On 3/19/2008 4:02 AM, Matt Kettler wrote:
Karsten Bräckelmann wrote:
On Tue, 2008-03-18 at 20:00 -0400, Matt Kettler wrote:
Arvid Ephraim Picciani wrote:
urm, i just figured those geocity sites are all on the URIBL. but
sa doesn't seem to check those. any hint how to add it?
It s
Mitchell Hudson schrieb am 18.03.2008 23:59:
Simply it's not scoring, it leanrs, but doesn't put a score on any mail.
#spamassassin -D --lint
[23822] dbg: bayes: using username: spamassassin
[23822] dbg: bayes: database connection established
[23822] dbg: bayes: found bayes db version 3
[2382
> From: Arvid Ephraim Picciani <[EMAIL PROTECTED]>
> Organization: IB C SOLUTIONS LTD
> Date: Mon, 17 Mar 2008 21:43:27 +0100
> To:
> Subject: ways to react faster to spam attacks
>
> greetings.
> most of the spam we get (like 90%) is the usual internet noise. sa filters
> them perfectly with 10
Hi. I'm seeing lots of these get by:
http://pastebin.com/m8520d64
anyone have a rule for these?
The last one I put up is at:
http://pastebin.com/m159c02de
Thanks,
Jamie
On Wednesday 19 March 2008 13:21:20 James E. Pratt wrote:
> Hi. I'm seeing lots of these get by:
>
> http://pastebin.com/m8520d64
>
> anyone have a rule for these?
>
> The last one I put up is at:
>
> http://pastebin.com/m159c02de
>
> Thanks,
>
> Jamie
yeah exactly my issue. the site is in uribl a
On 3/19/2008 1:24 PM, Arvid Ephraim Picciani wrote:
On Wednesday 19 March 2008 13:21:20 James E. Pratt wrote:
Hi. I'm seeing lots of these get by:
http://pastebin.com/m8520d64
anyone have a rule for these?
The last one I put up is at:
http://pastebin.com/m159c02de
Thanks,
Jamie
yeah exac
OK, Mouss
2008/3/18, mouss <[EMAIL PROTECTED]>:
> Loren Wilton wrote:
> >> Hi, I'm kinda getting tired of reporting these mails (both to my local
> >> SA and to SpamCop), and so are my customers. My problem is that the
> >> spammers are using a large ISP's mail server, and that particular ISP
>
Luis Hernán Otegui wrote:
[snip]
how about something like
headerNONFQHELO_DYN1 X-Spam-Relays-Untrusted =~ /^[^\]]+
rdns=\S*[^a-z]{9}\S+ helo=[^\.\s]+ /i
score NONFQHELO_DYN1 3.0
describe NONFQHELO_DYN1 non fqdn helo from dynamic client
?
I'll go with this, and tomorrow
Andrew Wilkinson wrote:
I'm experimenting with Fedora 8 and a miltered sendmail configuration
running as a mail gateway (smf-sav, smf-spf, milter-greylist,
clamav-milter, spamass-milter). I've configured spamassassin's local.cf
with a custom rule. It's a simple regex which checks the 'Receive
For some strange reason, I'm seeing Cyrillic spams very frequently lately.
None of my users read any Eastern European languages- is there a quick
way to catch these?
thanks
-Mike
Henrik K wrote:
On Wed, Mar 19, 2008 at 02:48:34PM +0100, mouss wrote:
Luis Hernán Otegui wrote:
[snip]
how about something like
headerNONFQHELO_DYN1 X-Spam-Relays-Untrusted =~ /^[^\]]+
rdns=\S*[^a-z]{9}\S+ helo=[^\.\s]+ /i
score NONFQHELO_DYN1 3.0
describe NONFQHELO_DY
On Wednesday 19 March 2008 03:36:18 Karsten Bräckelmann wrote:
> Arvid, try googling for that string. It has been mentioned (to avoid the
> word "leaked" ;) on this list a few times. And FWIW, bug 5777 holds a
> long-ish and heated discussion.
> https://issues.apache.org/SpamAssassin/show_bug.cgi
Thank you so much for the help.
