I have seen a few posts with people complaining about spam from gmail (often
linking to blogspot pages) which no existing rules catch, and have had a
number of these myself. This is only a small fraction of the spam I am
seeing, but it is anoying none-the-less!
NOTE: I am not a particulally good
Not sure if this will be of any use to anyone else, of if it can be made to
work with anything other than Exim, but here is the first draft of a script
to generate a whitelist based on outgoing email! I have had it running on a
server (for the last 2 months) handeling 20,000 emails a week for a va
Not that I am aware of...
The complication with this would be the order in which tests are carrierd
out - you might have a genuine email which hits some good and some bad
tests, and if the bad tests are hit first then you might have a problem!
However it is a feature I would like to see as it co
SpamD seems to die every now and again (every couple of days) and though I
have a script which checks regularly for various key services and restarts
them if they are missing, it is letting a couple of spam through each
time...
The error message I am getting in my maillog when this happens is:
s
If you want to reduce the spam you get which claims to be from the bat then
do the following:
Create a rule which looks for the bat as a header with a 0.001 score.
Create a meta rule which looks for email which is caught by the above rule
AND hits Bayes_99 AND/OR (you choose based on how worried
You already can - try this in your local.cf:
rewrite_header Subject SPAM [_STARS(X)_]
This will give you somthing which looks like:
SPAM [X] Some Dodgy Subject
You can also put in the actual numeric score (rather than a number of X's
which equals the whole number part of the score) but
You need to either get him to change the way he sends his emails or adjust
your scores!
If he is sending directly from a dynamic IP address then he will be blocked
by a lot of peoples filters - for instance there is no chance of his emails
being accepted by AOL!
The way round this is for him to
Site Wide Bayes or Per User Bayes?
This is somthing I have been thinking about and thought I would share to see
what other people think...
Site wide bayes has one database. Per User bayes has one per user or domain
(depending on how your server is configured). For example if you have 40
users wi
I am playing with the Short Circuit plugin to speed up scanning (by skipping
Network Tests on obviously good emails) and wanted to be able to query the
AWL as part of this as I don't want to Short Circuit on BAYES_00 alone.
i.e.
Short Circuit as HAM if both BAYES_00 & AWL fire.
I tried this:
p
You need to set a high priority for the meta rules as otherwise they are
evaluated BEFORE the ClamAV plugin is used (I think?). I am not an expert in
how SA works, but I eventually came up with the following solution (for
using several different 3rd party clamav signatures):
This is my clamav.cf
I have found SaneSecurity definitions to be VERY good - they hit about 60% of
my SPAM which is incredible given that they only match exact results (they
are not fuzzy). However this high percentage may be beacuse I am based in
the UK as is the author of the sanesecurity definitions. Also they tend
http://www.dnswl.org/
http://wiki.ctyme.com/index.php/Spam_DNS_Lists
Both work well IMHO
Ramprasad wrote:
>
> There are quite a few domain you can trust not to send spam.
> For example the airlines, the banks , and a lot others like
> spamassassin.apache.org :-)
>
> If mails from these dom
Is the following easy to do? I am a bt of a Linux novice I'm afraid...
I have tried discarding at SMTP with ClamAV and Exim, and scanning in SA
using the ClamAV plugin, but wasn't 100% happy with either solution (for the
reasons you give).
Any pointers would be greatfully accepted!
>We do, an I
There is a SpamAssassin plugin which checks messages with ClamAV, which adds
the following header to emails it processes:
X-Spam-Virus: Yes ($VirusName)
http://wiki.apache.org/spamassassin/ClamAVPlugin
By default you can set a score in its clamav.cf file:
score CLAMAV 10
I am currently testin
Assuming that you have managed to get SA to add headers to messages which is
thinks are spam, and are looking to add a header to ALL messages so you can
see what rules are firing on your HAM, then you can do the following. This
may not be what you are after, but may be of some use!
edit your loca
Though BotNet is VERY effective in catching SPAM, the default score of 5 is
way too high IMHO.
With a well trained BAYES, using a selected list of RBLs and URIBLs for
scoring, the SARE rules, and some custom rules of my own I am confident that
I am catching well over 90% of the SPAM hitting my se
EDIT: My mistake - the URIBLs are listed in two different places in the 3.2.1
rules table! However URIBL_BLACK does seem to be listed twice with different
names and scores...
I have just been picking through some of the changes in 3.2.1 (having just
installed it) to see what impact this will have
17 matches
Mail list logo
