On 12/30/2005 09:15 pm, Jerry wrote:
> My mail program also has the ability to filter out messages before they are
> delivered based on who it is from, subject, and server it was delivered
> from. Does anyone have a list of the most common subjects for spams?
> Possibly if someone can do an export
On 12/27/2005 08:10 pm, Matt Kettler wrote:
> Why bother? SA isn't confused by them. No sane spamassassin setup would
> ever have this problem. Period.
>
> The problem lies in a user intentionally trying to bypass SA for already
> scanned mail. The fix lies in not doing something so foolish in the
On 12/27/2005 07:51 pm, James Lay wrote:
> The link on: http://www.openspf.org/downloads.html pointing to
> LMAP::CID2SPF seems to be working now.
>
> James
Thanks for the link, I was unable to locate the module.
8)
On 12/27/2005 07:27 pm, Theo Van Dinter wrote:
> On Tue, Dec 27, 2005 at 07:23:38PM +0000, Pollywog wrote:
> > What does this error mean? Am I missing something?
> >
> > Dec 27 18:47:31 lilypad spamd[3532]: Can't locate LMAP/CID2SPF.pm in @INC
> > (@INC
> >
On 12/27/2005 02:56 pm, Matt Kettler wrote:
> At 08:48 AM 12/27/2005, Jonn R Taylor wrote:
> >How can I make this go thourgh SA when it thinks it allready has
>
> Why wouldn't it go through SA?
>
> SA doesn't have any built-in behaviors that will prevent it from
> re-scanning a message.
I had
What does this error mean? Am I missing something?
Dec 27 18:47:31 lilypad spamd[3532]: Can't locate LMAP/CID2SPF.pm in @INC
(@INC
contains: ../lib /usr/share/perl5 /etc/perl /usr/local/lib/perl/5.8.4
/usr/local/share/perl/5.8.4 /usr/lib/perl5 /usr/lib/perl/5.8
/usr/share/perl/5.8 /usr/local/
On 12/17/2005 07:19 pm, Matt Kettler wrote:
> Spammers of any decent sophistication have rather extensive networks of
> zombies at their disposal that the can co-ordinate.
>
> Does this surprise you at all?
Yes, because spammers are stupid and I had not seen this sort of distributed
spamming bef
For about two weeks, I have noticed something very odd. I get connections
from mail servers (mostly in Germany) and each server tries to send one spam
to a nonexistent user, then a different server (often at a university in
Germany) will try with a different recipient, then a few seconds later,
On 12/15/2005 08:09 pm, Nick Leverton wrote:
> On Thu, Dec 15, 2005 at 11:22:49AM -0800, Michael Parker wrote:
> > Pollywog wrote:
> > > Since installing DomainKeys, I have been getting this error in my logs:
> > >
> > > Can't locate Crypt/OpenSSL/Bignu
I have been having a few problems with DomainKeys esp in Postfix but
apparently its days are numbered and a successor is coming in the form of
DomainKeys Identified Mail. I will probably move Postfix back to its
previous configuration and have use of the DISCARD setting since DomainKeys
will n
Since installing DomainKeys, I have been getting this error in my logs:
Can't locate Crypt/OpenSSL/Bignum.pm in @INC (@INC
contains: ../lib /usr/share/perl5 /etc/perl /usr/local/lib/perl/5.8.4
/usr/local/share/perl/5.8.4 /usr/lib/perl5 /usr/lib/perl/5.8
/usr/share/perl/5.8 /usr/local/lib/site_p
On 12/15/2005 06:09 pm, Jonathan Nichols wrote:
> Ok, I gave it a shot..
>
> This rule *does* work.
>
> uri GEOCITIES /^http:\/\/[a-z0-9-]{1,30}\.geocities\.com\b/i
> describe GEOCITIESHigh amounts of spam from Geocities.
> score GEOCITIES 6.01
>
Have you tried the 70_sare_sp
On 12/14/2005 11:31 am, Kai Schaetzl wrote:
> Pollywog wrote on Tue, 13 Dec 2005 23:35:25 +:
> > Is it just a problem for Yahoo domains?
>
> I didn't know of any other domains doing this. Now that I know gmail does
> it as well I can look out for gmail mails ...
>
On 12/13/2005 11:35 pm, Pollywog wrote:
>
> I had set up Postfix to check incoming mails for DK sigs but when I did
> that, I was no longer able to DISCARD emails sent by known spammers and
> spam networks. That was not acceptable, so SpamAssassin provides me with
> another
On 12/13/2005 10:31 pm, Kai Schaetzl wrote:
> Sm wrote on Tue, 13 Dec 2005 12:41:09 -0800:
> > Yes, it should match the sending domain. You should verify the
> > Sender: header as well.
