Hi,
I'm filtering strongly on Spamhaus DBLwhich is working great.
Except for bit.ly which Spamhaus take exception to.
How can I reduce the weighting specifically for the bit.ly domain ?
Thanks !
Ben
uridnsbl_skip_domain bit.ly
Thanks, will try that.
or you liked the other way, score when bit.ly is in urls ?
Just for my reference, is there a way to affect the score rather than
skip completely ?
On 05/03/2014 05:47, Benny Pedersen wrote:
On 2014-03-04 18:52, Ben wrote:
Just for my reference, is there a way to affect the score rather than
skip completely ?
score FOO (1) (1) (1) (1)
add one point to FOO rule
it also works with negative scores that will subtract scores
post sample
At the ASF, there is an infrastructure team that manages those type of
issues. They work hard and do a lot of good but unfortunately, there
was a disconnect back in 2009 and a backup request was not implemented
correctly.
An untested backup is not a backup. Some people only ever seem to lea
I've seen a few examples of IT Recycling emails being missed in the
Spamassassin net recently. Spamassasin has been scoring them very low.
I've kept back a couple of the most recent specimens, I am running
Spamassassin 3.4.0 on Ubuntu 14 LTS. Ubuntu is fully up to date, and
sa-update is run
This is dicey ESP bulk which SA will hardly ever detect.
To help tag this you'll need to :
- feed/use Bayes
- implement Razor/Pyzor/DCC (if not already done)
- write rules - header rules to score on certain X Headers, URI rules,
etc.
or track their IP ranges and reject at MTA level
(would be m
talking about a "mitm problem" is nonsense, these mails are just sent to
your facebook emial address and forwarded to the email account in your
profile settings
Sounds a lot like a MTIM problem to me !
Sender -> FB SMTP -> -> Receipient
;-)
On 04/06/2015 16:06, Kevin A. McGrail wrote:
a lack of updates does not present a user issue. It is my opinion that
if an admin is concerned about rules updates, they should be monitoring
dev@ and/or ruleqa@.
Lack of updates seems to be to be important enough to merit a little
post to users@
And while I do monitor users@ for issues, a lack of updates
does not present a user issue. It is my opinion that if an admin is
concerned about rules updates, they should be monitoring dev@ and/or
ruleqa@.
Plus, let's have a look at the definitions of aforementioned lists :
Dev
Unless you a
"http://www.google.com/url?q="; in order to
obfuscate their URLs, as a DBL check countermeasure I suspect.
Ideas most welcome !
Ben
- Enable RBLs and DBLs. zen.spamhaus.org is the best way to block the
majority of junk before it reaches SA. Just make sure you are below their
free threshold limit. One important way to do this is
"One important way to do this" in terms of the Spamhaus threshold limit
is to not be
On 10/06/2015 12:32, Kevin A. McGrail wrote:
I'm hitting over spam threshold on the message and have a simple redir
for Google match in KAM.cf.
1.0 KAM_GOOGLE_STRING URI: Use of Google redir appearing in spam
July
2006
0.0 HTML_MESSAGE BODY: HTML
I have a curious conundrum.
A piece of spam received shows the following in the header when
processed via amavis and spamd :
DATE_IN_PAST_03_06,
HTML_MESSAGE,
RCVD_IN_BL_SPAMCOP_NET,
RCVD_IN_MSPIKE_H4,
RCVD_IN_MSPIKE_WL,
RDNS_DYNAMIC,
SHORTENED_URL_SRC
But when the exact piece of Spam is fed d
amavisd uses the spamassassin libraries internally, it does not use the
spamassassin command, nor spamd. If you update parts of the config,
you'll need to reload/restart amavisd.
Aah... I must have missed that bit of the fabulous manual... ;-(
On 27/06/2015 23:00, Jo Rhett wrote:
All versions of Yosemite have removed all functionality for sending
abuse reports to helpdesks.
Jo,
You're making a few mountains out of molehills here !
They have not "removed all functionality", they have removed ONE function.
There is nothing stopping
I can't speak about the specifics of this particular change, but
anything that makes it harder to trivially forward a message,
Whilst I obviously can't argue with you in the context of making it easy
to report spam, there are a couple of things to point out.
First, Jo said "have removed all
the default required hits of
5.0 and this in my setup being the only rule to hit it would not be
tagged as spam. Am i missing something or have you lowered your
required hits?
