dougp23 schrieb:
I'm stumped!! Here's some headers from our most recent test:
look at your sendmail configuration or maybe some of your milter
settings ... thats not spamassassin ...
/jd
i think in your local.cf it s not Mail::SpamAssassin::BayesStore::*SQL *
but Mail::SpamAssassin::BayesStore::*MySQL*
tries this
Mitchell Hudson a écrit :
Hmm... I was checking around and I found a bug with apache that might
be related, but wanted to run it by here first:
The bug is here:
https
Hi,
I have a problem that mails from internal (private) IPs generate
SPF_FAIL hits. E.g. my configuration is
| internal_networks 62.153.82.30
| internal_networks 192.168.0.0/16
|
| trusted_networks62.153.82.30
| trusted_networks192.168.8.0/24
Then, an (untrusted but
nice. spam on the spamassassin ml. anyone got a rule for those already? :D
On Thursday 20 March 2008 11:13:09 agnello george wrote:
> Hi,
> I started your industry profile on Orglex by adding you as my contact and
> joined Management Consulting, Commercial Banks, Mobile Operators,
> Magazines,
Plese, there is a BIG problem with spamassassin!!
Some mail locks spamassassin and the entire mail system!
I can't understand which the problem is, but is becoming a very very big
problem!
Here are the links to the two mails that hang bayes filter. If I disable
bayes filter mail is correctly
On Wed, March 19, 2008 13:21, James E. Pratt wrote:
> http://pastebin.com/m8520d64
> http://pastebin.com/m159c02de
http://www.gossamer-threads.com/lists/spamassassin/users/90664
Botnet plugin hits them nicely
Benny Pedersen
Need more webspace ? http://www.servage.net/?coupon=cust37098
Paolo
Upgrade to latest 3.2.4, run sa-update and see if this makes any difference.
There where a couple of nasty buglets in 3.2.3 that could slow the whole the
thing down.
--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300
> -Original Message-
> From
DNS ADMINS at godaddy need a lesson in RFC's.
host -t mx godaddy.com
godaddy.com mail is handled by 0 smtp.secureserver.net.
godaddy.com mail is handled by 10 mailstore1.secureserver.net.
host -t a smtp.secureserver.net
smtp.secureserver.net is an alias for smtp.where.secureserver.net.
smtp.where.s
Yea, if SA list is going to allow spam they should lose their whitelist
settings.
RCVD_IN_DNSWL_MED=-4
--
Michael Scheidell, CTO
>|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
FreeBsd SpamAssassin Ports maintainer
Charter member, ICSA labs anti-spam consortium
__
On 3/20/08, Arvid Ephraim Picciani <[EMAIL PROTECTED]> wrote:
>
> nice. spam on the spamassassin ml. anyone got a rule for those already? :D
>
> On Thursday 20 March 2008 11:13:09 agnello george wrote:
> > Hi,
> > I started your industry profile on Orglex by adding you as my contact and
> > joine
On Thu, 20 Mar 2008 17:18:03 +0530, "Agnello George"
<[EMAIL PROTECTED]> wrote:
>On 3/20/08, Arvid Ephraim Picciani <[EMAIL PROTECTED]> wrote:
>>
>> nice. spam on the spamassassin ml. anyone got a rule for those already? :D
>>
>> On Thursday 20 March 2008 11:13:09 agnello george wrote:
>> > Hi,
>
On Thursday 20 March 2008 12:48:03 Agnello George wrote:
> SO SORRY!! THIS IS A BIG MISTAKE ON MY BEHALF !!! DIDN'T KNOW IT TOOK
> ALL MY ADDRESSES IN MY ADDRESS BOOK!!
> THERE IS NOTHING I CAN DO TO REVERSE
> I DO APOLOGIES AGAIN !!
>
> AGNELLO
it's all good. wasn't dead serious anyway (see the sm
Michael Scheidell wrote:
DNS ADMINS at godaddy need a lesson in RFC's.
host -t mx godaddy.com
godaddy.com mail is handled by 0 smtp.secureserver.net.
godaddy.com mail is handled by 10 mailstore1.secureserver.net.
host -t a smtp.secureserver.net
smtp.secureserver.net is an alias for smtp.where.s
Paolo De Marco wrote:
> Plese, there is a BIG problem with spamassassin!!
>
> Some mail locks spamassassin and the entire mail system!
>
> I can't understand which the problem is, but is becoming a very very big
> problem!
>
> Here are the links to the two mails that hang bayes filter. If I dis
> >> It should use X-Spam-Relays-External. Still a common minconception that
> >> untrusted == external.
> > can you explain why it should use *-external instead of *-untrusted?
On 19.03.08 20:47, Henrik K wrote:
> Inspired by this thread I submitted this, which should explain it:
>
> https://is
On 19.03.08 09:17, Mike Pepe wrote:
> For some strange reason, I'm seeing Cyrillic spams very frequently lately.
