bout some configuration in the necessary
spamassassin?
hugs
Lucas Cotta
[EMAIL PROTECTED]
[EMAIL PROTECTED]
Divisão de Suporte da PGT/MPT
+55 61 3314.8661
+55 61 9909.7500
- Original Message -
From: "Ronald I. Nutter" <[EMAIL PROTECTED]>
To: "Lucas Cotta" <[EMAIL
How much memory do you have in the box ? I had to take our SA box to 1.5G of
ram to resolve the problem. Was running more rules than I thought we were.
Ron
Ron Nutter [EMAIL PROTECTED]
Network Infras
Johnston [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 08, 2006 10:14 AM
To: users@spamassassin.apache.org
Subject: Re: How to handle your domain in received from field
Ronald I. Nutter wrote:
> I am fighting a situation where two vendors used by my college are
> sending email out authorized
I am fighting a situation where two vendors used by my college are
sending email out authorized by the college (remote distance learning
situations) where the email looks like it came from us because it has
our domain name in the from field. I had been using a global blacklist
of [EMAIL PROTECTED]
I have a email that is scoring as follows using SA 2.64 (I know I am on
a old version - upgrade is schedule for about 2 weeks from now) -
X-Spam-Status: Yes, hits=68.753 tag=0 tag2=2.5 kill=3.75 tests=AWL,
BAYES_30,
NO_REAL_NAME, PRIORITY_NO_NAME, SUBJ_HAS_UNIQ_ID, USER_IN_BLACKLIST,
X_PRIORITY
I am dealing with a problem user who has mail that keeps getting trapped
by SA. They are using an off campus system that "acts" like it is our
mail server because everything is set to a reply address of my colleges
domain. When the emails come through, I can look at the header and see
that the em
I finally have had to drop my "spam" score to 3.75. Still havent had
any false positives at that score level. Still getting a few but no
where near what I had been before.
Ron
Ron Nutter [EMAIL PROTECT
I havent had any luck so far. The gif content name used is never the
same in any of the messages I have been getting.
Ron
Ron Nutter [EMAIL PROTECTED]
Network Infrastructure & Security Manager
Informat
tler [mailto:[EMAIL PROTECTED]
Sent: Thursday, April 27, 2006 9:59 AM
To: Ronald I. Nutter
Cc: users@spamassassin.apache.org
Subject: Re: Blocking specfic content
Ronald I. Nutter wrote:
> I have added most of the rule sets from rulesemporium.com as well as
> adding several of my own. I update
lege
Georgetown, KY40324-1696
-Original Message-
From: Matt Kettler [mailto:[EMAIL PROTECTED]
Sent: Thursday, April 27, 2006 9:32 AM
To: Ronald I. Nu
I have been fight one specific type of spam coming through for several
days now. None of the rules I have put in place are stopping the spam
coming through. It is stock type scam. Main one I have seen is about
IKMA. The content type of the message is image/gif. The actual name of
the file vari
I have seen about a 2-3% drop in spam with about a 10-15% drop in email
volume.
Ron
Ron Nutter [EMAIL PROTECTED]
Network Infrastructure & Security Manager
Information Technology Services
1696
-Original Message-
From: Jim Maul [mailto:[EMAIL PROTECTED]
Sent: Wednesday, September 21, 2005 3:05 PM
To: Ronald I. Nutter
Cc: Rick Macdougall; users@spamassassin.apache.org
Subject: Re: Rewrite header problem
Ronald I. Nutter wrote:
> I tried that too. Still getting the error. I
ilto:[EMAIL PROTECTED]
Sent: Wednesday, September 21, 2005 2:57 PM
To: users@spamassassin.apache.org
Subject: Re: Rewrite header problem
Ronald I. Nutter wrote:
>I am trying to put the following line in my local.cf file -
>rewrite_header {subject} (Possible_SPAM). I am getting the followi
I am trying to put the following line in my local.cf file -
rewrite_header {subject} (Possible_SPAM). I am getting the following
error -
[EMAIL PROTECTED] spamassassin]# spamassassin --lint
Failed to parse line in SpamAssassin configuration, skipping:
rewrite_header {subject} (Possible_SPAM)
Ot
I have spam coming through that I havent been able to block with the
blacklist command. Tried putting it in a 90_blacklist.cf file. thought
it was working but things are still coming through. I am using a setup
with postfix/amavisd that calls the daemonized version of SA. Should
the blacklist c
Title: Message
I am trying to figure out what happened here. This one got
through and shouldnt have. I saved the message out of Outlook as a
text
file
and ran spamassassin in test mode. It scored enough to have been blocked
and wasnt. It scored a 5.0 and I am running sa 2.64 at default
Loren:
Thanks for the suggestion. I tried it but I am getting a parsing error
with no details when I do a spamassassin --lint. I am running on 2.64.