Ben
ot;feature" needs to die:
http://spamassassin.1065346.n5.nabble.com/FROM-12LTRDOM-high-scored-remove-td100710.html
.
Thanks for any insight.
-Ben
y (by rejecting their
messages without basis). Further, it's not as though ASF's servers are
the only ones using FROM_12LTRDOM; this ridiculous issue is affecting my
ability to communicate across the Internet at large.
Given that ASF has no other public support channel, and no way to
contact anybody to request that the filters be adjusted, what choice do
I have beyond pushing to have the software modified?
Thank you,
-Ben
On 8/6/2012 1:32 PM, Axb wrote:
> On 08/06/2012 05:25 PM, Ben Johnson wrote:
>
>> Given that ASF has no other public support channel, and no way to
>> contact anybody to request that the filters be adjusted, what choice do
>> I have beyond pushing to have the softwar
rule; it seems that plenty of spammers are white-listed in this
database, and it is a weighty test (it reduces the score by as much as 2
or 3 points in some cases, often putting the message just below the
required-for-spam score). We have no use for it.
-Ben
f38/problems-spamassassin-bayes-filter-16948/
Outside of the above forum post, search query results for this issue are
scant.
Thanks for any help,
-Ben
On 8/15/2012 2:24 PM, John Hardin wrote:
> On Wed, 15 Aug 2012, Ben Johnson wrote:
>
>> Some 99% of the spam that I receive, which is grossly spammy (we're
>> talking auto loans, cash advances, dink pills, the whole lot) contains
>> "BAYES_00=-1.9" in the te
, on the SpamAssassin homepage that issues an
unmistakable warning about Bayesian training's importance.
(John, I'll respond to your most recent message tomorrow most likely;
had enough for one day!)
Thank you,
-Ben
On 8/15/2012 4:05 PM, John Hardin wrote:
> On Wed, 15 Aug 2012, Ben Johnson wrote:
>
>> On 8/15/2012 2:24 PM, John Hardin wrote:
>>> On Wed, 15 Aug 2012, Ben Johnson wrote:
>>>
>>>> Some 99% of the spam that I receive, which is grossly spammy (we'
On 8/16/2012 10:14 AM, Ben Johnson wrote:
>
>
> On 8/15/2012 4:05 PM, John Hardin wrote:
>> On Wed, 15 Aug 2012, Ben Johnson wrote:
>>
>>> On 8/15/2012 2:24 PM, John Hardin wrote:
>>>> On Wed, 15 Aug 2012, Ben Johnson wrote:
>>>>
>&
On 8/16/2012 11:38 AM, John Hardin wrote:
> On Thu, 16 Aug 2012, Ben Johnson wrote:
>
>> So, after disabling auto-learn (for now) and executing "sa-learn
>> --clear", and restarting Amavis, I'm still seeing this:
>>
>> No, score=0.593
On 8/16/2012 12:32 PM, John Hardin wrote:
> On Thu, 16 Aug 2012, Ben Johnson wrote:
>
>> On 8/16/2012 11:38 AM, John Hardin wrote:
>>> On Thu, 16 Aug 2012, Ben Johnson wrote:
>>>
>>>> So, after disabling auto-learn (for now) and executing "sa-
On 8/16/2012 2:00 PM, Ben Johnson wrote:
> In any event, at this point, I'm confused as to which user account I
> should be using when executing "sa-learn --spam", for example.
>
> As a bit of background, I'm using ISPConfig 3, which implements virtual
>
On 8/17/2012 11:28 AM, John Hardin wrote:
> On Fri, 17 Aug 2012, Ben Johnson wrote:
>
>> On 8/16/2012 2:00 PM, Ben Johnson wrote:
>> Basically, I need to do something about the spam inundation, as soon as
>> possible.
