I could be asking the same thing as Charles, if I am I apologize.
I installed the rules below, ran the headers.txt file- thru SA and the rules
did not trigger. Do I need to configure something else?
Thanks
Craig
>>> Charles Gregory 5/1/2009 9:48 AM >>>
Uh, what do the
>>> Randy 1/6/2009 2:18 PM >>>
Craig wrote:
> Hello All-
>
> I have recently been getting MANY spam slipping through Spamassassin
> and I am looking for help on how to stop. I have used Spamassassin
> with Bayes successfully for many years now and once
>>> Randy 1/6/2009 2:42 PM >>>
Craig wrote:
>
>
> >>> Randy 1/6/2009 2:18 PM >>>
> Craig wrote:
> > Hello All-
> >
> > I have recently been getting MANY spam slipping through Spamassassin
> > and I am looking for help o
>>> Randy 1/6/2009 2:42 PM >>>
Craig wrote:
>
>
> >>> Randy 1/6/2009 2:18 PM >>>
> Craig wrote:
> > Hello All-
> >
> > I have recently been getting MANY spam slipping through Spamassassin
> > and I am looking for help o
Links would help-
http://pastebin.com/d59f95b6d
http://pastebin.com/d17f12f4
http://pastebin.com/m46ce2877
>>> "Craig" 1/7/2009 11:46 AM >>>
>>> Randy 1/6/2009 2:42 PM >>>
Craig wrote:
>
>
> >>> Randy 1/6/2009 2:18 PM >>
>>> Randy 1/8/2009 8:09 AM >>>
Matus UHLAR - fantomas wrote:
> On 07.01.09 11:46, Craig wrote:
>
>> X-Mailer: Novell GroupWise Internet Agent 7.0.2 HP
>>
>
>
>>>>> Randy 1/6/2009 2:42 PM >>>
>>>>>
if ever feel we are expert enough to help answer
any, or more sadly, take the time too. I do appreciate those of you who help
people like me out!
Cheers-
Craig
>>> Sergey Kovalev 1/9/2009 3:52 AM >>>
Craig wrote:
>
> Here are the links to 3 sample messages-
&
Below are the results from a Spamassassin -D test of a message that was
previously delivered this morning. How does something like this pass
through- when I run the checks on the email after it is delivered the
system clearly knows its spam.
Thanks
Craig
X-Spam-Status: Yes, score=20.3
Thanks for your quick reply
Ok, I am new to this-and I am sure its a "no brainer" but "non-spam
tagging" -I do not understand. If you could explain-or if its documented
feel free to scold me-I would appreciate it.
Craig
>>> "Loren Wilton" <[EMAIL
Yes I have asked this question previously, but with not as much detail.
MY ENVIRONMENT
SA 3.1.7
running on Windows 2000
Using Bayes
In the past 2 days my email server has received 14,973 email messages,
Spamassassin has scanned 10,951 of those messages, and my users have received @
250 spam
with Guinevere, and Groupwise is my mail
application.
Any and all suggestions are welcome!
>>> Rick Macdougall <[EMAIL PROTECTED]> 12/06/2006 5:01 PM >>>
Craig wrote:
> Yes I have asked this question previously, but with not as much detail.
>
> MY ENVIRONMEN
Do you have a size limit set? I.E. only messages less than xxx size
will be scanned-and are these spam greater than xxx.
>>> <[EMAIL PROTECTED]> 1/4/2007 4:14 AM >>>
>[EMAIL PROTECTED] wrote:
> Running spamassassin 3.0 and I'm invoking it through amavisd. When I
> train the spamassassin using sa
line?
If so, is this a known problem and is there a fix available?
Thanks for your consideration,
Craig MacKenna
www.animalhead.com
Los Gatos, CA
and if so can I get them, and
if so, how?
If not, can anyone suggest resources that might help me write
my own test(s)? Particularly of interest are routines that
measure the source length or decoded area of an image.
Thanks,
Craig MacKenna
www.animalhead.com
P.S.: those of you interested in DN
correct answers.
Are there some changes I can do to SA to allow me to continue upgrading to the
latest versions of SA, or am I going to top out at 3.1.7?
Obviously I could give Missing_HB_SEP a score of 0, but I would prefer to keep
all tests.
