Re: Beginner Setting up Spam Assassin

ne wrote: > > On Saturday 30 December 2023 at 11:48:30, FalconChristopher wrote: > >> Hi, can I not ask how to set up Spam Assassin in this mailing group it > >> is a group for Spam Assassin. > > > > That comment was a recommendation of how you can achieve w

Re: Beginner Setting up Spam Assassin

other than SA will then have to deal with that score and do the routing. - Original Message - From: FalconChristopher To: Michael Grant ; users@spamassassin.apache.org Sent: Saturday, December 30, 2023 2:48 AM Subject: Re: Beginner Setting up Spam Assassin Hi, can I not

Re: Beginner Setting up Spam Assassin

The comment by Michael Grant ? On 12/30/2023 5:52 AM, Antony Stone wrote: On Saturday 30 December 2023 at 11:48:30, FalconChristopher wrote: Hi, can I not ask how to set up Spam Assassin in this mailing group it is a group for Spam Assassin. That comment was a recommendation of how you can

Re: Beginner Setting up Spam Assassin

On Saturday 30 December 2023 at 11:48:30, FalconChristopher wrote: > Hi, can I not ask how to set up Spam Assassin in this mailing group it > is a group for Spam Assassin. That comment was a recommendation of how you can achieve what you want to. > On 12/30/2023 4:30 AM, Michael Gr

Re: Beginner Setting up Spam Assassin

Hi, can I not ask how to set up Spam Assassin in this mailing group it is a group for Spam Assassin. On 12/30/2023 4:30 AM, Michael Grant wrote: Can you ban this user in whatever your equivalent of the access file is so instead of putting the messages into a spam folder, you reject messages

Re: Beginner Setting up Spam Assassin

if otherwise* >Anyone know how I can check and setup SpamAssassin so that I can >eliminate some spam from coming in from a email account ? > > >On 12/28/2023 2:24 AM, Matus UHLAR - fantomas wrote: >> On 27.12.23 16:53, FalconChristopher wrote: >>> Hi, I want to setu

Re: Beginner Setting up Spam Assassin

:53, FalconChristopher wrote: Hi, I want to setup Spam Assassin so that any email that Spam Assassin flags as spam this is spamassassin's job gets placed into a folder for a specific SMTP or IMAP email account. this is not spamassassin's job. It's job of mail delivery a

Re: Beginner Setting up Spam Assassin

t; Anyone know how I can check and setup SpamAssassin so that I can > eliminate some spam from coming in from a email account ? > > > On 12/28/2023 2:24 AM, Matus UHLAR - fantomas wrote: > > On 27.12.23 16:53, FalconChristopher wrote: > >> Hi, I want to setup Spam

Re: Beginner Setting up Spam Assassin

Anyone know how I can check and setup SpamAssassin so that I can eliminate some spam from coming in from a email account ? On 12/28/2023 2:24 AM, Matus UHLAR - fantomas wrote: On 27.12.23 16:53, FalconChristopher wrote: Hi, I want to setup Spam Assassin so that any email that Spam Assassin

Re: Beginner Setting up Spam Assassin

On 27.12.23 16:53, FalconChristopher wrote: Hi, I want to setup Spam Assassin so that any email that Spam Assassin flags as spam this is spamassassin's job gets placed into a folder for a specific SMTP or IMAP email account. this is not spamassassin's job. It's job of mail

Beginner Setting up Spam Assassin

Hi, I want to setup Spam Assassin so that any email that Spam Assassin flags as spam gets placed into a folder for a specific SMTP or IMAP email account. Then if Spam Assassin flags emails that are not spam I can tell it which of those emails to not place into the spam folder for the specific

Re: Spam Assassin multiple URI RBL's (amended)

Response below. On 2016-11-09 01:49, Axb wrote: On 11/08/2016 07:49 AM, Michael Hallager wrote: I have deployed Spam Assassin between Postfix and Dovecot. It works except for a weird problem. I use a custom URI RBL in addition to the default ones. This works with a test URL in the body of an

Re: Spam Assassin multiple URI RBL's (amended)

