also sprach Marc Perkel <[EMAIL PROTECTED]> [2007.08.16.0511 +0200]:
> As opposed to preprocessing before using SA to reduce the load. (ie. using
> blacklist and whitelist before SA)
I have a bunch of postfix sanity checks, including RBLs running
first. Then, everything is fed to spamc, which --p
also sprach Kai Schaetzl <[EMAIL PROTECTED]> [2007.08.16.2031 +0200]:
> It will not have rejected them as it doesn't analyze URI's in bodies. That
> talk was about URIDNSBL, not about RBL checks in general.
aye. Then please pretend I never opened my mouth. In that case I'd
have to agree that if y
SA Lists schrieb:
Matthias +all,
Thank you very much.
On Thu, Aug 16, 2007 at 01:02:53PM +0200, Matthias Haegele wrote:
You only mentioned running sa-learn on spam you should also learn your
hammessages, both is important. Bayes-Performance will only be good if
learned on both, ham and spam.
Quoting Rick Macdougall <[EMAIL PROTECTED]>:
> Greg Skouby wrote:
> > With SA-3.2.0 I seem to be getting sub 5 second scan times pretty
> > regularly but when I upgraded to SA-3.2.3 I was lucky to get sub 10
> > second. I flipped on debugging and see a bunch of these messages:
> >
> > Thu Aug 16 1
Quoting martin f krafft <[EMAIL PROTECTED]>:
> also sprach Jeff Chan <[EMAIL PROTECTED]> [2007.08.16.1125 +0200]:
> > The two do very different things. MTA blacklists are direct
> > rejection of incoming smtp connections by the MTA (in this case
> > postfix). URIDNSBL is a SpamAssassin check of
After running sa-update successfully i tried stopping and starting
spamd and caom e across Error message:
Starting spamd: [30803] error: spamd: could not create INET socket on
127.0.0.1:783: Address already in use
spamd: could not create INET socket on 127.0.0.1:783: Address already in use
[FAILED
On 16.08.07 15:44, Mike Jackson wrote:
>RBL: dynablock.njabl.org
this one is obsole and you should not use it. It was imported to the
SpamHaus PBL and is not maintained by NJABL anymore
--
Matus UHLAR - fantomas, [EMAIL PROTECTED] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-m
On 16.08.07 09:39, Marc Perkel wrote:
> OK - it's interesting that of all of you who responded this is the only
> person who is doing it right.
Are you sure it's right? I do use similar configuration (and I plan use some
more filters, like greylisting on MX backups) but I wouldn't say so
generall
Jari Fredriksson wrote on Fri, 17 Aug 2007 01:11:37 +0300:
> But if I were an ISP I could not use it. Impossible. Totally impossible.
because ... ?
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
Hi,
We manage a not little mail system for our university (~100k messages
per day). In includes:
- a few front-ends (Courier SMTP/IMAP/POP3/webmail/maildrop) which
connect to random Spamassassin host via spamc utility,
- a cluster of a few servers with Spamassassin (3.2.1-1ubuntu1),
- another
Pawel Sasin <[EMAIL PROTECTED]> writes:
[...]
> Have you tried this on your SA servers?
> http://wiki.apache.org/spamassassin/DBIPlugin
Hello Pawel! :D
Thank you very much for the message about DBIPlugin! I've never
used it before. It looks interesting for me, so I've just
downloaded that plugi
> Jari Fredriksson wrote on Fri, 17 Aug 2007 01:11:37 +0300:
>
>> But if I were an ISP I could not use it. Impossible.
>> Totally impossible.
>
> because ... ?
>
> Kai
Because there is always some friends of some customers using a local linux with
a local mail server without smart host.
SM <[EMAIL PROTECTED]> writes:
[...]
>>Now I use MyISAM strorage backend, because I just created Bayesian
>>database using Spamassassin sql/bayes_mysql.sql file :)
>
> The recommendations in the sql/bayes_mysql.sql file are for the
> average setup. It doesn't cover MySQL optimization techniques as
Pradeep Mishra wrote on Fri, 17 Aug 2007 03:41:52 -0500:
> 127.0.0.1:783: Address already in use
Sounds like the "old" spamd didn't get killed correctly. Kill all spamd
children and then try again.
