Re: Receiving errors in --lint -D about SARE rules

On ons 14 okt 2009 00:11:02 CEST, Kevin Gagel wrote Uh... OK. Meaning missing rule are created, and the dependice problem is solved :) just do this for ever rule that miss destination rules, if you want to keep sare ninjas going -- xpoint

Re: Receiving errors in --lint -D about SARE rules

Uh... OK. Meaning Kevin W. Gagel Network Administrator Local 5448 My blog: http://mail.cnc.bc.ca/blogs/gagel My shared files: http://mail.cnc.bc.ca/users/gagel On Tuesday 10/13/2009 at 3:01 pm, Benny Pedersen wrote: On tir 13 okt 2009 23:24:20 CEST, Kevin Gagel wrote [5543] dbg: rule

Re: Receiving errors in --lint -D about SARE rules

On tir 13 okt 2009 23:24:20 CEST, Kevin Gagel wrote [5543] dbg: rules: meta test SARE_HEAD_SUBJ_RAND has undefined dependency 'SARE_XMAIL_SUSP2' meta SARE_XMAIL_SUSP2 (0) -- xpoint

Receiving errors in --lint -D about SARE rules

I'm recieving errors when I run --lint -D. I know they're warnings and don't mean anything tragic but I'd like to correct my installation to make them go away... [5543] dbg: rules: meta test SARE_HEAD_SUBJ_RAND has undefined dependency 'SARE_XMAIL_SUSP2' [5543] dbg: rules: meta test SARE_HEAD_

Re: Adding SARE rules

Marcin Krol a écrit : > Hello everyone, > > 1. First of all, as SARE rules don't seem to be updated anymore, does it > still make sense to add them? > > 2. Assuming that it does, which SARE rules do you use? Or should I just > add them all? > no, don't ad

RE: Adding SARE rules

Marcin Krol wrote: > > 2. Assuming that it does, which SARE rules do you use? Or should I > just add them all? Don't just blindly add them all. Not all of them are appropriate for everyone and some of them have different versions for different SA versions. Read the descriptions

RE: Adding SARE rules

As of right now they are not being updated. But still being used, even by myself. --Chris > -Original Message- > From: Marcin Krol [mailto:mrk...@gmail.com] > Sent: 2008-12-19 06:35 > To: users@spamassassin.apache.org > Subject: Adding SARE rules > > > Hello

Adding SARE rules

Hello everyone, 1. First of all, as SARE rules don't seem to be updated anymore, does it still make sense to add them? 2. Assuming that it does, which SARE rules do you use? Or should I just add them all? Regards, Marcin

Re: sare rules?

On Monday, July 14, 2008, 10:01:34 AM, Skip Brott wrote: > I am seeing an > increase in spam reaching my end users. > > Is there something more that I can be doing? Maybe I need to start updating > from some additional rule sets? Do you have network tests enabled? What kinds of spams are getti

Re: sare rules?

On Mon, 2008-07-14 at 16:52 -0400, Sahil Tandon wrote: > On Jul 14, 2008, at 13:01, "Skip Brott" <[EMAIL PROTECTED]> wrote: > > This was probably discussed at some point, but I haven't been > > getting emails from the list for some time. > > > > The dates I see on all my sare rule sets are in Ja

Re: sare rules?

On Jul 14, 2008, at 13:01, "Skip Brott" <[EMAIL PROTECTED]> wrote: This was probably discussed at some point, but I haven't been getting emails from the list for some time. The dates I see on all my sare rule sets are in January when I moved to 3.2.4. My updates_spamassassin_org.cf file i

sare rules?

This was probably discussed at some point, but I haven't been getting emails from the list for some time. The dates I see on all my sare rule sets are in January when I moved to 3.2.4. My updates_spamassassin_org.cf file is dated June 17. I debugged saupdate and this appears correct. But rece

Re: SARE Rules problem?

le file(s) are triggering the >> error. Below I list the contents of my /var/lib/spamassassin/3.002005/ >> >> I have no evidence, but I suspect the SARE rules... >> >> Any ideas as to what the problem is and how I can fix it? >> >> >> Thanks in advance...