On 11/08/2016 07:49 AM, Michael Hallager wrote: I have deployed Spam Assassin between Postfix and Dovecot. It works except for a weird problem. I use a custom URI RBL in addition to the default ones. This works with a test URL in the body of an email message, however with real spam URL&#

Spam Assassin multiple URI RBL's (amended)

I have deployed Spam Assassin between Postfix and Dovecot. It works except for a weird problem. I use a custom URI RBL in addition to the default ones. This works with a test URL in the body of an email message, however with real spam URL's - which are listed with other URI RBL

Spam Assassin multiple URI RBL's

I have deployed Spam Assassin between Postfix and Dovecot. It works except for a weird problem. I use a custom URI RBL in addition to the default ones. This works with a test URL in the body of an email message, however with real spam URL's - which are listed with other URI RBL

Re: The real spoofing issue (was Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless)

--On October 18, 2016 at 02:06:38 -0400 Ruga wrote: > > > ... unless you're applying DMARC, which says the "From:" should instead "align" with something other than the author of the message in some cases. --Joseph Brennan

Re: The real spoofing issue (was Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless)

On Tue, 18 Oct 2016 02:06:38 -0400 Ruga wrote: > < does not belong to the author(s) of the message.>> A Quoted-String phrase is NOT a mailbox. It's just a quoted string that is not subject to any further interpretation. Regards, Dianne.

Re: The real spoofing issue (was Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless)

On October 18, 2016 2:09:37 AM EDT, Ruga wrote: >RFC 2822 and 5322 are in the "Standards Track". >RFC 822 is still the standard. Interesting, but the example is still RFC-compliant, even with 822. Regards, Dianne.

Re: The real spoofing issue (was Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless)

On October 18, 2016 2:27:09 AM EDT, Ruga wrote: >Yes, you can prefix a quoted string to the actual address. No, the >quoted string is not part of the address. Indeed. >There are two approaches here: one is to defend the spammer's abuse of >the standard (intended to trick the average Joe into b

Re: The real spoofing issue (was Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless)

The following rules look for a From label which looks to have an email address looks for this type of spoofed address The following would be valid, for example: From: "p...@domain.com" http://ruleqa.spamassassin.org/20161017-r1765221-n/T_PDS_FR

Re: The real spoofing issue (was Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless)

Yes, you can prefix a quoted string to the actual address. No, the quoted string is not part of the address. There are two approaches here: one is to defend the spammer's abuse of the standard (intended to trick the average Joe into believing they have received mail from someone else), and the

Re: The real spoofing issue (was Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless)

RFC 2822 and 5322 are in the "Standards Track". RFC 822 is still the standard. On Tue, Oct 18, 2016 at 2:52 AM, Dianne Skoll <'d...@roaringpenguin.com'> wrote: On October 17, 2016 7:11:29 PM EDT, Ruga wrote: >rfc 822 (the actual standard): Are you serious? RFC 822 is decades obsolete, long sinc

Re: The real spoofing issue (was Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless)

<> On Tue, Oct 18, 2016 at 1:25 AM, Paul Stead <'paul.st...@zeninternet.co.uk'> wrote: On 17/10/16 23:52, Ruga wrote: https://tools.ietf.org/html/rfc5322#section-3.6.2 from = "From:" mailbox-list CRLF ... https://tools.ietf.org/html/rfc5322#section-3.4 ... ---8<--- mailbox = name-addr / a

Re: The real spoofing issue (was Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless)

On Mon, 17 Oct 2016 19:11:29 -0400 Ruga wrote: > rfc 822 (the actual standard): Which as I mentioned is obsolete, but I'll play with you... > authentic = "From" ":" mailbox ; Single author / ... > mailbox = addr-spec ; simple address / phrase route-addr > addr-spec = local-part "@" domain And

Re: The real spoofing issue (was Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless)

On October 17, 2016 7:11:29 PM EDT, Ruga wrote: >rfc 822 (the actual standard): Are you serious? RFC 822 is decades obsolete, long since superseded by 2822 and then by 5322. Regards, Dianne.