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.con
On Fri, Aug 17, 2007 at 10:09:49AM +0200, Matthias Haegele wrote:
> SA Lists schrieb:
>
> Dont think so:
> http://www.sanesecurity.co.uk/clamav/
> "Phishing and Scam Signatures for ClamAV"
>
> >I have just now included many of the SARE rules in my sa-update. I am
> >almost looking forward to get
I didn't hear from any of you VBounce guru's on this, but it's still
happening. Is this a VBounce bug?
Here's another example:
Report: X-Spam-Status: No, score=1.7 required=5.0 tests=
AWL=-1.710,
BAYES_50=0.001,
DRUGS_ERECTILE=0.493,
DRUGS_ERECTILE_OBFU=2.408,
FUZZY_CPILL=0.518
aut
FuzzyOcr should do a good job on something like that.
Loren
http://dreams.741.com/spam.gif
On Fri, 2007-08-17 at 00:31 +0200, Kai Schaetzl wrote:
> It seems you lowered the score of ACT_NOW_CAPS. If you have done this
> with
> a lot of rules, it's understandable that they don't help ;-)
Good eyes, I didn't even see that. I have checked my local.cf, where is
the only place I lower or a
"Loren Wilton" <[EMAIL PROTECTED]> writes:
> FuzzyOcr should do a good job on something like that.
>
>Loren
>
>> http://dreams.741.com/spam.gif
Hi Loren,
I did the test and unfortunately my FuzzyOcr (3.5.1) was bitten
by that spam image.
Here are the message headers:
X-Spam-Checker-Ver
Henrik Krohns <[EMAIL PROTECTED]> writes:
[...]
>> My hardware seems to be good enough. It's Sun Fire x4100 M2 server
>> with 2 x Dual-Core AMD Opteron 2220 SE CPUs and 8GB RAM on the board
>> and it's bored with its job ;) I think I rather need faster disks.
>
> With that amount memory you won't
On Thu, 2007-08-16 at 17:47 -0500, René Berber wrote:
> Jari Fredriksson wrote:
>
> > Botnet is bad AFAIK bad for anyone running an ISP or so.
> >
> > I'm a lone one and I know that nobody sending me email is not using a Linux
> > box with his own server, so I can drop all mail from dynamic dns o
Hi,
although I upgraded spamassassin to version 3.2.3 I am still
experiencing that spamd is invoked 3 times.
Here is my mysql-log:
070817 14:48:57 90 Connect [EMAIL PROTECTED] on spamassassin
90 Query set autocommit=1
90 Query SEL
Jari Fredriksson wrote on Fri, 17 Aug 2007 14:39:44 +0300:
> Because there is always some friends of some customers using a local linux
> with a local mail server without smart host.
And that is a problem?
1. you can adjust scoring
2. many ISPs block connections from dynamic IPs, anyway, this is
My hardware seems to be good enough. It's Sun Fire x4100 M2 server
with 2 x Dual-Core AMD Opteron 2220 SE CPUs and 8GB RAM on the board
and it's bored with its job ;) I think I rather need faster disks.
With that amount memory you won't see much disk activity. You can happily
increase
Henrik Krohns <[EMAIL PROTECTED]> writes:
[...]
> If you want a simple solution, you can try http://sa.hege.li/ for BadRelay
> plugin.
Interesting license... ;)
Have a nice day,
Pawel
Pawel Sasin <[EMAIL PROTECTED]> writes:
[...]
> You said you have several servers running spamd - if updates are
> causing you much trouble then you could disable bayes_autolearn on
> most of the servers, so that only some of them (down to 1) would
> update your bayes DB, while the others would jus
Robert Fitzpatrick wrote on Fri, 17 Aug 2007 08:46:25 -0400:
> I tried 'spamassassin -D > results.txt <
> myspamfile', but only gives me the results of the tests.
spamassassin -D results.txt
should do it.
50_scores.cf:score ACT_NOW_CAPS 0.948 0.001 1.259 0.792
That might explain it. The second
Robert Fitzpatrick wrote on Fri, 17 Aug 2007 08:56:33 -0400:
> Well, like I said, we had big problems using anything in Botnet except
> nordns.
That's why everything except the main BOTNET is set to 0 I guess ;-) You
have to check for yourself if it fits or not. I just enabled a few (using
a sc
Hi Loren,
I did the test and unfortunately my FuzzyOcr (3.5.1) was bitten
by that spam image.