Re: SARE Rules problem?

:[ OK ] Starting spamd:[ OK ] The error message doesn't make clear which rule file(s) are triggering the error. Below I list the contents of my /var/lib/spamassassin/3.002005/ I have no evidence, but I suspect the SARE rules... Any ideas

SARE Rules problem?

line 2140. rules: score undef for rule 'NO_RECEIVED' in '' 'NO_RECEIVED' at /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/PerMsgStatus.pm line 2140. rules: score undef for rule 'MISSING_SUBJECT' in '' 'MISSING_SUBJECT' at /usr/lib/perl5/vendor_

SARE RULES bugs

[12734] dbg: rules: meta test DIGEST_MULTIPLE has undefined dependency 'DCC_CHECK' [12734] dbg: rules: meta test SARE_HEAD_SUBJ_RAND has undefined dependency 'SARE_XMAIL_SUSP2' [12734] dbg: rules: meta test SARE_HEAD_SUBJ_RAND has undefined dependency 'X_AUTH_WARN_FAKED' [12734] dbg: rules: meta

Re: using sare rules

On Mon, Feb 18, 2008 at 10:06:32AM +1300, Kathryn Allan wrote: > I would have though that the rule file would have ended up inside the > updates_spamassassin_org folder as all the other .cf files seem to be > inside there. updates_spamassassin_org is for update files from updates.spamassassin.or

using sare rules

Hi all, I have recently inherited the responsibility of looking after our spam machine as such i'm having a few teething issues : ) I just followed the instructions in the sare-sa-update-howto.txt I am just a bit confused as to whether I have done it correctly originally in the /var/lib/spam

RE: SARE rules (cid and arial styles)

> > > > This MY_CID.. rules are part of "70_sare_stocks_cf" > > Had to these problems, I am considering to disactivate > these ...CID.. > > rules. > > CID means that the email contains an inline image. > > STYLE indicates a pair of empty style tags > > ARIAL2 is a 2 point arial font tag >

RE: SARE rules (cid and arial styles)

Rejaine Monteiro wrote: > What, exactly , do the SARE rules "MY_CID" ? > > We have too many false positives using this rules.. > > Content analysis details: (7.1 points, 5.0 required) > > pts rul

SARE rules (cid and arial styles)

What, exactly , do the SARE rules "MY_CID" ? We have too many false positives using this rules.. Content analysis details: (7.1 points, 5.0 required) pts rule name description --

Re: Question about v3.2.1 and SARE rules..

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Billy Huddleston wrote: > Malformed UTF-8 character (unexpected non-cont > inuation byte 0x00, immediately after start byte 0xd5) in pattern match > (m//) at > /etc/mail/spamassassin/70_sare_obfu1.cf, rule __SARE_OBFU_VISIT1, line > 1, 2> line 64. >

Re: Question about v3.2.1 and SARE rules..

Malformed UTF-8 character (unexpected non-cont inuation byte 0x00, immediately after start byte 0xd5) in pattern match (m//) at /etc/mail/spamassassin/70_sare_obfu1.cf, rule __SARE_OBFU_VISIT1, line 1, 2> line 64. Malformed UTF-8 character (unexpected non-cont inuation byte 0x00, immediately a

Re: Question about v3.2.1 and SARE rules..

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Billy Huddleston wrote: > I upgraded from 3.1.7 to 3.2.1 and started getting errors from > 70_sare_obfu.cf rules set.. any one got any ideas on this? > > Thanks, Billy > > ** What are the errors? - -- -Doc Penguins: Do it on the ice. 8:44am

Question about v3.2.1 and SARE rules..

