:00, Mickaël Maillot
a
écrit :
Hi,
I just want to notify you that the new rules take lots more times,
i updated my rules from 5/12 to 8/12 and now in my maillog, i see a
lot's
of:
tests_pri_-100: 21005
tests_pri_-100: 14165
tests_pri_-100: 17684
tests_pri_-100: 23094
reverted the ruleset
forget what i say, it was a DNS issue unrelated to the updated rules.
Le ven. 8 déc. 2023 à 11:00, Mickaël Maillot a
écrit :
> Hi,
>
> I just want to notify you that the new rules take lots more times,
> i updated my rules from 5/12 to 8/12 and now in my maillog, i see
Hi,
I just want to notify you that the new rules take lots more times,
i updated my rules from 5/12 to 8/12 and now in my maillog, i see a lot's
of:
tests_pri_-100: 21005
tests_pri_-100: 14165
tests_pri_-100: 17684
tests_pri_-100: 23094
reverted the ruleset back to 5/12 and it's b
On Sat, 24 Apr 2021, Steve Dondley wrote:
And if you want to test your rules against a corpus rather than
testing against a few one-off spamples, then look into setting up a
local masscheck instance. You don't need to upload the results to SA,
but it will give you a good overview of how a rul
And if you want to test your rules against a corpus rather than
testing against a few one-off spamples, then look into setting up a
local masscheck instance. You don't need to upload the results to SA,
but it will give you a good overview of how a rule behaves against
multiple messages.
I'm
On Sat, 24 Apr 2021, Steve Dondley wrote:
On 2021-04-23 05:41 PM, Martin Gregorie wrote:
On Fri, 2021-04-23 at 16:28 -0400, Steve Dondley wrote:
I'm experimenting with writing a library of my own SA rules and
scores.
Treat this like any other code development project: use a rule
development
On 2021-04-23 05:41 PM, Martin Gregorie wrote:
On Fri, 2021-04-23 at 16:28 -0400, Steve Dondley wrote:
I'm experimenting with writing a library of my own SA rules and
scores.
I do this on a separate computer, which has Spamassassin installed but
not linked into anything else. It also has a cop
On Fri, 2021-04-23 at 16:28 -0400, Steve Dondley wrote:
> I'm experimenting with writing a library of my own SA rules and
> scores.
>
I do this on a separate computer, which has Spamassassin installed but
not linked into anything else. It also has a copy of all the live SA
configuration files. Alon
e still
scored accurately with the new rules.
I imagine a utility like this must exists so figured I'd ask here before
re-inventing the wheel and writing my own (probably bugg) script.
The script would need to check against all email files in .INBOX.* and
.Spam directory in a user's
On Tue, 24 Jul 2018, chuckee wrote:
I'm from a reasonably large ESP and we handle all types of emails being sent
via our servers. We've noticed a change with SpamAssassin in the last few
days/weeks which is causing problems.
3.5 HDR_ORDER_FTSDMCXX_DIRECT Header order similar to spam
The hi
On Tue, 24 Jul 2018 21:10:01 -0700 (MST)
chuckee wrote:
> As an ESP we can confirm that it is extremely common for ESP's to
> strip out 'Received from' headers - if we didn't, then many recipient
> mail servers reject emails because they look at the (often bad)
> reputation of the IP address of th
On Wed, 25 Jul 2018, David Jones wrote:
On 07/24/2018 11:10 PM, chuckee wrote:
I'm from a reasonably large ESP and we handle all types of emails being
sent
via our servers. We've noticed a change with SpamAssassin in the last few
days/weeks which is causing problems.
The following 2 rules are
On 07/24/2018 11:10 PM, chuckee wrote:
I'm from a reasonably large ESP and we handle all types of emails being sent
via our servers. We've noticed a change with SpamAssassin in the last few
days/weeks which is causing problems.
The following 2 rules are causing these problems:
3.5 HDR_ORDER_FTSDM
I'm from a reasonably large ESP and we handle all types of emails being sent
via our servers. We've noticed a change with SpamAssassin in the last few
days/weeks which is causing problems.
The following 2 rules are causing these problems:
3.5 HDR_ORDER_FTSDMCXX_DIRECT Header order similar to spam
a
>From: John Hardin
>Sent: Thursday, June 22, 2017 12:41 PM
>The SA project's rule masscheck/score generation system was rebuilt due to
>hardware issues recently, and we appear to be having some problems with
>score generation - lots of previously higher-scoring rules are now not
>getting a
On Thu, 22 Jun 2017, Curtis NPC wrote:
It has nothing to do with your Bayes learning.
