I have Debian Sarge 4.0. I installed spamassassin 3.2.5 from CPAN. It
installed fine
and is working fine I just not sure now how to stop and restart it since it
is not
listed in /etc/init.d like it used to be. I made some changes to my
whitelist and
wanted to apply them but short of restarting the
On Mon, 2009-03-02 at 02:23 -0800, an anonymous Nabble user wrote:
> I have Debian Sarge 4.0. I installed spamassassin 3.2.5 from CPAN. It
What's wrong with the Debian package?
> installed fine and is working fine I just not sure now how to stop and
> restart it since it is not listed in /etc/ini
On 02.03.09 02:23, Kban35 wrote:
> I have Debian Sarge 4.0. I installed spamassassin 3.2.5 from CPAN. It
> installed fine and is working fine I just not sure now how to stop and
> restart it since it is not listed in /etc/init.d like it used to be. I
> made some changes to my whitelist and wanted t
On Mon, 2009-03-02 at 05:16 +0100, Michelle Konzack wrote:
> Am 2009-03-01 09:44:00, schrieb Jake Maul:
> > http://pastebin.com/m58b01a0b
> Score 7.6
>
> > http://pastebin.com/me13959a
> Score 7.8
>
> You must do something wrong.
/me scratches his head
How so? 'cause his score is lower than yo
On Sat, 2009-02-28 at 09:57 +0100, Mathias Homann wrote:
> Hey folks,
>
>
> is it just me or did the average spam per day count drop by 75%
> lately?
>
Just you, my spam level has been fairly constant, and if anything is
slightly up.
--
Daniel J McDonald, CCIE #2495, CISSP #78281, CNX
Aus
giga328 writes:
> I looked at Received headers and unfortunately, Received headers added by
> our webmail are not standard ones. Except for the proxy.IP in the following
> example, all IPs and all FQDNs are from our servers. Here is the (ugly)
> example:
>
> Received: from our.domain ([our.webma
On 2-Mar-2009, at 03:23, Kban35 wrote:
I have Debian Sarge 4.0. I installed spamassassin 3.2.5 from CPAN. It
installed fine
and is working fine I just not sure now how to stop and restart it
since it
is not
listed in /etc/init.d like it used to be.
/usr/local/etc/rc.d/ is where the stop/star
Using Ratelimit in Exim MTA and plugin "Restrict Senders" in
Squirrelmail slows them down. Spammers need to send out large number
of messages to get any payback. Limiting the number they can send
with a compromised account really makes that account of no value to
them.
Matt
On Sun, Mar 1, 2009
> -Original Message-
> From: Neil Schwartzman [mailto:neil.schwartz...@returnpath.net]
> Sent: Monday, March 02, 2009 12:22 AM
> To: Spamassassin
> Subject: Re: ReturnPath, Habeas, BondedSender
>
>
> > Good first step, now how about an RFC complaint abuse@ address?
>
> So you can complai
LuKreme wrote:
unless you are suggesting that they are MANUALLY logging into the
webmail to then send 1 billion spams, yes it will.
That is an interesting point. OK. I don't know whether they do a
manual login to get a session open before they run the software they
use to dump spam.
Jose
I've got a tangential issue, I'd like to tag onto this and hope it's OK.
Henrik K wrote:
On Mon, Mar 02, 2009 at 05:16:37AM +, RW wrote:
As I understand it the difference between trusted and internal is that
PBL/DUL checks are done at the internal/external boundary so
they don't FP on mail
> That being said, maybe the rule description should include the reporting
> addresses. Why would I look on the SA wiki for a place to report
> ReturnPath, Habeas, and BondedSender complaints?
actually, the wiki is the right place -- the idea for rule documentation is that
the detailed doc for ea
Cedders wrote:
Henrik K wrote:
On Mon, Mar 02, 2009 at 05:16:37AM +, RW wrote:
As I understand it the difference between trusted and internal is that
PBL/DUL checks are done at the internal/external boundary so
they don't FP on mail submission into the trusted network.
Right.
