On Mon, 2006-02-20 at 22:34 -0600, Dallas L. Engelken wrote:
> http://businesgroupny.com
> You'll see neat little bulk email tools they use for sending their
> phishes
>
> * http://businesgroupny.com/bulk/
> * http://businesgroupny.com/index.php -> Fi$hY Productions
>
> ;)
Hehe, the account is su
You might find this interesting -- it's a regexp visualizer, which
compiles a regexp into its NFA/DFA, then presents it for viewing in a
Flash app! It's amazing.
http://osteele.com/tools/reanimator/
--j.
These don't hit very much in my setup. They get caught with the new
Reverse-Check feature in CommuniGate.
I've been getting wuite a few of these plain text spams lately.
Source below.
Patrick Sneyers
Belgium
Return-Path: <[EMAIL PROTECTED]>
X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-0
When I run the spamassassin --lint test on my debian server I get the
following:
spamassassin: spamassassin script is v3.001000, but using modules
v3.03
How can fix the modules so they are matching to the script version?
Kind regards,
Bob de Wildt
Systems Administrator
Cyso Managed Hostin
Hello Evan,
Monday, February 20, 2006, 8:07:13 PM, you wrote:
EP> Well, as if there's a NON annoying spammer..
EP> I'm getting HAMMERED with the re: Hello spams.
EP> http://www.espphotography.com/stopthisspammer.txt
EP> Best way I can see to drop this guy is to block on "The Bat!
EP> (v3.62.1
Doc Schneider wrote:
I just committed version 01.00.06 of this ruleset to:
http://rulesemporium.com/rules/70_sare_stocks.cf
It should appear within the hour.
Enjoy.
-Doc (SA/SARE/URIBL/SURBL -- Ninja)
Why can't I add this to rules_du_jour?
I added SARE_STOCKS to the rulesets thusly:
TRUST
On Tue, Feb 21, 2006 at 09:28:13AM -0500, Mike Pepe wrote:
> Doc Schneider wrote:
> >I just committed version 01.00.06 of this ruleset to:
> >
> >http://rulesemporium.com/rules/70_sare_stocks.cf
> >
> >It should appear within the hour.
> >
> >Enjoy.
> >
> >-Doc (SA/SARE/URIBL/SURBL -- Ninja)
>
> W
Title: RE: Updated Pump and Dump rules. 2006-02-18
> -Original Message-
> From: Bob McClure Jr [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, February 21, 2006 9:37 AM
> To: users@spamassassin.apache.org
> Subject: Re: Updated Pump and Dump rules. 2006-02-18
>
>
> On Tue, Feb 21, 2006
On Monday, February 20, 2006, 12:39:31 PM, Theo Dinter wrote:
> Just for some info... I went through the set1 spam logs for 3.1 score
> generation.
> 1112804 total messages
> 776108 messages hit SURBL
> 138407 1 SURBL list(s) hit (1+ = 776108)
> 189795 2 SURBL list(s) hit (2+ = 637701)
> 281
Patrick Sneyers wrote:
> These don't hit very much in my setup. They get caught with the new
> Reverse-Check feature in CommuniGate.
Do you know what this test does?
> I've been getting wuite a few of these plain text spams lately.
>
If you had SPF support, this would have caught SPF_NEUTRAL (gmail
On Tue, 2006-02-21 at 06:53 -0800, Jeff Chan wrote:
> On Monday, February 20, 2006, 12:39:31 PM, Theo Dinter wrote:
>
> > Just for some info... I went through the set1 spam logs for 3.1 score
> > generation.
>
> > 1112804 total messages
> > 776108 messages hit SURBL
> > 138407 1 SURBL list(s)
Bob de Wildt wrote:
> When I run the spamassassin --lint test on my debian server I get the
> following:
>
> spamassassin: spamassassin script is v3.001000, but using modules
> v3.03
>
> How can fix the modules so they are matching to the script version?
>
I'd venture to guess you some how
Cute registration too - name BUSINESGROUPNY, address in New York,
but the address is only valid if you change "HILLSIDE, NY" to "HILLSIDE, NJ".
(The excellent USPS site at http://zip4.usps.com/zip4/welcome.jsp gives
up this data in a few seconds).
Paul Shupak
[EMAIL PROTECT
Dear List,
I've created some really simple HAM rules for my setup.
Just give from belgium to a specific domain -1 points.
spamassassin --lint doensn't give me any errors back, but
amavisd-new doesn't list the rule.
Log:
SPAM, <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>, Yes,
score=7.959 tag=2.