Re: The real spoofing issue (was Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless)

On 17/10/16 23:52, Ruga wrote: https://tools.ietf.org/html/rfc5322#section-3.6.2 from= "From:" mailbox-list CRLF ... https://tools.ietf.org/html/rfc5322#section-3.4 ... ---8<--- mailbox = name-addr / addr-spec name-addr = [display-name] angle-addr

Re: The real spoofing issue (was Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless)

rfc 822 (the actual standard): authentic = "From" ":" mailbox ; Single author / ... mailbox = addr-spec ; simple address / phrase route-addr addr-spec = local-part "@" domain On Tue, Oct 18, 2016 at 12:52 AM, Ruga <'r...@protonmail.com'> wrote: https://tools.ietf.org/html/rfc5322#section-3.6.

Re: The real spoofing issue (was Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless)

https://tools.ietf.org/html/rfc5322#section-3.6.2 On Mon, Oct 17, 2016 at 2:18 AM, Dianne Skoll <'d...@roaringpenguin.com'> wrote: On Sun, 16 Oct 2016 18:08:20 -0400 Ruga wrote: > In my servers, the above string is not RFC compliant, > and therefore the whole mail is automatically > rejected

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

On 10/15/2016 12:53 PM, Matus UHLAR - fantomas wrote: and immediately after implementing, those people and organizations would be surprised they block mail they should not block (see above). No, it wouldn't block mail. It would add a bit to the score. If there are other spam signs, it mig

Re: The real spoofing issue (was Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless)

>one could argue if From:Name and From:Addr have differing domains its >forged ? One could argue that, but one could not argue that my sample From: header is not RFC-compliant. Last I checked, Yahoo Groups rewrote the From: header in exactly that manner. Furthermore, the Quoted-String part of

Re: The real spoofing issue (was Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless)

On 2016-10-17 02:18, Dianne Skoll wrote: From: "Dianne Skoll " is absolutely 100% RFC-compliant. lets break test it :) If you feel it is not, please cite the RFC that's violated, including the specific section being violated. one could argue if From:Name and From:Addr have differing doma

Re: The real spoofing issue (was Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless)

On 16 Oct 2016, at 18:08, Ruga wrote: From: "Dianne Skoll " In my servers, the above string is not RFC compliant, Are you writing your own RFC's? That's cool: the IETF could do with some competition. Where are you publishing them and accepting comments? The IETF's RFC5322 includes this A

Re: The real spoofing issue (was Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless)

On Sun, 16 Oct 2016 18:08:20 -0400 Ruga wrote: > In my servers, the above string is not RFC compliant, > and therefore the whole mail is automatically > rejected as SPAM. Your servers fail in RFC comprehension. The message header: From: "Dianne Skoll " is absolutely 100% RFC-compliant. I

Re: The real spoofing issue (was Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless)

> From: "Dianne Skoll " In my servers, the above string is not RFC compliant, and therefore the whole mail is automatically rejected as SPAM.

The real spoofing issue (was Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless)

Oh, and one more thing... Even if there were a magic bullet to absolutely detect forged From: addresses and forged envelope senders... it would not help with phishing attacks and spoofing. That's because every email reader I've ever used shows neither the From: address nor the envelope sender by

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

On Sat, 15 Oct 2016 17:33:00 +0200 Petr Bena wrote: > What exactly were you trying to tell me? I'm trying to tell you that unless we throw out SMTP, there is *no way* to detect spoofed email. That's because SMTP allows for "legitimate" spoofing (AKA mailing lists) which makes it impossible to f

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

On 10/15/16 20:56, David Jones wrote: > > >What I was hoping for was, that as someone who does bother checking, to > > >find out a solution that would help me prevent from receiving spoofed > >e-mails, because as I mentioned multiple times SPF, DKIM, and DMARC is > >not able to do that. I am lookin

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

On 15 Oct 2016, at 14:50, Petr Bena wrote: I was looking to accomplish something similar, but seems that SA can't do that and there are probably no open source plugins or postfix hooks that allow this (so far). This class of problem is one reason to pick MIMEDefang as your tool for integratin

