s change
(https://svn.apache.org/viewvc/spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf?r1=1857655&r2=1857654&pathrev=1857655)
and comparing that to the code currently running on my mail servers.
Is there any easier way to verify that a specific commit is in my currently
running rule set?
Mike Ray
- Original Message -
> On 08/11/2016 06:03 PM, Mike Ray wrote:
> <.snip.>
>
> >
> >
> > However, after I had sent that message, I decided to play around a
> > bit. I had rearranged existing rules in the file yesterday to make
> > su
- Original Message -
> On Wed, 2016-08-10 at 17:04 -0500, Mike Ray wrote:
> > Hello all-
> >
> > Must be doing something stupid here, but could use a second set of
> > eyes and persons more knowledgeable than myself.
> >
> > None of my header c
t; to match the whole address with no success.
Anyone see what I'm missing?
Thanks,
Mike Ray
Hi all,
I updated to 3.3.1 last week. The capture rate went way up, which is good,
but... I am now getting complaints that "legit" Hotmail is getting tagged
pretty much for every email coming in.
What would be the recommended way to dial down the Hotmail detection?
Thanks!
Ray Dz
know about you, but that is always
a red flag in my world. Before I even get past the first paragraph it already
smells like a "shakedown".
But...
My real question is how badly is my SA environment going to be impacted by
turning URIBL off? What increase in spam should I expect?
Ray
e, so it seemed worthwhile to at least check and
see if this was possible.
Thanks in advance for any help, advice, etc.
Randy
--
"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
Randy J. Ray Oodle, Inc. http://www.oodle.com
rj...@corp.oodle.com
Justin Mason jmason.org> writes:
> On Mon, Mar 2, 2009 at 22:13, Roger Marquis roble.com> wrote:
> > David Morton wrote:
> >>>
> >>> As full time mail/systems admins we get invaluable data from
> >>> tripwire/integrit, 'postconf -n', dconf, 'rpm -qa', 'dpkg -l \*',
> >>> 'pkg_info -a', ... whose
Karsten Bräckelmann rudersport.de> writes:
> You must not assume or allow for mis-spelled configuration keywords or
> otherwise illegal syntax. Just lint check. If it comes back clean, all
> is good. If it doesn't, you NEED to fix it anyway.
I don't have privs, and conceivably a misspelling isn'
Karsten Bräckelmann rudersport.de> writes:
> > just local.cf, IIUC, but potentially any of the 47 files in my hosting
> > provider's /usr/share/spamassassin and /etc/mail/spamassassin dirs (or any
>
> Aah... no. :) The stuff in /usr/share/spamassassin (granted, plus the .pre
> files) is exactly
Karsten Bräckelmann rudersport.de> writes:
> On Thu, 2009-02-26 at 16:12 +0000, Ray wrote:
> > Is there a feature like PostFix's `postconf` to display the currently
> > parsed
> > and calculated config?
>
> That pretty much equals your local.cf, no?
No, th
Is there a feature like PostFix's `postconf` to display the currently parsed and
calculated config?
If not, how do I submit a feature request?
Thanks,
RSK
RW googlemail.com> writes:
> On Wed, 18 Feb 2009 23:00:03 + (UTC)
> Ray misinformation.org> wrote:
> > * How do I determine what the current SA config is?
>
> The locations where spamassassin looks for configuration are listed in
> the main manpage.
I managed t
I just moved to a new hosting provider who has Spamassassin 3.2.4 running (on
some kind of Linux, 2.6.18-92.1.22.el5) and I'm otherwise unfamiliar with SA.
I'd like some degree of control over what SA is doing, but config for this is
proving confusing for me.
Ideally if I could get SA just to mark
Ray Jette wrote:
Sorry if this is off topic. I am using a Microsoft DNS server. I am
putting a big load on it with Mailscanner / Spamassassin and MTA
RBL's. Would you recommend that I use a local BIND Cache server? Does
anyone have any good resources as to how to set this up?
I
John Hardin wrote:
On Fri, 2008-12-05 at 10:53 -0500, Ray Jette wrote:
Now I want to be able to view the bind cache so
I can verify that it is caching records. I have searched all over the
Internet with no luck. At most, I can find that the cache is stored in RAM.
run "man
Martin Gregorie wrote:
On Fri, 2008-12-05 at 10:04 -0500, Ray Jette wrote:
Sorry if this is off topic. I am using a Microsoft DNS server. I am
putting a big load on it with Mailscanner / Spamassassin and MTA RBL's.