Thanks
Craig Canfield
probability is 20 to
40%
[score: 0.2729]
Thoughts?
Thanks
Craig
other
network checks in its user_prefs, or perhaps spamd has not been
restarted since a change to include razor and DNS checks was made in
local.cf?
If none of the above, the output from 'spamassassin -D --lint' run as
the user controlling spamd might show something...
Kind Regards,
Craig
usion into SA as a contrib. If so, drop me a mail.
Cheers!
Craig.
ng
> (including clients) RedHat 9, Fedora Core 1, Fedora Core 2.
>
> Cheers,
I have also had no problems using CPAN, running FreeBSD 5.2.1-RELEASE
and Fedora Core 3.
Cheers,
Craig.
I am getting very obvious spam through my SA filters. The only thing I
think is that the value for ALL_TRUSTED is pushing it below the
threshold. Where do I go to alter this test's effect on the spam count?
I have searched through all of the .cf files in /usr/share/spamassassin
and /etc/mail/sp
anyone
else, or should I just keep deleting it?
Kind Regards,
Craig.
signature.asc
Description: This is a digitally signed message part
A whole new set of challenges heading our way...
http://www.theregister.co.uk/2005/02/17/spam_gets_vocal_with_voip/
Craig.
iter.org:6080/spamassassin/root-user_prefs
http://www.eruditer.org:6080/spamassassin/sysconfig-spamassassin
http://www.eruditer.org:6080/spamassassin/sysconfig-spamassassin-milter
Can't get to those URL's, timeout...
Cheers!
Craig.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Don Levey wrote:
| Craig McLean wrote:
|
|
|>> * The spamd/spamass-milter processes should not run as root (user
|>>'spamassassin').
|>
|>I gather from your previous mail that you already run this as
|>"spamas
p now. Damn this memory!
AHA! It came to me, it's the spamass-milter. There is a startup option
(-r ) where n is the score to reject at.
Also, check that it's not running with -m/-M, that would screw thing up.
In fact, it's probably worth checking the whole milter config against
the man
on of the -u option to
spamass-milter. If you don't want individual user_prefs you might turn
it off.
And as you said, -x might be useful as well
Craig.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFCU8MSMDDagS2VwJ4RAnteAKCg71c8ufHkrHcWOHWBA55Ll28gogCfR9Yq
mcfugS5jgb9417bNibe+LcI=
=4YBD
-END PGP SIGNATURE-
s?
Thanks!
Craig
;t work, I also tried re-
installilng using the tarball. I tried tarballs for 0.49 and 0.48 with the
same results. Any suggestions?
Craig
so I think I'm good to go. Thanks to
you and Jeff for your help.
Craig
mple-spam.txt
below. 25_uribl.cf has not been changed from defaults. Can anyone see why my
URIDNSBL tests are not firing?
Thanks!
Craig
debug: SpamAssassin version 3.0.2
debug: Score set 0 chosen.
debug: running in taint mode? yes
debug: Running in taint mode, removing unsafe env vars, and r
Quoting Matt Kettler <[EMAIL PROTECTED]>:
> Craig. One thing that REALLY jumps out at me is that there's no mention
> of init.pre by the rulefile parsing debug output.
And you would, of course, be absolutely correct. That was the problem.
My /etc/mail/spamassassin directo
he SARE ruleset, which I'm not using at the moment.
So I've attached the .cf for anyone who's interested, please feel free
to use it however you see fit. I'd be grateful for any suggestions to
reduce FP's, masscheck results, or suggestions for better places to
submit t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Anyone spot the deliberate mistake? :-(
Craig. - This time with the attachment.
-
Dear list,
I've got a few local rules which I use to supplement the basic SA
installation (3.0.2), but I don't really have a sizeable ham/spam corpus
to
.. Pointers, corrections etc. welcome as
always.
Regards,
Craig.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFCXZmkMDDagS2VwJ4RAohYAKDx631Ya2sxgwJ76vLCHFKgYwTLEQCeMkxE
IdzMVRyuNtJb+XR8x27k22Y=
=+tzz
-END PGP SIG
; efficiency.
Or just switch off SA scanning of that customer's mail for a day or so,
that should give them an idea of how effective it is... ;-)
Craig.
ars to me a timely reminder, as if one were
needed, that some spammers know what measures are being used against them
and learn how to combat at least some of them.