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

On 10/15/16 20:35, Antony Stone wrote: > On Saturday 15 October 2016 at 20:30:25, Axb wrote: > >> On 10/15/2016 08:13 PM, Petr Bena wrote: >>> What I was hoping for was, that as someone who does bother checking, to >>> find out a solution that would help me prevent from receiving spoofed >>> e-mail

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

On 15 Oct 2016, at 14:13, Petr Bena wrote: That would obviously work and blocked hackers from spoofing, No, it would not do so. It's clear that you didn't bother reading Dianne Skoll's message and considering or testing her counter-example. but as you said, it would also break some other s

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

>Thanks for that, I will do that, another thing that comes to my mind: >if my mail server sign every single e-mail with DKIM, that e-mail >should be signed even if it's redistributed by mailing list daemon >or not? I see my own e-mails here and e-mails of some other people >in this list to be D

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

Hello, What I was hoping for was, that as someone who does bother checking, to find out a solution that would help me prevent from receiving spoofed e-mails, because as I mentioned multiple times SPF, DKIM, and DMARC is not able to do that. I am looking for a way how to detect that e-mail is spoof

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

On 15.10.16 21:08, Petr Bena wrote: > if my mail server sign every single e-mail with DKIM, that e-mail should > be signed even if it's redistributed by mailing list daemon or not? Sadly, there are mailing list admins who think it wise to have subject lines or message bodies modified, e.g. by add

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

>What I was hoping for was, that as someone who does bother checking, to >find out a solution that would help me prevent from receiving spoofed >e-mails, because as I mentioned multiple times SPF, DKIM, and DMARC is >not able to do that. I am looking for a way how to detect that e-mail is >spoofed

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

On 10/15/2016 08:35 PM, Antony Stone wrote: On Saturday 15 October 2016 at 20:30:25, Axb wrote: On 10/15/2016 08:13 PM, Petr Bena wrote: What I was hoping for was, that as someone who does bother checking, to find out a solution that would help me prevent from receiving spoofed e-mails The

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

On 15.10.16 20:13, Petr Bena wrote: > One of solutions that I proposed is an optional SA plugin that would > treat the email found in "From:" header as envelope sender and check > against that, raising the score or doing something if it failed. A sending mail on behalf of B does not automatically

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

On Saturday 15 October 2016 at 20:30:25, Axb wrote: > On 10/15/2016 08:13 PM, Petr Bena wrote: > > > > What I was hoping for was, that as someone who does bother checking, to > > find out a solution that would help me prevent from receiving spoofed > > e-mails > There is no publicly available Sp

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

On 10/15/2016 08:13 PM, Petr Bena wrote: Hello, What I was hoping for was, that as someone who does bother checking, to find out a solution that would help me prevent from receiving spoofed e-mails, because as I mentioned multiple times SPF, DKIM, and DMARC is not able to do that. I am looking f

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

On 15.10.16 17:33, Petr Bena wrote: > I started this discussion stating the fact that SPF, DKIM and DMARC > don't prevent people from being able to spoof your email address. These mechanisms are not meant to prevent spoofing (and they can't), just to make it easier to detect spoofing on the recei

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

I don't understand your point. I started this discussion stating the fact that SPF, DKIM and DMARC don't prevent people from being able to spoof your email address. And you tell me that I don't understand email security because SPF, DKIM and DMARC don't prevent people from being able to spoof my e

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

On 15 Oct 2016, at 11:33, Petr Bena wrote: I don't understand your point. I started this discussion stating the fact that SPF, DKIM and DMARC don't prevent people from being able to spoof your email address. And you tell me that I don't understand email security because SPF, DKIM and DMARC don

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

On 10/15/2016 1:51 PM, Matus UHLAR - fantomas wrote: I can immediately guess this rule would need way too many exceptions to be useful. And when anyone in the world subscribed to any list, it would need an exception. On 15.10.16 15:35, Petr Bena wrote: Nope, the exception would go for a whole