Would you recommend that I use a local BIND Cache server? Does anyone
Ray Jette wrote:
Sorry if this is off topic. I am using a Microsoft DNS server. I am
putting a big load on it with Mailscanner / Spamassassin and MTA
RBL's. Would you recommend that I use a local BIND Cache server? Does
anyone have any good resources as to how to set this up?
I
Jack Pepper wrote:
Have a look at Black hole DNS. http://www.malwaredomains.com
jp
Quoting Ray Jette <[EMAIL PROTECTED]>:
Sorry if this is off topic. I am using a Microsoft DNS server. I am
putting a big load on it with Mailscanner / Spamassassin and MTA
RBL's. Would you recom
r the help.
Ray
Ray Jette wrote:
mouss wrote:
Ray Jette a écrit :
Karsten Bräckelmann wrote:
Back on-list.
On Tue, 2008-12-02 at 13:40 -0500, Ray Jette wrote:
Yes, and it does match case insensitively.
I guess the issue is with your testing environment. How are you
testing
the rule, err
John Hardin wrote:
On Thu, 4 Dec 2008, Ray Jette wrote:
A lot of these rules look good but not appear to work for what I am
trying to do. Sorry about all the trouble. I'm not realy that good at
regular expressions but I am learning. Here are some real examples
from my mail s
Ray Jette wrote:
Bowie Bailey wrote:
Ray Jette wrote:
Bowie Bailey wrote:
Ray Jette wrote:
Good morning,
I am trying to write a negative scoring rule that files on the
following: PO PO#
PO #
Following is the rule I am using:
header PO_AND_ORDERSSubject =~ /\bPO*?#?/i
Bowie Bailey wrote:
Ray Jette wrote:
Bowie Bailey wrote:
Ray Jette wrote:
Good morning,
I am trying to write a negative scoring rule that files on the
following: PO PO#
PO #
Following is the rule I am using:
header PO_AND_ORDERSSubject =~ /\bPO*?#?/i
score
mouss wrote:
Ray Jette a écrit :
Karsten Bräckelmann wrote:
Back on-list.
On Tue, 2008-12-02 at 13:40 -0500, Ray Jette wrote:
Yes, and it does match case insensitively.
I guess the issue is with your testing environment. How are you testing
the rule, err, regexp for a rule
mouss wrote:
Ray Jette a écrit :
Karsten Bräckelmann wrote:
Back on-list.
On Tue, 2008-12-02 at 13:40 -0500, Ray Jette wrote:
Yes, and it does match case insensitively.
I guess the issue is with your testing environment. How are you testing
the rule, err, regexp for a rule
Karsten Bräckelmann wrote:
On Tue, 2008-12-02 at 14:06 -0500, Ray Jette wrote:
[ *snipp* ]
I reset the daemon. How do I cann spamassassin with the message. I'm not
sure how to create a message from the server with out sending one.
If all else fails, just save the message out of
Karsten Bräckelmann wrote:
Back on-list.
On Tue, 2008-12-02 at 13:40 -0500, Ray Jette wrote:
Yes, and it does match case insensitively.
I guess the issue is with your testing environment. How are you testing
the rule, err, regexp for a rule?
I sent to messages from yahoo. One with a
Matt Garretson wrote:
Ray Jette wrote:
PO
PO
PO#
PO#
PO #
PO #
Try:
Subject =~ /PO ?\#? ?\d+/i
If you don't need case insensitivity, remove the trailing 'i'.
Thanks for the reply. I tryed to use Subject ~
That matched PO but it did not match po. I have /i at the end.
Ray Jette wrote:
Good morning,
I am trying to write a negative scoring rule that files on the following:
PO
PO#
PO #
Following is the rule I am using:
header PO_AND_ORDERSSubject =~ /\bPO*?#?/i
score PO_AND_ORDERS-0.50
describe PO_AND_ORDERSA negative scoring rule that
Thank you for any help you may provide.
Ray
Karsten Bräckelmann wrote:
Please note that you do *not* need to specify all variations explicitly,
if you actually want to match *anything* that starts with "PO"...
Thanks for the information I will make sure to read it. I am going to
try /\bPO\b now and see if it helps.
Since thi
Bowie Bailey wrote:
Ray Jette wrote:
Bowie Bailey wrote:
Ray Jette wrote:
Good morning,
I am trying to write a negative scoring rule that files on the
following: PO PO#
PO #
Following is the rule I am using:
header PO_AND_ORDERSSubject =~ /\bPO*?#?/i
score
any numbers
That's easy. /\bPO\b/ will do -- might hit on spam as well, though,
since it is really short.
Please note that you do *not* need to specify all variations explicitly,
if you actually want to match *anything* that starts with "PO"...
Thanks for the information I will make sure to read it. I am going to
try /\bPO\b now and see if it helps.
