We get a small percentage of SPAM being tagged by SA as well due to most
of it being caught by the rblsmtpd option in tcpserver.
What does your qmail config file look like?
I say not to look at just your spamd logs but also your smtp(d) logs.
You might see more of what's being tagged/blocked ther
> RE: training. I don't know. My experience w/ SA is that
> it just works and I haven't dealt with it at this level yet.
> What is strange is that SA appeared to be working fine
> for my client, then all of the sudden this spike in spam
> occurred... and as I said, 99% of the spams have the
> sen
Hi,
I am working with Postfix and I am searching for a solution for the
following issue:
- all mails coming from hosts on a RBL should be /dev/nulled
- all other mails should be forwarded to another email address not on
the same server
Can you give me some hints how to do that?
Regards,
Dietmar
Jeff,
> Thanks for the patch Mark. I'll put it in production tomorrow.
For your purpose, you want to run it with option '-d info', e.g.:
# amavisd -d info
which will give you the 'info'-level debug at amavisd log level 1
or above (set: $log_level=1);
With the next version I'll make the '-d in
Anyone able to help me out here?
> I guess the question is, what should I be looking for (or looking for the
> absence of), and where? Does the presence of the "X-Spam-Status" header
> indicate that SA is being called, or does it suggest that MailScanner is
> trying to call it but failing every t
On Tue, 2007-09-25 at 12:39 +0200, Dietmar Braun wrote:
> Hi,
>
> I am working with Postfix and I am searching for a solution for the
> following issue:
>
> - all mails coming from hosts on a RBL should be /dev/nulled
http://www.postfix.org/uce.html#smtpd_client_restrictions
> - all other mails
Hi, list. In the past few months, I've seen an increasing rate of
mails coming from many servers hosted here in Argentina, with valid
domains, and Linux architecture (at least, that's what p0f is
reporting), thus they get -1'ed at scoring.
Digging around I've found many of these companies offering
Hellow All, is there a detail explanation about the spamassassin's
network tests?
I have only found http://wiki.apache.org/spamassassin/UsingNetworkTests,
it says something like "*URIDNSBL: *These perform a high number of DNS
lookups" but without a detail about what tests are those peformed.
On Mon, 24 Sep 2007, feral wrote:
> RE: training. I don't know. My experience w/ SA is that
> it just works and I haven't dealt with it at this level yet.
> What is strange is that SA appeared to be working fine
> for my client, then all of the sudden this spike in spam
> occurred... and as I sa
On Tue, 25 Sep 2007, Leon Kolchinsky wrote:
> As Dave said it seems that your problem in whitelist
> configuration. Please use whitelist_from_rcvd instead of whatever
> you are using.
How so? The samples he posted did not say that whitelist rules were
hitting.
--
John Hardin KA7OHZ
On Tue, 25 Sep 2007, Luis Hernán Otegui wrote:
> I want to know how to report them to a RBL server (currently I report
> them via SpamCop, Razor and DCC, besides I'm blacklisting them at
> local.cf), but I think it would be good for the rest of us here in
> Argentina to blacklist these guys.
Do t
Hello, I am new to SA and to this list so handle with care : )
I am building a new Sendmail server to replace our internal gateway. In
addition to providing internal application delivery, I want this box to be the
second hop in from the internet. As such, I want to have an additional layer of
b
2007/9/25, John D. Hardin <[EMAIL PROTECTED]>:
> On Tue, 25 Sep 2007, Luis Hernán Otegui wrote:
>
> > I want to know how to report them to a RBL server (currently I report
> > them via SpamCop, Razor and DCC, besides I'm blacklisting them at
> > local.cf), but I think it would be good for the rest
John D. Hardin wrote:
>
> On Mon, 24 Sep 2007, feral wrote:
>
>> RE: training. I don't know. My experience w/ SA is that
>> it just works and I haven't dealt with it at this level yet.
>> What is strange is that SA appeared to be working fine
>> for my client, then all of the sudden this spi
On Tue, 25 Sep 2007, feral wrote:
> Whatever the case, global bayes or not, or even bayes or not, how
> could an email with the obvious porn words in the subject (as in
> my examples) NOT get flagged?
If bayes was mistrained to consider such words hammy, then BAYES_00
could drag the score back do
John D. Hardin wrote:
>
> On Tue, 25 Sep 2007, feral wrote:
>
>> Whatever the case, global bayes or not, or even bayes or not, how
>> could an email with the obvious porn words in the subject (as in
>> my examples) NOT get flagged?
>
> If bayes was mistrained to consider such words hammy, the
John D. Hardin wrote:
>
> On Tue, 25 Sep 2007, feral wrote:
>
>> Whatever the case, global bayes or not, or even bayes or not, how
>> could an email with the obvious porn words in the subject (as in
>> my examples) NOT get flagged?
>
> If bayes was mistrained to consider such words hammy, the
At 11:45 AM 9/25/2007, feral wrote:
X-Spam-Status: No, score=-0.6 required=4.0 tests=BAYES_00,HOT_NASTY,PORN_16
autolearn=no version=3.1.9
So BAYES_00 brought the score down to negative .6 ? Methinks the BAYES is
not
even functional (database absent).
