Hi,
I find quiet a few spams with mangled words like
"Dea C r Home Ow v ner" , "Dea 1 r Home O a wner" and many such
combinations are passing thru my SA (SA 3.1.0 with quite a few SARE
rules )
I can tar these spams and send if anyone wants
The mangled.cf is able to catch mangled credit or man
Hi, can anyone tell me if it's allowed to use regex with bayes_ignore_header
in local.cf? I've seen this done here and there by others but don't know if
it's actually allowed or will cause things not to function properly. For
example:
bayes_ignore_header X-Spam-\S+
If this *is* allowed, are th
Hi, I get some legitimate newletter that's incorrectly marked as
FORGED_OUTLOOK. Could someone fix that tests? Others may have that
problem, too.
(almost) full message at http://zmi.at/x/ham01.txt
mfg zmi
--
// Michael Monnerie, Ing.BSc --- it-management Michael Monnerie
// http://zmi.at
On Fri, 10 Mar 2006, Daryl C. W. O'Shea wrote:
On 3/10/2006 11:22 AM, Dan Mahoney, System Admin wrote:
I of course have no idea what to make of this output. Pointers?
Each line is one file descriptor. So it doesn't appear that it's using an
insane number of them.
Next time spamd hangs u
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael Monnerie wrote:
> Hi, I get some legitimate newletter that's incorrectly marked as
> FORGED_OUTLOOK. Could someone fix that tests? Others may have that
> problem, too.
>
> (almost) full message at http://zmi.at/x/ham01.txt
>
> mfg zmi
Are you
On Freitag, 31. März 2006 14:40 Sander Holthaus wrote:
> Are you sure that is a valid OE-email? Doesn't appear to me as such,
> hence I'd say the tests fired correctly.
At least they are a company which sends e-mail only opt-in. They sell PC
parts. I don't believe they use spammers software - or
>...
>Michael Monnerie wrote:
>> Hi, I get some legitimate newletter that's incorrectly marked as
>> FORGED_OUTLOOK. Could someone fix that tests? Others may have that
>> problem, too.
>>
>> (almost) full message at http://zmi.at/x/ham01.txt
>>
>> mfg zmi
>Are you sure that is a valid OE-email? Doe
Ryan Kather wrote:
I'll answer some parts...
Ideas: Postfix- I would prefer to use SpamAssassin as a
store and forward mail filtering relay appliance. It seems if I
place a Postfix Linux MTA in front of my existing spam solution I
could setup test groups. 100 users could be forwarded
Ryan Kather wrote:
>
> SpamAssassin-
> Now here is where I need the help (assuming my postfix section was
> sound). I want to make sure this is as optimized as possible to
> provide a fair performance picture versus SpamAssassin and Barracuda.
>
> It appears many seem to be using the Amavsid-new
Great!
Thanks for the response.
I have been looking for soo long for someone who has run Barracuda versus SA or
DSPAM. We are still going to test it, but I think I trust my own
administration over Barracuda Networks of SA.. let's just say I'm not very
optimistic about the Barracuda devices
Does this now mean that the Razor2 plugin in SA should be enabled by
default once more? IIRC, it was the licensing change in 2003 that
stopped it being a default rule.
Rod.
--
:: Rod Begbie :: http://groovymother.com/ ::
On Donnerstag, 30. März 2006 06:01 David B Funk wrote:
> Probably because sys-admins are more likely to deploy a soft-fail
> instead of a hard-fail if there's -any- question of FPs.
That doesn't justify lower scores in SA. If the admin of a domain sets a
SPF_FAIL, it should also fail in SA (i.e.
On Donnerstag, 30. März 2006 19:22 Kelson wrote:
> More info at http://openspf.org/srs.html
Yes, but that's very cryptic, needs a postfix patch etc. I changed all
my forwardings to rewrites, using procmail.
mfg zmi
--
// Michael Monnerie, Ing.BSc- http://it-management.at
// Tel: 06
Ryan,
> Configuration: Spam Filter Store and Forward Gateway (non authenticated)
You may want to add clamd to the mix.
> I want to make sure this is as optimized as possible to provide a fair
> performance picture versus SpamAssassin and Barracuda.
>...
> I also have read a lot where people are
I run /usr/local/bin/spamd -u spam and i get this error:[143440]
error: setruid() not implemented at /usr/local/bin/spamd line 877.setruid()
not implemented at /usr/local/bin/spamd line 877.[86114] info: spamd: server
successfully spawned child process, pid 143440[86114] info: spamd: handled
Running SpamAssassin 3.1.0, Perl 5.8.7, Solaris 9
We occasionally get the following error in our syslog:
Mar 30 06:53:27 email.ornl.gov spamd[102]: Error creating a DNS resolver
socket: Permission denied at
/usr/local/lib/perl5/site_perl/5.8.7/Mail/SpamAssassin/DnsResolver.pm
line 202, line 541.
I'm running 3.1.0
is there a script to just update all my rules with spamassassin?
After updating to new version everything was running good but spam is
starting to get through.
Thanks
On Fri, Mar 31, 2006 at 12:05:29PM -0500, Benjamin Adams wrote:
> I'm running 3.1.0
> is there a script to just update all my rules with spamassassin?