I upgraded from 3.1.7 to 3.2.1 and started getting errors from 70_sare_obfu.cf rules set.. any one got any ideas on this? Thanks, Billy **

Re: "malformed UTF-8" warning and SARE rules

I'm hoping I can get to this a in a day or two Justin. I started on it a few days ago and had the editor I was using decide that it didn't like high-byte characters and crash, and I haven't had time to get back and do it again. SOmething about a 16-hour a day day job and two side jobs that tak

"malformed UTF-8" warning and SARE rules

SARE guys -- any chance those rules could be simply zeroed out (ie. replaced with "meta NAMEOFRULE (0)" or similar) in the short term, until they're fixed properly? I'm seeing increasing amounts of problems caused by this bug around the web -- specifically, log partitions filling up due to the er

Re: re2c and sare rules

bug, not a new feature in 3.2.0. Yeah - I saw the bug posting after googling for the right stuff. I had to disable sare obfu, bml and adult to get things to work. I had my maillogs fill up /var (4GB) in under an hour so I'm hoping the sare rules get updated soon. Thanks, Josh

Re: re2c and sare rules

Loren Wilton writes: > Its a new feature with 3.2. We have to rewrite most of the obfu rules to > get around this, and none of us have had the time yet. more correctly, it's a perl bug, not a new feature in 3.2.0. --j.

Re: re2c and sare rules

Its a new feature with 3.2. We have to rewrite most of the obfu rules to get around this, and none of us have had the time yet. Loren

re2c and sare rules

Hi, I installed re2c when I built SA 3.2.0 and uncommented this: loadplugin Mail::SpamAssassin::Plugin::Rule2XSBody Then ran: sa-update sa-compile /etc/init.d/spamassassin restart I now notice the following over and over many many times (enough to fill up /var) in mail.log: May 5 21:47:48 ww

Re: SARE rules

Mendizábal Matthias Haegele escribió: Max de Mendizabal schrieb: Dear all, I have a very rare problem: if I do not use the SARE rules everythings works ok but... If I run sa-update Then spamassassin stops working. You tried:? sa-update -D If I check it with spamassassin -D < spam-mail.

Re: SARE rules

. Héroes de Padierna 5630-9700 x 1157 y 1414 Matthias Haegele escribió: > Max de Mendizabal schrieb: >> Dear all, >> >> I have a very rare problem: if I do not use the SARE rules everythings >> works ok but... If I run >> >> sa-update >> >> Then s

SARE rules (was: Re: SA Not Scoring)

Max de Mendizabal schrieb: Dear all, I have a very rare problem: if I do not use the SARE rules everythings works ok but... If I run sa-update Then spamassassin stops working. If I check it with spamassassin -D < spam-mail.txt Works ok, but if I use spamc < spam-mail.txt Sho

Re: No hits on SARE rules.

On 1/1/07, Shaun T. Erickson <[EMAIL PROTECTED]> wrote: Ok, this is interesting. :) The follow-up to this is that I just got spam that was hit by the SARE rules, so it's working now. Additionally, Razor2 & DCC are now working, as well. So the only mystery is why everything ins

Re: No hits on SARE rules.

it has re-downloaded all of my sare rules and so forth to /usr/local/perl-5.8.8/var/spamassassin/3.001007/ When I run amavisd debug-sa, it now finds all the rules that were just downloaded to the above location. I presume I can get rid of the now useless and never used copies that are under /var

Re: No hits on SARE rules.

it has re-downloaded all of my sare rules and so forth to /usr/local/perl-5.8.8/var/spamassassin/3.001007/ When I run amavisd debug-sa, it now finds all the rules that were just downloaded to the above location. I presume I can get rid of the now useless and never used copies that are under /var/lib

Re: No hits on SARE rules.

in the directories I see the normal SA rules and the SARE rules. If so, you should see something similar to: <...> dbg: config: read file /etc/spamassassin/init.pre That's where it goes astray (?) and uses everything from /usr/local/perl-5.8.8/etc/mail/spamassassin -- -ste

Re: No hits on SARE rules.