Three cheers for Bayes and the SARE ninjas, then!
Kind Regards,
Craig.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ron Shuck wrote:
| Has anyone ever seen a situation where entries in the black_list are not
| being used or matching?
Yes.
Kind Regards,
Craig.
P.S Perhaps you could be more specific?
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.6 (GNU/Linux
, procmail..)?
Cheers,
Craig.
Ron Shuck wrote:
| I am using SpamAssassin 3.0.2. I have entries in
| /etc/mail/spamassassin/local.cf like blacklist_from [EMAIL PROTECTED] I
| have restarted SpamAssassin, but I have received messages from
| domain.com and USERS_IN_BLACKLIST is not one of the tests notated in
all addresses
taken from the following set of headers:
~Envelope-Sender
~Resent-Sender
~X-Envelope-From
~From
So we really need to see if the envelope sender info made it into the
headers, which is not guaranteed.
Craig.
-BEGIN PGP SIGNATURE-
Version: Gnu
elieve is not
against RFC2822, as stated, provided it is in a quoted string). It would
be interesting to see the full headers of the message that hit this rule.
BTW, why have *any* single rule scored at 20? Especially this one.
Craig.
-BEGIN PGP SIGNATURE-
Version: GnuPG
cially this one.
|
This question, however, still stands.
Regards,
Craig.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFCcrGwMDDagS2VwJ4RAqE6AJ9Rf9NwAZAqu0puwwki4ps52j7xogCaAqy2
cZdJXxC16uzfmjXcat8f65I=
=KJL+
-END PGP SIGNATURE-
to reject mail if it scores above a certain level
using the "-r " option. If this is how it's being called, any message
scoring over will be rejected by sendmail. Consider setting the
figure higher, or removing the -r option.
Kind Regards,
Craig.
-BEGIN PGP SIGNATURE-
Versio
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Theo Van Dinter wrote:
| On Fri, Apr 29, 2005 at 11:14:10PM +0100, Craig McLean wrote:
|
|>| BTW, why have *any* single rule scored at 20? Especially this one.
|>
|>This question, however, still stands.
|
|
| If a rule doesn't FP for you
2 and still is on 3.0.3, using:
rewrite_header Subject **SPAM (_SCORE_)**
Kind Regards,
Craig.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.3 (FreeBSD)
iD8DBQFCd5s7MDDagS2VwJ4RAsa6AJ9gbK2ZzoPfC7kKKVGc0O3dN8DPIQCbBvHv
mz8HTQ7mFZkGKcdAu/P2OIw=
=2FO0
-END PGP SIGNATURE-
quest so suggestions, concepts and ideas can be tracked.
I agree. It's an annoyance rather than a bug, but the OP is right that
this FAQ seems to pop up rather a lot.
Kind Regards,
Craig.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Fedora - h
s. However, if I remove
the semicolons, and run it again, it hits on all the SURBLs. Needless to say,
it would seem some sneaky spammer has found another loophole...
Craig
this, and a couple of rules were suggested, but someone mentioned that at
least one of the rules results in a lot of FPs. Is anyone aware of a rule
that will catch these that doesn't trigger a lot of FPs?
Thanks!
Craig
ent we are required to attach to all outbound emails. J
That's OK, I didn't read it ;-)
Kind Regards,
Craig.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.3 (FreeBSD)
iD8DBQFCgNnuMDDagS2VwJ4RAqiLAKDHx2mYUXfsBozgKgCemZHPhSaiJQCg7Rmq
7PeJrloAEB8HNWcjEq3ieU8=
=1baq
-END PGP SIGNATURE-
ing manually on my personal inbox once it's been checked
for suspect meat product, or let SA autolearn it.
Spam-traps are useful for many reasons, one of which is to see what might
be getting through. It's one of the compelling reasons that clamav is now
installed here, and why I have a bundl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
jdow wrote:
| From: "Craig McLean" <[EMAIL PROTECTED]>
|
|>-BEGIN PGP SIGNED MESSAGE-
|>Hash: SHA1
|>
|>Johnson, S wrote:
|>
|>>
|>>I'm looking at creating an email address to capture sp
. I've never used this tool.