I have a few questions though, you said I am not using
bayes_sql_override_username but I have "bayes_sql_override_username
spamassassin " in my config, does that not count? As well I tried
setting the min_ham and min_spam to 1 just for a short test, and took
> Mitchell Hudson schrieb am 18.03.2008 23:59:
>
>> #From local.cf:
>> bayes_sql_override_username spamassassin
>
> You are NOT using bayes_sql_override_username ,
> that means you are using a per-user bayes filter. You
> probably call spamc with -u , so every
> has its own set of tokens learne
Hi everyone,
I've tried looking this up and i dunno if i missed the part about the
explanation or not but i couldn't find it.
When training spamassassin with new spam and ham mails does the database
need an existing copy of the emails you trained it with in order to work?
For instance:
i us
Hi everyone,
I've tried looking this up and i dunno if i missed the part about the
explanation or not but i couldn't find it.
When training spamassassin with new spam and ham mails does the database
need an existing copy of the emails you trained it with in order to work?
For instance:
i use
On Wednesday 19 March 2008 18:54:24 James wrote:
> i use sa-learn and train it with say 6k emails.
> i delete the original emails.
> Does the database need to read anything from those emails or is it ok to
> get rid of them?
you could as well just pipe the mails to sa-learn, which doesn't take any
Mitchell Hudson schrieb am 19.03.2008 18:18:
I have a few questions though, you said I am not using
bayes_sql_override_username but I have "bayes_sql_override_username
spamassassin " in my config, does that not count?
I'm sorry, I overlooked that. Yes, in the configuration that you posted
Alex Woick wrote:
Mitchell Hudson schrieb am 19.03.2008 18:18:
I have a few questions though, you said I am not using
bayes_sql_override_username but I have "bayes_sql_override_username
spamassassin " in my config, does that not count?
I'm sorry, I overlooked that. Yes, in the configuratio
On Wed, 19 Mar 2008, James wrote:
When training spamassassin with new spam and ham mails does the database
need an existing copy of the emails you trained it with in order to
work?
You don't *need* to retain the trained messages, but I believe it is a
good idea to retrain your training corpu
Hi
Can you show us your spamassassin configuration : local.cf
Thanks
Mitchell Hudson schrieb am 19.03.2008 18:18:
I have a few questions though, you said I am not using
bayes_sql_override_username but I have
"bayes_sql_override_username spamassassin " in my config, does
that not co
Sure, I'll repaste the bayes portion, and include the rest of the file
for good measure. Thanks again!
# SpamAssassin config file for version 3.2x
# Loading SpamAssassin User Preferences From An SQL Database
user_scores_dsn
DBI:mysql:spamassassin:mysql_socket=/var/lib/mysql/mysql.
Henrik K wrote:
On Wed, Mar 19, 2008 at 05:35:32PM +0100, mouss wrote:
Henrik K wrote:
On Wed, Mar 19, 2008 at 02:48:34PM +0100, mouss wrote:
Luis Hernán Otegui wrote:
[snip]
how about something like
headerNONFQHELO_DYN1 X-Spam-Relays-Untrusted =~ /^[^\
My conf for an old mysql version
bayes_store_module Mail::SpamAssassin::BayesStore::SQL
bayes_sql_dsn DBI:mysql:spam:localhost
for a recent mysql version
bayes_store_module Mail::SpamAssassin::BayesStore::MYSQL
bayes_sql_dsn DBI:mys
> -Original Message-
> From: Yet Another Ninja [mailto:[EMAIL PROTECTED]
> Sent: Thursday, 20 March 2008 1:48 a.m.
> To: Arvid Ephraim Picciani
> Cc: users@spamassassin.apache.org
> Subject: Re: blogspot spam
>
> On 3/19/2008 1:24 PM, Arvid Ephraim Picciani wrote:
> > On Wednesday 19 March
> -Original Message-
> From: Mike Pepe [mailto:[EMAIL PROTECTED]
> Sent: Thursday, 20 March 2008 5:18 a.m.
> To: users@spamassassin.apache.org
> Subject: Cyrillic spam
>
> For some strange reason, I'm seeing Cyrillic spams very frequently
lately.
>
> None of my users read any Eastern Euro
On Wed, 19 Mar 2008, John Hardin wrote:
You don't *need* to retain the trained messages, but I believe it is a
good idea to retrain your training corpus.
Dammit. *retain*, not *retrain*.