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

Nope, the exception would go for a whole mailing list, not for every of its users. Anyway given that this would be optional plugin for sa, it would be only used by people / organizations who care about authenticity of the message sender and these that would be OK with the fact that mail address

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

On 10/15/2016 04:57 PM, Dianne Skoll wrote: On Sat, 15 Oct 2016 15:35:25 +0200 Petr Bena wrote: Believe me, there are people or organizations who would happily exchange ability to use mailing lists within some domain for guarantee that their emails can't be spoofed in no way (at least within t

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

On Sat, 15 Oct 2016 15:35:25 +0200 Petr Bena wrote: > Believe me, there are people or organizations who would happily > exchange ability to use mailing lists within some domain for > guarantee that their emails can't be spoofed in no way (at least > within their own domain). You seriously don't

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

On Fri, 14 Oct 2016 23:24:21 +0200 Petr Bena wrote: > How does DKIM prevent others from spoofing your mail address? People > will still receive unsigned e-mails that look like they were sent by > you even if they were not. DKIM by iself does not. DKIM plus DMARC sort-of does. (I say "sort-of"

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

On 14.10.16 16:26, Bowie Bailey wrote: On the other hand, SA is a points-based system. If you checked SPF based on the From header, you could then whitelist known list servers and other exceptions and add a point or so to the rest. If you set the score at 0.001 and monitored the non-spam hits

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

optional and extremely useful for people who actually care about this. On 10/14/16 22:26, Bowie Bailey wrote: > On 10/14/2016 3:43 PM, Kris Deugau wrote: >> Petr Bena wrote: >>> Is there any way to get spam assassin to actually figure out that >>> e-mail >>> is sp

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

On 14 Oct 2016, at 17:24, Petr Bena wrote: Also I don't understand why mailing lists /have to/ work this way. I know it's long-time established standard just like e-mails, but flawed and people are abusing it, because it's extremely easy to do that. Welcome to the Internet: where almost every

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

On 14.10.16 23:24, Petr Bena wrote: > I know that this would break existing standards (which are flawed by > design TBH), but why not at least make this as an optional feature? You said it yourself: because it would break existing standards. That's reason enough not to mess with things. The desig

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

On 2016-10-14 23:24, Petr Bena wrote: P.S. this is extremely easy to implement from programmer point of view, all you need to do is take existing SPF plugin and just have it verify SPF against e-mail that is in From header. It's probably a change of few lines of code for someone who knows perl

How to get spam assassin to detect spoofed mails as SPF is clearly useless

ther. It's true it's possible to set DMARC policies to require all From fields to be same, but I don't think that spam assassin is capable of dealing with DMARC either, plus this policy is really extremely weak. Gmail has one of best antispams and antispoof protections, but it could sti

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

On 10/14/2016 3:43 PM, Kris Deugau wrote: Petr Bena wrote: Is there any way to get spam assassin to actually figure out that e-mail is spoofed even if it's obviously easy to figure out? Consider the case of, oh, say, this message. Or virtually every other interactive mailing list o

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

On 2016-10-14 21:24, Petr Bena wrote: I created this BT https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7360 to implement SPF-like checks on From: sender as well in addition to envelope sender (if they differ). It was rejected as invalid because SPF specs are different. Authentication-Resul

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

eak all kinds of things. > Is there any way to get spam assassin to actually figure out that > e-mail is spoofed even if it's obviously easy to figure out? No. Because there is no definitive way to determine if an email is "spoofed". Tell me, is this email spoofed? The he

Re: How to get spam assassin to detect spoofed mails as SPF is clearly useless

Petr Bena wrote: > Is there any way to get spam assassin to actually figure out that e-mail > is spoofed even if it's obviously easy to figure out? Consider the case of, oh, say, this message. Or virtually every other interactive mailing list on the Internet. Were you to do an SPF c

Spam Filtering Trick that could be easily adapted to Spam Assassin

Tried to send this into the list but I think it had so many spam phrases it got blocked. So I'll just link to my wiki. http://wiki.junkemailfilter.com/index.php/Concept_Parsing_Spam_Filter This is a spam filtering trick I'm using but it's not SA, but could be easily adapted to SA. Rather tha

what is this telling me in spam assassin -D --lint ?

