ding users who wish to communicate with your users.
- by raising the "cost" of sending legitimate mail to your users, you
will of course receive less legitimate mail along with less spam.
- for business transactions this costs business/money; eg. if faced
with such a system upon initial contact, I myself would choose to not
"click the link" and merely go to a competitor if there are other
reasonably equivalent businesses. not an absolute deal breaker, but
definitely a strong turn-off.
--
Jesse Norell
Kentec Communications, Inc.
970-522-8107 - www.kci.net
training
might handle things better.
--
Jesse Norell
Kentec Communications, Inc.
970-522-8107 - www.kci.net
gt; 1524003783.H176971P29357.netcup.bokomoko.de\:2\,S
> > > > > [...]
> > > > > Apr 18 18:49:52.980 [5164] dbg: config: using
> > > > > "/home/rd/.spamassassin/
> > > > > user_prefs" for user prefs file
> > > > > Apr 18 18:49:52.980 [5164] dbg: config: read file
> > > > > /home/rd/.spamassassin/
> > > > > user_prefs
> > > > > Apr 18 18:49:52.981 [5164] dbg: plugin: loading
> > > > > Mail::SpamAssassin::Plugin::URIDNSBL from @INC
> > > > > Apr 18 18:49:52.986 [5164] dbg: plugin: loading
> > > > > Mail::SpamAssassin::Plugin::Hashcash from @INC
> > > > > Apr 18 18:49:52.995 [5164] dbg: plugin: loading
> > > > > Mail::SpamAssassin::Plugin::SPF from @INC
> > > > > [...]
> > > > > Apr 18 18:50:11.222 [5164] info: reporter: spam reported to
> > > > > SpamCop
> > > > > 1 message(s) examined.
> > > > > Apr 18 18:50:11.301 [5164] dbg: plugin:
> > > > > Mail::SpamAssassin::Plugin::MIMEHeader=HASH(0x372cf68)
> > > > > implements
> > > > > 'finish_tests', priority 0
> > > > > Apr 18 18:50:11.301 [5164] dbg: plugin:
> > > > > Mail::SpamAssassin::Plugin::Check=HASH(0x372d220) implements
> > > > > 'finish_tests',
> > > > > priority 0
> > > > >
> > > > > It almost seems that a prefix is missing when running through
> > > > > inotifywait.
> > > > >
> > > > > Any hint is welcome :-)
> > > > >
> > > > > Many thanks
> > > > > Rainer
> > > > >
> > > > > --
> > > > > Rainer Dorsch
> > > > > http://bokomoko.de/
>
--
Jesse Norell
Kentec Communications, Inc.
970-522-8107 - www.kci.net
t let them send as attachment, pop then handle their attachments
> in windows, then auto-feed them myself (as attachment again).
> b) let them send as attachment to a imap account, where I can
> "unattach" inspect, and put in ham/spam imap folders then train from
> those.
>
--
Jesse Norell
Kentec Communications, Inc.
970-522-8107 - www.kci.net
aining users to forward as attachment, then piecing things back
together.
If that's an option you'll pursue and you can use dovecot as your imap
server, check out https://github.com/jnorell/train-spam-scanner as a
training script. It's designed for exactly the goals you have in mind,
ie. users supplying training messages which can be moderated and built
into a corpus.
--
Jesse Norell
Kentec Communications, Inc.
970-522-8107 - www.kci.net
esolve this issue?
>
> On 6/22/2017 2:49 PM, Jesse Norell wrote:
> > Hello,
> >
> > I'm working on converting a spam training script/setup which works with
> > bayes dbm files to support sql bayes, and came across an error in the
> > grants in the README.ba
ssage the first time issued
19 queries - relearning the same message as the same time issued 41
queries.)
My guess is the current state of things is: could be improved, maybe
file an rfe ?
Thanks...
On Wed, 2017-07-12 at 17:40 -0600, Jesse Norell wrote:
> One thing pointing to maybe a need
as did
Marc - maybe worth looking into implementing in spamassassin?
Does masscheck automate meta rule creation? (ie. not just generate
scores) Not the full "evolution filter" idea which would have to run on
the endpoint, but that would benefit everyone via rule updates.
--
Jesse Norell
Kentec Communications, Inc.
970-522-8107 - www.kci.net
p table.
On Wed, 2017-07-12 at 09:59 -0600, Jesse Norell wrote:
> Hello,
>
> I have txrep data in a mysql database, and am working on a training
> script to run sa-learn; with bayes also in MySQL and a corpus size of
> 5279 nspam and 849 nham, sa-learn takes a full 2 hours
area?
Thanks,
--
Jesse Norell
Kentec Communications, Inc.