Kind Regards,
Craig.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFChNcSMDDagS2VwJ4RAp1jAJoDJ/WCiNhdFAO51C/qKLRVnfiq6ACgryh1
YmT+zXXw8VEwl6+qpe2+Cg8=
=zy0U
-END PGP SIGNATURE-
headers below.)
Now correct me if I'm wrong, but 3.5 + 0.2 + 0.1 + 0.1 is not 4.1 ?
Kind Regards,
Craig.
- -original headers-
Return-Path: <[EMAIL PROTECTED]>
Received: from mta126.mail.ukl.yahoo.com (mta126.mail.ukl.yahoo.com
[217.12.11.75])
by craig.dnsalias.com (8.12.10/8.12.10
ounding - orphaned.
RoundingIssues - this is not the issue I'm talking about, and in any
case was fixed in 3.0.
Yours in confusion,
Craig.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Fedora - htt
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Theodore Heise wrote:
|
| On Sun, 15 May 2005, Craig McLean wrote:
|
|
|>-BEGIN PGP SIGNED MESSAGE-
|>Hash: SHA1
|>
|>Loren Wilton wrote:
|>|>Now correct me if I'm wrong, but 3.5 + 0.2 + 0.1 + 0.1 is not 4.1 ?
|>|
|
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Craig McLean wrote:
| Theodore Heise wrote:
| |
| | On Sun, 15 May 2005, Craig McLean wrote:
| |
| |
| |>-BEGIN PGP SIGNED MESSAGE-
| |>Hash: SHA1
| |>
| |>Loren Wilton wrote:
| |>|>Now correct me if I'm wrong, but 3.5 +
matter how I execute things like...
sa-learn --rebuild
or
sa-learn --sync -D
it always corrupts in this fashion.
Any clues?
Thanks
Craig
what you want to use assuming that INBOX.mbox is
not a directory, it's also deprecated (at least in SA3.0.3). Further
assuming that the file is in mbox format, you'll need to use the --mbox
flag to sa-learn to tell it what to expect.
Good Luck!
Craig.
-BEGIN PGP SIGNATURE-
Versio
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Kenneth Porter wrote:
| I'd like to knock together a utility for invoking SA against messages in
| an IMAP store..[snip]
Kenneth,
I use DMZS-sa-learn here, with some local modifications.
http://www.dmzs.com/tools/files/spam.phtml
Regards,
the users cannot view the contents of that public
folder.
Examining the properties of the servers public folders, I cannot see any
settings that would change the format of the message. If I check the
properties of the public spam folder w/Outlook, it is set to use
IPM.post.
I hope this hel
The setting here is "Determined by individual user settings". Also the
messege encoding is set to MIME and both is selected.
I'm going to keep an eye on the folder and make sure it keeping the
original format.
Craig
-Original Message-
From: Wolfgang Zeikat [mailto:[
OK Ninja's, here's your chance to pre-empt the next wave of male
empowerment medications.
Some truth's, some embellshment (Dr. Longwell?):
http://www.pugbus.net/artman/publish/05252005_premature.shtml
(how many variations of dapoxetine can be generated?)
Hi,
I'd like to change/reset-to-zero the autowhite list value for a sender.
I read the man page (Mail::Spamassassin::Autowhitelist) but don't
comprehend the syntax.
Can someone give me a hint?
Thanks,
Craig Jackson
Where I can find docs for local.cf and usaer_templates rules and tests.
For instance, I have added some whitelist entries like this,
whitelist_from_rcvd [EMAIL PROTECTED]google.com
which is not working. The spam score is 5.0/5.0 so it is still tagged.
Thanks,
Craig Jackson
I'd like to turn off AWL. I remember there used to be a switch in SA to
do this but it's not there any more. I start spamd with -x -L
Thanks,
Craig Jackson
Craig Jackson wrote:
Where I can find docs for local.cf and usaer_templates rules and tests.
For instance, I have added some whitelist entries like this,
whitelist_from_rcvd [EMAIL PROTECTED]google.com
which is not working. The spam score is 5.0/5.0 so it is still tagged.