>
> Well, the *Sender* domain does match, but not the envelope from or the
> header from. I don't know what SA u
On 12/13/2005 12:31 am, Kai Schaetzl wrote:
> Pollywog wrote on Tue, 13 Dec 2005 00:12:06 +:
> > It would seem that the problem is something other than the plugin,
> > perhaps my PERL installation.
>
> No, it just seems that the early suggestion to install Mail::DomainKey
On 12/13/2005 12:17 am, [EMAIL PROTECTED] wrote:
> Pollywog wrote:
> >> perl -MMail::DomainKeys -e 'print $Mail::DomainKeys::VERSION'
> >
> > [EMAIL PROTECTED]:~$ perl -MMail::DomainKeys -e 'print
> > $Mail::DomainKeys::VERSION'
> > Can'
On 12/13/2005 12:08 am, [EMAIL PROTECTED] wrote:
> Pollywog wrote:
> > On 12/12/2005 11:50 pm, [EMAIL PROTECTED] wrote:
> >> Pollywog wrote:
> >>> /usr/share/perl5/Mail/SpamAssassin/Plugin/DomainKeys.pm
> >>>
> >>> That is the file I patched
On 12/12/2005 11:50 pm, [EMAIL PROTECTED] wrote:
> Pollywog wrote:
> > /usr/share/perl5/Mail/SpamAssassin/Plugin/DomainKeys.pm
> >
> > That is the file I patched and there were no errors.
>
> Have you looked at the .pm file and verified that the new code is in place?
&
On 12/12/2005 11:13 pm, Kai Schaetzl wrote:
> Pollywog wrote on Mon, 12 Dec 2005 22:29:29 +:
> > I applied it to the DomainKeys.pm file... was that incorrect?
>
> It will patch against this path:
> lib/Mail/SpamAssassin/Plugin/DomainKeys.pm
> from the root of your source
On 12/12/2005 09:13 pm, Kai Schaetzl wrote:
> Pollywog wrote on Mon, 12 Dec 2005 20:05:40 +:
> > Perhaps something is broken on the Yahoo side.
>
> Don't think so. I used the two auto-responders at
> http://www.elandsys.com/resources/sendmail/domainkeys.html
> to tr
On 12/12/2005 07:58 pm, Kai Schaetzl wrote:
> Kai Schaetzl wrote on Mon, 12 Dec 2005 20:01:08 +0100:
> > Ok, patch run worked flawless. Now let's see if I get a different result
> > next time I get a mail from Yahoo.
>
> Still getting "message has an unverified signature". Hm?
Perhaps something is
On 12/12/2005 06:36 pm, Pollywog wrote:
> Same as before the patch. I am using Spamassassin 3.1.0a-1 from a Debian
> "Sarge" package compiled and installed on a Xandros 3 system.
>
I think it is from Debian "unstable" not Sarge.
Yes, they call it unstable for a reason :)
8)
On 12/12/2005 06:08 pm, [EMAIL PROTECTED] wrote:
> Kai Schaetzl wrote:
> > I enabled the DomainKeys plugin
>
> ...
>
> > Shouldn't it be able to verify the signature? Do I need to have an
> > additional Perl module or some local certificate store?
>
> Yup, and it works for me. But Mail::DomainKeys
On 12/12/2005 01:31 pm, Kai Schaetzl wrote:
> I enabled the DomainKeys plugin way back, but didn't have much to play for
> it. Now I'm subscribed to a group at yahoogroups.com and am getting mails
> from Yahoo with:
>
> DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=lima;
> d=yahoogroups.com; b
On 12/11/2005 08:31 pm, Kai Schaetzl wrote:
> Pollywog wrote on Sun, 11 Dec 2005 17:42:38 +:
> > they do use different names for
> > their files
>
> well, not according to his posting.
The only thing I could think of to deal with it was to add a Maildrop rule to
send s
On 12/11/2005 07:27 pm, Daryl C. W. O'Shea wrote:
> SickBoy wrote:
> > Pollywog wrote:
> >> I checked another machine that has not been patched and is also running
> >> the same software versions and there were no errors there, which
> >> surprised me
On 12/11/2005 06:46 pm, SickBoy wrote:
>
> In the time of our lil' conversation pyzor got back from dead and it's
> functioning properly now.
>
> The thing I ment was that the pyzor suddenly died few days ago, and
> finnaly got back this afternoon; applying a patch has nothing to do with
> the ser
On 12/11/2005 11:13 am, SickBoy wrote:
> pyzor -d ping
Mine says this, but I applied the 3 in 1 patch that I learned about in this
thread:
sending: 'User: anonymous\nTime: 1134325707\nSig:
177d0df77c0b91197da93b41c85c4f5f3d9b823b\n\nOp: ping\nThread: 31207\nPV:
2.0\n\n'
received: 'Thread: 312
On 12/11/2005 05:31 pm, Kai Schaetzl wrote:
> Craig Zeigler wrote on Sun, 11 Dec 2005 11:11:15 -0500:
> > The filename is Part 1.1.jpg.