The normal scan setups for FuzzyOCR don't rotate the images, so will in all
probability miss a rotated image like this. These were quite popular for a
while and a couple of people developed scansets
On Fri, 17 Aug 2007, Pawe? T?cza wrote:
I did the test and unfortunately my FuzzyOcr (3.5.1) was bitten by that
spam image.
You can manually mark this picture as bad :
# fuzzy-find --delete
# fuzzy-find --learn-spam
Apparently I must be a "spammer" since I can't send e-mail to perkel.com...
At least this response has been delayed since 9:16 a.m. pacific time
yesterday. Oh well... Here's the response.
Bret
-Original Message-
From: Bret Miller [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 16, 2007
On 8/16/2007 12:39 PM, Marc Perkel wrote:
> OK - it's interesting that of all of you who responded this is the only
> person who is doing it right. I have to say that I'm somewhat surprised
> that so few people are preprocessing their email to reduce the SA load.
> As we all know SA is very pro
Jari Fredriksson wrote:
Jari Fredriksson wrote on Fri, 17 Aug 2007 01:11:37 +0300:
But if I were an ISP I could not use it. Impossible.
Totally impossible.
because ... ?
Kai
Because there is always some friends of some customers using a local linux with
a local mail server without smart h
Hi Pawel,
At 04:48 17-08-2007, =?iso-8859-2?Q?Pawe=B3_T=EAcza?= wrote:
My hardware seems to be good enough. It's Sun Fire x4100 M2 server
with 2 x Dual-Core AMD Opteron 2220 SE CPUs and 8GB RAM on the board
and it's bored with its job ;) I think I rather need faster disks.
That should be fast
On Fri, 2007-08-17 at 18:39 +0300, Jari Fredriksson wrote:
> > 2. many ISPs block connections from dynamic IPs, anyway,
> > this is actually common practice.
> >
>
> It's common practise here for households, but not for business users.
> Actually roaming business users with their lap tops actua
At 01:09 AM 8/17/2007, Matthias Haegele wrote:
Dont think so:
http://www.sanesecurity.co.uk/clamav/
"Phishing and Scam Signatures for ClamAV"
As a reminder to people, check the ClamAV readme file (I think that's
the one it's in) and copy the SA rules to your local.cf file.
--
Jerry Durand,
Henrik Krohns wrote:
If you want a simple solution, you can try http://sa.hege.li/ for BadRelay
plugin.
BadRelay makes a fairly fatal assumption: The MTA put the rdns into the
Received header. I know of 2 MTAs that don't do that (they just put the
IP address in, without the rdns name). I
On 8/16/07, Bob Proulx <[EMAIL PROTECTED]> wrote:
> Marc Perkel wrote:
> > Just need a quick answer from a Postfix user. Suppose Postfix is
> > forwarding a message. Is there any way it can add a header with the
> > original IP of the host that they got the message from?
> >
> > X-Original-IP: 0.0.
> Jari Fredriksson wrote on Fri, 17 Aug 2007 14:39:44 +0300:
>
>> Because there is always some friends of some customers
>> using a local linux with a local mail server without
>> smart host.
>
> And that is a problem?
> 1. you can adjust scoring
That's true, I didn't think about it. So true.
On Fri, 2007-08-17 at 16:31 +0200, Kai Schaetzl wrote:
> Robert Fitzpatrick wrote on Fri, 17 Aug 2007 08:56:33 -0400:
>
> > Well, like I said, we had big problems using anything in Botnet except
> > nordns.
>
> That's why everything except the main BOTNET is set to 0 I guess ;-) You
> have to ch
On Fri, 2007-08-17 at 16:31 +0200, Kai Schaetzl wrote:
> Robert Fitzpatrick wrote on Fri, 17 Aug 2007 08:46:25 -0400:
>
> > I tried 'spamassassin -D > results.txt <
> > myspamfile', but only gives me the results of the tests.
>
> spamassassin -D results.txt
>
> should do it.
Still no good, I on
At 08:39 AM 8/17/2007, Jari Fredriksson wrote:
It's common practise here for households, but not for business
users. Actually roaming business users with their lap tops actually
need something like a "personal mail server", and there are such
products for windows too.