I have a site wide spamassassin running on a Debian unstable box (because I
like my server bloody ;). I am using postfix and amavisd-new with clamav and
spamassassin filtering through amavisd-new.
This is basically running smoothly, and spamassassin is doing a decent job.
However bayes filterin
Anders Ellenshøj Andersen wrote:
How can I make spamassassin read the bayes database for the user that is
recieving the mail. Is this even a good idea? Should I use a central database
instead?
With amavis you only have the option of using a single site wide bayes
database.
--
Scott Russell
Jonn R Taylor wrote:
> Thanks, I got it work. Was looking at report not summary.
Just as a follow-up for the archives, this is the simple way to get a
report header added to both spam and ham messages (with SA 3.1).
add_header all Report _REPORT_
Add the line to local.cf to add the report to
Chris Santerre wrote:
> From: Bob McClure Jr [mailto:[EMAIL PROTECTED]
> >
> > You need a new rules_du_jour. SARE_STOCKS was added in version
> > 1.28.
>
> Yeah , what Bob said. The updater needs an update. Perhaps we should
> get Chris T. to write an updating updater for the updating updater?
Muenz, Michael wrote:
>
> I've created some really simple HAM rules for my setup.
> Just give from belgium to a specific domain -1 points.
> spamassassin --lint doensn't give me any errors back, but
> amavisd-new doesn't list the rule.
>
>
> Log:
>
> SPAM, <[EMAIL PROTECTED]> -> <[EMAIL PROTECT
Muenz, Michael a écrit :
> Dear List,
>
> I've created some really simple HAM rules for my setup.
> Just give from belgium to a specific domain -1 points.
> spamassassin --lint doensn't give me any errors back, but
> amavisd-new doesn't list the rule.
>
>
> Log:
>
> SPAM, <[EMAIL PROTECTED]> -
At the risk of starting another "Why are you duplicating Rules_du_jour ?"
aregument . . . :-)
Since people say it needs to be updated, here is a little piece of perl I
use to update my scripts. I wrote it after being completely perplexed by the
rules_du_jour shell script(s).
It's a simple 30
Way cool! Thanks Justin
Justin Mason wrote:
> You might find this interesting -- it's a regexp visualizer, which
> compiles a regexp into its NFA/DFA, then presents it for viewing in a
> Flash app! It's amazing.
>
> http://osteele.com/tools/reanimator/
>
> --j.
>
>
Miki a écrit :
>
> hmm, Im using The Bat too ;) it is best far away from Outlook crap. its
> best client on market. small, fast, ... bla bla
> check it out at ritlabs.com
>
> to stop him, if you using qmail try badmailfrom to stop him on smtp
> level.
>
>
I hope you've seen
http://www.security
Op 21-feb-06, om 16:08 heeft Matt Kettler het volgende geschreven:Patrick Sneyers wrote: These don't hit very much in my setup. They get caught with the newReverse-Check feature in CommuniGate. Do you know what this test does? I've been getting wuite a few of these plain text spams lately. If you h
On Tue, 21 Feb 2006, Muenz, Michael wrote:
> Dear List,
>
> I've created some really simple HAM rules for my setup.
> Just give from belgium to a specific domain -1 points.
> spamassassin --lint doensn't give me any errors back, but
> amavisd-new doesn't list the rule.
>
>
> Log:
>
> SPAM, <[EMAIL
Title: RE: Updated Pump and Dump rules. 2006-02-18
> -Original Message-
> From: Bowie Bailey [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, February 21, 2006 12:27 PM
> To: users@spamassassin.apache.org
> Subject: RE: Updated Pump and Dump rules. 2006-02-18
>
>
> Chris Santerre wrote:
Greets.
In SA 3.1 the code in Locales.pm automatically passes all 'WINDOWS'
charsets. Looking at http://en.wikipedia.org/wiki/Windows-1251 it seems
pretty clear that windows-1251 should be included in the Cyrillic
charsets however.
What's the history behind approving all Windows charsets by defa
Scott Russell wrote:
>Greets.
>
>In SA 3.1 the code in Locales.pm automatically passes all 'WINDOWS'
>charsets. Looking at http://en.wikipedia.org/wiki/Windows-1251 it seems
>pretty clear that windows-1251 should be included in the Cyrillic
>charsets however.
>
>What's the history behind approving
Philip Prindeville wrote:
I brought up this same question a few weeks ago about why ISO-8859-9
would be acceptable for "ok_locales en", for instance.