>
> Use MailScanner or another tool to reject/delete mail with that name. If
> it is coming from zombies, just disallow zombies at MTA level. Not
> everything anti
On 12/11/2005 04:11 pm, Craig Zeigler wrote:
> I have been getting hundreds of these messages per day and don't know
> how to stop them. The bayes is only come back at 60%.
>
> They are the messages advertising drugs with a random subject (yes, I
> know, one of the many) The filename is Part 1.1.jp
On 12/11/2005 03:35 am, Chris wrote:
> You can obtain a patch for that here that takes care of that problem:
>
> From http://bugzilla.spamassassin.org/show_bug.cgi?id=4580
>
> To make it simple, I have combined those 3 patches into 1...
> http://www.engelken.net/download/pyzor.patch
>
> Just cd to
On 12/11/2005 03:06 am, Chris wrote:
> This may be OT, but has anyone noticed that pyzor has been timeing out for
> the past three days? If so, anyone have any idea as to why?
I have been seeing this in my logs:
pyzor: check failed: internal error
I upgraded Spamassassin to version 3.1 about 3
On 12/06/2005 12:27 am, Matt Kettler wrote:
> David Buttrick wrote:
> > Is there a control for the permissions on the bayes_journal file?
> >
> > I'm using a shared bayes db, and users do not have permissiosn on the
> > file because it is created chmod 600.
> >
> > Is there something i can do in th
On 12/05/2005 08:26 pm, [EMAIL PROTECTED] wrote:
> Where do I adjust this?
>
> on 12/5/05 3:22 PM, Matt Kettler at [EMAIL PROTECTED] wrote:
> > bayes_expiry_max_db_size
http://spamassassin.apache.org/full/2.6x/dist/doc/sa-learn.html
has the details
On 12/05/2005 07:02 pm, [EMAIL PROTECTED] wrote:
>
> I did a search on that and saw this:
>
> DCC
> Turn off IPv6 for dcc by editing the /etc/dcc/map.txt file:
>
> # turn off ipv6
> # http://www.rhyolite.com/pipermail/dcc/2005/002631.html
> IPv6 off
>
> # public DCC servers
> dcc1.dcc-servers.net
I have told Spamassassin to do DCC checks but I am seeing this in my logs:
dccproc[55]: socket(UDP): Address family not supported by protocol
What is causing that error?
8)
On 12/04/2005 11:18 pm, Tyler Nally wrote:
> On Sunday 04 December 2005 05:59 pm, Pollywog wrote:
> > I do that as well and have no problem, but when I use the fetchmail as
> > shown at the URL I posted (the command goes into a crontab), fetchmail
> > can't find the IM
On 12/04/2005 10:48 pm, Tyler Nally wrote:
> On Sunday 04 December 2005 05:08 pm, Pollywog wrote:
> > That did not do it, but I think you are close, that is is something along
> > those lines. I think the instructions I followed are not intended for
> > Courier but for Cyru
On 12/04/2005 09:55 pm, Tyler Nally wrote:
> On Sunday 04 December 2005 03:29 pm, Pollywog wrote:
> > I forgot one thing that might be important: I am using Courier IMAP, not
> > Cyrus
> >
> > courier-imap 3.0.8-4
> > courier-maildrop 0.47-4
>
> Courier doe
On 12/04/2005 08:16 pm, Pollywog wrote:
> I am running Spamassassin 3.0.2 and Fetchmail 6.2.5 on Xandros, which is
> similar to Debian "Sarge".
>
> I followed the directions in the Spamassassin wiki at
> http://wiki.apache.org/spamassassin/SingleUserUnixInstall
> un
I am running Spamassassin 3.0.2 and Fetchmail 6.2.5 on Xandros, which is
similar to Debian "Sarge".
I followed the directions in the Spamassassin wiki at
http://wiki.apache.org/spamassassin/SingleUserUnixInstall
under the section "Enable IMAP LearnAsSpam folder".
The problem is that no matter h
; by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 04 Dec 2005 11:22:52
> -0800 X-ASF-Spam-Status: No, hits=2.8 required=10.0
> tests=EMPTY_MESSAGE,MISSING_SUBJECT
> X-Spam-Check-By: apache.org
> Received-SPF: neutral (asf.osuosl.org: local policy)
> Received: from [68.142.
43 matches
Mail list logo
