Hello,
I have a lot of mail like this one: http://tengu.pastebin.com/PCyGxApn
The problem is, SA doesn't seem to see it as a spam (I've included all
headers).
I'm willing to create a filter for those nasty mails, but I have to
confess I'm not really sure on how to do it.
It seems that a pa
On Fri, 2010-11-05 at 09:02 +0200, Cédric Jeanneret wrote:
> It seems that a patern like /[a-z]+~[a-z]+~[a-z]+/i is used in each
> mail - I have to dig in my spambox to confirm that.
>
> Maybe I can use the return-path, from and X-Originating-Email in
> addition ?
>
If they all contain:
- a
On 05/11/10 07:02, Cédric Jeanneret wrote:
Hello,
I have a lot of mail like this one: http://tengu.pastebin.com/PCyGxApn
The problem is, SA doesn't seem to see it as a spam (I've included all
headers).
I'm willing to create a filter for those nasty mails, but I have to
confess I'm not really s
> On Die, 2010-11-02 at 18:31 -0230, Lawrence @ Rogers wrote:
> > As a sort of follow up to my last message, I was wondering how
> > complicated it is to write a rule that would compare the From: and
> > Reply-To: headers, and set it to 0.001 or make it a meta rule that could
> > be used in con
On Fri, 05 Nov 2010 11:54:08 +
Ned Slider wrote:
> are safe to do so. You should be safe to deep parse against Spamhaus
> SBL and XBL but not PBL. This instance hits against XBL and many
> others.
It's not all that safe to deep-parse XBL because it's mostly
dynamically assigned IP addresse
Lawrence @ Rogers wrote:
On 04/11/2010 8:11 PM, Karsten Bräckelmann wrote:
Moving back on-list, since it doesn't appear to be personally directed
at me.
On Thu, 2010-11-04 at 19:22 -0230, Lawrence @ Rogers wrote:
On 04/11/2010 7:13 PM, Karsten Bräckelmann wrote:
No, that requires the Subject
> On Fri, 05 Nov 2010 11:54:08 +
> Ned Slider wrote:
> > are safe to do so. You should be safe to deep parse against Spamhaus
> > SBL and XBL but not PBL. This instance hits against XBL and many
> > others.
On 05.11.10 12:28, RW wrote:
> It's not all that safe to deep-parse XBL because it's m
On Fri, 5 Nov 2010 14:38:45 +0100
Matus UHLAR - fantomas wrote:
> > On Fri, 05 Nov 2010 11:54:08 +
> > Ned Slider wrote:
> > > are safe to do so. You should be safe to deep parse against
> > > Spamhaus SBL and XBL but not PBL. This instance hits against XBL
> > > and many others.
>
> On 05.
On 05/11/2010 10:58 AM, Randy Ramsdell wrote:
X-MB-Message-Source: WebUI
You appear to have records of the same spam influencing your bayes
results (it hits BAYES_99, which is good). What are your Bayes threshold
settings?
Cheers,
Lawrence
debug seems to indicate a DNS problem, but, all 'manual' dns tests come
back immediately (fine)
running a caching dns server, perl 5.10.1, SA 3.3.1. Net::DNS version: 0.66
NOT using ipv6.
ran 'spamassassin -D < {email}'
everthing scrolled past pretty quickly. then:
Nov 5 15:26:30.753 [1470] db
Michael,
> debug seems to indicate a DNS problem, but, all 'manual' dns tests come
> back immediately (fine)
> running a caching dns server, perl 5.10.1, SA 3.3.1. Net::DNS version: 0.66
> NOT using ipv6.
>
> ran 'spamassassin -D < {email}'
> everthing scrolled past pretty quickly. then:
>
> Nov
On 11/5/10 4:00 PM, Mark Martinec wrote:
It certainly looks like a DNS resolver problem. What is your /etc/resolv.conf?
The Net::DNS only uses the first nameserver from that file.
To turn on debugging in Net::DNS (assuming bourne-like shell):
$ RES_OPTIONS="debug" spamassassin -D -t
it is i
On 11/5/10 4:11 PM, List Subscriptions wrote:
On 11/5/10 4:00 PM, Mark Martinec wrote:
\What is your /etc/resolv.conf?
cat /etc/resolv.conf
domain crgplaw.com
nameserver 127.0.0.1
nameserver 192.168.140.26
nameserver 192.168.140.29
again, cli queries are instantaneous.
The Net::DNS only us
Lawrence @ Rogers wrote:
On 05/11/2010 10:58 AM, Randy Ramsdell wrote:
X-MB-Message-Source: WebUI
You appear to have records of the same spam influencing your bayes
results (it hits BAYES_99, which is good). What are your Bayes threshold
settings?
Cheers,
Lawrence
I am not sure what you ar
On 05/11/2010 6:00 PM, Randy Ramsdell wrote:
Lawrence @ Rogers wrote:
On 05/11/2010 10:58 AM, Randy Ramsdell wrote:
X-MB-Message-Source: WebUI
You appear to have records of the same spam influencing your bayes
results (it hits BAYES_99, which is good). What are your Bayes
threshold settings?
On 11/5/10 4:08 PM, Michael Scheidell wrote:
On 11/5/10 4:00 PM, Mark Martinec wrote:
It certainly looks like a DNS resolver problem. What is your
/etc/resolv.conf?
The Net::DNS only uses the first nameserver from that file.
To turn on debugging in Net::DNS (assuming bourne-like shell):
$
On 11/06/2010 08:39 AM, Michael Scheidell wrote:
> debug seems to indicate a DNS problem, but, all 'manual' dns tests
> come back immediately (fine)
> running a caching dns server, perl 5.10.1, SA 3.3.1. Net::DNS version:
> 0.66
> NOT using ipv6.
>
your delay occurs right before the "no ipv6" - so
Lawrence @ Rogers wrote:
On 05/11/2010 6:00 PM, Randy Ramsdell wrote:
Lawrence @ Rogers wrote:
On 05/11/2010 10:58 AM, Randy Ramsdell wrote:
X-MB-Message-Source: WebUI
You appear to have records of the same spam influencing your bayes
results (it hits BAYES_99, which is good). What are your
On 11/5/10 4:44 PM, Jason Haar wrote:
On 11/06/2010 08:39 AM, Michael Scheidell wrote:
debug seems to indicate a DNS problem, but, all 'manual' dns tests
come back immediately (fine)
running a caching dns server, perl 5.10.1, SA 3.3.1. Net::DNS version:
0.66
NOT using ipv6.
your delay occurs r
All,
Has anyone come up with a ruleset yet to score against the new spamhaus
whitelists, and deduct points appropriately?
-Dan
--
"Let me tell you something about regrowing your dead wife Lucy, Harry.
It's probably illegal, potentially dangerous, and definitely crazy."
-Harry nods-
Vincent
20 matches
Mail list logo