Ray
Bowie Bailey wrote:
Ray Jette wrote:
Good morning,
I am trying to write a negative scoring rule that files on the
following: PO
PO#
PO #
Following is the rule I am using:
header PO_AND_ORDERSSubject =~ /\bPO*?#?/i
score PO_AND_ORDERS-0.50
describe PO_AND_ORDERSA
Good morning,
I am trying to write a negative scoring rule that files on the following:
PO
PO#
PO #
Following is the rule I am using:
header PO_AND_ORDERSSubject =~ /\bPO*?#?/i
score PO_AND_ORDERS-0.50
describe PO_AND_ORDERSA negative scoring rule that searches the
subject f
jdow wrote:
From: "Ray Jette" <[EMAIL PROTECTED]>
Sent: Monday, 2008, December 01 12:41
Ray Jette wrote:
*Good afternoon,
I am trying to write a rule that gives negative scores to messages
that contain names of our company's and products. I have a few
question regardin
Ray Jette wrote:
*Good afternoon,
I am trying to write a rule that gives negative scores to messages
that contain names of our company's and products. I have a few
question regarding this. Will the rule at the end of this message
work? Can I put line brakes in the rule? How can I go
Ray Jette wrote:
*Good afternoon,
I am trying to write a rule that gives negative scores to messages
that contain names of our company's and products. I have a few
question regarding this. Will the rule at the end of this message
work? Can I put line brakes in the rule? How can I go
*Good afternoon,
I am trying to write a rule that gives negative scores to messages that
contain names of our company's and products. I have a few question
regarding this. Will the rule at the end of this message work? Can I put
line brakes in the rule? How can I go about adding an optional s f
Thanks for the quick reply. Do you know what .pre file this is contained
in? From the /etc/spamassassin directory I ran the following:
grep SPF_PASS *.pre but came up with nothing.
Thanks.
On Thu, 2008-10-02 at 09:44 -0500, McDonald, Dan wrote:
> or just remove the module from the .pre file that
Good morning,
The SPF_PASS and SPF_HELO_PASS rules hit several hundred messages a day.
I am doing SPF lockup's at the MTA. How do I go about stopping these
tests from within SA?
Thanks,
Ray
I think I know this guy. I think I've actually done stuff for him about
8-10 years ago. Yeah, the ISP I was working with at the time thought
that SPAM was a quick buck and supported a few spamming houses.
jdow wrote:
http://it.slashdot.org/article.pl?sid=08/01/04/0154229
Points to this articl
I just thought if anyone hasn't read it yet, this article might be
interesting to many of you. According to this report SPAM has now
reached being 95% of all email.
http://www.net-security.org/secworld.php?id=5545
From the report:
* Global spam levels reached an all-time high of 95% of all
Dave Addey wrote:
Hi all,
As part of an “Ensim” (Linux control panel) installation, I’m running
the Ensim-provided install of SpamAssassin 3.1.9. Unfortunately, I’m
finding that no emails are being caught as spam. Whilst I’m sure that
Ensim is doing some non-standard stufff around SpamAssas
t "I'm sorry sir, I don't know what you are talking about. I
just know what my screen tells me"
Oh and I'm also am on my 6th request and 3rd month of waiting for
Charter.net's upper level support team to contact me so we can figure
out why they always seem to defer
sage in queue until the server(s) are
responding again. I hold messages for 14 days before thawing and dumping
them.
Oh and finally, once SA scans email once for the domain it puts the
user_prefs file in /home/sa-users/domaincom/.spamassassin
Hope this helps.
--
Tom Ray
Cheif Operations
Just as a side note...
I am a charter customer. I have spoken with their techincal assistance
many times, and at various levels, for myself and on behalf of others I
have tried to assist. They are by far the most incompetent ISP I have
ever dealt with. They only have one answer for everything,
Look in the local.cf for these lines, or (if mysql is being used) look
in the userpref table and delete the rows that have those entries.
Had the same issue and that cleared it up.
-=R
Doc Schneider wrote:
I'm seeing this in a server I just upgraded from 3.0.6 to 3.1.7
My thoughts are this is
Bob McClure Jr wrote:
sa-stats.pl as distributed with SA v3.1.7 blows out a ton of
WARNING: ignoring future date in syslog line: Dec 31 20:26:56 bubba spamd[7149]: prefork: child states: II
and the like, and ends up reporting zeros for results. Another
machine with the same sa-stats.pl (and
Debbie D wrote:
Can someone try and help me understand why this keeps slipping through.. in
2+ days I have 40 or more of these to various addresses of my own on the
server
http://sial.org/pbot/21945
(Thanks Theo for the link)
Scores for me:
Content analysis details: (19.5 points,
link with more info.
