbox filename in? Here's the command:
[C:\Program Files\JAM Software\Spam
My client mail repository is in a sql db and is not an option for
sa-learn to read directly. That's fine. I wrote a utility that reads
all the mail out of the uncaught-spam folder from my db and creates an
mbox folder using the mstor java package. The mbox file gets created
with no problem.
On 8/18/2016 8:34 PM, jdow wrote:
On 2016-08-18 17:11, RW wrote:
On Thu, 18 Aug 2016 18:14:47 -0500
Jerry Malcolm wrote:
I'm still trying to see why I'm not getting the report back. I've
gone all the way back to the source code that does the streaming of
the spamd invocat
On 8/18/2016 2:15 PM, Bowie Bailey wrote:
On 8/18/2016 3:05 PM, Jerry Malcolm wrote:
On 8/18/2016 1:45 PM, Bowie Bailey wrote:
On 8/18/2016 2:21 PM, li...@rhsoft.net wrote:
Am 18.08.2016 um 20:18 schrieb Jerry Malcolm:
This is the X-Spam-Status header I got back on an uncaught spam. No
On 8/18/2016 5:39 PM, Benny Pedersen wrote:
On 2016-08-18 21:08, Jerry Malcolm wrote:
Hmm. I do not have any forwarding statements. Is there a way via
command line (e.g. nslookup, etc) that I can determine if BIND is
recursing or forwarding? I assume that might be in the SA report
header
On 8/18/2016 1:50 PM, li...@rhsoft.net wrote:
Am 18.08.2016 um 20:48 schrieb Jerry Malcolm:
This is encouraging. I looked up how to set recursion in Bind. It
looks like it's just requires adding a field to the options:
|allow-recursion { any; }; |But it lists other options such as
On 8/18/2016 1:45 PM, Bowie Bailey wrote:
On 8/18/2016 2:21 PM, li...@rhsoft.net wrote:
Am 18.08.2016 um 20:18 schrieb Jerry Malcolm:
This is the X-Spam-Status header I got back on an uncaught spam. No,
hits=0.3 required=5.0. The spam was selling an all-in-one charger
we need the *report
On 8/18/2016 1:35 PM, Joe Quinn wrote:
On 8/18/2016 2:27 PM, Jerry Malcolm wrote:
I haven't figured out a way to get Thunderbird to allow me to
copy/paste the headers. But I did look at all of the headers. There
are no headers in the email with names like you mentioned. There is
only
On 8/18/2016 1:23 PM, Benny Pedersen wrote:
On 2016-08-18 20:10, Jerry Malcolm wrote:
Here is a pastebin.com link to an example uncaught spam message. SA
scored it a 4.7. http://pastebin.com/T1CfVgP4
MISSING_DATE: 1.00
DCC_BULK: 2.00
MISSING_TO: 2.00
MISSING_MID: 2.50
MISSING_SUBJECT: 2.00
On 8/18/2016 1:17 PM, li...@rhsoft.net wrote:
Am 18.08.2016 um 20:10 schrieb Jerry Malcolm:
Here is a pastebin.com link to an example uncaught spam message. SA
scored it a 4.7. http://pastebin.com/T1CfVgP4
useless without any headers which would show the matching rules
including major
On 8/18/2016 12:16 PM, John Hardin wrote:
On Thu, 18 Aug 2016, Jerry Malcolm wrote:
I installed the latest SpamAssassin In a Box yesterday (Win Server
2008 r2). I kept all of the defaults. It is up and running. But I'm
getting a huge amount of spam, and I mean 'obvious'
d and can start training myself?
Here is a pastebin.com link to an example uncaught spam message. SA
scored it a 4.7. http://pastebin.com/T1CfVgP4
Thanks,
Jerry
On 8/18/2016 11:59 AM, Axb wrote:
On 08/18/2016 06:47 PM, Jerry Malcolm wrote:
I installed the latest SpamAssassin In a Box yesterd
I installed the latest SpamAssassin In a Box yesterday (Win Server 2008
r2). I kept all of the defaults. It is up and running. But I'm
getting a huge amount of spam, and I mean 'obvious' spam mentioning body
parts in the subject line that are getting low scores (averaging
about 15 uncaug
79 matches
Mail list logo