Ok. I'm starting to understand this now. I've built perl 5.8.8 and pointed my existing amavisd-new at it, by editing its first line. I then added, via CPAN, any module it complained was missing, each time I tried to run it, until it no longer complained of anything missing (that was required, anyw

Re: No hits on SARE rules.

matter). It's possible you have more than one directory where rules are placed (spamassassin is installed in more than one place). If so, you need to place the SARE rules where amavisd-new says it is looking for them, or better yet, clean it up by removing the stuff that belongs to

Re: No hits on SARE rules.

local.cf. - Original Message - From: "Shaun T. Erickson" <[EMAIL PROTECTED]> To: "SpamAssassin" Sent: Monday, January 01, 2007 12:13 PM Subject: No hits on SARE rules. I have two identically (or so I thought) configured mail servers, each pulling down SARE ru

Re: No hits on SARE rules.

On 1/1/07, Gary V <[EMAIL PROTECTED]> wrote: You must be running SA 3.1.4 or older and amavisd-new 2.4.2 or older. Nope. SA 3.1.7 & amavisd-new 2.4.4. I see in amavisd, the line you suggested I add is actually there, but commented out, as a comment there indicates that SA should be able to ha

Re: No hits on SARE rules.

On 1/1/07, Shaun T. Erickson <[EMAIL PROTECTED]> wrote: What am I doing wrong? I just ran amavisd with the debug-sa option, and as near as I can tell, it appears to only be using the original ruleset - and doesn't even seem to know that I am pulling new rules down with sa-update. I must have

Re: No hits on SARE rules.

Do you have any log entries in /var/logs/maillog - Original Message - From: "Shaun T. Erickson" <[EMAIL PROTECTED]> To: "SpamAssassin" Sent: Monday, January 01, 2007 3:27 PM Subject: Re: No hits on SARE rules. On 1/1/07, Shaun T. Erickson <[EMAIL PROTECT

Re: No hits on SARE rules.

On 1/1/07, Shaun T. Erickson <[EMAIL PROTECTED]> wrote: What am I doing wrong? I just ran amavisd with the debug-sa option, and as near as I can tell, it appears to only be using the original ruleset - and doesn't even seem to know that I am pulling new rules down with sa-update. I must have

No hits on SARE rules.

I have two identically (or so I thought) configured mail servers, each pulling down SARE rules (successfully, I might add). One of them shows hits on SARE rules all the time - the other one, never. Aside from simply configuring sa-update to pull the rules down, I'm wondering if there is some

spamassassin --lint soft errors on SARE rules

'spamassassin --lint' gives me some soft errors on some SARE rules (see below) Are these known, 'ignore for now' sorts of things due to SA 2.x and SA 3.x installs, or should I be doing something about this? Is there any way to adjust --lint to not show these ? Thank

Re: Funny spamd failure... (Maybe SARE/rules-du-jour related?)

Giampaolo, > > These commands will only exit after they have completed their job, > > i.e. waiting for the existing daemon to have stopped. > ...So, I don't have a Linux distribution running on my servers? > May you suggest to me the kind of OS brand I'm running? Not sure what you are asking her

RE: Funny spamd failure... (Maybe SARE/rules-du-jour related?)

> > The guy who made the script did simply test shutting and restarting the > > amavis/spamd daemon up and down in its own test environment, > which basicly > > is low mail load or even no mail at all. > > > > After a while amavis is doing it's dirty job, I noticed it > needs a lot of > > time to

Re: Funny spamd failure... (Maybe SARE/rules-du-jour related?)

> The guy who made the script did simply test shutting and restarting the > amavis/spamd daemon up and down in its own test environment, which basicly > is low mail load or even no mail at all. > > After a while amavis is doing it's dirty job, I noticed it needs a lot of > time to shut down. It tak

RE: Funny spamd failure... (Maybe SARE/rules-du-jour related?)

From: Peter H. Lemieux [mailto:[EMAIL PROTECTED] > Giampaolo Tomassoni wrote: > > # Check for amavis termination > > while [[ ! -z "${PIDS}" ]]; do > > sleep 1 > > PIDS=$( /sbin/pidof "${AMV_NM}" ) > > done > > In cases like this I usually ju

Re: Funny spamd failure... (Maybe SARE/rules-du-jour related?)