Is this a setting somewhere that I should have in place? Feb 12 09:09:30.509 [73122] dbg: config: fixed relative path: /opt/local/var/spamassassin/3.004001/updates_spamassassin_org/10_default_prefs.cf Feb 12 09:09:30.509 [73122] dbg: config: using "/opt/local/var/spamassassin/3.004001/updates_sp

Fixed? Re: Looking for a way to dump spam assassin modified mail

. Thanks Robert M. Of course I have spam assassin itself running with the counts quite strict. I also have postscreen in postfix and other settings in there all quite rigid. and so on. amavisd.conf $log_level = 1; # set the log level to one $sa_tag_level_deflt = -999; # i want to see

Re: Looking for a way to dump spam assassin modified mail

That looks to be just what I want. I now have it running, so will see how it goes. Thanks for that. Much appreciated There are a few other really good options, but this one is nice and compact, no extra scripts. I’m running amavis-new, postfix with postscreen fairly heavily in use, dovecot, sp

Re: Looking for a way to dump spam assassin modified mail

I use amavis-new to do this: amavisd.conf $log_level = 1; # set the log level to one $sa_tag_level_deflt = -999; # i want to see the headers so change to -99 $sa_tag2_level_deflt = 5.0; # start with 5 $sa_kill_level_deflt = 9; # change to 9 $sa_dsn_cutoff_level = 9; # chang

Re: Looking for a way to dump spam assassin modified mail

Am 21.01.2016 um 13:34 schrieb Antony Stone: On Thursday 21 January 2016 at 13:31:29, Reindl Harald wrote: On 01/21/2016 01:25 PM, Robert Chalmers wrote: I’m looking for a way to just dump mail that has the header modified with the * SPAM * assignment. I mean, not have the C

Re: Looking for a way to dump spam assassin modified mail

Antony Stone kirjoitti 21.1.2016 14:34: On Thursday 21 January 2016 at 13:31:29, Reindl Harald wrote: > On 01/21/2016 01:25 PM, Robert Chalmers wrote: >> I’m looking for a way to just dump mail that has the header modified >> with the * SPAM * assignment. >> >> I mean, not have

Re: Looking for a way to dump spam assassin modified mail

On Thursday 21 January 2016 at 13:31:29, Reindl Harald wrote: > > On 01/21/2016 01:25 PM, Robert Chalmers wrote: > >> I’m looking for a way to just dump mail that has the header modified > >> with the * SPAM * assignment. > >> > >> I mean, not have the Client mail reader do it, ju

Re: Looking for a way to dump spam assassin modified mail

Am 21.01.2016 um 13:29 schrieb Axb: On 01/21/2016 01:25 PM, Robert Chalmers wrote: I’m looking for a way to just dump mail that has the header modified with the * SPAM * assignment. I mean, not have the Client mail reader do it, just have either spamd, or postfix/dovecot dump

Re: Looking for a way to dump spam assassin modified mail

On 01/21/2016 01:25 PM, Robert Chalmers wrote: I’m looking for a way to just dump mail that has the header modified with the * SPAM * assignment. I mean, not have the Client mail reader do it, just have either spamd, or postfix/dovecot dump it. I’m sure I’ve seen something ab

Looking for a way to dump spam assassin modified mail

I’m looking for a way to just dump mail that has the header modified with the * SPAM * assignment. I mean, not have the Client mail reader do it, just have either spamd, or postfix/dovecot dump it. I’m sure I’ve seen something about doing this, but can’t find it now…. lost in

Re: How to get rid of this spam? Spam assassin does not catch it

After retraining and setting spam assassin for wide site all looks good. Spam gets bayes99 and non spam is bayes00. So far i did not get any spam. Thank you all for your help. >> >> >> Am 31.10.2015 um 16:06 schrieb j...@lexoncom.com: >>> So after initial learning it