Thanks
ion = ${if <{$message_size}{200k}{1}{0}}
spam = mail:true/defer_ok
warn message = X-Cheetah-Report: $spam_report
condition = ${if ! def:h_X-Cheetah-Spam:}
condition = ${if <{$message_size}{200k}{1}{0}}
spam = mail:true/defer_ok
Thanks
Craig Jackson
Bayes in SA. We use Spamcop (in
Exim) but I disable all of the DNS tests in SA. I think those SA DNS are
actually very good and may try them. Until now I have been concerned
with Network traffic.
Good luck,
Craig Jackson
Ryan L. Sun wrote:
HI,
Where can I find SpamAssassin rules' meaning and examples?
Some rules are easy to understand from its name, while others are not
easy to figure out what's the rule stands for. If there are some
examples for a specific rule, that would be great.
Thank you.
man Mail::Spam
many false positives.
1) What do the enclosing {} mean?
2) What is the ?If you would point to a tutorial that covers this I would be grateful. I
have checked a few beginner regex sites and even read most of the regex
book, but don't remember this particular syntax.
Thanks,
Craig Jackson
Craig Jackson wrote:
Hi,
Our small business never receives mail from top level domains other than
com,net,org,mil,edu,gov,and us -- except spam. Additionally, we never
receive email with links containing other level domains -- except spam.
The logic is that we are small and do no business
ve no mercy.
Craig Jackson
Wolfgang Zeikat wrote:
On 06/01/05 20:50, Craig Jackson wrote:
Hi,
I created these tests which I find very accurate for detecting spam
and so thought I'd let the list have a view. Lots of numbers or
consonants in the reply-to usually bodes ill.
Good point about the reply-to, t
D]" which would trigger your first rule.
Pierre Thomson
BIC
-Original Message-
From: Craig Jackson [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 01, 2005 2:50 PM
To: users@spamassassin.apache.org
Subject: Couple of useful tests
Hi,
I created these tests which I find very accurate fo
re, fishy.
Any comments on Overstock and Staples?
Has anyone else noticed others in this same category that sent at this
frequency?
(just want to compare notes)
Rob McEwen
PowerView Systems
There's a good chance your users are actually signing up for that stuff.
Ours do.
Craig Jackson
I notice that the return-path: is often different from the from:
But my return-path: tests all fail. Here's one:
header RETPATH_NUMS_CJ Return-path =~ /[0-9]{6,}/
score RETPATH_NUMS_CJ 3.000
It will successfully match From:addr or Reply-To: but Return-path is
silent. Yes, I tried Return-Path,
David B Funk wrote:
On Sat, 4 Jun 2005, Craig Jackson wrote:
I notice that the return-path: is often different from the from:
But my return-path: tests all fail. Here's one:
header RETPATH_NUMS_CJ Return-path =~ /[0-9]{6,}/
score RETPATH_NUMS_CJ 3.000
It will successfully match From
Nigel Frankcom wrote:
A colleague has written a script to supply some summary (and detail)
statistics for SA.
Actually its a work in progress, but what it does it does well.
Craig Morrison has written a script for logwatch that shows message
scan times and a mean average - plus a few other
orks pretty well. In general I think
it best to keep the junk off of Exchange.
Craig Jackson
Stuart Johnston wrote:
cjackson wrote:
Hi,
I flunked the IQ test so I need some help. I want to match all domains
in the body that are not in .com,.org.us,.edu,.gov and .mil. But
there's more. I need to match some characters at the end of the URI
that can often be found there such as >.?)*!
Bret Miller wrote:
I flunked the IQ test so I need some help. I want to match
all domains
in the body that are not in .com,.org.us,.edu,.gov and .mil.
But there's
more. I need to match some characters at the end of the URI that can
often be found there such as >.?)*!"';
The rule would match
to be tagged as spam. It would be nice if I could show them in
the header at the workstation, rather than run a test from my
workstation and print it out. If this can already be done, let me know
and I'll figure out how to do it.
Thanks,
Craig Jackson
f the rule names/
scores.
Thanks,
Craig D. Cocca
Lead Developer
ULTIMATE Internet Access
[EMAIL PROTECTED]
Hello all,
I've had a good look around but am unable to find an answer to this
exact scenario. I've had a bash @ using global settings on the
user_pref's file, but didn't appear to work, so figured I'd ask. If you
are aware of a reference to this that I've missed, I apologise.