Giampaolo Tomassoni wrote: # Check for amavis termination while [[ ! -z "${PIDS}" ]]; do sleep 1 PIDS=$( /sbin/pidof "${AMV_NM}" ) done In cases like this I usually just put the "sleep" command in the init script like this: ... case "$

RE: Funny spamd failure... (Maybe SARE/rules-du-jour related?)

> The other night my default gentoo RulesDuJour for Spamassassin > acquired new > Adult and General rule-sets from SARE. Thereafter spamd refused all > connections and subsequently received mail was not spam filtered. > Issuing '/etc/init.d/spamd restart' as root resolved the situation... > but

Funny spamd failure... (Maybe SARE/rules-du-jour related?)

The other night my default gentoo RulesDuJour for Spamassassin acquired new Adult and General rule-sets from SARE. Thereafter spamd refused all connections and subsequently received mail was not spam filtered. Issuing '/etc/init.d/spamd restart' as root resolved the situation... but I don't want

Re: SpamAssassin-3.1.4 and SARE rules

Loren Wilton wrote: All of the active rules (those in the various directories that don't depend on a disabled plugin) are included in the check. It wouldn't make sense to only include some of them. Well while I agree with that last statement it seems to conflict with something Theo said a fe

Re: SpamAssassin-3.1.4 and SARE rules

All of the active rules (those in the various directories that don't depend on a disabled plugin) are included in the check. It wouldn't make sense to only include some of them. Well while I agree with that last statement it seems to conflict with something Theo said a few days ago on the dev

Re: SpamAssassin-3.1.4 and SARE rules

Loren Wilton wrote: I'd bet we have some dependency errors. I'm not convinced that all of those warnings are actual dependency errors, some might be effects of not all of the rules files being included in the check. All of the active rules (those in the various directories that don't depend

Re: SpamAssassin-3.1.4 and SARE rules

;t have plugins enabled when it is run so things depended on plugin rules throw errors. 2) Possibly not all of the standard rules are included when they run the check, so anything dependent on a standard rule will throw an error. 3) There are actual dependency errors in the SARE rules. I

Re: SpamAssassin-3.1.4 and SARE rules

James Lay wrote: Morning all! Just upgraded from 3.1.3 to 3.1.4 and here's what I get: Jul 27 08:16:27 myshield spamd[15259]: rules: meta test DIGEST_MULTIPLE has undefined dependency 'DCC_CHECK' Jul 27 08:16:27 myshield spamd[15259]: rules: meta test SARE_SUB_GAPPY_4 has undefined dependency

SpamAssassin-3.1.4 and SARE rules

Morning all! Just upgraded from 3.1.3 to 3.1.4 and here's what I get: Jul 27 08:16:27 myshield spamd[15259]: rules: meta test DIGEST_MULTIPLE has undefined dependency 'DCC_CHECK' Jul 27 08:16:27 myshield spamd[15259]: rules: meta test SARE_SUB_GAPPY_4 has undefined dependency '__SARE_SUB_GAPP

RE: Re[2]: problem with using SARE rules, names longer than 22 chars

-Original Message- From: Robert Menschel [mailto:[EMAIL PROTECTED] Sent: Thursday, May 18, 2006 12:22 AM To: James E. Pratt Cc: users@spamassassin.apache.org Subject: Re[2]: problem with using SARE rules, names longer than 22 chars Hello James, Wednesday, May 17, 2006, 6:09:51 AM

Re[2]: problem with using SARE rules, names longer than 22 chars

Hello James, Wednesday, May 17, 2006, 6:09:51 AM, you wrote: JEP> I had the same probllem with sa 3.04 JEP> Anyhow, i solved it by changing the trusted ruleset entry JEP> "SARE_HEADER_0" to "SARE_HEADER_X31" as advised on rulesemporium.com, JEP> and all works fine now. Either you misread th