>>
>> Is there any reason that I s
On 8/20/2012 12:56 PM, Bowie Bailey wrote:
> On 8/20/2012 12:46 PM, Axb wrote:
>> On 08/20/2012 06:42 PM, Ben Johnson wrote:
>>>
>>> On 8/17/2012 11:28 AM, John Hardin wrote:
>>>> On Fri, 17 Aug 2012, Ben Johnson wrote:
>>>>
>>>>>
On 8/20/2012 2:02 PM, Ben Johnson wrote:
>
>
> On 8/20/2012 12:56 PM, Bowie Bailey wrote:
>> On 8/20/2012 12:46 PM, Axb wrote:
>>> On 08/20/2012 06:42 PM, Ben Johnson wrote:
>>>>
>>>> On 8/17/2012 11:28 AM, John Hardin wrote:
>>>>&g
On 8/20/2012 2:47 PM, Ben Johnson wrote:
> I was able to resolve the issue by adding the --username switch to the
> 'sa-learn' executable:
>
> # sa-learn --username=amavis --spam
> /var/vmail/example.com/trainer/Maildir/.INBOX.Spam/cur
>
> Thanks for all of t
On 8/21/2012 5:19 PM, John Hardin wrote:
> On Tue, 21 Aug 2012, Ben Johnson wrote:
>
>> Aug 21 13:08:33.729 [23714] dbg: bayes: tie-ing to DB file R/O
>> /var/lib/amavis/.spamassassin/bayes_toks
>>
>> ---8<--
>> # sa-learn --username=amavis --du
On 8/22/2012 9:05 AM, Bowie Bailey wrote:
> On 8/21/2012 5:51 PM, Ben Johnson wrote:
>>
>> On 8/21/2012 5:19 PM, John Hardin wrote:
>>> On Tue, 21 Aug 2012, Ben Johnson wrote:
>>>
>>>> Aug 21 13:08:33.729 [23714] dbg: bayes: tie-ing to DB file R/O
On 8/22/2012 9:43 AM, John Hardin wrote:
> On Wed, 22 Aug 2012, Bowie Bailey wrote:
>
>> On 8/21/2012 5:51 PM, Ben Johnson wrote:
>>>
>>> What good is the --username switch, then?
Thanks for the follow-up, John!
> See other responses.
>
>>>
On 8/22/2012 10:26 AM, Axb wrote:
> On 08/22/2012 04:10 PM, Ben Johnson wrote:
>>
>> I did end-up overriding the bayes_path, which provided a workaround for
>> the permissions issues. Cheers to the suggestion.
>
> This is not a workaround, it's common practi
On 10/4/2012 2:06 PM, troxlinux wrote:
> Hi list , I try to run sa-learn on centos 6.3 but no work
>
> sa-learn --spam --showdots /dir/dir/domain.com.ni/spam/.spam/cur/
>
> Learned tokens from 0 message(s) (1 message(s) examined)
> ERROR: the Bayes learn function returned an error, please re-r
1382400 0 non-token data: last expire
atime delta
0.000 0 3191 0 non-token data: last expire
reduction count
Ultimately, it seems that I should be trying to figure out how, exactly,
Amavis is calling SpamAssassin in the course of normal operation.
Thanks for any help here, folks!
-Ben
On 1/9/2013 5:36 PM, RW wrote:
> On Wed, 09 Jan 2013 17:14:05 -0500
> Ben Johnson wrote:
>
>> About five months ago, I experienced a problem that I *thought* I had
>> resolved, but I am observing similar behavior after retraining the
>> Bayes database. While the sym
On 1/9/2013 7:36 PM, wolfgang wrote:
> On 2013-01-10 01:03, Ben Johnson wrote:
>
>> I see; I saved the email message out of Thunderbird (with View ->
>> Headers -> All), as a plain text file. Apparently, that process
>> butchers the original message.
>
> In
On 1/9/2013 9:13 PM, John Hardin wrote:
> On Wed, 9 Jan 2013, Ben Johnson wrote:
>
>> On 1/9/2013 7:36 PM, wolfgang wrote:
>>>
>>>> RCVD_IN_BRBL_LASTEXT,RCVD_IN_CSS,RCVD_IN_PSBL,RCVD_IN_XBL,URIBL_DBL_S
>>>> PAM, URIBL_JP_SURBL autolearn=disabled
On 1/10/2013 11:49 AM, RW wrote:
> On Thu, 10 Jan 2013 11:43:44 -0500
> Ben Johnson wrote:
>
>
>> This observation begs the question: why are network tests being
>> performed for some messages but not others? To my knowledge, no
>> white/gray/black listing has
On 1/10/2013 12:18 PM, Ben Johnson wrote:
>
>
> On 1/10/2013 11:49 AM, RW wrote:
>> On Thu, 10 Jan 2013 11:43:44 -0500
>> Ben Johnson wrote:
>>
>>
>>> This observation begs the question: why are network tests being
>>> performed for some mes
On 1/10/2013 1:06 PM, RW wrote:
> On Thu, 10 Jan 2013 12:48:07 -0500
> Ben Johnson wrote:
>> pon further consideration, this behavior makes perfect sense if the
>> mailbox user has moved the message from Inbox to Junk between scans;
>> Dovecot's Antispam filter i
On 1/10/2013 4:12 PM, John Hardin wrote:
> On Thu, 10 Jan 2013, Ben Johnson wrote:
>
>> So, at this point, I'm struggling to understand how the following
>> happened.