Why do they need a "per
Kai Schaetzl wrote:
Robert Fitzpatrick wrote on Fri, 17 Aug 2007 08:56:33 -0400:
Well, like I said, we had big problems using anything in Botnet except
nordns.
That's why everything except the main BOTNET is set to 0 I guess ;-) You
have to check for yourself if it fits or not. I just enable
Eric A. Hall wrote:
On 8/16/2007 12:39 PM, Marc Perkel wrote:
OK - it's interesting that of all of you who responded this is the only
person who is doing it right. I have to say that I'm somewhat surprised
that so few people are preprocessing their email to reduce the SA load.
As we all k
Matus UHLAR - fantomas wrote:
On 16.08.07 15:44, Mike Jackson wrote:
RBL: dynablock.njabl.org
this one is obsole and you should not use it. It was imported to the
SpamHaus PBL and is not maintained by NJABL anymore
Thanks for that. Good to know.
Rob Sterenborg wrote:
Marc Perkel wrote:
Marc Perkel wrote:
OK - it's interesting that of all of you who responded this
is the only person who is doing it right. I have to say that
I'm somewhat surprised that so few people are preprocessing
their email to reduce the SA load. As we a
Hello,
On 16.08.07 14:28, brian ally wrote:
> I'm seeing spamd processes dying consistently:
> Aug 13 09:06:07 subtropolix spamd[23480]: bayes: cannot open bayes
> databases /var/spool/spamassassin/bayes_* R/O: tie failed: Permission denied
> Aug 13 09:06:07 subtropolix spamd[23480]: bayes: locke
At 09:34 AM 8/17/2007, Leonardo Magallon wrote:
Has anyone else been experiencing the same problem?
We get Robyn Miller mail, a year or so ago I added a filter to
local.cf that adds some huge score to any male with that string in it.
One just came in today as "Miller Robyn", I may have to
I left off below that I am using
spam-milter 0.3.1-1
===
I am new to this. I have been running my mail server in various flavors
for 10+ years. Always trying to do better
PLATFORM:
Centos 5.0
1Ghz processor 512Mb memory
From: "Jiyoon franc" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: The poor man' -- Koroviev let some tremor into his voice and
pointed to Behemoth, who immediately concocted a woeful physiognomy - 'the
poor man spends all day reparating primuses.
Date: Fri, 17 Aug 2007 19:03:13 +0200
Messa
That's exactly what I did, but it is not working because they keep on coming
in.
-Original Message-
From: Jerry Durand [mailto:[EMAIL PROTECTED]
Sent: Friday, August 17, 2007 11:38 AM
To: Leonardo Magallon
Cc: users@spamassassin.apache.org
Subject: Re: John Nicolau spam
At 09:34 AM 8/17/
I had great results from grey-listing but my users didn't like
having to wait 30-60-90 minutes for mail, and I understand that. When
you're on the phone with someone and they say "Just sent it," they
expect you to have it in a matter of seconds. As I'm often in that
positition, I had to sup
I've had it with this emails coming from John Nicolau and with that name in
the email body. They started coming in since the beginning of this week.
I added a rule that basically says that if the word "Nicolau" is in the
body, to refuse the email but it is apparently not working.
Has anyone els
On Fri, 2007-08-17 at 09:01 -0700, John Rudd wrote:
> Over the last 9 months, my observation has been that, on a million-ish
> message per day system:
>
> 1) aprox. 1% of Botnet marked messages are false positives
>
> 2) you can reduce false positives from Botnet by 66% by just dropping
> the s
I am new to this. I have been running my mail server in various flavors
for 10+ years. Always trying to do better
PLATFORM:
Centos 5.0
1Ghz processor 512Mb memory
Mail server:Scalix 11.1
MTA: Sendmail ver. 8.13.8
Spamassassin: 3.1.9
Webmin: 1.360
I
On 8/17/07 10:58 AM, "Robert Moskowitz" <[EMAIL PROTECTED]> wrote:
> I left off below that I am using
> spam-milter 0.3.1-1
>
> ===
>
> I am new to this. I have been running my mail server in various flavors
> for 10+ years. Alw
thanks for the quick reply.
James Lay wrote:
On 8/17/07 10:58 AM, "Robert Moskowitz" <[EMAIL PROTECTED]> wrote:
I left off below that I am using
spam-milter 0.3.1-1
===
I am new to this. I have been running my mail server i
On 8/17/07 11:24 AM, "Robert Moskowitz" <[EMAIL PROTECTED]> wrote:
> thanks for the quick reply.