Re: problem with using SARE rules, names longer than 22 chars

From: "James E. Pratt" <[EMAIL PROTECTED]> From: Jo [mailto:[EMAIL PROTECTED] Matt Kettler wrote: Jo wrote: Hi, We're using spamassassin-3.0.5-3.el4 with amavisd-new-2.4.1-1.el4.rf. Since yesterday I'm receiving this message when downloading the SARE rules: *

Re: problem with using SARE rules, names longer than 22 chars

From: "Jo" <[EMAIL PROTECTED]> Matt Kettler wrote: Jo wrote: Hi, We're using spamassassin-3.0.5-3.el4 with amavisd-new-2.4.1-1.el4.rf. Since yesterday I'm receiving this message when downloading the SARE rules: ***WARNING***: spamassassin --lint failed. Rollin

Re: problem with using SARE rules, names longer than 22 chars

James E. Pratt schreef: -Original Message- From: Jo [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 17, 2006 9:05 AM To: Matt Kettler Cc: users@spamassassin.apache.org Subject: Re: problem with using SARE rules, names longer than 22 chars Matt Kettler wrote: Jo wrote

Re: problem with using SARE rules, names longer than 22 chars

Jo wrote: > Matt Kettler wrote: >> Jo wrote: >>> >>> Are these simply problems with the names? >> Yes, but it's not really a problem. >> > Thanks for your answer. I only saw after I sent the mail that they were > only warnings and not errors. I'm a bit less worried now. I thought I > had a

RE: problem with using SARE rules, names longer than 22 chars

-Original Message- From: Jo [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 17, 2006 9:05 AM To: Matt Kettler Cc: users@spamassassin.apache.org Subject: Re: problem with using SARE rules, names longer than 22 chars Matt Kettler wrote: > Jo wrote: > >> Hi, >&

Re: problem with using SARE rules, names longer than 22 chars

Matt Kettler wrote: Jo wrote: Hi, We're using spamassassin-3.0.5-3.el4 with amavisd-new-2.4.1-1.el4.rf. Since yesterday I'm receiving this message when downloading the SARE rules: ***WARNING***: spamassassin --lint failed. Rolling configuration files back, not restarting Sp

Re: problem with using SARE rules, names longer than 22 chars

Jo wrote: > Hi, > > We're using spamassassin-3.0.5-3.el4 with amavisd-new-2.4.1-1.el4.rf. > Since yesterday I'm receiving this message when downloading the SARE > rules: > > ***WARNING***: spamassassin --lint failed. > Rolling configuration files back, not r

problem with using SARE rules, names longer than 22 chars

Hi, We're using spamassassin-3.0.5-3.el4 with amavisd-new-2.4.1-1.el4.rf. Since yesterday I'm receiving this message when downloading the SARE rules: ***WARNING***: spamassassin --lint failed. Rolling configuration files back, not restarting SpamAssassin. Rollback command is: m

RE: standard vs SARE rules

Title: RE: standard vs SARE rules > > From that I would infer that the SARE stock ruleset is the > most effective - > it was responsible for 5 out of 163 spams being identified. > That leaves the > other files I use - 70_sare_bayes_poison_nxm.cf, 70_sare_html0.cf,

RE: standard vs SARE rules

Title: RE: standard vs SARE rules > > WooHoo! 70_sare_stocks.cf hits my favorite number! Sorry just > had to say > that! 8*)) > > And of course that means it is working good too! > > For those who don't know I'm the maintainer of that SARE ruleset. Ye

Re: standard vs SARE rules

pushed it over the required hits threshold. Sound good? So, out of 163 spam messages, here's the files that pushed spams over the edge (files with no rules that pushed over the threshold are omitted): Correction: that should've been 3481 spam messages.