See my posting on 02/03/2006, and:
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4794
You probably do not want to direct people to
Scott Russell wrote:
>Philip Prindeville wrote:
>
>
>>I brought up this same question a few weeks ago about why ISO-8859-9
>>would be acceptable for "ok_locales en", for instance.
>>
>>See my posting on 02/03/2006, and:
>>
>>http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4794
>>
>
I was noticing that every time that someone forwards me an
article from yahoo! news that it scores high on the
MANY_EXCLAMATIONS and PLING_PLING tests.
Unfortunately Yahoo! also changed the policy about generating
the MAIL FROM: line. It used to be that of the person sending
to you. Now it's som
Philip Prindeville wrote:
> I was noticing that every time that someone forwards me an
> article from yahoo! news that it scores high on the
> MANY_EXCLAMATIONS and PLING_PLING tests.
>
> Unfortunately Yahoo! also changed the policy about generating
> the MAIL FROM: line. It used to be that of th
Matt Kettler wrote:
>Philip Prindeville wrote:
>
>
>>I was noticing that every time that someone forwards me an
>>article from yahoo! news that it scores high on the
>>MANY_EXCLAMATIONS and PLING_PLING tests.
>>
>>Unfortunately Yahoo! also changed the policy about generating
>>the MAIL FROM: lin
Philip Prindeville wrote:
> Matt Kettler wrote:
>
>> Philip Prindeville wrote:
>>
>>
>>> I was noticing that every time that someone forwards me an
>>> article from yahoo! news that it scores high on the
>>> MANY_EXCLAMATIONS and PLING_PLING tests.
>>>
>>> Unfortunately Yahoo! also changed the p
Has anyone considered using agrep to detect deliberate
misspellings of common keywords, like st0cks, preskriptions,
etc?
Agrep allows one to assign arbitrary weights to various
transcriptions, insertions (spaces, dashes, underscores, etc)
and deletions...
Seems that some neat stuff could be done.
Matt Kettler wrote:
>Philip Prindeville wrote:
>
>
>>Matt Kettler wrote:
>>
>>
>>
>>>Philip Prindeville wrote:
>>>
>>>
>>>
>>>
I was noticing that every time that someone forwards me an
article from yahoo! news that it scores high on the
MANY_EXCLAMATIONS and PLING_PLING t
Philip Prindeville wrote:
>> Just whitelist them.. SA sees *both* the From: header AND the Return-Path
>> header
>> when evaluating "whitelist_from" type commands.
>>
>>
>
> The sender was already whitelisted... Or so I thought. I'll have to
> double-check that. She tends to use a lot of di
I recently lost a hard drive and have had to setup everything again.
I'm seeing a fair amount of spam that is getting through my filters.
From what I can see in the headers of messages, bayes does not seem to
be used at all. I'm reasonable sure this is the reason I'm seeing spam.
If I do #spa
M. Lewis wrote:
I recently lost a hard drive and have had to setup everything again.
I'm seeing a fair amount of spam that is getting through my filters.
From what I can see in the headers of messages, bayes does not seem to
be used at all. I'm reasonable sure this is the reason I'm seeing sp
M. Lewis wrote:
Thanks Steve,
# sa-learn --dump magic
0.000 0 3 0 non-token data: bayes db version
0.000 0 57468 0 non-token data: nspam
0.000 0 16419 0 non-token data: nham
0.000 0 181931 0 non-to
I received this from a fellow on another list. It took some puzzling
until I figured out what went wrong. He has yet to get back to me with
whether or not there was a score on the message or not. But I think
SA should guard itself if this leads to a message escaping getting
marked.
===8<---
Joann
Sorry, I am in the habit of 'reply' as opposed to 'reply all'.
I see no 'obvious' errors in spamassassin -D --lint which was the first
thing I checked.
Shortly before you asked about the 'sa-learn --dump magic', I found this
message from Matt:
http://marc.theaimsgroup.com/?l=spamassassin-us
Honey, I Formatted the Kid!
If only it was THAT easy
{^_-}
Hehehe, I wish sometimes.
jdow wrote:
Honey, I Formatted the Kid!
If only it was THAT easy
{^_-}
--
To define recursion, we must first define recursion.
01:30:01 up 3 days, 1:35, 6 users, load average: 0.78, 0.68, 0.59
Linux Registered User #241685 http://counter.li.org
Hi.
I was wondering what a reasonable increase in the score for
SPF_FAIL would be, if I want to fail a host connection coming
in for a domain that it isn't supposed to correspond to...
I.e. if we get a connection from a host that isn't in the "mx:"
field of the SPF connection... And we want to r
45 matches
Mail list logo