>
> James Lay wrote:
>>
>> On 8/17/07 10:58 AM, "Robert Moskowitz" <[EMAIL PROTECTED]> wrote:
>>
>>
>>> I left off below that I am using
>>> spam-milter 0.3.1-1
>>>
>>> ==
Rick Zeman wrote:
> From: "Jiyoon franc" <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: The poor man' -- Koroviev let some tremor into his voice and
> pointed to Behemoth, who immediately concocted a woeful physiognomy - 'the
> poor man spends all day reparating primuses.
> Date: Fri, 17 A
More questions...
James Lay wrote:
On 8/17/07 11:24 AM, "Robert Moskowitz" <[EMAIL PROTECTED]> wrote:
thanks for the quick reply.
James Lay wrote:
On 8/17/07 10:58 AM, "Robert Moskowitz" <[EMAIL PROTECTED]> wrote:
I left off below that I am using
spam-milter 0.3.1-1
===
On 8/17/07 11:53 AM, "Robert Moskowitz" <[EMAIL PROTECTED]> wrote:
> More questions...
>
> James Lay wrote:
>>
>> On 8/17/07 11:24 AM, "Robert Moskowitz" <[EMAIL PROTECTED]> wrote:
>>
>>
>>> thanks for the quick reply.
>>>
>>> James Lay wrote:
>>>
On 8/17/07 10:58 AM, "Robert M
"Rick Zeman" <[EMAIL PROTECTED]> wrote on 08/17/2007 12:09:34 PM:
> X-Spam-Status: No, hits=3.512 tagged_above=-25 required=4.75
> tests=BAYES_50=0.001, FRT_OPPORTUN1=1, JM_TORA_XM=2.411, RDNS_NONE=0.1
> X-Spam-Level: ***
>
> H.E*R*E WE GO AGAI.N!
>
>
> T H'E B_I+G O+N'E BEFO*RE T*H*E SE+PTEM
John Rudd wrote on Fri, 17 Aug 2007 09:01:27 -0700:
> It's deliberately a 5.0 because the purpose is to flag all such messages
> for human review/quarantine (and there's a small assumption there that
> no rational human being is trashing or rejecting messages at a score in
> the range of 5 to 6
again, chickenpox.cf almost surely would have caught this.
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
Jari Fredriksson wrote on Fri, 17 Aug 2007 18:39:13 +0300:
> It's common practise here for households, but not for business users.
> Actually roaming
business users with their lap tops actually need something like a "personal
mail server",
no, they don't. Not at all.
> and there are such pro
Dear ALL,
Iam running mailscanner with spamasssin. I want to blacklist based
on from id i.e mail from other than xyz domain i want to treat as spam
even through it may be relayed local network. Can it possilble. please
suggest me.
Robert Fitzpatrick wrote on Fri, 17 Aug 2007 11:23:56 -0400:
> Still no good, I only get the message, no debug info...:(
But you get it on the screen, right? You may have to redirect std:err or
what it's called as well to get the dbg output in that file.
> Anyone can tell us what these scores d
I'm installing the prerequisites for SA on a Centos 5 system for the first
time and I notice that it tells me the following:
optional module missing: Mail::SPF
optional module missing: Mail::SPF::Query
optional module missing: Mail::DKIM
optional module missing: Mail::DomainKeys
As I understand M
Yep. Thanks, all. As a johnny-come-lately to spamassassin, what's common
knowledge to you all is a revelation to me. :-)
X-Spam-Flag: YES
X-Spam-Checker-Version: SpamAssassin 3.2.1 (2007-05-02) on
pg-gateway.melwood.com
X-Spam-Level: *
X-Spam-Status: Yes, score=13.7 require
Hm. This is the first I've heard of the chickenpox rule. Where does it
come from? Is it part of SARE?
Rick Zeman wrote:
Yep. Thanks, all. As a johnny-come-lately to spamassassin, what's common
knowledge to you all is a revelation to me. :-)
[EMAIL PROTECTED] 8/17/2007 2:31 PM >>>
Kai Schaetzl wrote:
John Rudd wrote on Fri, 17 Aug 2007 09:01:27 -0700:
3) you can eliminate the false positives entirely by setting the score
to 4.0, because all of the false positives we've come across were in the
range 5.0 <= score < 6 (actually, smaller than 6, but definitely 6 works
ther
Well maybe progress but things are still wrong.