-=Ray
Ray Anderson wrote:
This looks like a failed header injection attack.
Some background: Lots of web form handlers, including the most basic
Perl and PHP tools, will build the headers and body of a message as
one long string, then pass it to Sendmail. If a form
reat_ article on the matter is here:
http://www.securephpwiki.com/index.php/Email_Injection
-=Ray
Amsterdam. Period.
After calling just about everyone on the planet, I gave up and moved the
server to a different provider (after checking the IP blocks).
-=Ray
Michele Neylon :: Blacknight wrote:
You could simply use Geoip scoring using this lot:
http://countries.nerd.dk/
It's p
Nicely done!
John D. Hardin wrote:
{snicker!}
Dec 12 09:48:03 ga : Initial Connect - tarpitting: 124.240.124.222 60241 ->
x.x.x.x 25
Dec 12 09:44:20 ga : Initial Connect - tarpitting: 124.240.124.222 53486 ->
x.x.x.x 25 *
Dec 12 12:16:30 ga : Initial Connect - tarpitting: 124.240.124.222 1452
not receiving e-mail.
-=Ray
R Lists06 wrote:
When looking up required_score info, as most know, it say that the default
is 5.0 and that it is considered aggressive in various circumstances
Used to be called required_hits
When I first started using SA I was told that as an ISP going in the
or is even
implenting OCR pointless as the generators get more sophisticated?
I wasn't sure if I could post an image, so here is a link to the headers
and the image.
I'll take it down tomorrow morning.
Thanks!
-=Ray
http://www.rb-com.com/spam.php
d and react
to, which for me bypasses spamd -- note: this decision takes place
_after_ virus scanning, etc.
Hope this helps someone.
-=Ray
Wouldn't a better solution to be check the e-mail for NOT having any
alpha chars?
All numbers seems like a no-brainer to me, but I'm fairly new at this. :)
Something like
Body ~= /[^a-zA-A]/
?
Cheers,
-=Ray
Justin Mason wrote:
this seems to catch them:
header __MAILER
messages to the folder
http://www.byteplant.com/support/nospamtoday/howtolearnexchange.html
http://www.byteplant.com/support/nospamtoday/contrib.html
From: Ray Dzek [mailto:[EMAIL PROTECTED]
Sent: Wednesday, August 23, 2006
3:10 PM
To: users@spamassassin.apache.org
Your timing is perfect. I just
implemented this yesterday!
The script you may be looking for is
imap-sa-learn.pl from: http://www.gagravarr.org/code/
The how-to is here: http://mail-archives.apache.org/mod_mbox/spamassassin-users/200406.mbox/[EMAIL PROTECTED]
Users then drag (
I have SA set up to run per user, my question is does the user_prefs
file support any include commands like Apache's httpd.conf or Bind's
named.conf file does? I basically don't want to re-write the maing
user_prefs file when a user updates their White or Black lists via the
web interface I'm p
Tom Ray wrote:
Derek Harding wrote:
On Wed, 2006-08-02 at 16:37 -0400, Tom Ray wrote:
Anyone serious about stopping SPAM should not use SpamCop. They have
no real checking method, it's like AOL's spam blocking method...they
just let users submit what they think is spam and the
Derek Harding wrote:
On Wed, 2006-08-02 at 16:37 -0400, Tom Ray wrote:
Anyone serious about stopping SPAM should not use SpamCop. They have no
real checking method, it's like AOL's spam blocking method...they just
let users submit what they think is spam and then block it. It&#x
Marc Perkel wrote:
Logan Shaw wrote:
On Wed, 2 Aug 2006, Marc Perkel wrote:
SMTP passwords go away because SMTP goes away.
The idea is that outgoing IMAP would replace SMTP and there would be
no SMTP between clients and servers. SMTP would be a server to
server protocol.
That's all we
Anyone serious about stopping SPAM should not use SpamCop. They have no
real checking method, it's like AOL's spam blocking method...they just
let users submit what they think is spam and then block it. It's
pointless. There's not even a way to contact anyone at SpamCop to fix a
falsely listed
4a) maybe generalize #4 to include various other RFC issues (matching
PTR and A records is an RFC requirement, after all), such as the things
tracked at RFC-Ignorant
Less feasible, too many players.
How about: domain registrars are required to block any domain they
have registered
Theo Van Dinter wrote:
On Wed, Jul 26, 2006 at 03:06:40PM -0400, Tom Ray wrote:
Is it possible to have each user have their own 10_misc.cf or any of the
other .cf files? Right now all are stored in /usr/share/spamassassin I'd
like each user to have their own.