How do I enable network tests?
On Tue, 2007-09-25 at 11:38 -0700, feral wrote:
>
>
> John D. Hardin wrote:
> >
> > On Tue, 25 Sep 2007, feral wrote:
> >
> >> Whatever the case, global bayes or not, or even bayes or not, how
> >> could an email with the obvious porn words in the subject (as in
> >> my examples) NOT get flagge
On Tue, 25 Sep 2007, feral wrote:
> X-Spam-Status: No, score=-0.6 required=4.0 tests=BAYES_00,HOT_NASTY,PORN_16
> autolearn=no version=3.1.9
>
> So BAYES_00 brought the score down to negative .6 ?
Probably.
> Methinks the BAYES is not even functional (database absent).
It wouldn't give
On Tue, 25 Sep 2007, feral wrote:
> How do I enable network tests?
...and make sure your DNS on that box is configured and working, and
you will probably want to install a local caching DNS server as well.
--
John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
[EMAIL PROTECT
Hmmm... deepest thread here w/ John Hardin somehow got
broken... nabble hiccup?
So I am posting response here:
Daniel McDonald wrote:
> basically, ensure it can resolve DNS. You can force it with
>
> dns_available yes
> use_bayes_rules
> If you want to turn bayes off:
>
> use_bayes 0
> or
On Tue, 2007-09-25 at 12:15 -0700, feral wrote:
>
> Hmmm... deepest thread here w/ John Hardin somehow got
> broken... nabble hiccup?
>
> So I am posting response here:
>
> Daniel McDonald wrote:
>
>
> > basically, ensure it can resolve DNS. You can force it with
> >
> > dns_available yes
[
I'm pretty close to killfiling Nabble posters.
Nabble is to spamassassin as Google Groups is to usenet.
Seriously.
At 12:15 PM 9/25/2007, feral wrote:
Hmmm... deepest thread here w/ John Hardin somehow got
broken... nabble hiccup?
So I am posting response here:
I thought I read in an earlier post that some of the SARE rules,
specifically the rules targeting the nigerian 419 spam, had not been
updated in some time because they had been rolled in to version 3.2.x.
Is that correct, and if so, are there any other SARE rules that should
be gotten rid of after
I am stopping using Nabble and just emailing my
posting and responses.
Evan Platt wrote:
I'm pretty close to killfiling Nabble posters.
Nabble is to spamassassin as Google Groups is to usenet.
Seriously.
At 12:15 PM 9/25/2007, feral wrote:
Hmmm... deepest thread here w/ John Hardin somehow
On Tue, 25 Sep 2007, feral wrote:
> Hmmm... deepest thread here w/ John Hardin somehow got
> broken... nabble hiccup?
My pruning stuff.
> Where is this configuration file?
Probably under /etc/mail/spamassassin
> John Hardin wrote:
>
> > Look for the command line that starts SA. If "-L" or "-
On Mon, 24 Sep 2007 12:44:47 -0700
Raquel <[EMAIL PROTECTED]> wrote:
> On a new server I'm running Debian Etch, Sendmail and
> SpamAssassin, hosting email for a few accounts. I'm contemplating
> converting my SpamAssassin to using MySQL. Is there a "HOWTO"
> somewhere which would be good to foll
On Wed, 2007-09-19 at 18:49 +0200, Karsten Bräckelmann wrote:
> On Wed, 2007-09-19 at 00:54 -0400, Matt Kettler wrote:
> > Chr. v. Stuckrad wrote:
>
> > > Seemingly our spamc (3.1.9, not yet 3.2.*) can not
> > > transfer a special kind of current spam to a remote
> > > spamd. Those Mails always p
I am trying to find a mail proxy/spamassassin solution for 2 situations.
Situation 1 is
Mail Server --> Mail Proxy --> Internet
Situation 2 is
Mail Client --> Mail Proxy --> Mail Server
Mail Proxy is on a seperate server.
I think MailScanner will work but after reading through part of
tuxbeagle wrote:
> I am trying to find a mail proxy/spamassassin solution for 2 situations.
> Situation 1 is
> Mail Server --> Mail Proxy --> Internet
>
> Situation 2 is
> Mail Client --> Mail Proxy --> Mail Server
>
> Mail Proxy is on a seperate server.
>
> I think MailScanner will work b
Dears,
well, I just did version 0.01 of the URIWhois plugin.
Its purpose is mainly to detect some spam containing URIs to sites in
brand-new domains, or having some conflict in whois and dns records, or
being driven by specific dns servers.
So, it is meant to do something I believe someone else
Quoting Giampaolo Tomassoni <[EMAIL PROTECTED]>:
> Dears,
>
> well, I just did version 0.01 of the URIWhois plugin.
>
> Its purpose is mainly to detect some spam containing URIs to sites in
> brand-new domains, or having some conflict in whois and dns records, or
> being driven by specific dns ser
33 matches
Mail list logo