James Lay wrote:
On 8/17/07 11:53 AM, "Robert Moskowitz" <[EMAIL PROTECTED]> wrote:
More questions...
James Lay wrote:
On 8/17/07 11:24 AM, "Robert Moskowitz" <[EMAIL PROTECTED]> wrote:
thanks for the quick reply.
James La
On Fri, 17 Aug 2007 at 13:02 -0700, [EMAIL PROTECTED] confabulated:
Hm. This is the first I've heard of the chickenpox rule. Where does it come
from? Is it part of SARE?
They can be found here:
http://www.rulesemporium.com/other-rules.htm
They haven't been updated in what looks to be
--
View this message in context:
http://www.nabble.com/why-not-checking-%22name%22-%3Cemail-address-pairs-tf4287913.html#a12206492
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
At 13:02 17-08-2007, John Rudd wrote:
Hm. This is the first I've heard of the chickenpox rule. Where
does it come from? Is it part of SARE?
It was written by Jennifer several years ago.
http://www.rulesemporium.com/rules/chickenpox.cf
Regards,
-sm
Hi,
I´m pretty new to SpamAssassin and maybe what I am saying is nonsense or
somebody else has suggested this, or the test already exists but I don´t
know how to configure it, anyway here is my question.
I´ve noticed that some spam messages not marked as spam by spamassassin (the
score is lower
http://wiki.apache.org/spamassassin/CustomRulesets
>>> John Rudd <[EMAIL PROTECTED]> 8/17/2007 4:02 PM >>>
Hm. This is the first I've heard of the chickenpox rule. Where does it
come from? Is it part of SARE?
Rick Zeman wrote:
> Yep. Thanks, all. As a johnny-come-lately to spamassassin, w
http://rulesemporium.com/other-rules.htm
>>> John Rudd <[EMAIL PROTECTED]> 08/17/07 4:02 PM >>>
Hm. This is the first I've heard of the chickenpox rule. Where does it
come from? Is it part of SARE?
Rick Zeman wrote:
> Yep. Thanks, all. As a johnny-come-lately to spamassassin, what's
commo
> -Messaggio originale-
> Da: SM [mailto:[EMAIL PROTECTED]
>
> At 13:02 17-08-2007, John Rudd wrote:
> >Hm. This is the first I've heard of the chickenpox rule. Where
> >does it come from? Is it part of SARE?
>
> It was written by Jennifer several years ago.
>
> http://www.rulesempori
On Fri, 17 Aug 2007, aag_uk wrote:
I´ve noticed that some spam messages not marked as spam by spamassassin (the
score is lower than the limit I´ve set: 5.0. Those emails usually have some
hints that suggest they are probably spam: score about 4.6). These message
are addressed to many people in m
On Fri, 17 Aug 2007, aag_uk wrote:
> These message are addressed to many people in my domain but the
> names before the email address are random. To explain it more
> clearly, for example, the recipient in the TO field is something
> like this: "John" <[EMAIL PROTECTED]>. Very ofter the CC field
> -Original Message-
> From: Kai Schaetzl [mailto:[EMAIL PROTECTED]
> Sent: Friday, August 17, 2007 3:31 PM
> To: users@spamassassin.apache.org
> Subject: prerequisites for SA according to Makefile.PL
>
>
> I'm installing the prerequisites for SA on a Centos 5 system
> for the first
>
On 18.08.07 00:41, sushma wrote:
> Iam running mailscanner with spamasssin. I want to blacklist based
> on from id i.e mail from other than xyz domain i want to treat as spam
> even through it may be relayed local network. Can it possilble. please
> suggest me.
You can blacklist the domai
On Fri, 17 Aug 2007, Giampaolo Tomassoni wrote:
> > -Messaggio originale-
> > Da: SM [mailto:[EMAIL PROTECTED]
> >
> > At 13:02 17-08-2007, John Rudd wrote:
> > >Hm. This is the first I've heard of the chickenpox rule. Where
> > >does it come from? Is it part of SARE?