>
> None of my users read any Eastern European languages- is there a quick
> way to catch these?
configure properly ok_locales (it defines charsets in which you accept
e-mail) and opt
> > For some strange reason, I'm seeing Cyrillic spams very frequently
> > lately.
> >
> > None of my users read any Eastern European languages- is there a quick
> > way to catch these?
On 20.03.08 08:54, Michael Hutchinson wrote:
> You could use the ok_languages and ok_locales settings. I'm sure
I'm sorry I should have responded to you directly, I did try both, but
encountered the same problem. It'll connect to the database and
learn/store tokens, just won't compare against them.
Thanks again!
--Mitch
LEVEAU Stanislas wrote:
i think in your local.cf it s not
Mail::SpamAssassin::Baye
On 19.03.08 18:42, Enrico Scholz wrote:
> I have a problem that mails from internal (private) IPs generate
> SPF_FAIL hits. E.g. my configuration is
>
> | internal_networks 62.153.82.30
> | internal_networks 192.168.0.0/16
> |
> | trusted_networks62.153.82.30
> | trusted_netwo
Now that URIBL is marking blogspot.com in addition to googlepages.com,
I'd like to update my config to reflect that. I have a single line
currently:
util_rb_2tld googlepages.com
what is the correct syntax to add blogspot.com? Do I create two lines,
or do I stack domains on a single line?
ie:
u
Leveau Stanislas schrieb am 19.03.2008 19:39:
Can you show us your spamassassin configuration : local.cf
My configuration is working very well, and it is this:
(running under Fedora 7, with a remote Windows MySql 5.0.37 server).
whitelist_bounce_relays lxrouter.wombaz.localnet *.prima.de
tru
John Thompson ha scritto:
If you're not using the latest spamassassin, consider updating. Also, be
aware that there is a DoS exploit involving perl-Net-DNS, which
spamassassin uses, be sure to check and update that as well if necessary:
http://secunia.com/advisories/29343/
I have update p
At 03:12 20-03-2008, Arvid Ephraim Picciani wrote:
nice. spam on the spamassassin ml. anyone got a rule for those already? :D
It's already included in SpamAssassin:
HTML_MESSAGE,HTML_MIME_NO_HTML_TAG,MIME_HTML_ONLY,MIME_HTML_ONLY_MULTI,MPART_ALT_DIFF,SPF_NEUTRAL
The score was 7.1.
At 04:48 2
Paolo De Marco wrote:
Plese, there is a BIG problem with spamassassin!!
Some mail locks spamassassin and the entire mail system!
I can't understand which the problem is, but is becoming a very very big
problem!
Here are the links to the two mails that hang bayes filter. If I disable
bayes f
On Thursday 20 March 2008 16:31:54 SM wrote:
> At 03:12 20-03-2008, Arvid Ephraim Picciani wrote:
> >nice. spam on the spamassassin ml. anyone got a rule for those already? :D
>
> It's already included in SpamAssassin:
>
> HTML_MESSAGE,HTML_MIME_NO_HTML_TAG,MIME_HTML_ONLY,MIME_HTML_ONLY_MULTI,MPAR
Matus UHLAR - fantomas <[EMAIL PROTECTED]> writes:
>> I have a problem that mails from internal (private) IPs
>> generate SPF_FAIL hits. E.g. my configuration is
>>
>> | internal_networks 62.153.82.30
>> | internal_networks 192.168.0.0/16
>> |
>> | trusted_networks62.153.82.3
On Thu, 20 Mar 2008, Mitchell Hudson wrote:
I'm sorry I should have responded to you directly, I did try both, but
encountered the same problem. It'll connect to the database and
learn/store tokens, just won't compare against them.
Have you tried running a database trace utility to verify (1)
I don't recall seeing any comments about the Bayes configuration
details, and I've deleted older messages from the thread.
Something that might be biting you is Bayes expiry; this is
particularly important to configure correctly for a global Bayes db.
I don't see anything especially nast
At 08:44 20-03-2008, Arvid Ephraim Picciani wrote:
wow. i got -1.0 here. you're filtering html agressivly?
That's from ASF.
It's better to whitelist messages from an antispam list given the
nature of the discussion.
Regards,
-sm
- Original Message -
From: "McDonald, Dan" <[EMAIL PROTECTED]>
To:
Sent: Thursday, March 20, 2008 4:55 PM
Subject: util_rb_2tld syntax?
man Mail::SpamAssassin::Conf is your frends.
All stuff to one line.
On Thursday 20 March 2008 18:25:15 SM wrote:
> At 08:44 20-03-2008, Arvid Ephraim Picciani wrote:
> >wow. i got -1.0 here. you're filtering html agressivly?