The SA project's rule masscheck/score generation system was rebuilt due to
hardware issues recently, and we appear to be having some problems with
score generation - lots of previously higher-scoring rules
It has nothing to do with your Bayes learning.
The SA project's rule masscheck/score generation system was rebuilt due
to hardware issues recently, and we appear to be having some problems
with score generation - lots of previously higher-scoring rules are now
not getting a score assigned and
On Thu, 22 Jun 2017, Curtis NPC wrote:
On 2017-06-22 17:07:37 +, RW said:
On Thu, 22 Jun 2017 09:58:16 -0700
Curtis NPC wrote:
> Sorry to ask a novice / RTFM question(s), but
>
> So I'm running spamassassin with amavis. As I understand spamassissin
> should not be running as a
On 2017-06-22 17:07:37 +, RW said:
On Thu, 22 Jun 2017 09:58:16 -0700
Curtis NPC wrote:
Sorry to ask a novice / RTFM question(s), but
So I'm running spamassassin with amavis. As I understand spamassissin
should not be running as a daemon, but is run as needed by amavis. At
least so it
On Thu, 22 Jun 2017 09:58:16 -0700
Curtis NPC wrote:
> Sorry to ask a novice / RTFM question(s), but
>
> So I'm running spamassassin with amavis. As I understand spamassissin
> should not be running as a daemon, but is run as needed by amavis. At
> least so it seems to work.
>
> I added so
Sorry to ask a novice / RTFM question(s), but
So I'm running spamassassin with amavis. As I understand spamassissin
should not be running as a daemon, but is run as needed by amavis. At
least so it seems to work.
I added some rules to:
/etc/spamassassin/65_debian.cf
and they work. But t
On Tue, 3 Nov 2015, Richard Mealing wrote:
From: John Hardin [mailto:jhar...@impsec.org]
So, to generalize the pattern: *your* (the recipient) domain is
(somewhere) in the username part of the From email address?
Hi John - Yup!
From address is - fastnet.co.uk.12056010.bob.jones885@vmta27.to
-Original Message-
From: John Hardin [mailto:jhar...@impsec.org]
Sent: 03 November 2015 17:18
To: users@spamassassin.apache.org
Subject: RE: New rules..
On Tue, 3 Nov 2015, Richard Mealing wrote:
> So I'm looking for something that would block this -
>
> fastnet.
On Tue, 3 Nov 2015, Richard Mealing wrote:
So I'm looking for something that would block this -
fastnet.co.uk.12056010.bob.jones885@vmta27.toprea...
I was thinking of just creating a rule to sort this out with something like -
^fastnet\.co\.uk.\d+..*@
header FROM_IS_FAKE_FASTNET From =~
From: Joe Quinn [mailto:jqu...@pccc.com]
Sent: 02 November 2015 17:13
To: users@spamassassin.apache.org
Subject: Re: New rules..
On 11/2/2015 12:00 PM, Richard Mealing wrote:
Hi there,
Would this be the best list to talk about new rules for spamassassin?
I'm new here..
Thanks,
Rich
On Mon, 2 Nov 2015, Joe Quinn wrote:
On 11/2/2015 12:00 PM, Richard Mealing wrote:
Would this be the best list to talk about new rules for spamassassin?
This would be an excellent place, yes.
Additionally: make sure you take a look at the rules sandboxes in SVN.
There may already be a
On 11/2/2015 12:00 PM, Richard Mealing wrote:
Hi there,
Would this be the best list to talk about new rules for spamassassin?
I'm new here..
Thanks,
Rich
This would be an excellent place, yes. The more technical discussion for
things like bugs in eval rules will generally happen i
On 11/2/2015 12:00 PM, Richard Mealing wrote:
Hi there,
Would this be the best list to talk about new rules for spamassassin?
I’m new here..
Thanks,
Rich
Sure though if you are writing rules and want feedback, dev@ might be a
better list!
Hi there,
Would this be the best list to talk about new rules for spamassassin?
I'm new here..
Thanks,
Rich
On 6/12/14, 5:31 AM, David Alexandre M. de Carvalho wrote:
Hello! I'm using Spamassassin 3.3.1-2 on two of my servers.