>>
>> Over the course of 15 minutes, I received the same exact message four
>> time
On 1/10/2013 3:13 PM, Tom Hendrikx wrote:
> On 10-01-13 19:55, Ben Johnson wrote:
>>
>>
>> On 1/10/2013 1:06 PM, RW wrote:
>>> On Thu, 10 Jan 2013 12:48:07 -0500
>>> Ben Johnson wrote:
>>>> pon further consideration, this behavior makes p
On 1/11/2013 4:27 PM, Ben Johnson wrote:
> I enabled Amavis's SA debugging mode on the server in question and was
> able to extract the debug output for two messages that seem like they
> should definitely be classified as spam.
>
> Message #1: http://pastebin.com/xLMikNJH
&
On 1/14/2013 2:49 PM, RW wrote:
> On Mon, 14 Jan 2013 13:24:55 -0500
> Ben Johnson wrote:
>
>
>> A clear pattern has emerged: the X-Spam-Status headers for very
>> obviously spammy messages never contain evidence that network tests
>> contributed to their SA score
On 1/14/2013 7:48 PM, Noel wrote:
> On 1/14/2013 2:59 PM, Ben Johnson wrote:
>
>> I understand that snowshoe spam may not hit any net tests. I guess my
>> confusion is around what, exactly, classifies spam as "snowshoe".
>
> Snowshoe spam - spreading a spam r
On 1/14/2013 8:16 PM, John Hardin wrote:
> On Mon, 14 Jan 2013, Ben Johnson wrote:
>
>> I understand that snowshoe spam may not hit any net tests. I guess my
>> confusion is around what, exactly, classifies spam as "snowshoe".
>
> http://www.spamhaus.org/f
On 1/15/2013 1:55 PM, John Hardin wrote:
> On Tue, 15 Jan 2013, Ben Johnson wrote:
>
>> On 1/14/2013 8:16 PM, John Hardin wrote:
>>> On Mon, 14 Jan 2013, Ben Johnson wrote:
>>>
>>> Question: do you have any SMTP-time hard-reject DNSBL tests in pla
that message be kept and fed to
sa-learn so that Bayes can soak-up all the tokens from a message that is
almost certainly spam (based on the other tests)?
Am I making any sense?
Thanks again!
-Ben
On 1/15/2013 4:05 PM, Bowie Bailey wrote:
> On 1/15/2013 3:47 PM, Ben Johnson wrote:
>> One final question on this subject (sorry...).
>>
>> Is there value in training Bayes on messages that SA classified as spam
>> *due to other test scores*? In other words, if a
On 1/15/2013 4:39 PM, Bowie Bailey wrote:
> On 1/15/2013 4:27 PM, Ben Johnson wrote:
>> On 1/15/2013 4:05 PM, Bowie Bailey wrote:
>>> On 1/15/2013 3:47 PM, Ben Johnson wrote:
>>>> One final question on this subject (sorry...).