>
> That's from ASF.
what's ASF?
tests there where:
-0.0 SPF_PASS SPF: sender matches SPF record
1.0 FUZZY_ROLEXBOD
On Thursday 20 March 2008 18:44:14 Arvid Ephraim Picciani wrote:
> not really. we don't say things like " or "*" too
> often :D
hahahaha i shouldnt have provoked it!
just got a bounceback from some MS filter which was almost filtered by my SA
which would propably result in a bounceback wh
Details on configuration. Both machines, ma1 and ma2 are identical.
We are running:
sendmail
spamhaus.org blacklist which rejects the majority of mail so
SpamAssassin does not have to process that chunk of mail.
spamd (spamassassin) - 2 instances of spamd on each machine.
mimedefang
clamav
a f
On Wednesday 19 March 2008 21:37:27 Loren Wilton wrote:
> This is just off the top of my head, and needs linting and maybe tweaking
> the scores.
>
> uriBAD_BLOGSPOTm'http://[a-z]+\d+\.blogspot\.com'i
> scoreBAD_BLOGSPOT1
>
> body__SOFTWARES/(?:product|software|softs|opportu
At 10:44 20-03-2008, Arvid Ephraim Picciani wrote:
what's ASF?
That's the Apache Software Foundation.
not really. we don't say things like "free office 2008" or "VIAGRA" too
often :D
Yes, we do; see above. :-)
Regards,
-sm
so i got these fake error messages http://rafb.net/p/yESmY248.html
it claims to be sent by [EMAIL PROTECTED]
SPF would reveal that 59.103.12.204 isn't us. (looks like a dialup in
pakistan to me) but sa doesn't seem to check the SPF at all. any idea why?
--
best regards/Mit freundlichen Grüßen
Ar
Well, you could always change
QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue" ; export QMAILQUEUE
To this
QMAILQUEUE="/var/qmail/bin/qmail-queue" ; export QMAILQUEUE
And bypass the scanner logic on valid auth
Couldn't you?
;->
Otherwise, it would appear you need to better understand qmail an
SM wrote:
> >THERE IS NOTHING I CAN DO TO REVERSE
>
> You can "recall" the message. :-)
No you can't. I can't tell if by the smiley you are really joking or
not but I will assume your humor is dry and you were really joking.
But you were too subtle in that case. So many people think that they
c
On 3/20/08 at 7:36 AM -0400 Michael Scheidell wrote:
>So, godaddy, you use SpamAssassin?
I found out the hard way that Godaddy doe use SpamAssassin to scan
customers' outgoing mail. Up until late last year I was renting a
dedicated server from them. Suddenly one day most of the mail sent by my
b
Michael Scheidell wrote:
> But then again, this is the bunch that blacklisted MY WHOLE CLASS C when a
> vendor plugged an infected laptop into our conference room jack on the
> outside of our firewall (vendors are now forbidden from connecting to our
> network. If they don't have a evdo card they
On Thu, March 20, 2008 2:22 pm, Bob Proulx wrote:
> When I get a recall message from someone I routinely forward their
> message back to them along with a note asking why they wanted to have a
> copy if their message sent back to them just to drive home the point that
> it doesn't work.
When I wor
Evan Platt wrote:
> The e-mail had a pretty vague subject ("numbers" or something), and
> the body of the message was vague, like "Here's the latest" with an
> attached Excel spreadsheet. I almost deleted it until he not only
> 'recalled' it,
And if nothing else had happened for another day you pr
Periodically when manually learning a spam I get the below:
[EMAIL PROTECTED] ~]$ spamassassin -r spam1.txt
[28619] warn: reporter: razor2 report failed: No such file or directory
reporter: razor2 had unknown error during authenticate
at /usr/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/Plugin/Ra
My email is hosted on a shared hosting site where I don't have much
access to the good stuff, like syslog and /var/*anything*. For that
reason, I believe spamc/spamd is out for me. They do in fact have spamd
running. Here's the ps -aux output
root 9532 0.0 0.6 69628 24544 ? Ss
Arvid Ephraim Picciani wrote:
so i got these fake error messages http://rafb.net/p/yESmY248.html
it claims to be sent by [EMAIL PROTECTED]
SPF would reveal that 59.103.12.204 isn't us. (looks like a dialup in
pakistan to me) but sa doesn't seem to check the SPF at all. any idea why?
Hmm...
body SOFTWARE_AD
/(?:|\bbezahlen.*runterladen|Windows\bund\bmit\bMacintosh|\bOriginalversionen\b.*\blegal\b)/i
You probably want to adjust this a little bit. There are a few things here
that make me think you aren't getting quite what you expect.
1.Remove that first vertical bar. It
You can "recall" the message. :-)
No you can't. I can't tell if by the smiley you are really joking or
Sometimes you can. In the past it was considerably more possible, but
vandals resulted in the feature being removed from a lot of stuff.
In some versions of Outlook you can recall a mess
47 matches
Mail list logo