[snip]
On Mon, Mar 02, 2009 at 04:33:43PM +, Cedders wrote:
>
>
>
Sorry, too tired right now to properly comprehend and reply. :) The matter
is pretty simple if you get your head around it. Don't try to get too fancy,
just keep your MXs in internal_networks, not much to gain tweaking it.
Extending t
David Morton wrote:
As full time mail/systems admins we get invaluable data from
tripwire/integrit, 'postconf -n', dconf, 'rpm -qa', 'dpkg -l \*',
'pkg_info
-a', ... whose output is checked in to RCS daily. This provides a nice
configuration snapshot and historical record but its real usefulness
Matthias Leisi wrote:
Speaking of which, it may actually make sense to use all of dnswl.org's
entries as trusted_networks-entries...
That seems like a way to get false positives when someone with a
listed dynamic IP sends through the smarthost of their ISP or ESP.
By extendinmg trust to the
I enjoyed the previous discussion regarding Google Group messages. The
additional rules reduced our spam significantly. Now we are getting the
following:
Date: Sun, 1 Mar 2009 07:24:14 -0800 (PST)
From: Matty Hermann
Reply-To: obey1939stet...@yahoo.com
Subject: Hey! This is Rachelle from Mount
On Sun, 2009-03-01 at 12:51 -0500, Albert E. Whale wrote:
> Now we are getting the following:
>
> Date: Sun, 1 Mar 2009 07:24:14 -0800 (PST)
> From: Matty Hermann
> Reply-To: obey1939stet...@yahoo.com
> Subject: Hey! This is Rachelle from Mount Olive, Alabama. Wanna date?
>
> Meet a gal, take he
Jason Bertoch wrote:
That being said, maybe the rule description should include the reporting
addresses. Why would I look on the SA wiki for a place to report
ReturnPath, Habeas, and BondedSender complaints?
What's the process for updating rule descriptions?
(BTW, a quick visit to your favor
Would you mind posting (or mailing me directly) what rules you're
triggering to get those scores?
Many thanks,
Jake
On Sun, Mar 1, 2009 at 9:16 PM, Michelle Konzack
wrote:
> Am 2009-03-01 09:44:00, schrieb Jake Maul:
>> http://pastebin.com/m58b01a0b
>
> Score 7.6
>
>> http://pastebin.com/me13959
None. This particular domain isn't terribly useful outside a pretty
narrow locality (Arizona, US), so almost anything foreign is pretty
likely to be spam.
Thanks for the rule, I may end up doing something like that. :)
Jake
On Sun, Mar 1, 2009 at 11:51 AM, John Lundin wrote:
> On Sun, Mar 01, 2
On Sun, Mar 1, 2009 at 11:32 AM, Karsten Bräckelmann
wrote:
> On Sun, 2009-03-01 at 09:44 -0700, Jake Maul wrote:
>> Howdy,
>>
>> Lately I've been getting a lot of spam like this:
>>
>> http://pastebin.com/m58b01a0b
>> http://pastebin.com/me13959a
>>
>> The domain changes, but it's virtually alway
That's an interesting observation. Yes, the initial host is US for
both, bounced through the UK (80.82.114.106 in both cases). I thought
RelayCountry would show *all* the countries represented in Received:
lines?
Jake
On Sun, Mar 1, 2009 at 11:56 AM, wrote:
> Hi Jake,
>
> both examples seem to
On Mon, 2009-03-02 at 05:16 +0100, Michelle Konzack wrote:
> Am 2009-03-01 09:44:00, schrieb Jake Maul:
> > http://pastebin.com/m58b01a0b
>
> Score 7.6
Content analysis details: (21.4 points, 5.0 required)
pts rule name description
--
Heh, yeah, the first one is in SaneSecurity now. I call clamd directly
from Exim before SA, so I wouldn't see this one anymore.
Thanks,
Jake
On Mon, Mar 2, 2009 at 8:40 PM, Chris wrote:
> On Mon, 2009-03-02 at 05:16 +0100, Michelle Konzack wrote:
>> Am 2009-03-01 09:44:00, schrieb Jake Maul:
>>
25 matches
Mail list logo