>>>>
>>>>
On 1/15/2013 5:22 PM, John Hardin wrote:
> On Tue, 15 Jan 2013, Ben Johnson wrote:
>
>>
>>
>> On 1/15/2013 1:55 PM, John Hardin wrote:
>>> On Tue, 15 Jan 2013, Ben Johnson wrote:
>>>
>>>> On 1/14/2013 8:16 PM, John Hardin wrote:
>>>
On 1/16/2013 2:02 AM, Tom Hendrikx wrote:
> On 1/15/13 5:26 PM, Ben Johnson wrote:
>
>>
>> In postfix's main.cf:
>>
>
>>
>> Hmm, very interesting. No, I have no greylisting in place as yet, and
>> no, my userbase doesn't demand imme
On 1/16/2013 11:00 AM, John Hardin wrote:
> On Wed, 16 Jan 2013, Ben Johnson wrote:
>
>> On 1/15/2013 5:22 PM, John Hardin wrote:
>>> On Tue, 15 Jan 2013, Ben Johnson wrote:
>>>>
>>>> Wow! Adding several more reject_rbl_client entries to the
>&
On 1/16/2013 2:22 PM, Bowie Bailey wrote:
> On 1/16/2013 1:18 PM, Ben Johnson wrote:
>>
>> On 1/16/2013 11:00 AM, John Hardin wrote:
>>> On Wed, 16 Jan 2013, Ben Johnson wrote:
>>>
>>>> Is it possible that the training I've been doing over
and after this one do have
evidence of BAYES_* tests, so, it's not as though something is
completely broken.
Are there any normal circumstances under which Bayes tests are not run?
Do I need to turn debugging back on and wait until this happens again?
Thanks for all the help, everyone!
-Ben
ce and scalability aside).
>>
>> I don't find that procedure to be confusing, but people are different, I
>> suppose.
>
> Hm. One thing I would watch out for in that environment is people who
> have intentionally subscribed to some sort of mailing list deciding they
> don't want to receive it any longer and just junking the messages rather
> than unsubscribing.
The steps I've taken above will allow me to review submissions and
educate users who engage in this practice. Thanks again for elucidating
this scenario.
I hope that this approach to user-based SpamAssassin training is useful
to others.
Best regards,
-Ben
On 1/31/2013 5:50 PM, RW wrote:
> On Thu, 31 Jan 2013 12:12:15 -0800 (PST)
> John Hardin wrote:
>
>> On Thu, 31 Jan 2013, Ben Johnson wrote:
>>
>
>>> So, I finally got around to tackling this change.
>>>
>>> With a couple of simple modifica
On 2/1/2013 12:00 PM, John Hardin wrote:
> On Fri, 1 Feb 2013, Ben Johnson wrote:
>
>> John, thanks for pointing-out the problems associated with re-sending
>> the messages via sendmail.
>>
>> I threw a line out to the Dovecot users group and learned how to
ge from the submission inbox's Ham
folder to the permanent Ham corpus folder? Or should I *move* the
message? I'm trying to discern whether or not there's value in retaining
end-user submissions *as they were classified upon submission*.
In case 2.), should I simply delete the message from the submission
folder? Or is there some reason to retain the message (i.e., move it
into an "Erroneous" folder within the submission mailbox)?
I did read http://wiki.apache.org/spamassassin/HandClassifiedCorpora ,
but it doesn't address these issues, specifically.
Thanks again!
-Ben
On 2/7/2013 11:13 AM, Marc Perkel wrote:
>
> On 2/7/2013 6:58 AM, RW wrote:
>> On Tue, 05 Feb 2013 07:20:24 -0800
>> Marc Perkel wrote:
>>
>>> is there a way I can put something in a rule that would cause bayes
>>> not to learn - such as a rule that detects bayes poisoning?
>> Why do you think t
at Bayes is setup
correctly (database was wiped and now training is done manually and is
supervised), and that network tests are being performed when messages
are scanned.
Thanks for sticking with me through all of this, guys!
-Ben
On 1/18/2013 11:51 AM, Ben Johnson wrote:
> So, I've bee
Daniel, thanks for the quick reply. I'll reply inline, below.
On 4/16/2013 5:01 PM, Daniel McDonald wrote:
>
>
>
> On 4/16/13 2:59 PM, "Ben Johnson" wrote:
>
>> Are there any normal circumstances under which Bayes tests are not run?
> Yes, if USE_BAY
On 4/17/2013 5:05 PM, Kris Deugau wrote:
> Ben Johnson wrote:
>> Is there anything else that would cause Bayes tests not be performed? I
>> ask because other types of tests are disabled automatically under
>> certain circumstances (e.g., network tests), and I'm won
On 4/17/2013 6:47 PM, Ben Johnson wrote:
>
>
> On 4/17/2013 5:05 PM, Kris Deugau wrote:
>> Ben Johnson wrote:
>>> Is there anything else that would cause Bayes tests not be performed? I
>>> ask because other types of tests are disabled automatically und
On 4/17/2013 5:39 PM, Tom Hendrikx wrote:
> On 17-04-13 21:40, Ben Johnson wrote:
>> Ideally, using the above directives will tell us whether we're
>> experiencing timeouts, or these spam messages are simply not in the
>> Pyzor or Razor2 databases.