> >
> > It was wri
On Fri, 17 Aug 2007, Giampaolo Tomassoni wrote:
> > http://www.rulesemporium.com/rules/chickenpox.cf
>
> Why it isn't in a "regular" sare rule? Does it behave well with
> non-english messages?
It may. It can also behave badly in the face of HTML email with a
style sheet.
--
John Hardin KA7OHZ
At 13:58 17-08-2007, Chris St. Pierre wrote:
That's an interesting idea, but it
a) is probably going to be quite resource-intensive;
Not really.
c) requires competent fuzzy matching so that, when a user sends mail
to "Chris St. Pierre <[EMAIL PROTECTED]>", it doesn't flag it
as spam because
At 13:58 17-08-2007, Giampaolo Tomassoni wrote:
Why it isn't in a "regular" sare rule? Does it behave well with non-english
messages?
Quoting http://wiki.apache.org/spamassassin/CustomRulesets
"Chickenpox rules are broken for non-English text, they treat all
accented characters
as non-let
The saga continues.
Still don't have things right, where might I look?
Why does spam assassin continue to try and write to /root ??
Aug 17 17:13:09 z9m9z spamd[10449]: spamd: connection from
localhost.localdomain [127.0.0.1] at port 59858
Aug 17 17:13:09 z9m9z spamd[10449]: spamd: creating de
Robert Moskowitz wrote:
> The saga continues.
>
> Still don't have things right, where might I look?
>
> Why does spam assassin continue to try and write to /root ??
You're running 3.1.9 I see, from past posts.
That version is subject to this bug in the setuid code:
http://issues.apache.org/SpamA
sushma wrote:
>
> Dear ALL,
>
> Iam running mailscanner with spamasssin. I want to blacklist based
> on from id i.e mail from other than xyz domain i want to treat as spam
> even through it may be relayed local network. Can it possilble. please
> suggest me.
>
AFAIK, this should do it:
blackli
Kai Schaetzl wrote:
I see. My pov on quarantine is that as most as possible it should not need
human review. Clients should be bothered as few as possible. I don't
reject
any spam, it's all put in the quarantine. If it scores between 5 and 6
users get a notice, if it is higher they don't.
FWI
That's exactly what I did, but it is not working because they keep on
coming
in.
Perhaps you should show us the rule. I see no reason the following wouldn't
work:
body Nicolau /\bNicolau\b/i
score Nicolau 5
Or:
header F_Nicolau From =~ /Nicolau/i
bodyB_Nicolau /\bNicolau\b/i
meta Yup_
Hm. This is the first I've heard of the chickenpox rule. Where does it
come from? Is it part of SARE?
They can be found here:
http://www.rulesemporium.com/other-rules.htm
They haven't been updated in what looks to be a couple years.
They were VERY useful at one time a few years ago when
It was written by Jennifer several years ago.
http://www.rulesemporium.com/rules/chickenpox.cf
Why it isn't in a "regular" sare rule? Does it behave well with
non-english
messages?
I'm going on memory here, but I *think* that chickenpox had minor problems
with some languages and some encod
>>
>> Hi,=20
>>
>> I=C2=B4m pretty new to SpamAssassin and maybe what I am saying is nonsense =
>> or
>> somebody else has suggested this, or the test already exists but I don=C2=
>> =B4t
>> know how to configure it, anyway here is my question.
>>
>> I=C2=B4ve noticed that some spam messages not
John D. Hardin wrote:
>
> On Fri, 17 Aug 2007, aag_uk wrote:
>
> (1) Check your MTA options. Some allow you to configure rejection of a
> message after X number of invalid recipients are given.
>
> (2) Consider a rule that adds a point if more than X names appear in
> the TO: and/or CC: hea
..that seems new. I see it's an RBL that "contains domains registered
within the last five days".
Can someone explain what that means? I guess it means "seen by DOB
within the last five days" more than a domain that was registered within
the last five days?
I say that because email from my home d
>a) is probably going to be quite resource-intensive;
I don´t really know, according to
http://www.nabble.com/forum/ViewPost.jtp?post=12207486&framed=y
sm-7 say that it shouldn´t be
>b) requires LDAP, NIS, etc., so that SpamAssassin can have a clue
>about your accounts;
>c) requires competent
Can rules like whitelist_from_spf and def_whitelist_from_spf be
shortcircuited
How do I set priorities for such rules
Thanks
Ram
99 matches
Mail list logo