Re: standard vs SARE rules

Mike, I suspect you are using the wrong criterion in removing some of the rules. Unfortunately none of the log readers seem to store the most interesting bit of information. How many times did the SARE rules make a critical difference between marking a spam message as spam? I find they are a

Re: standard vs SARE rules

Mike, I suspect you are using the wrong criterion in removing some of the rules. Unfortunately none of the log readers seem to store the most interesting bit of information. How many times did the SARE rules make a critical difference between marking a spam message as spam? I find they are a

Re: standard vs SARE rules

On Freitag, 21. April 2006 06:17 Dave Augustus wrote: > That sounds like a script I am interested in- Can you send me a copy? /me 2 mfg zmi -- // Michael Monnerie, Ing.BSc- http://it-management.at // Tel: 0660/4156531 .network.your.ideas. // PGP Key: "lynx

Re: standard vs SARE rules

Mike, That sounds like a script I am interested in- Can you send me a copy? TIA, Dave Augustus On Thu, 2006-04-20 at 17:24 -0700, Mike Jackson wrote: > > That seems fine - I'd expect that for a package like SpamAssassin, the > > default rules (plus Razor and Pyzor) would be very good at identi

Re: standard vs SARE rules

Mike Jackson wrote: SARE RULESETS: 70_sare_adult.cf: 10 70_sare_bayes_poison_nxm.cf: 0 70_sare_html0.cf: 1 70_sare_obfu0.cf: 1 70_sare_oem.cf: 30 70_sare_specific.cf: 5 70_sare_spoof.cf: 14 70_sare_stocks.cf: 69 70_sc_top200.cf: 1 WooHoo! 70_sare_stocks.cf hits my favorite number! Sorry just

Re: standard vs SARE rules

rulesets. Does anyone else have a sense of how much spam the rulesets they use actually help identify? Mike, I suspect you are using the wrong criterion in removing some of the rules. Unfortunately none of the log readers seem to store the most interesting bit of information. How many tim

Re: standard vs SARE rules

That seems fine - I'd expect that for a package like SpamAssassin, the default rules (plus Razor and Pyzor) would be very good at identifying spam. However, this was the part that surprised me: Sorry to reply to my own post, and before anyone had a chance to. I tried this on my personal server

standard vs SARE rules

Matt Kettler's advice in the "Good ruleset" thread made me wonder just how many spams the various rule files I'm using actually catch. So, I wrote a quick Perl script to look at the rule files and check a stat script's output (against today's logs) for the rules that spam messages matched, then

Re: Pump and Dump SARE rules

> What SARE rules would folks recommend for a default 3.1.0 > SpamAssassin installation (non RDJ)? I'd recommend at least all of the "0" rule sets,a nd probably the matching "1" rule sets also. Also sare_specific. Some of the old standbys like tripwire (availab

Re: Pump and Dump SARE rules

set let us know we like feedback! > -Doc (SARE Ninja) Thanks much Doc and all! It seems to work very well. What SARE rules would folks recommend for a default 3.1.0 SpamAssassin installation (non RDJ)? Currently we're using: http://rulesemporium.com/rules/70_sare_stocks.cf http:

Re: Pump and Dump SARE rules

om: Doc Schneider [mailto:[EMAIL PROTECTED] >> > Sent: Friday, January 27, 2006 5:14 PM >> > To: users@spamassassin.apache.org >> > Subject: Pump and Dump SARE rules >> > >> > >> > http://rulesemporium.com/rules/70_sare_stocks.cf >> >

Re: Pump and Dump SARE rules

On Sunday 05 February 2006 17:41, Doc Schneider wrote: > Chris Santerre wrote: > > > -Original Message- > > > From: Doc Schneider [mailto:[EMAIL PROTECTED] > > > Sent: Friday, January 27, 2006 5:14 PM > > > To: users@spamassassin.apache.org &

Re: Pump and Dump SARE rules

Chris Santerre wrote: > -Original Message- > From: Doc Schneider [mailto:[EMAIL PROTECTED] > Sent: Friday, January 27, 2006 5:14 PM > To: users@spamassassin.apache.org > Subject: Pump and Dump SARE rules > > > http://rulesemporium.com/rules/70_sare_stock

RE: Pump and Dump SARE rules

Title: RE: Pump and Dump SARE rules > -Original Message- > From: Doc Schneider [mailto:[EMAIL PROTECTED]] > Sent: Friday, January 27, 2006 5:14 PM > To: users@spamassassin.apache.org > Subject: Pump and Dump SARE rules > > > http://rulesemporium.com/rules/7

Re: Pump and Dump SARE rules

Bowie Bailey wrote: Doc Schneider wrote: http://rulesemporium.com/rules/70_sare_stocks.cf Is the latest addition to the SARE rule sets. I don't see this on the SARE rules website. Do you have the masscheck results available anywhere? I will add in the mass-check results in a bit.