>>
>> O
On 4/17/2013 10:15 PM, John Hardin wrote:
> On Wed, 17 Apr 2013, Ben Johnson wrote:
>
>> The first post on that page was the key. In particular, adding the
>> following to each MySQL "CREATE TABLE" statement:
>>
>> ENGINE=InnoDB DEFAULT CHARSET=utf8
On 4/18/2013 12:26 PM, Axb wrote:
> On 04/18/2013 06:18 PM, Ben Johnson wrote:
>> I have done some searching-around on the string "cannot use bayes on
>> this message; not enough usable tokens found" and have not found
>> anything authoritative regarding w
On 4/18/2013 12:18 PM, Ben Johnson wrote:
>
> My concern now is that I am on 3.3.1, with little control over upgrades.
> I have read all three bug reports in their entirety and Bug 6624 seems
> to be a very legitimate concern. To quote Mark in the bug description:
>
>>
ary flag"
directive an the -t switch. I was actually using the -t switch to
produce the output that I pasted two messages back. So, it seems that
the "X-Spam-Tok-Stat" output is added only when the token count is high
enough to be useful.
Still stumped here...
-Ben
On 4/19/2013 12:12 PM, Axb wrote:
> On 04/19/2013 06:02 PM, Ben Johnson wrote:
>
>> Still stumped here...
>
> do a bayes sa-learn --backup
>
> switch to file based in SDBM format (which is fast)
>
> do a
>
> sa-learn --restore
>
> feed it a fe
On 4/19/2013 1:54 PM, Benny Pedersen wrote:
> Ben Johnson skrev den 2013-04-19 18:02:
>
>> Still stumped here...
>
> for amavisd-new, put spamassassin sql setup into user_prefs file for the
> user amavisd-new runs as might be working better then have insecure sql
&g
bayes_path /var/lib/amavis/.spamassassin/bayes
in local.cf, and using the SQL setup, I added
bayes_sql_override_username amavis
Sorry for the confusion!
-Ben
On 4/19/2013 11:02 PM, Ben Johnson wrote:
>
>
> On 4/19/2013 1:54 PM, Benny Pedersen wrote:
>> Ben Johnson skrev den 2
like I'm out of the woods here! Thanks for all the expert help, guys.
-Ben
On 4/20/2013 3:20 PM, Benny Pedersen wrote:
> Ben Johnson skrev den 2013-04-20 05:02:
>
>> Yes, I believe that me and the system always execute SA commands as the
>> "amavis" user. When I was using the SQL setup, I had the following in
>> local.cf:
>>
>
s? For example, is it possible to do a
> 'whois' and process the output in some way?
>
> Thanks
>
> Judy.
>
Have you been feeding Bayes samples of these messages? I would think
Bayes to be far more effective against this type of spamming (given the
dynamic nature of the domains and IP addresses) than writing custom rules.
-Ben
. Of course, the messages that you're
seeing tell us nothing about which DB table is causing the problem.
Maybe one of the developers will see this and recall making such a change.
Alternatively, you could dig into your tables and attempt to identify
where those values actually live. Once we have the offending table,
further troubleshooting will be possible.
-Ben
s I mention above.
Only a developer or disciple of the SA source code can say for sure. I
wish I had time to look myself.
Out of curiosity, how did this SQL error come to your attention in the
first place?
-Ben
for the "Domains -- Legal and
Abuse" department. From the sounds of it, you'd be doing us all a big favor!
-Ben
On 5/7/2013 3:26 PM, Chris Santerre wrote:
> The owner is NameCheap, Inc.
>
> A quick google will bring up historical problems with NameCheap and its
> owner
lem went away completely, sorry Palau.
>
> Steve
>
Steve, just wanted to thank you for providing an elegant solution to
this problem. It seems far more preferable to block this nonsense right
at the MTA level (for now). Your instructions worked for me and I now
see the following in my mail log for any .pw sender:
postfix/smtpd[10660]: NOQUEUE: reject: RCPT from
unknown[173.213.124.203]: 554 5.7.1 : Sender
address rejected: Access denied
Much appreciated!