Is this rule using something that is not in that version ?
Thanks,
Ron
Ron N
Using the following as a rule set, spam with the above subject line
is still getting through -
# Check for bad RE[ tag
header BAD_RE_TAG Subject =~ /\b"Re"\[\b/i
score BAD_RE_TAG 6.0
What am I doing wrong ?
I am using the default spam level of 5.0 with 2.6.4.
Ron
---
1696
-Original Message-
From: Chris [mailto:[EMAIL PROTECTED]
Sent: Thursday, September 15, 2005 10:07 PM
To: users@spamassassin.apache.org
Cc: Ronald I. Nutter
Subject: Re: Spam with Re[2]: or Re[4]:
On Thursday 15 September 2005 10:11 am, Ronald I. Nutter wrote:
&g
40324-1696
-Original Message-
From: Matt Kettler [mailto:[EMAIL PROTECTED]
Sent: Thursday, September 15, 2005 11:17 AM
To: Ronald I. Nutter; users@spamassassin.apache.org
Subject: RE: Spam with Re[2]: or Re[4]:
At 11:11 A
I am trying to write a rule to block these based on subject line but
keep getting regex errors. It seems to be related to trying to put in
the [ character/symbol. Can someone provide an example of how they did
it?
Thanks,
Ron
05 3:45 PM
To: Ronald I. Nutter
Cc: users@spamassassin.apache.org
Subject: Re: Question on NO_DNS_FOR_FROM Rule
Ronald I. Nutter wrote:
> I am getting quite a bit of spam coming in today that is scoring well
> below the 5.0 min (i.e. 2.4 or so out of 5.0). The common thread I am
> s
I am getting quite a bit of spam coming in today that is scoring well
below the 5.0 min (i.e. 2.4 or so out of 5.0). The common thread I am
seeing is that they all fail the NO_DNS_FOR_FROM Rule. I noticed that
it is only set to 1.1. I am thinking about raising the value of this
score. I don't t
Anyone seeing this type of email coming through with a header of
*WARNING* YOUR EMAIL ACCOUNT WILL BE CLOSED ?
Didn't know if someone already had a ruleset out before I starting
working on one for my system.
Ron
Ron Nutter
We are getting flooded this morning with email that contains the
following item(s) in the body of the message -
*** Server-AntiVirus: No Virus (Clean)
*** "GEORGETOWNCOLLEGE" Anti-Virus
*** http://www.georgetowncollege.edu
OR
*** Attachment-Scanner: Status OK
*** "GEORGETOWNCOLLEGE" Anti-Virus
EMAIL PROTECTED]
Sent: Tuesday, January 11, 2005 12:01 PM
To: Ronald I. Nutter
Cc: users@spamassassin.apache.org
Subject: Re: Postfix relay problem with SA ?
Ronald I. Nutter wrote the following on 11/01/2005 16:43:
> I am noticing entries in the maillog like the following. This tells
> me t
I am noticing entries in the maillog like the following. This tells me
that somehow mail is relaying through my system. I followed the Scott
Henderson setup document and havent noticed this before.
Jan 11 11:24:33 SA2 postfix/smtp[12722]: 8FE98F4280:
to=<[EMAIL PROTECTED]>,
relay=milter1.store.v
I have been getting bombarded by spam trying to sell me Rolex watches of
one variety or another. I have had experience writing rules as yet but
may need to start. The following is the smtp header from one of the
messages. cleta is my server running webshield before SA gets a hold of
it on anothe
You probably wont stop all of them. I too am new to spamassassin and
learn more each day. Look at www.rulesemporium.com for additional rules
you can put in place to help block additional spam.
Ron
Ron Nutter
Thanks.
Ron
Ron Nutter [EMAIL PROTECTED]
Network Manager
Information Technology Services(502)863-7002
Georgetown College
Georgetown, KY
I have just reinstalled SA on a new server with more processor and more
memory that the "test" system I started out with that ended up in
production. I am looking at adding some additional rules as I get more
experience with this. One of the things I have found says to run
spamassassin -D --lint
32 matches
Mail list logo