Pretty much al
>
Don't know about 3.1.3, but Axel hosts 3.1.2 at atrpms.net:
http://atrpms.net/dist/fc4/spamassassin/
instructions on setting up yum to use the atrpms repo can also be found
on the site:
http://atrpms.net/install.html
C.
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTE
.
> Some humor was needed.)
You mean calling GPL License 'nonsense' wasn't your best effort of the
day?
You hurled similar bombshells on other lists?
Craig
ago.
FWIW I have had real success using FBSD-6.0-RELEASE, SA from CPAN and
spamass-milter and sendmail from the ports collection. Just lately I've
moved away from the milter, towards a procmail-based SA setup for better
configurability. Ping me if you want more details.
C.
- --
Craig McLea
efraud me. Maybe I won't bother
> playing their game.
>
> Loren
Heh, got this one yesterday:
From: "Lazarus Dennis"
To: <[EMAIL PROTECTED]>
Subject: bastard
And thought, why's he calling me a bastard? Maybe he knows his crap
isn't going to get through.
mple 555.555., 555-555-, 555 555 , 555-
555-, (555)555., etc etc. So you have to write your rules to take
that into account.
Craig
other lists locally ? Commercial agreements
also are ok.
Are you running a local caching nameserver?
For my group that seems to help a great deal.
--
Craig
ds a lot of requisite perl packages and
finally mailscanner itself into rpm files and installs the rpm's (or not
if you already have newer versions of the rpm's installed already). It's
a sophisticated, comprehensive approach to installing a whole lot of
stuff and doing it the way the system is configured (via rpm).
Craig
Cabell
>
> -----Original Message-
> From: Craig White [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, July 25, 2006 12:00 PM
> To: users@spamassassin.apache.org
> Subject: Re: Help for beginner
>
> On Tue, 2006-07-25 at 14:16 -0400, Theo Van Dinter wrote:
> > FWIW, Dale&#x
On Tue, 2006-07-25 at 16:02 -0600, Nels Lindquist wrote:
> On 25 Jul 2006 at 14:17, Craig White wrote:
>
>
>
> > http://www.mailscanner.info/linux.html
> >
> > This is the information page for installing MailScanner on RPM based
> > Linux system.
> >
r better yet, use mockingbirds instead of pigeons,
I think this new internet architecture will stop the spammers in their
tracks. No, really, it will.
Either that or get them shat on, which would be a messy affair. :-D
/me goes back to lurking...
--
Craig
add_header all Status _YESNO_, hits=_HITS_ required=_REQD_ tests=_TESTS_
autolearn=_AUTOLEARN_ version=_VERSION_
report_safe1
The point is, who or what is calling spamassassin..
You have to have something in the mix of things that is screwing with
your headers. Even with report_safe 0, SA adds the X-Spam* headers..
--
Craig
d whatever is calling SpamAssassin
(MailScanner) should be at least faking it in the message it hands SA.
Daryl
http://wiki.apache.org/spamassassin/EnvelopeSenderInReceived
Is also useful for the bag of tricks too..
--
Craig
http://www3.2cah.com/spam/sa_slowhtml.txt
I got inundated with messages similar to this today. The average scan
time here for these is 25+ seconds when the box is under _low_ load.
My guess is that it has to do with the number of URLs.
Any thoughts on this?
--
Craig
ago, I was getting
flooded with these, and I solved the problem by using the SARE_HTML_NO_BODY
rule from 70_sare_html4.cf. However, this rule does not seem to hit on this
recent crop of empty messages. I have no idea why.
Is anyone else seeing these, and more importantly, does anyone have a rule for
them?
Craig
rule would be failing. Can you post one as a txt message
Sure:
http://pastebin.com/769187
Note that I am aware that I am running an older version of SA (3.0.x).
Unfortunately, upgrading is not feasible at this time.
Thanks for any help or advice you can give!
Craig
with lookups in http://www.rulesemporium.com/cgi-bin/uribl.cgi
This is SpamAssassin 3.1.5, all was fine in 3.1.2.
For now I have set both those tests to 0.00.
Don Craig
And Theo Van Dinter pointed out:
You're not by chance using the opendns.{com,org} folks for DNS, are you?
Of course. I'm an idiot. I switched to OpenDNS a couple of weeks back.
Time to return from whence I came. Thank you,
1 - 100 of 255 matches
Mail list logo
