Many thanks.
-Original Message-
From: Axb [mailto:axb.li...@gmail.com]
Sent: 16 September 2015 10:35
To: users@spamassassin.apache.org
Subject: Re: Stopping phishing using clean-mx
On 09/16/2015 11:28 AM, Sujit Acharyya-choudhury wrote:
> Is there any rule in spamassassin which u
Is there any rule in spamassassin which uses clean-mx? From my observation
it is a very good site for phishing URL and we do get lot of mails with
phishing url embedded in it. Most of the time these sites are new, and
clean-mx are by far quickest to spot them.
Regards
Sujit
S
It seems from the web site, one can use ClamAV and SaneSecurity to add extra
signatures. Would it not be more efficient?
http://sanesecurity.com/usage/signatures/
-Original Message-
From: Axb [mailto:axb.li...@gmail.com]
Sent: 02 September 2015 09:55
To: users@spamassassin.apache.org
Sub
I think the answer is there has been enough discussion on this topic. It is
up to the user to use it or not. The discussion can stop and we can go to
other things, like why so many phishes are coming through etc. for example
where the message look more or less the same.
smime.p7s
Descript
.2015 um 14:02 schrieb Sujit Acharyya-choudhury:
> The URIBL_PH_SURBL is actually not very useful. I have checked a real
> phishing site with SURBL and it shows clean in SURBL - I think, SURBL only
> looks at the part of the domain.
every URIBL check only tests the main-domain of a link,
@spamassassin.apache.org
Subject: Re: Phishtank and SpamAssassin
On Tue, 11 Aug 2015 11:11:56 +
Sujit Acharyya-choudhury wrote:
> I have seen lot of Phishes submitted in Phishtank.com and yet there
> is no rule to check Phishtank.com.
There is via URIBL_PH_SURBL. It doesn't score
Many thanks for the info.
-Original Message-
From: Reindl Harald [mailto:h.rei...@thelounge.net]
Sent: 11 August 2015 12:14
To: users@spamassassin.apache.org
Subject: Re: Phishtank and SpamAssassin
Am 11.08.2015 um 13:11 schrieb Sujit Acharyya-choudhury:
> I have seen lot of Phis
I have seen lot of Phishes submitted in Phishtank.com and yet there is no
rule to check Phishtank.com. Would it be a good idea to give some points to
phishes submitted to phishtank - even if they are not verified?
smime.p7s
Description: S/MIME cryptographic signature
Is there any SA rule which use WOT (Web of Trust)? I find WOT a very
valuable tool to find out about the reputation of URL and an integration
with SA will be invaluable.
Regards
Sujit Choudhury
smime.p7s
Description: S/MIME cryptographic signature
ginal Message-
From: Reindl Harald [mailto:h.rei...@thelounge.net]
Sent: 12 March 2015 11:51
To: users@spamassassin.apache.org
Subject: Re: is spamassassin scoring too high points
Am 12.03.2015 um 12:40 schrieb Sujit Acharyya-choudhury:
> We are using MessageLabs for our most of our inwa
We are using MessageLabs for our most of our inward mails. However, we
also get mails from other places as well. In order to get rid of spam,
we have installed the latest version of spamassassin, which is set to
reject any mail at smtp time if the score is over 12. What I find
peculiar is some m
We are running exim with spamassassin on our gateways and on exim
paniclog I am seeing this message:
spam acl condition: error reading from spamd socket: Connection timed
out on a regular basis (may be once ever 5-10 mins).
We have the following setting for spamd:
/usr/bin/spamd -d -x
sage-
From: Kai Schaetzl [mailto:[EMAIL PROTECTED]
Sent: 21 November 2008 13:42
To: users@spamassassin.apache.org
Subject: Re: Use of blacklist_form
Sujit Acharyya-Choudhury wrote on Fri, 21 Nov 2008 13:00:06 -:
> > Also since we do not mark anything as Spam coming from our network
;t tag them as spam even if the reply_to
address is in the blacklist and without specifically blocking mail with
such address without using the MTA (which in our case is exim)
Sujit Choudhury
____
From: Sujit Acharyya-Choudhury [mailto:[EMAIL PROTECTED]
Sent: 21 No
Google Anti-phishing-email-reply
(http://code.google.com/p/anti-phishing-e-mail-reply) contains reply
addresses being used in phishing campaigns. I would like to use
blacklist_from and blacklist_to for these addresses. I was wondering
whether blacklist_to and blacklist_form is still available in
I have been modifying local.cf so that report_safe is 0 or 1. Can not
see any change. For my sin, my exim config has the following entry:
warncondition = ${if or{\
{eq
{${substr_0_6:$sender_host_address}}{161.74}}\
{>{$message_size}{60K
Sent: 11 November 2008 15:38
To: users@spamassassin.apache.org
Subject: Re: Barracuda RBL
On Tue, Nov 11, 2008 at 05:34:28PM +0200, Henrik K wrote:
> On Tue, Nov 11, 2008 at 08:30:26AM -0700, Chris wrote:
> > On Tuesday 11 November 2008 8:15:26 am Sujit Acharyya-Choudhury
wrote:
> > > I would
November 2008 16:59
To: users@spamassassin.apache.org
Subject: Re: Barracuda RBL
"Sujit Acharyya-Choudhury" <[EMAIL PROTECTED]> writes:
> Thanks Henrik. However, I am not using SVN 3.3 so the rule on its own
> will be useful.
I'm using:
# Add a rule to give barracude
:28PM +0200, Henrik K wrote:
> On Tue, Nov 11, 2008 at 08:30:26AM -0700, Chris wrote:
> > On Tuesday 11 November 2008 8:15:26 am Sujit Acharyya-Choudhury
wrote:
> > > I would like to use the "free" barracuda RBL with SpamAssassin.