Recently I've noticed that there haven't been updates on both channels I use
(updates.spamassassin.org and
sough.rules.yerp.org).
Does this mean that there won't be any more up
On Thu, 12 Jun 2014 12:31:39 +0100 (WEST)
David Alexandre M. de Carvalho wrote:
>
> Hello! I'm using Spamassassin 3.3.1-2 on two of my servers.
> Recently I've noticed that there haven't been updates on both
> channels I use (updates.spamassassin.org and sough.rules.yerp.org).
> Does this mean th
Hello! I'm using Spamassassin 3.3.1-2 on two of my servers.
Recently I've noticed that there haven't been updates on both channels I use
(updates.spamassassin.org and
sough.rules.yerp.org).
Does this mean that there won't be any more updates for version 3.3.1-2?
Thanks and regards!
David
On Thu, 01 Aug 2013 19:08:12 +0200
Benny Pedersen wrote:
> RW skrev den 2013-08-01 18:00:
>
> > If you use /32 and the sender has a different IP address each time
> > there's no score averaging.
>
> servers changeing sender ip daily ?, its not a real problem clients
> does, there would be one
RW skrev den 2013-08-01 18:00:
If you use /32 and the sender has a different IP address each time
there's no score averaging.
servers changeing sender ip daily ?, its not a real problem clients
does, there would be one static ip first
On Thu, 01 Aug 2013 16:36:22 +0200
Benny Pedersen wrote:
> RW skrev den 2013-08-01 14:39:
>
> > This would make sense if the IP address were the the first trusted
> > address or last external, but AWL uses the first routable address
> > which
> > is commonly dynamic.
>
> why is this in error ?
RW skrev den 2013-08-01 14:39:
This would make sense if the IP address were the the first trusted
address or last external, but AWL uses the first routable address
which
is commonly dynamic.
why is this in error ?
On Thu, 01 Aug 2013 12:34:26 +0200
Benny Pedersen wrote:
> Jari Fredriksson skrev den 2013-07-31 22:04:
> > AWL plugin does it anyway, if enabled. But it does not use any
> > external
> > backlists for it...
>
> if its runs with default /16 is just a joke
>
> change it to /24 or /32 then its m
On Aug 1, 2013, at 12:44 PM, Benny Pedersen wrote:
> Franck Martin skrev den 2013-07-31 23:06:
>
>> Now as we move to IPv6, reputation will shift from an IP based type
>> reputation, to a domain based type reputation. Unfortunately, spam
>> assassin seems to be lacking some rules.
>
> still mi
Franck Martin skrev den 2013-07-31 23:06:
Why would they use a forged domain which is on a blacklist? I think
they would tend to use a domain which is well known with good
reputation. As well known domains are getting protected, then they
have to move to use their own domain, which happens to ap
Jari Fredriksson skrev den 2013-07-31 22:04:
31.07.2013 21:05, Franck Martin kirjoitti:
Ah yes, I saw these rules, but this is to check the domains of urls
in
the messages, not to check for instance that the domain used in the
From: header is on the DBL.
Address in From: is usually always forge
On Jul 31, 2013, at 11:19 PM, RGB Camera
mailto:zauschne...@gmail.com>>
wrote:
On Wed, Jul 31, 2013 at 2:06 PM, Franck Martin
mailto:fmar...@linkedin.com>> wrote:
On Jul 31, 2013, at 10:08 PM, Kevin Miller
mailto:kevin_mil...@ci.juneau.ak.us>> wrote:
> Problem is, the from adddress is oft
Sent: Wednesday, July 31, 2013 1:06 PM
To: Kevin Miller
Cc: Ralf Hildebrandt;
Subject: Re: Creating new rules
On Jul 31, 2013, at 10:08 PM, Kevin Miller wrote:
> Problem is, the from adddress is often a "Joe job" - i.e., a forged address,
> so the domain mentioned there li
On Wed, Jul 31, 2013 at 2:06 PM, Franck Martin wrote:
>
> On Jul 31, 2013, at 10:08 PM, Kevin Miller
> wrote:
>
> > Problem is, the from adddress is often a "Joe job" - i.e., a forged
> address, so the domain mentioned there likely doesn't have anything to do
> with the actual source of the mail
On Jul 31, 2013, at 10:08 PM, Kevin Miller wrote:
> Problem is, the from adddress is often a "Joe job" - i.e., a forged address,
> so the domain mentioned there likely doesn't have anything to do with the
> actual source of the mail. It seems to me that if the domain isn't the
> actual sourc
o be filtering on it, particularly if Bayes
is learning from it or your MTA auto-reports it to RBLs.