Re: How to get rid of this spam? Spam assassin does not catch it

On Mon, 2 Nov 2015 07:38:57 -0800 Shaheen Bakhtiar wrote: > Well? I?m glad I?m on this mailing list :P > > I did the same thing, running sa-learn ?spam /spamfolder as root, and > was pondering this very issue. > > I understand the logic behind why it shouldn?t be run as root, the > problem is o

Re: How to get rid of this spam? Spam assassin does not catch it

On 11/2/2015 11:25 AM, Reindl Harald wrote: Am 02.11.2015 um 17:02 schrieb Benny Pedersen: and why did he change spamd login permisson when using sa-learn :( because *as he explained* the service user has /sbin/nologin as shell and so "su - username" won't work until you change that or as i

Re: How to get rid of this spam? Spam assassin does not catch it

Am 02.11.2015 um 17:02 schrieb Benny Pedersen: and why did he change spamd login permisson when using sa-learn :( because *as he explained* the service user has /sbin/nologin as shell and so "su - username" won't work until you change that or as i explained create a user with a shell traini

Re: How to get rid of this spam? Spam assassin does not catch it

On 11/02/2015 05:21 PM, Shaheen Bakhtiar wrote: Ah! I see… that makes sense.. but spamc reads one mail at a time, is there way (other than writing a script) to have it read a folder full of emails? http://spamassassin.apache.org/full/3.4.x/doc/sa-learn.txt and bookmark http://spamassassin.apa

Re: How to get rid of this spam? Spam assassin does not catch it

Ah! I see… that makes sense.. but spamc reads one mail at a time, is there way (other than writing a script) to have it read a folder full of emails? > On Nov 2, 2015, at 8:02 AM, Benny Pedersen wrote: > > Axb skrev den 2015-11-02 16:42: >> On 11/02/2015 04:38 PM, Shaheen Bakhtiar wrote: >>> W

Re: How to get rid of this spam? Spam assassin does not catch it

Am 02.11.2015 um 16:42 schrieb Axb: On 11/02/2015 04:38 PM, Shaheen Bakhtiar wrote: Well… I’m glad I’m on this mailing list :P I did the same thing, running sa-learn —spam /spamfolder as root, and was pondering this very issue. I understand the logic behind why it shouldn’t be run as root, t

Re: How to get rid of this spam? Spam assassin does not catch it

Axb skrev den 2015-11-02 16:42: On 11/02/2015 04:38 PM, Shaheen Bakhtiar wrote: Well… I’m glad I’m on this mailing list :P I did the same thing, running sa-learn —spam /spamfolder as root, and was pondering this very issue. I understand the logic behind why it shouldn’t be run as root, the pro

Re: How to get rid of this spam? Spam assassin does not catch it

On 11/02/2015 04:38 PM, Shaheen Bakhtiar wrote: Well… I’m glad I’m on this mailing list :P I did the same thing, running sa-learn —spam /spamfolder as root, and was pondering this very issue. I understand the logic behind why it shouldn’t be run as root, the problem is on FC 22 the spamd user h

Re: How to get rid of this spam? Spam assassin does not catch it

> > BAYES_50 is not really good for clear spam > >> When sendmail sends email to procmail and procmail passes it to spam >> assassin, does spam assassin runs as root user or as the user the email >> is destined to? > > depends on how SA is called in detail, normally it

Re: How to get rid of this spam? Spam assassin does not catch it

On Fri, 2015-10-30 at 12:53 -0500, j...@lexoncom.com wrote: > I did configure local recursive server and set both spam local.cf and > resolved.conf to point to 127.0.0.1 and I still get the blocks. > Double check that there are no 'forward' options in /etc/names.conf or in files in /etc/named Ki

Re: How to get rid of this spam? Spam assassin does not catch it

o procmail and procmail passes it to spam >> assassin, does spam assassin runs as root user or as the user the email >> is destined to? > > depends on how SA is called in detail, normally it should switch to that > unix-user and hence training as root makes no sense, *nothing* s