-Ben
y?
I use SA via AMaViS, and the header changes look slightly different from
yours, but I see no evidence that Bayes scoring is being used in the
above header (if, in fact, that is a sample header with all SA markup
appended).
--Ben
on, it's well-prescribed for a
reason: sort-out your Bayes situation (will probably require wiping and
starting over with a hand-sorted corpus that is *retained*) and
implement greylisting (provided you can live with its caveats).
The DNSBLs can be used to supplement the above.
Good luck, Brian!
--Ben
enerally because the IPs are only used for a short while, but long
> enough to get 25 spams in from the address. I was hoping to find
> commonalities between the messages that could be used to generate some
> other rules.
>
> Thanks,
> Alex
>
Isn't this the function that Bayes is intended to serve, rather precisely?
-Ben
ade the same mistake. I use Thunderbird, and to view the actual
message source there, one presses Ctrl+U. *That's* the text you would
want to copy and paste.
b.) You are running Bayes as two different users when you perform your
tests. It's possible that SpamAssassin has its own user for executing
Bayes-related tasks, but you're using your own system account, for
example, which would explain the observed behavior. (By default, each
user has his own Bayes DB; it is possible to "hard-code" the Bayes user,
which is exactly what I had to do, for more reason than one.)
I sincerely doubt that this is a problem with your mailbox format.
Have a look at the thread I cited and see if anything jumps-out at you.
-Ben
On 6/18/2013 1:18 PM, Amir 'CG' Caspi wrote:
> At 8:58 AM -0400 06/18/2013, Ben Johnson wrote:
>> a.) You are copying/pasting the body of the email, but not the headers.
>
> No, I am copying the headers... however, I am using Eudora (ancient, I
> know) as a mail c
ble.com/BAYES-99-and-ham-td38832.html
The short answer is that you can, and probably should, increase the
BAYES_99 score value to 4 or 4.5. Setting it to 5 puts you at risk
(albeit very slight) for false-positives.
-Ben
gaussian distribution graphic
visualisation?
Ben
in a file SpamAssassin.sfd but I have no clue on
how to define it there.
I would appreciate if someone could give me a guide on how to accomplish this?
Thank you
Ben
Yes, I have to disabled TBs built-in adaptive junk mail control. So junk mail
handling relys only on SpamAssassin.
Is there an official port of SpamAssassin to Windows ?
atime delta
0.000 0 783449 0 non-token data: last expire
reduction count
Could anyone suggest how I might find out what is going awry ?
Ben
--
Sent from Postbox
<https://www.postbox-inc.com/?utm_source=email&utm_medium=siglink&utm_campaign=reach>
-
Hi
I didnt have that option but I did have bayes_sql_username set
I have added the sql_override as well.
I have restarted and will see what happens.
I am using the ubuntu exim-daemon heavy and it calls spamd directly.
Ben
Axb <mailto:axb.li...@gmail.com>
09 September 2015 15:10via P
spam corpus.
Which the override statement is sorting.
Ben
Matus UHLAR - fantomas <mailto:uh...@fantomas.sk>
09 September 2015 15:55via Postbox
<https://www.postbox-inc.com/?utm_source=email&utm_medium=sumlink&utm_campaign=reach>
Ben Whyall <mailto:b...@whyall-systems.c
equent releases?
Ben Hanson
I. S. MGR
Transprint USA Inc
[EMAIL PROTECTED]
spamc with a 2.6 spamd? If they're
not compatible, what are the failure modes?
3. Deprecated command-line options. Will the options deprecated
after 2.6 be ignored, or will they cause failures? What about
options previously deprecated, like '-S'?
Than
nch of spamds, a bunch of spamcs,
a whole lot of automatically- and hand-generated customer
configurations, and no way to upgrade everything all at once -- we
are pretty unhappy about the skimpy upgrade documentation, and the
number of apparently-gratuitous changes ("hits" becomes &qu
On Thu, Sep 30, 2004 at 05:04:35PM -0400, Matt Kettler wrote:
> At 04:43 PM 9/30/2004, Ben Rosengart wrote:
> >we are pretty unhappy about the skimpy upgrade documentation
>
> Hmm, true, but are you volunteering to help write better documentation?
I would be happy to summarize w
1 - 100 of 318 matches
Mail list logo