YMMV...
...Kevin
From: Franck Martin [fmar...@linkedin.com]
Sent: Wednesday, July 31, 2013 10:05 AM
To: Ralf Hildebrandt
Cc:
Subject: Re: Creating new rules
31.07.2013 21:05, Franck Martin kirjoitti:
> Ah yes, I saw these rules, but this is to check the domains of urls in the
> messages, not to check for instance that the domain used in the From: header
> is on the DBL.
Address in From: is usually always forged in Spam nowadays. There is not
much use
31.07.2013 21:05, Franck Martin kirjoitti:
> On Jul 31, 2013, at 7:56 PM, Ralf Hildebrandt
> wrote:
>
>> * Franck Martin :
>>
>>> I looked at http://spamassassin.apache.org/tests_3_3_x.html could not find
>>> any rule that do the above. Please help.
>> That's a bit odd. I found it being mentione
On Jul 31, 2013, at 7:56 PM, Ralf Hildebrandt
wrote:
> * Franck Martin :
>
>> I looked at http://spamassassin.apache.org/tests_3_3_x.html could not find
>> any rule that do the above. Please help.
>
> That's a bit odd. I found it being mentioned here:
>
> http://www.spamhaus.org/faq/section
* Franck Martin :
> I looked at http://spamassassin.apache.org/tests_3_3_x.html could not find
> any rule that do the above. Please help.
That's a bit odd. I found it being mentioned here:
http://www.spamhaus.org/faq/section/Spamhaus%20DBL#287
http://spamassassin.1065346.n5.nabble.com/enabling-
On Jul 31, 2013, at 7:43 PM, Jari Fredriksson wrote:
> 31.07.2013 20:08, Franck Martin kirjoitti:
>> Hi all,
>>
>> I noticed there is no rules to check if the domain in various emails fields
>> are on blocking lists like DBL at spamhaus. I'm willing to work on some of
>> these rules, but I wo
31.07.2013 20:08, Franck Martin kirjoitti:
> Hi all,
>
> I noticed there is no rules to check if the domain in various emails fields
> are on blocking lists like DBL at spamhaus. I'm willing to work on some of
> these rules, but I would appreciate any advice to bootstrap the process. If
> you ca
Hi all,
I noticed there is no rules to check if the domain in various emails fields are
on blocking lists like DBL at spamhaus. I'm willing to work on some of these
rules, but I would appreciate any advice to bootstrap the process. If you can
reference documents or say something like, look at t
All the emails have a common pattern (HTML_LINK + JUNK_TEXT):
meta on info tld && !user_in_whitelist_from_spf
train bayes, adjust autolearnthreshold to less then default -0.2
why have none devs maked a policyd that make sure sender is known to the
recipient ?, (i got a new email address blocki
On 07/05/11 19:38, Andrea Gozzi wrote:
Hi guys.
I need some help in setting up effective rules to counter a spam wave that
has been hitting my server lately.
Most of the messages come from hotmail.com accounts and for obvious reasons
I can't block the whole domain.
All the emails have a common pa
Hi guys.
I need some help in setting up effective rules to counter a spam wave that
has been hitting my server lately.
Most of the messages come from hotmail.com accounts and for obvious reasons
I can't block the whole domain.
All the emails have a common pattern (HTML_LINK + JUNK_TEXT):
http://pa
View this message in context:
http://old.nabble.com/new-rules---where-do-i-activate-them--tp31008400p31068232.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
On Thu, 2011-03-03 at 09:55 -0800, an anonymous Nabble user wrote:
> > Even worse, you outright ignored my post explaining this. Despite the
> > fact, you actually replied to it. And quoted it in full below.
>
> Quite the opposite, I took your advice - even though it might look to you as
> if I di
On Thu, 2011-03-03 at 09:55 -0800, tr_ust wrote:
> I've already looked at the sun messaging logs
> and there's no indication of SA scanning the emails.
>
On my Linux system spamd logs summaries of each scan to /var/log/maillog
by default. Spamassassin doesn't seem to do this.
Martin
On Thu, 3 Mar 2011, tr_ust wrote:
Also, I seriously doubt you tested your rules "with a real email" as you
said. Notice the NO_RELAYS rule hit for an example. The sample was
either severely damaged, or a very bad copy-n-paste from a source that
just does not resemble a raw mail.
