Re: All emails being tagged URIBL

In article , David Hasbrouck writes >I am having an issue where all my emails are getting tagged with >URIBL_RED/GREY/BLACK.  Emails that contain invalid domains in them >are also getting tagged. > >From the information I have found, to test this, I should lookup >the domain

From: and To: Spamers

Hello *, since arrount 5 days I am hit by several 10.000 very small (~2 kByte) messages which use my email addresse in "From:" and "To:"... Does anyone know, how to stop this shit effectively? 1st mail server is courier-mts + courier-imap + spamassassin + clamav 2nd mail server is postfix + d

Spam with HUGE negative scores

Hi there, We use SA 3.2.1 on FreeBSD 6.1. We have Bayes and Razor in use. Lately, 3 weeks or so, we¹ve been getting HUGE negative scores on our spam. And it¹s coming in by the truck load. We use Sa-Update to update our rules from saupdates.openprotect.com and updates.spamassassin.org Has anybo

Re: Spam with HUGE negative scores

On Mon, December 29, 2008 14:10, Frank DeChellis wrote: > Lately, 3 weeks or so, we¹ve been getting HUGE negative scores on > our spam. no evidence, no help spamassassin 2>&1 -D -t sa.log post sa.log to a pastebin site and give us the url here -- Benny Pedersen Need more webspace ? http://www

Re: Spam with HUGE negative scores

On 29.12.08 08:10, Frank DeChellis wrote: > Lately, 3 weeks or so, we¹ve been getting HUGE negative scores on our spam. which scores were in progress? > And it¹s coming in by the truck load. We use Sa-Update to update our rules > from saupdates.openprotect.com and updates.spamassassin.org > > H

Re: All emails being tagged URIBL

On 28.12.08 23:55, David Hasbrouck wrote: > I use qmail with simscan, run spamd as a daemon. I am running Spam > Assassin 3.2.5 on CentOS 4.7. > > I am having an issue where all my emails are getting tagged with > URIBL_RED/GREY/BLACK. > Emails that contain invalid domains in them are also gettin

Re: From: and To: Spamers

Michelle Konzack schrieb: Hello *, since arrount 5 days I am hit by several 10.000 very small (~2 kByte) messages which use my email addresse in "From:" and "To:"... Does anyone know, how to stop this shit effectively? 1st mail server is courier-mts + courier-imap + spamassassin + clamav 2n

Re: From: and To: Spamers

Does DynDNS allow SPF records? On Mon, 29 Dec 2008 15:08:38 +0100, Matthias Haegele wrote: >Michelle Konzack schrieb: >> Hello *, >> >> since arrount 5 days I am hit by several 10.000 very small (~2 kByte) >> messages which use my email addresse in "From:" and "To:"... >> >> Does anyone kn

workaround for DNS "search service"

>By any chance, didn't your ISP start "providing search service" for any >web name that does not exist? btw, whats the workaround for this? opendns didnt work for me as they have similar "features". do you simply query the bl's dns service directly? -- best regards Arvid Ephraim Picciani A

Re: workaround for DNS "search service"

On Mon, Dec 29, 2008 at 9:14 AM, Arvid Ephraim Picciani wrote: >>By any chance, didn't your ISP start "providing search service" for any >>web name that does not exist? > > btw, whats the workaround for this? opendns didnt work for me as they have > similar "features". supposedly these can be

Re: Spam with HUGE negative scores

Frank DeChellis a écrit : > Hi there, > > We use SA 3.2.1 on FreeBSD 6.1. We have Bayes and Razor in use. > > Lately, 3 weeks or so, we’ve been getting HUGE negative scores on our > spam. And it’s coming in by the truck load. We use Sa-Update to update > our rules from saupdates.openprotect.co

Re: From: and To: Spamers

On Mon, 2008-12-29 at 13:26 +0100, Michelle Konzack wrote: > Hello *, > > since arrount 5 days I am hit by several 10.000 very small (~2 kByte) > messages which use my email addresse in "From:" and "To:"... > > Does anyone know, how to stop this shit effectively? > If the spammer is forgin

Re: From: and To: Spamers

Michelle Konzack wrote on Mon, 29 Dec 2008 13:26:25 +0100: > Does anyone know, how to stop this shit effectively? You are not the only one affected by this. Others asked before you. Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com

Re: Spam with HUGE negative scores

As with other suggestions, don't whitelist your own domain (usually the problem) you might post an email to your web site in whole (DON'T POST IT TO THIS GROUP! MESSES THINGS UP) also, SA and Razor are keep upto date on Freebsd (I am the ports maintainer for SA), and you won't get any upda

SourceForge rules

Here's what I use to only know about other's SourceForge changes, not my own: header J_SOURCEFORGE exists:X-SourceForge-Tracker-itemupdate-username score J_SOURCEFORGE -5 header J_SOURCEFORGE_ME X-SourceForge-Tracker-itemupdate-username=~/^(jidanni|Item Submitter)$/ score J_SOURCEFORGE_ME 10

access environment variables

I don't suppose there is a way to use environment variables, header NO_ME ToCc !~ /${USER}/i without perhaps a preprocessor to turn them into header NO_ME ToCc !~ /jidanni/i Or use procmail's *$...$LOGNAME instead of SpamAssassin here.

Re: workaround for DNS "search service"

From: "Arvid Ephraim Picciani" Sent: Monday, 2008, December 29 06:14 >By any chance, didn't your ISP start "providing search service" for any web name that does not exist? btw, whats the workaround for this? opendns didnt work for me as they have similar "features". do you simply quer

Serious problem with scores file for todays rule update?

Hey, all, I have a bunch of servers that picked up a rule update, 729912 this morning about 10am EST, at which point all hell broke loose---scores for everything but bayes dropped to almost nothing. Has anyone else experienced anything like this? Mike.

Re: From: and To: Spamers

Matthias Haegele wrote: > Michelle Konzack schrieb: > >> since arrount 5 days I am hit by several 10.000 very small (~2 kByte) >> messages which use my email addresse in "From:" and "To:"... >> >> Does anyone know, how to stop this shit effectively? >> >> 1st mail server is courier-mts + courie

Re: Serious problem with scores file for todays rule update?

Michael Alan Dorman writes: >Hey, all, > >I have a bunch of servers that picked up a rule update, 729912 this >morning about 10am EST, at which point all hell broke loose---scores for >everything but bayes dropped to almost nothing. > >Has anyone else experienced anything like this? hmm. What do

Re: Serious problem with scores file for todays rule update?

On Mon, 29 Dec 2008 23:21:48 + j...@jmason.org (Justin Mason) wrote: > hmm. What do you have in /var/lib/spamassassin for the scores files? > they should look like this: > > : 183...; ls > -l /var/lib/spamassassin/3.002006/updates_spamassassin_org/50_scores.cf > /var/lib/spamassassin/3.002

white listing sendmail authenticated users

I am trying (unsuccessfully) to write a rule to pickup if the "authenticated bits=0" in the Received line of the header and give it -100 I am not sure if spamass-milter Version 0.3.1is passing the Received line to SA. Does anyone know if that works? Or a better way to do it? header LOCAL_AUTH_R

Re: white listing sendmail authenticated users

On Mon, 29 Dec 2008, Bazooka Joe wrote: I am trying (unsuccessfully) to write a rule to pickup if the "authenticated bits=0" in the Received line of the header and give it -100 Does anyone know if that works? Or a better way to do it? header LOCAL_AUTH_RCVD2Received =~ /authenticated

SAGrey plugin...when?

Hi there, After reading how SAGrey plug works, I wonder to know of you in what scenarios do you recomed it? TIA LD