Is
> > > there any rule for tha
I would like to use the "free" barracuda RBL with SpamAssassin. Is
there any rule for that yet?
Regards
Sujit Choudhury
--
The University of Westminster is a charity and a company limited by
guarantee. Registration number: 977818 England. Registered Office:
309 Regent Street, London W1B
shing
On Thu, 3 Jul 2008, Sujit Acharyya-Choudhury wrote:
> Dear All,
> We are using clamAV 0.93.1 as our virus checker on SLES9 using exim as
MTA. It catches lot of virus+phishing. However, lot of
> phishing mails are recently getting through. Our spamassassin is
version 3.1.7 (a
Dear All,
We are using clamAV 0.93.1 as our virus checker on SLES9 using exim as
MTA. It catches lot of virus+phishing. However, lot of phishing mails
are recently getting through. Our spamassassin is version 3.1.7 (a bit
old), but running lot of SARE rules as well as sought_rules. The
question
them, other than to notify the error by replying to the sender.
-Original Message-
From: ram [mailto:[EMAIL PROTECTED]
Sent: 29 May 2008 12:16
To: Sujit Acharyya-Choudhury
Cc: users@spamassassin.apache.org
Subject: Re: Lot of unmarked spam
On Thu, 2008-05-29 at 11:52 +0100, Sujit Acharyy
We are getting lot of unmarked spam. The header is as follows:
From: Feed Blaster
To: [EMAIL PROTECTED]
Subject: Feed Blaster puts your ad right to the screens of millions in
15 Minutes !
Date: 26 May 2008 21:42:41 -0700
Message-ID: <[EMAIL PROTECTED]>
And the message contains:
More and more p
: Problem with clamav plugin
Sujit Acharyya-Choudhury wrote:
> I am using clamav as our virus scanner on our mail gateway (exim).
> This seems to discard lot of e-mails. Is there any benefit of using
> clamav for spamassassin from Sanesecurity?
There's no such thing.
If you me
I am using clamav as our virus scanner on our mail gateway (exim). This
seems to discard lot of e-mails. Is there any benefit of using clamav
for spamassassin from Sanesecurity?
Regards
Sujit
-Original Message-
From: OliverScott [mailto:[EMAIL PROTECTED]
Sent: 24 July 2007 14:44
To
We are using spamassassin at the gateway level with exim. Is it a good
idea to use bayes as we don't know which is ham or spam - and the users
are unlikely to give us the feed back from different system. In that
case bayes learning ability will be compromised.
If bayes can be used how can I mo
: AutoWhitelist
On Tuesday 29 May 2007 9:55 am, Sujit Acharyya-Choudhury wrote:
> I was interested in the following plugin and hence AutoWhitelist:
> SAGrey
> SAGrey is two-phased, in that it first looks to see if the current score
> of the current message exceeds the user-defined threshold v
We are using spamassassin at the gateway level with exim. Is it a good
idea to use bayes as we don't know which is ham or spam - and the users
are unlikely to give us the feed back from different system. In that
case bayes learning ability will be compromised.
If bayes can be used how can I modi
I was interested in the following plugin and hence AutoWhitelist:
SAGrey
SAGrey is two-phased, in that it first looks to see if the current score
of the current message exceeds the user-defined threshold value (as set
in one of the cf files), and then looks to see if the message sender's
email and
Sorry, my mistake. I have to set use_auto_whitelist 1.
Thanks
-Original Message-
From: Sujit Acharyya-Choudhury [mailto:[EMAIL PROTECTED]
Sent: 29 May 2007 13:37
To: Matt Kettler
Cc: users@spamassassin.apache.org
Subject: RE: AutoWhitelist
How about in local.cf setting
How about in local.cf setting
use_auto_whitelist 1
-Original Message-
From: Matt Kettler [mailto:[EMAIL PROTECTED]
Sent: 29 May 2007 13:22
To: Sujit Acharyya-Choudhury
Cc: users@spamassassin.apache.org
Subject: Re: AutoWhitelist
Sujit Acharyya-Choudhury wrote:
> I am using spamassas
I am using spamassassin 3.1.7 (even now) on SLES 9 (64-bit). I am
having configuring the AutoWhitelist to work properly. Any help will
be appreciated.
Many thanks
--
Sujit Choudhury
ISLS
University of Westminster
Ext 3851 / 1779
Sujit
-Original Message-
From: Clay Davis [mailto:[EMAIL PROTECTED]
Sent: 24 May 2007 19:38
To: users@spamassassin.apache.org
Subject: RE: So much spam
Sujit,
No Bayes? Your only harnessing half the power of SA.
Clay
>>> "Sujit Acharyya-Choudhury" <[EMAIL PROTECTED]
Is it official now that 3.2 has come out that it would cut down on spam?
I am still on 3.1.7 and noticed too much spam. Relying on all SARE
rules plus Botnet.cf, imageinfo.cf - all to no avail.
Regards
Sujit Choudhury
-Original Message-
From: Rob Campbell [mailto:[EMAIL PROTECTED]
Sent
We are currently running SpamAssassin 3.1.7. Can we run dnswl.org with
this version of SpamAssassin?
Can I put in lines like this in local.cf?
# dnswl.org file
header __RCVD_IN_DNSWL
eval:check_rbl('dnswl-firsttrusted,'127.0.\d+.1')
header RCVD_IN_DNSWL_LOW eval:check_rbl_sub('dnswl-firsttr
36 matches
Mail list logo