Like I said I
eciated. And if I still annoy or frustrate you, just ignore my
post, helping is voluntary.
--
char
*t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0;
}}}
--
View this message in context:
http://old.nabble.com/new-rules---where-do-i-activate-them--tp31008400p31061099.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
On Thu, 2011-03-03 at 07:59 -0800, an anonymous Nabble user wrote:
> For the first time I finally feel like I'm getting closer to getting this
> thing to work - THANKS EVERYONE FOR ALL THE HELP! I did a test with a real
> email this time that included a blocked uri and the it actually scored it!
C
g off, are listed in URI DNSBLs. This particular one is
>> >>>> listed in URIBL and SURBL JP and PH. With network test enabled, SA
>> will
>> >>>> score them high already.
>> >>>>
>> >>>> So what is the point in this s
On Wed, 2011-03-02 at 13:59 -0800, an anonymous Nabble user wrote:
> Thanks Martin, for your help and time. As you can see, I'm really new to SA.
> I do see that the rules are there from the install and the the DNS module is
> there. However, when I send a test email it doesn't score for the bl
On Wed, 2 Mar 2011, tr_ust wrote:
Thanks Martin, for your help and time. As you can see, I'm really new to SA.
I do see that the rules are there from the install and the the DNS module is
there. However, when I send a test email it doesn't score for the bl uri.
I created a test message that th
dropped by URIBL et al later.
>>>
>>>
>>>
>>> On 3/2/2011 8:49 AM, Karsten Bräckelmann wrote:
>>>>
>>>> Point being, this domain and likely most (if not all) others in the
>>>> list
>>>> you're basing o
t;>>
>>> Point being, this domain and likely most (if not all) others in the list
>>> you're basing off, are listed in URI DNSBLs. This particular one is
>>> listed in URIBL and SURBL JP and PH. With network test enabled, SA will
>>> score them high a
d in URI DNSBLs. This particular one is
>> listed in URIBL and SURBL JP and PH. With network test enabled, SA will
>> score them high already.
>>
>> So what is the point in this static, and likely huge, list of uri rules?
>>
>>
>
>
--
View this message in con
I can't comment about the particular URIs mentioned in this
discussion, but we do run some URI rules that are redundant with URIBL
listings.
The reason we do this is because URIBL listings will sometimes
time-out and be removed. So we will list some domain names in our
rules in case they are drop
On Wed, 2011-03-02 at 07:46 -0800, an anonymous Nabble user wrote:
> I'm sorry - there's only one line in the sample of how to write a uri rule.
I strongly suggest to read the SA docs, at the very least some intro
style rule writing guide. Depending solely on a brief third-party usage
example with
On 3/2/2011 11:43 AM, John Hardin wrote:
> On Wed, 2 Mar 2011, Bowie Bailey wrote:
>
>> On 3/2/2011 11:16 AM, Jeff Mincy wrote:
>>> Also, the rules could be combined into a single rule (untested) using
>>> regexp (?:index|nana|ontokoros|tbt|webadmin)
>>>
>>> uri LOCAL_URI_EXAMPLE
>>> /zynetsw.com\/
On 3/2/2011 11:32 AM, Bowie Bailey wrote:
> On 3/2/2011 11:16 AM, Jeff Mincy wrote:
>> Also, the rules could be combined into a single rule (untested) using
>> regexp (?:index|nana|ontokoros|tbt|webadmin)
>>
>> uri LOCAL_URI_EXAMPLE
>> /zynetsw.com\/forms\/use\/(?:index|nana|ontokoros|tbt|webadmin
On Wed, 2 Mar 2011, Bowie Bailey wrote:
On 3/2/2011 11:16 AM, Jeff Mincy wrote:
Also, the rules could be combined into a single rule (untested) using
regexp (?:index|nana|ontokoros|tbt|webadmin)
uri LOCAL_URI_EXAMPLE
/zynetsw.com\/forms\/use\/(?:index|nana|ontokoros|tbt|webadmin)\/form1.html/
On 3/2/2011 11:16 AM, Jeff Mincy wrote:
> Also, the rules could be combined into a single rule (untested) using
> regexp (?:index|nana|ontokoros|tbt|webadmin)
>
> uri LOCAL_URI_EXAMPLE
> /zynetsw.com\/forms\/use\/(?:index|nana|ontokoros|tbt|webadmin)\/form1.html/
Or, if you want to catch any of t
On Wed, 2011-03-02 at 07:46 -0800, tr_ust wrote:
> I'm sorry - there's only one line in the sample of how to write a uri rule.