If you upgrade to 3.1.1 you can use sa-update which will let you download new
rules in between releases.
--
Randomly Generated Tagline:
Sweetie,
>I'll answer some parts...
>> Ideas: Postfix- I would prefer to use SpamAssassin as a
>> store and forward mail filtering relay appliance. It seems if I
>> place a Postfix Linux MTA in front of my existing spam solution I
>> could setup test groups. 100 users could be forwarded to the
>
Heute (31.03.2006/19:08 Uhr) schrieb Theo Van Dinter,
> On Fri, Mar 31, 2006 at 12:05:29PM -0500, Benjamin Adams wrote:
>> I'm running 3.1.0
>> is there a script to just update all my rules with spamassassin?
> If you upgrade to 3.1.1 you can use sa-update which will let you download new
> rules
Theo Van Dinter wrote:
> On Fri, Mar 31, 2006 at 12:05:29PM -0500, Benjamin Adams wrote:
>> I'm running 3.1.0
>> is there a script to just update all my rules with spamassassin?
>
> If you upgrade to 3.1.1 you can use sa-update which will let you download new
> rules in between releases.
>
Which
On Fri, Mar 31, 2006 at 07:32:04PM +0200, Jim Knuth wrote:
> mmh, I get these as user amavis:
>
> /root$ sa-update
> sa-update: importing default keyring to
> '/etc/mail/spamassassin//sa-update-keys'...
> cannot mkdir /etc/mail/spamassassin//sa-update-keys at /usr/bin/sa-update
> line 1028.
> /r
On Fri, Mar 31, 2006 at 07:36:18PM +0100, Michele Neylon:: Blacknight.ie wrote:
> Which ports and protocols does this use for the connections in and out?
It does a few DNS queries, and grabs files via HTTP.
BTW, I've added a bunch of information at
http://wiki.apache.org/spamassassin/RuleUpdates
Theo Van Dinter wrote:
> On Fri, Mar 31, 2006 at 07:36:18PM +0100, Michele Neylon:: Blacknight.ie
> wrote:
>> Which ports and protocols does this use for the connections in and out?
>
> It does a few DNS queries, and grabs files via HTTP.
>
> BTW, I've added a bunch of information at
> http://wi
I just updated to 3.1.1,
I get the same problem running as root
sa-update -D --gpg
or
sa-update -D
sa-update: importing default keyring to '/etc/mail/spamassassin//sa-
update-keys'...
cannot mkdir /etc/mail/spamassassin//sa-update-keys at /usr/bin/sa-
update line 1028.
nothing in /etc/mail/sp
Heute (31.03.2006/19:36 Uhr) schrieb Theo Van Dinter,
> On Fri, Mar 31, 2006 at 07:32:04PM +0200, Jim Knuth wrote:
>> mmh, I get these as user amavis:
>>
>> /root$ sa-update
>> sa-update: importing default keyring to
>> '/etc/mail/spamassassin//sa-update-keys'...
>> cannot mkdir /etc/mail/spamas
(copying Justin since this has to do with pre-forking)
Dan Mahoney, System Admin wrote:
On Fri, 10 Mar 2006, Daryl C. W. O'Shea wrote:
On 3/10/2006 11:22 AM, Dan Mahoney, System Admin wrote:
Okay,
I'm still getting these issues. I've corrected every other issue that's
plagued us, and the
Michele Neylon:: Blacknight.ie wrote:
Theo Van Dinter wrote:
On Fri, Mar 31, 2006 at 07:36:18PM +0100, Michele Neylon:: Blacknight.ie wrote:
Which ports and protocols does this use for the connections in and out?
It does a few DNS queries, and grabs files via HTTP.
I'm getting the following
On Fri, Mar 31, 2006 at 12:39:29PM -0500, Theo Van Dinter wrote:
> > Which ports and protocols does this use for the connections in and out?
> It does a few DNS queries, and grabs files via HTTP.
I forgot, the mirrors we use are on port 8090. :|
--
Randomly Generated Tagline:
"Your mail is being
I just updated from 3.1.0 to 3.1.1
I'm going to use the same local.cf
bayes_auto_learn1
bayes_file_mode 0774
bayes_path /var/mail/spamassassin/bayes
bayes_auto_expire 0
# Safe Reporting
report_safe 1
use_dcc 1
dcc_timeout 10
use
sounds like a new ticket is in order, alright. btw if *is* load-related,
an "strace -f -ttt" log will show that pretty clearly.
--j.
Daryl C. W. O'Shea writes:
> (copying Justin since this has to do with pre-forking)
>
> Dan Mahoney, System Admin wrote:
> > On Fri, 10 Mar 2006, Daryl C. W. O'Sh
On Fri, 31 Mar 2006, Daryl C. W. O'Shea wrote:
(copying Justin since this has to do with pre-forking)
Dan Mahoney, System Admin wrote:
On Fri, 10 Mar 2006, Daryl C. W. O'Shea wrote:
On 3/10/2006 11:22 AM, Dan Mahoney, System Admin wrote:
Okay,
I'm still getting these issues. I've correc
Rod Begbie writes:
> Does this now mean that the Razor2 plugin in SA should be enabled by
> default once more? IIRC, it was the licensing change in 2003 that
> stopped it being a default rule.