Anyone done this b
I know I asked this before but I believe I asked it wrong.
Is it possible to have each user have their own 10_misc.cf or any of the
other .cf files? Right now all are stored in /usr/share/spamassassin I'd
like each user to have their own.
Anyone done this before?
--
Tom Ray
Detroit O
Martin Hepworth wrote:
Tom
Depends on what's call SA. SA will only mark the spam, any processing beyond
that is up to you..
--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300
-Original Message-
From: Tom Ray [mailto:[EMAIL PROTECTED]
hosting but I
run each domain under it's own user name so the Admin controls their
spam rules. I want them to be able to edit that with their own
information. Can we do that?
--
Tom Ray
Detroit Online
http://www.detroitonline.com
Toll Free: 888-235-6817 x501
Local: 313-887-0805 x501
as the user and group.
4) Am I doing this right? I've laid out my specs before and asked that
but no ones said yes or no.
Any help would be appreciated.
Thanks.
--
Tom Ray
Detroit Online
http://www.detroitonline.com
Toll Free: 888-235-6817 x501
Local: 313-887-0805 x501
ne this before? I'm kinda new
to SA and I'm still getting the hang of customizing it.
Thanks!
--
Tom Ray
Detroit Online
http://www.detroitonline.com
Toll Free: 888-235-6817 x501
Local: 313-887-0805 x501
the logs and will be cleaned up with a patch or
the next release.
Some clarification,
please, from those in the know?
Thanks!
Ray DzekNet Ops / Helpdesk SupervisorSpecialized Bicycle
Components
Spamassassin 3.04 with SQL support.
I'm trying to set up a global textbased or MYSQL based whitelist. I want
to be able to support *wildcards* I am able to add specific addresses
to the AWL using spamassassin --add-addr-to-whitelist but when I've used
wildcards for some of our desired senders, th
using sendmail but I want to switch to
Exim or am I just making things hard?
Mimedefang uses the milter interface of sendmail. It won't work with
exim.
ray
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Ray DeJean http://ww
)
Can anyone tell me why? I have tons of other rules that get caught and marked,
but this one seems to sneak by.
Stuck on spamassassin-2.55-2.1.92 for now on a Mandrake 9.2 machine.
Thanks,
-=Ray
Good flying never killed [an enemy] yet
e this a rawbody check so mime-embedded mime-encoded
mails also get caught?
-=Ray
Nothing makes a man more aware of his capabilities and of his limitations
than those moments when he must push aside all the familiar defenses of ego
and vanity, and accep
now!
I hope me finding my own answer helps someone out there.
Thanks,
-=Ray
--
As a fighter pilot I knew from my own experiences how decisive surprise and
luck can be for a success, which in the long run only comes to the one who
combines daring with coo
anyway, but to work
> to produce actual
> releases for others, I think a bit more of an interest is needed.
I am also required to stay with the 2.6 branch for the forseable future, if
there's anything I can do to help I'd be happy to.
-=Ray
---
pgrade, which I cannot do at
this time.
I finally had to put a score in my local.cf that reduces the score to zero.
-=Ray
--
Ray Anderson
R&B Communications
530.478.1137
[EMAIL PROTECTED]
http://www.rb-com.com
---
.2.19-2003-05-19-exp)
====
-=Ray
----
Ray Anderson
System Development Manager
916.788.2444 (Office)
916.798.9439 (Mobile)
PRIDE Industries
[EMAIL PROTECTED]
http://www
t leave the ALL_TRUSTED 0 in your local.cf
Ray Dzek
Network Operations Supervisor
Specialized Bicycle Components
-Original Message-
From: Potato Chip [mailto:[EMAIL PROTECTED]
Sent: Friday, October 15, 2004 9:31 AM
To: users@spamassassin.apache.org
Subject: SPF, ALL_TRUSTED Confusion was
spamd.
Ray Dzek
Network Operations Supervisor
Specialized Bicycle Components
-Original Message-
From: Asif Iqbal [mailto:[EMAIL PROTECTED]
Sent: Saturday, October 02, 2004 2:02 PM
To: [EMAIL PROTECTED]
Subject: Bayes R/O tie failed with SA 3.0
Hi All
I just upgraded my SA from 2.63
I see this is already in bugzilla. Should we just depreciate that rule for
now? It is really screwing up my scores.
Ray Dzek
Network Operations Supervisor
Specialized Bicycle Components
PH: 408-782-5420
FX: 408-782-5421
% okay
Any ideas?
Thanks!
Ray Dzek
Network Operations Supervisor
Specialized Bicycle Components
86 matches
Mail list logo