>
> Are you saying that for each line I need to create a unique
> "LOCAL_URI_EXAMPLE" line? In other words it should look more like this?
>
> uri LOCAL_URI_EXAMPLE /03ys
From: John Hardin
Date: Wed, 2 Mar 2011 07:50:38 -0800 (PST)
On Wed, 2 Mar 2011, tr_ust wrote:
> This is what my rules look like now:
>
> uri LOCAL_URI_EXAMPLE /zynetsw.com\/forms\/use\/index\/form1.html/
> score LOCAL_URI_EXAMPLE 200
> uri LOCAL_URI_EXAMPLE /zy
On 3/2/11 9:46 AM, "tr_ust" wrote:
>
> I'm sorry - there's only one line in the sample of how to write a uri rule.
>
> Are you saying that for each line I need to create a unique
> "LOCAL_URI_EXAMPLE" line? In other words it should look more like this?
Yes, although score is usually spelled w
On Wed, 2 Mar 2011, tr_ust wrote:
This is what my rules look like now:
uri LOCAL_URI_EXAMPLE /zynetsw.com\/forms\/use\/index\/form1.html/
score LOCAL_URI_EXAMPLE 200
uri LOCAL_URI_EXAMPLE /zynetsw.com\/forms\/use\/nana\/form1.html/
score LOCAL_URI_EXAMPLE 100
uri LOCAL_URI_EXAMPLE /zynetsw.com
> --
> char
> *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
> main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i c<<=1:
> (c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0;
> }}}
>
>
>
--
View this message in context:
http://old.nabble.com/new-rules---where-do-i-activate-them--tp31008400p31050552.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
T be a slash
> after .com in order to match, right?
>
> Other than that, I don't see any obvious problem. Send an example email
> through your system and put the resulting email (with headers) into a
> pastebin so I can look at it.
>
> --
> Bowie
>
>
--
View this message in context:
http://old.nabble.com/new-rules---where-do-i-activate-them--tp31008400p31050515.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
On 3/1/2011 1:36 PM, Karsten Bräckelmann wrote:
> On Tue, 2011-03-01 at 13:11 -0500, Bowie Bailey wrote:
>> On 3/1/2011 12:39 PM, tr_ust wrote:
>>> Thanks...I could really use the help!
> [...]
>>> uri LOCAL_URI_EXAMPLE /03ysl.9hz.com\//
>>> score LOCAL_URI_EXAMPLE 20
>>> uri LOCAL_URI_EXAMPLE /0
On Tue, 2011-03-01 at 13:11 -0500, Bowie Bailey wrote:
> On 3/1/2011 12:39 PM, tr_ust wrote:
> > Thanks...I could really use the help!
[...]
> > uri LOCAL_URI_EXAMPLE /03ysl.9hz.com\//
> > score LOCAL_URI_EXAMPLE 20
> > uri LOCAL_URI_EXAMPLE /040jk.9hz.com\//
> > score LOCAL_URI_EXAMPLE 20
> > u
On 3/1/2011 12:39 PM, tr_ust wrote:
> Thanks...I could really use the help!
>
> basically - I'm getting the list of phishing links of aper
> (https://aper.svn.sourceforge.net/svnroot/aper/) and creating a rule for it.
>
> Here's a snippet of my rule -
>
> uri LOCAL_URI_EXAMPLE /-la2u.9hz.com\//
lace.
>
> Show us the rule. We can help you debug it.
>
> --
> Bowie
>
>
--
View this message in context:
http://old.nabble.com/new-rules---where-do-i-activate-them--tp31008400p31042476.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
On Tue, 1 Mar 2011 08:02:23 -0800 (PST), tr_ust
wrote:
> thanks I found the directory and placed the file there...it's not
working
> but at least I'm putting it in the right place.
foo.cf works
foo wont load
make sure you named it something that ends in .cf
00_something.cf loads before 99_ssome
On 3/1/2011 11:02 AM, tr_ust wrote:
> thanks I found the directory and placed the file there...it's not working but
> at least I'm putting it in the right place.
Show us the rule. We can help you debug it.
--
Bowie
assassin.
> Find the local.cf file and put your rules in there.