It certainly seems likely... good news.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4850
Daryl C. W. O'Shea wrote:
>
> Make sure you've got 8090/TCP open. It's used for the HTTP connection
> to the mirroring system.
Ah ha..
I was afraid it was that :(
--
Mr Michele Neylon
Blacknight Solutions
Quality Business Hosting & Colocation
http://www.blacknight.ie/
Tel. 1850 927 280
Intl.
Benjamin Adams wrote:
> I just updated from 3.1.0 to 3.1.1
> I'm going to use the same local.cf
...
> # OK languages
> ok_languages en fr de
ok_languages is realised by Plugin since 3.1.0
see Upgrade File and this List
Ciao Marco.
--
Sie brauchen einen Computer nicht einzuschalten um festzuste
Dan Mahoney, System Admin wrote:
On Fri, 31 Mar 2006, Daryl C. W. O'Shea wrote:
I think it's actually load related... spamd is timing out the
copy_config sooner than it's really taking under high load. If you
were to change the alarm value from 10 to 100 or so, around spamd line
949 this may
Thanks everyone. Great responses.
I think I have a good idea of where to go from here. I will build up the
solution and post my decided upon configuration. I would appreciate any
constructive feedback anyone has at that point, and you can be sure I will come
back to the list with any quest
- Original Message -
From: "Jim Knuth" <[EMAIL PROTECTED]>
To: "Theo Van Dinter" <[EMAIL PROTECTED]>
Cc:
Sent: Friday, March 31, 2006 10:56 AM
Subject: Re: Fast update for rules
Heute (31.03.2006/19:36 Uhr) schrieb Theo Van Dinter,
> On Fri, Mar 31, 2006 at 07:32:04PM +0200, Jim Knuth
I just saw that a normal Ebay outbid notice hit two high-score rules. One
is from sare-spoof and I already contacted the maintainer. But one is in
the default 3.1.1 ruleset and I think this rule should get completely
removed or get a score of 0. It's
1.72 SUBJECT_ENCODED_TWICE Subject: MIME enc
On Fri, 31 Mar 2006, Jose perez wrote:
> I run /usr/local/bin/spamd -u spam and i get this error:
>
> [143440] error: setruid() not implemented at /usr/local/bin/spamd line 877.
> setruid() not implemented at /usr/local/bin/spamd line 877.
> [86114] info: spamd: server successfully spawned child p
Benjamin Adams wrote:
I just updated to 3.1.1,
I get the same problem running as root
sa-update -D --gpg
or
sa-update -D
sa-update: importing default keyring to
'/etc/mail/spamassassin//sa-update-keys'...
cannot mkdir /etc/mail/spamassassin//sa-update-keys at
/usr/bin/sa-update line 1028.
no
From: "Ryan Kather" <[EMAIL PROTECTED]>
Performance... are you hunting for speed or accuracy?
(perhaps you wrote it before and I missed it)
Accuracy is most important, speed is only as important as insuring that messages don't
back up in the processing queue or overload the servers.
...
Af
From: "Jim Knuth" <[EMAIL PROTECTED]>
Heute (31.03.2006/19:08 Uhr) schrieb Theo Van Dinter,
On Fri, Mar 31, 2006 at 12:05:29PM -0500, Benjamin Adams wrote:
I'm running 3.1.0
is there a script to just update all my rules with spamassassin?
If you upgrade to 3.1.1 you can use sa-update which
Kai Schaetzl wrote:
I just saw that a normal Ebay outbid notice hit two high-score rules. One
is from sare-spoof and I already contacted the maintainer. But one is in
the default 3.1.1 ruleset and I think this rule should get completely
removed or get a score of 0. It's
1.72 SUBJECT_ENCODED_T
Ryan Kather wrote:
I'll answer some parts...
Yes, from a purely testing perspective. I don't have the liberty of this since I am live production testing. I suppose I could move all received messages for all users through all filters and then only deliver to those users who have opted into the
Benjamin Adams wrote:
> I just updated from 3.1.0 to 3.1.1
> I'm going to use the same local.cf
>
> bayes_auto_learn1
> bayes_file_mode 0774
Are you sure you want 0774? In general the only sensible options when
using bayes_path are 0700, 0770, or 0777. And the first two require tha
On Fri, Mar 31, 2006 at 12:53:59PM -0500, Benjamin Adams wrote:
> I just updated to 3.1.1,
> I get the same problem running as root
> sa-update -D --gpg
> or
> sa-update -D
> sa-update: importing default keyring to '/etc/mail/spamassassin//sa-
> update-keys'...
> cannot mkdir /etc/mail/spamassas
On Fri, Mar 31, 2006 at 07:56:28PM +0200, Jim Knuth wrote:
> ~# sa-update
> sa-update: importing default keyring to
> '/etc/mail/spamassassin//sa-update-keys'...
> config: warning: description exists for non-existent rule SPF_HELO_PASS
> config: warning: description exists for non-existent rule UR
48 matches
Mail list logo