--
John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
[EMAIL PROTECTED]FALaholic
At 12:48 PM 3/19/2008, Michael Hutchinson wrote:
For those that don't run SA 3.2.3, you could test this rule:
uri CST_URI_BLOGSPOTm,http://\w+\.blogspot\.com\b,
describe CST_URI_BLOGSPOT blogspot.com throwaway URI
score CST_URI_BLOGSPOT 3.4
A few people disagree with
On Wednesday 19 March 2008 20:48:00 Michael Hutchinson wrote:
> For those that don't run SA 3.2.3, you could test this rule:
> uri CST_URI_BLOGSPOTm,http://\w+\.blogspot\.com\b,
> describe CST_URI_BLOGSPOT blogspot.com throwaway URI
> score CST_URI_BLOGSPOT 3.4
thanks Mi
Hope this helps:
# mysql -V
mysql Ver 14.12 Distrib 5.0.44, for pc-linux-gnu (i686) using readline 4.3
It would be nice if it was a mysql problem, those are usually easy
enough to fix, but I couldn't find any bugs related to what I'm seeing,
though I could certainly have missed something.
L
Henrik K wrote:
You are missing the point. It doesn't matter if it's not bringing _you_
anything. The correct method is External. If you don't have any extra
trusted_networks set, it works identically no matter which you use. But for
those who want to do something that's documented and correct, i
http://pastebin.com/m8520d64
http://pastebin.com/m159c02de
This is just off the top of my head, and needs linting and maybe tweaking
the scores.
uriBAD_BLOGSPOTm'http://[a-z]+\d+\.blogspot\.com'i
scoreBAD_BLOGSPOT1
body__SOFTWARES/(?:product|software|softs|opportuni
I tried both just to be sure, but neither changed the messages when I
did a --lint.
I noticed your dsn line was different than mine, so I tried changing it
to localhost from :bayes_sql_dsn
DBI:mysql:spamassassin:mysql_socket=/var/lib/mysql/mysql.sock
But then it just didn't con
I am seeing a strange problem. A woman at our company sends out a
newsletter, and several people said when they replied, the reply was
rejected on our end by SA. A little testing shows this is true!! If you
compose a message from Yahoo to Julie, it goes fine. If she sends one to
your Yahoo acc
No, SpamAssassin isn't blocking it. Something else is, but saying
"SpamAssassin".
SpamAssassin doesn't have the capability to block messages.
At 01:58 PM 3/19/2008, dougp23 wrote:
I am seeing a strange problem. A woman at our company sends out a
newsletter, and several people said when they
Henrik K wrote:
On Wed, Mar 19, 2008 at 09:27:27PM +0100, mouss wrote:
If the registrar MX relays mail to you, it should be in internal_networks,
thus *-External will match . If it doesn't, then your internal/trusted is
set up wrong.
I always thought "internal" meant "under my control".
Hmm... I was checking around and I found a bug with apache that might be
related, but wanted to run it by here first:
The bug is here:
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5728
and is related to spamd using -u in conjunction with -q and/or -Q
I'm calling spamd with this comman
Michael Hutchinson wrote:
-Original Message-
From: Mike Pepe [mailto:[EMAIL PROTECTED]
Sent: Thursday, 20 March 2008 5:18 a.m.
To: users@spamassassin.apache.org
Subject: Cyrillic spam
For some strange reason, I'm seeing Cyrillic spams very frequently
lately.
None of my users read any E
> -Original Message-
> From: Arvid Ephraim Picciani [mailto:[EMAIL PROTECTED]
> Sent: Thursday, 20 March 2008 9:04 a.m.
> To: users@spamassassin.apache.org
> Subject: Re: blogspot spam
>
> On Wednesday 19 March 2008 20:48:00 Michael Hutchinson wrote:
> > For those that don't run SA 3.2.3,
> -Original Message-
> From: news [mailto:[EMAIL PROTECTED] On Behalf Of NFN Smith
> Sent: Thursday, 20 March 2008 1:54 p.m.
> To: users@spamassassin.apache.org
> Subject: Re: Cyrillic spam
>
> Michael Hutchinson wrote:
> >> -Original Message-
> >> From: Mike Pepe [mailto:[EMAIL PR
40 matches
Mail list logo