Re: How to get rid of this spam? Spam assassin does not catch it

Am 31.10.2015 um 16:06 schrieb j...@lexoncom.com: So after initial learning it looks better now. (BAYES_50) BAYES_50 is not really good for clear spam When sendmail sends email to procmail and procmail passes it to spam assassin, does spam assassin runs as root user or as the user the

Re: How to get rid of this spam? Spam assassin does not catch it

So after initial learning it looks better now. (BAYES_50) When sendmail sends email to procmail and procmail passes it to spam assassin, does spam assassin runs as root user or as the user the email is destined to? I run the sa-learn as root user and it seems like this is the data based that is

Re: How to get rid of this spam? Spam assassin does not catch it

On 30.10.2015 19:53, j...@lexoncom.com wrote: I did configure local recursive server and set both spam local.cf and resolved.conf to point to 127.0.0.1 and I still get the blocks. The file name for that is /etc/resolv.conf NOT resolved.conf Also if you update local.cf and you run spam

Re: How to get rid of this spam? Spam assassin does not catch it

On Fri, 30 Oct 2015, j...@lexoncom.com wrote: thx, that explains the issue. I setup a dns server outside the amazon server. Now, i can finally do the lookup: root@aws:~# host -tTXT 2.0.0.127.multi.uribl.com 2.0.0.127.multi.uribl.com descriptive text "permanent testpoint" X-Spam-Flag: YES X-Spam

Re: How to get rid of this spam? Spam assassin does not catch it

thx, that explains the issue. I setup a dns server outside the amazon server. Now, i can finally do the lookup: root@aws:~# host -tTXT 2.0.0.127.multi.uribl.com 2.0.0.127.multi.uribl.com descriptive text "permanent testpoint" X-Spam-Flag: YES X-Spam-Level: *** X-Spam-Status: Yes, score=7.0 req

Re: How to get rid of this spam? Spam assassin does not catch it

On Fri, 30 Oct 2015, j...@lexoncom.com wrote: On Fri, 30 Oct 2015, j...@lexoncom.com wrote: I already cleaned the db to make sure I dont have it broken. Would it be better to turn off the autolearn. Teach sa ham and spam from over 200 messages and then turn back the autolearn? How big is you

Re: How to get rid of this spam? Spam assassin does not catch it

On Fri, 30 Oct 2015 14:46:18 -0500 j...@lexoncom.com wrote: > Further testing shows that both smazon and my public ips are blocked. > I never used my public ip for dns so why is it blocked? > Is it just my bad luck and the ip is just blocked on URBL? The rdns for these two addresses is ec2-54-1

Re: How to get rid of this spam? Spam assassin does not catch it

Further testing shows that both smazon and my public ips are blocked. I never used my public ip for dns so why is it blocked? Is it just my bad luck and the ip is just blocked on URBL? root@aws:/home/user# root@aws:/home/user# host -tTXT 2.0.0.127.multi.uribl.com 2.0.0.127.multi.uribl.com descrip

Re: How to get rid of this spam? Spam assassin does not catch it

> On Fri, 30 Oct 2015, j...@lexoncom.com wrote: > >> I already cleaned the db to make sure I dont have it broken. >> Would it be better to turn off the autolearn. >> Teach sa ham and spam from over 200 messages and then turn back the >> autolearn? > > How big is your userbase and ham email volume?

Re: How to get rid of this spam? Spam assassin does not catch it

On Fri, 30 Oct 2015, j...@lexoncom.com wrote: I already cleaned the db to make sure I dont have it broken. Would it be better to turn off the autolearn. Teach sa ham and spam from over 200 messages and then turn back the autolearn? How big is your userbase and ham email volume? If both are fa

Re: How to get rid of this spam? Spam assassin does not catch it

I already cleaned the db to make sure I dont have it broken. Would it be better to turn off the autolearn. Teach sa ham and spam from over 200 messages and then turn back the autolearn? thx > On Thu, 29 Oct 2015, Martin Gregorie wrote: > >> On Tue, 2015-10-27 at 14:19 -0500, j...@lexoncom.com wro

  1   2   3   4   5   6   >