970-522-8107 - www.kci.net
nks,
Jesse
(I've been waiting a few hours on a bugzilla email so haven't yet added
this to the bug tracker.)
--
Jesse Norell
Kentec Communications, Inc.
970-522-8107 - www.kci.net
sses
out results that aren't confident (nearly 100% ham or spam); it utilizes
Redis Sets for set logic/operations. If you are creating a plugin for
these phishing emails, it may be an avenue to pursue; it sounds like it
works quite well (when trained with a large ham/spam corpus).
--
Jesse Norell
Kentec Communications, Inc.
970-522-8107 - www.kci.net
h
is the same user that the scanner runs as.
--
Jesse Norell
Kentec Communications, Inc.
970-522-8107 - www.kci.net
On Mon, 2016-01-11 at 13:32 -0700, Jesse Norell wrote:
> On Mon, 2016-01-11 at 22:12 +0200, D CATALIN BADIRCA wrote:
> > Hi,
> >
> >
> > I am using with Postfix 10.2-RELEASE-p7 with Postfix 3.0.3 and I am
> > trying to configure Spamassassin into my system.
>
ilure. Command output: pipe: fatal: pipe_command:
> execvp /home/spamd/spamfilter.sh: No such file or directory )
>
>
> Has anyone seen this and can help me out with an idea ?
>
>
> Thank you very much !
/home/spamd/spamfilter.sh: No such file or directory
sounds like you simply have the filename misspelled or in the wrong
directory?
--
Jesse Norell
Kentec Communications, Inc.
970-522-8107 - www.kci.net
>
> > a) Did any of you see similar?
> yes!
>
> > b) Do you have any suggestions in order to detect this kind of stuff
> more
> > efficiently and on a more generic basis but without introducing FP
> risk?
>
> Get a decent AV.
>
> Test samp
file for Dovecot but right now I've got seven commented
> out configurations none of which have either worked or in the case of
> five produced any logging information.
>
> If anyone has this working i'd appreciate knowing about it.
>
> Thanks.
> Dave.
--
Jesse Norell
Kentec Communications, Inc.
970-522-8107 - www.kci.net
On Wed, 2014-09-17 at 16:47 +0200, Axb wrote:
> On 09/17/2014 04:27 PM, Jesse Norell wrote:
>
>
>
> >Just a thought - maybe a config setting to not do automatic bayes
> > training for a give from/to addr would be more appropriate? Say a meta
> > rule (more a
_IN_MOST_SPAM_FROM
> >> eval:check_from('USER_IN_MOST_SPAM_FROM')
> >>
> >> score USER_IN_ALMOST_ALL_SPAM_FROM -6
> >> header USER_IN_ALMOST_ALL_SPAM_FROM
> >> eval:check_from('USER_IN_ALMOST_ALL_SPAM_FROM')
> >
> > The terminology seems a bit defeatist. Would you really let through
> > almost all spam at a threshold of 11.0?
>
> forget the terminology and the score points
>
> the point what i am asking for is removed in the quote:
>
> * implement several "WL" score levels based on sender
> * implement several "WL" score levels based on RCPT
>
--
Jesse Norell
Kentec Communications, Inc.
970-522-8107 - www.kci.net
On Wed, 2014-09-10 at 13:10 -0400, Kevin A. McGrail wrote:
> On 9/10/2014 12:59 PM, Jesse Norell wrote:
> > Is there any reason you should not use MSPIKE in versions older than
> > 3.4.0?
> >
> > Eg. on debian box with 3.3.2, I have 20_mailspike.cf; I commented the
&g
that just there to try to persuade people towards upgrading versions?
Thanks,
--
Jesse Norell
Kentec Communications, Inc.
970-522-8107 - www.kci.net
On Thu, 2014-09-04 at 13:04 +0200, Matus UHLAR - fantomas wrote:
> On 03.09.14 15:13, Jesse Norell wrote:
> > Both today and in the past I've looked at some FP's that scored very
> >high on AWL. At least today I dug up the old messages that caused AWL
> >to get o
On Wed, 2014-09-03 at 23:36 +0200, Axb wrote:
> On 09/03/2014 11:17 PM, Jesse Norell wrote:
> > Hello,
> >
> >Looking at recent botnet spam, comparing messages from one day to the
> > next, I see new URL's being advertised that resolve to the same IP
> >
hat, you would have to write a plugin?
Thanks,
Jesse
--
Jesse Norell
Kentec Communications, Inc.
970-522-8107 - www.kci.net
rained wouldn't hurt. Likewise, FN should adjust AWL upwards on manual
training, no?
--
Jesse Norell
Kentec Communications, Inc.
970-522-8107 - www.kci.net
25 matches
Mail list logo