RE: Pump and Dump SARE rules

Doc Schneider wrote: > http://rulesemporium.com/rules/70_sare_stocks.cf > > Is the latest addition to the SARE rule sets. I don't see this on the SARE rules website. Do you have the masscheck results available anywhere? -- Bowie

Re: Pump and Dump SARE rules

Doc Schneider wrote: http://rulesemporium.com/rules/70_sare_stocks.cf Is the latest addition to the SARE rule sets. -Doc (SARE Ninja) Added to RDJ version 1.28 as "SARE_STOCKS" signature.asc Description: OpenPGP digital signature

Pump and Dump SARE rules

http://rulesemporium.com/rules/70_sare_stocks.cf Is the latest addition to the SARE rule sets. -Doc (SARE Ninja)

RE: SA not using SARE rules?

gt; From: JP Kelly [mailto:[EMAIL PROTECTED] > Sent: 16 December 2005 05:31 > To: SpamAssassin > Cc: Robert Menschel > Subject: SA not using SARE rules? > > It seems SA is not using the SARE rulesets for me? > I see no mention of SARE in any of my tagged spam. > I hav

SA not using SARE rules?

It seems SA is not using the SARE rulesets for me? I see no mention of SARE in any of my tagged spam. I have been using rules_du_jour and downloading current rulesets. Any ideas why SA would not be using SARE rulesets?

Re[2]: [SARE] rules update

Hello jdow, Thursday, October 6, 2005, 12:35:15 AM, you wrote: j> From: "Robert Menschel" <[EMAIL PROTECTED]> >> SARE's URI rules files and HTML rules files have been updated. ... >> >> Both sets include the migration of rules incorporated into 3.1.0 into >> new 70_sare_*_x31.cf files. If you

Re: [SARE] rules update

From: "Robert Menschel" <[EMAIL PROTECTED]> SARE's URI rules files and HTML rules files have been updated. URI rules files were updated early this morning. They had a --lint error in them at first, but that has been corrected. The HTML files have been updated this evening (and may not be avai

Re: [SARE] rules update

SARE's URI rules files and HTML rules files have been updated. URI rules files were updated early this morning. They had a --lint error in them at first, but that has been corrected. The HTML files have been updated this evening (and may not be available for download for another 40-60 minutes).

Re: [SARE] rules file updates

/rules/70_sare_whitelist.cf > and > http://www.rulesemporium.com/rules/70_sare_whitelist_rcvd.cf Whitelist appears to be a newer file regardless of what the headers say. It includes more sites in its whitelist. It appears whitelist_rcvd is obsolete. It's not mentioned on the SARE Rules page.

Re: [SARE] rules file updates

> >>Whitelist appears to be a newer file regardless of what the headers > >>say. It includes more sites in its whitelist. It appears whitelist_rcvd > >>is obsolete. It's not mentioned on the SARE Rules page. > > > > These were announced on the list abo

Re: [SARE] rules file updates

/70_sare_whitelist_rcvd.cf Whitelist appears to be a newer file regardless of what the headers say. It includes more sites in its whitelist. It appears whitelist_rcvd is obsolete. It's not mentioned on the SARE Rules page. These were announced on the list about a week ago. Whitelist_from_rcvd.cf is NEW file.

Re: [SARE] rules file updates

> and > > http://www.rulesemporium.com/rules/70_sare_whitelist_rcvd.cf > > Whitelist appears to be a newer file regardless of what the headers > say. It includes more sites in its whitelist. It appears whitelist_rcvd > is obsolete. It's not mentioned on the SARE Rules page. These were

  1   2   >