>
> You should be able to find it with this command:
>
> spamassassin -D config --lint 2>&1 | grep "site rules"
>
> --
> Bowie
>
>
--
View this message in context:
http://old.nabble.com/new-rules---where-do-i-activate-them--tp31008400p31040457.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
On Thu, 2011-02-24 at 14:04 -0800, tr_ust wrote:
> I've created a rule for a blocked URIs - where do I tell spamassassin to use
> that rule? The only thing I see in the documenation is to not put the cf
> file in a certain directory because it will be overwritten during an
> upgrade.
>
Put it i
On 2/24/2011 5:04 PM, tr_ust wrote:
> Hi Everyone, sorry I'm a super Newbie on Spamassassin...my stupid question is
> this:
>
> I've created a rule for a blocked URIs - where do I tell spamassassin to use
> that rule? The only thing I see in the documenation is to not put the cf
> file in a certai
sage in context:
http://old.nabble.com/new-rules---where-do-i-activate-them--tp31008400p31008400.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
verwritten during an
upgrade.
I'm using this on a Solaris 10, with Sun Messaging. I installed SA using
the blastwave repository.
Thanks for any help.
--
View this message in context:
http://old.nabble.com/new-rules---where-do-i-activate-them--tp31008400p31008400.html
Sent from the SpamA
David Carvalho wrote:
>
> Hi !
>
> I’m using spamassassin 3.1.8 on a server.
>
> This is the last version available from the repository for this
> particular linux version.
>
> For some months it seems that both channels I use
> (saupdates.openprotect.com and updates.spamassassin.org)
>
> Don’t rel
I'm using version 3.2.5 and the last update I got was on 8/15/08.
"Martin.Hepworth" <[EMAIL PROTECTED]>
09/02/2008 01:57 PM
To
David Carvalho <[EMAIL PROTECTED]>,
cc
Subject
RE: sa-update no new rules ?
David
3.1.8 is fairly old, doesn't surprise me
David
3.1.8 is fairly old, doesn't surprise me there's no updates.
--
martin
-Original Message-
From: David Carvalho <[EMAIL PROTECTED]>
Sent: Tuesday, September 02, 2008 6:13 PM
To: users@spamassassin.apache.org
Subject: sa-update no new rules ?
Hi !
I'm using
Hi !
I'm using spamassassin 3.1.8 on a server.
This is the last version available from the repository for this particular
linux version.
For some months it seems that both channels I use (saupdates.openprotect.com
and updates.spamassassin.org)
Don't release any update.
I always get a message l
I added the SARE ruleset (etc/mail/sa/local.cf) to try and catch the
pump and dumps with GIFs but the rules don't seem to be firing. Does
something need to be restarted on the server to activate new rules,
or are they just not specific to the spams being sent today? Anybody
have a ru
y over the weekend.
Stay tune for the update :)
Thanks,
Chris Santerre
SysAdmin and Spamfighter
www.rulesemporium.com
www.uribl.com
-Original Message-
From: John Tice [mailto:[EMAIL PROTECTED]
Sent: Monday, November 20, 2006 9:02 AM
To: users@spamassassin.apache.org
Subject: Adding new
atching various types of spams.
> > Which is better for posting new rules?
> > (1) first, posting new rules to this users ML, next, posting to Bugzilla
> > (2) directly posting new rules to Bugzilla
>
> I'd post to bugzilla, after first looking to see if someone'
Hi,
I find quiet a few spams with mangled words like
"Dea C r Home Ow v ner" , "Dea 1 r Home O a wner" and many such
combinations are passing thru my SA (SA 3.1.0 with quite a few SARE
rules )
I can tar these spams and send if anyone wants
The mangled.cf is able to catch mangled credit or man
I downloaded some of the rules that they had. Just seeing what the
affect is for the next few days. Thanks of the help
Ben
On Feb 13, 2006, at 12:31 PM, Chris Stone wrote:
On Mon, Feb 13, 2006 at 12:18:05PM -0500, Benjamin Adams wrote:
I'm looking for a website to download new rule
ADJUST_1B Fortes caracteristicas +1.5
describe BR_ADJUST_1C Fortes caracteristicas +1.5
describe BR_ADJUST_2Fortes caracteristicas +2
describe BR_ADJUST_3Fortes caracteristicas +3
describe BR_ADJUST_3B Fortes caracteristicas +3.5
########
-Me
1 - 100 of 117 matches
Mail list logo
