On Mon, 23 Oct 2006, Jo Rhett wrote:
> David B Funk wrote:
> > On Thu, 19 Oct 2006, Jo Rhett wrote:
> >
> >> Richard Frovarp wrote:
> >>> Or for any machine that hosts more domains than has IPs. Even being able
> >>> to edit the reverse doesn&
On Wed, 25 Oct 2006, Joe Flowers wrote:
> Ken A wrote:
> > It should be mentioned that envelope To: is not there for a reason.
> > :-( Including it in the header will remove the privacy enabled by Bcc,
> > so if you have privacy considerations to worry about, you might think
> > twice.
>
> I pre-p
On Thu, 9 Nov 2006, Pascal Maes wrote:
> hello,
>
> Sometimes, I get the following errors :
>
>
> [2006-11-09 17:42:54] Unexpected error in pipe to external programs.
>Please check that all helper programs are
> installed and in the correct path.
>(P
On Tue, 14 Nov 2006, wrote:
> whitelist_from_rcvd *.mail.mud.yahoo.com *.bullet.scd.yahoo.com
>
Um shouldn't that first component be in address format?
EG:
whitelist_from_rcvd [EMAIL PROTECTED] yahoo.com
Also that second argument doesn't need that '*'. It already
patern matches again
On Fri, 10 Nov 2006, Tony Finch wrote:
>
> They have a forged Received: line which has a "by" field containing the
> domain of the recipient address, a "for" field which matches the From:
> header, and an "id" field of the form XX-XX-XX (similar to Exim's
> queue IDs, though Exim IDs are a
On Thu, 16 Nov 2006, Christian Recktenwald wrote:
> On Wed, Nov 15, 2006 at 11:14:12PM -0600, David B Funk wrote:
> >
> > You're trying too hard.
> > Look at that 'Date:' header, they've got a bogus time-zone value.
> > It's syntactically RFC
On Mon, 20 Nov 2006, Leon Kolchinsky wrote:
> Hello,
>
> There is a Mail-Relay administered by another person and its MX record stand
> before MX record of my mail server, so theoretically mail should go first
> through Mail-Relay to my server.
>
> The thing is that for some reason there are muc
On Tue, 28 Nov 2006, Richard Frovarp wrote:
> Steven W. Orr wrote:
> > Here's the game. I host my own domain on my own machine off the
> > not support this; i.e., it can only reject mail *to* an address that
> > doesn't exist.
> >
> > Is there a way to do this?
> >
>
> Sendmail can reject based o
On Tue, 28 Nov 2006, Evan Platt wrote:
> Now:
> [2006-11-28 13:08:00] Unexpected error in pipe to external programs.
>Please check that all helper programs are
> installed and in the correct path.
>(Pipe Command "/sw/bin/giftopnm -", Pipe exit
> code
On Tue, 28 Nov 2006, Evan Platt wrote:
> Thanks to everyone especially Decoder, I think I'm up and running.
>
> png is the only one not working.
>
> Any reason NOT to assign 10 points to fuzzy ocr tripped words?
>
> I mean I wouldn't add 10 points just because someone typed the V word
> in an e-ma
On Fri, 1 Dec 2006, Nick Leverton wrote:
> On Friday 01 December 2006 11:33, Chris Lear wrote:
> > I got an EasyJet confirmation E-mail that scored like this:
>
> whitelist_from_rcvd [EMAIL PROTECTED] savvis.net
>
FYI, easyjet.com appears to have a valid SPF record, so
whitelist_from_spf [EMAI
On Fri, 1 Dec 2006, Loren Wilton wrote:
> > HTML_FONT_FACE_BAD=0.156
> > HTML_MESSAGE=0.001
> > HTML_TINY_FONT=2.324
> > MARKETING_PARTNERS=1.765
> > MIME_HTML_MOSTLY=1.102
> > SARE_OBFU_AMP2B=2.555
> > SARE_SPEC_LEO_LINE03a=0.408
> >
> > I think the "Received: from mail pickup service" line is ca
On Sun, 3 Dec 2006, Chris wrote:
> I got this in my inbox today, I believe it to be real, however I'll post the
> headers below. The reason I think it may be real is that there is some
> person out there named Carol Pollock who for some reason and some how is
> using the email address of [EMAIL PR
On Tue, 5 Dec 2006, Jo Rhett wrote:
> René Berber wrote:
> > It's the same one I posted before:
> >
> > Received: from MARISELA (dsl-189-149-70-163.prod-infinitum.com.mx
> > [189.149.70.163] (may be forged))
> > (authenticated bits=0)
> > by mail.legosoft.com.mx (8.13.8/8.13.8) with ESMTP
On Thu, 7 Dec 2006, Steven Stern wrote:
> John D. Hardin wrote:
> > On Thu, 7 Dec 2006, Steven Stern wrote:
> >
> >> I've been getting lots of these "get out of debt" messages. It
> >> looks like the last stop before getting here is a gmail server.
> >> Could they have an open relay?
> >
> > Have
On Thu, 7 Dec 2006, Steven Stern wrote:
> David B Funk wrote:
> > If you buy into the spamcop premium service one of the things that
> > you gain is the ability to modify their report and add such notices.
> > Best to send it directly to Google's abuse address.
>
On Wed, 13 Dec 2006, vertito wrote:
> I have this rule from local.cf
>
> body MY_harsh_content_RULE18/cid:/is
> describe MY_harsh_content_RULE18Harsh body content
> score MY_harsh_content_RULE18 5.0
>
> but still I am receiving this HTML spam emails that scores lower than 2.0.
>
On Fri, 26 Jan 2007, Daryl C. W. O'Shea wrote:
> >
> > Some of my incoming mesasges involve messages forwarded to my server via a
> > rule from accounts that some of my clients have on other ISPs mail servers.
> > For such incoming messages, I have been creating a temporary copy of the
> > mess
On Mon, 29 Jan 2007, John Rudd wrote:
> It doesn't have to be firewalled. It just has to be non-answering on
> port 25. It's called "nolisting".
>
> I've thought about doing something similar. Nolisting only says:
>
> MX 1 non-answering.host
> MX 10 real.host
>
> But adding the non-answering h
On Thu, 1 Feb 2007, Bob McClure Jr wrote:
> > host 66.251.54.6
> > 6.54.251.66.in-addr.arpa domain name pointer outbox2.onceanddone.com.
> >
> > host outbox2.onceanddone.com
> > outbox2.onceanddone.com has address 66.251.51.6
> >
> > host 66.251.51.6
> > Host 6.51.251.66.in-addr.arpa not found: 3(
On Fri, 13 Jan 2006, Mike Sassaman wrote:
> Thanks everyone for your suggestions. This is what I've done:
>
> required_score 4
> rewrite_header Subject *SPAM*
> add_header all Report _REPORT_
> use_razor2 1
> razor_config /etc/mail/spamassassin/.razor/razor-agent.conf
> razor_timeout 600
On Mon, 16 Jan 2006, Mike Sassaman wrote:
> % spamassassin --lint shows no output, so I'm thinking that means no
> problems in my local.cf.
Good, 'spamassassin --lint' should show no outout, it ony barks when
there's something wrong. Now 'spamassassin --lint -D' gives -tons-
of output, but any er
On Thu, 19 Jan 2006, Mike Sassaman wrote:
> > Well, if SA can't parse the format generated by your
> > mailserver, that would
> > affect all messages which don't have any additional Received:
> > headers beyond the
> > local delivery (which would be nearly all your spam/virus email).
>
> Fair enou
On Fri, 20 Jan 2006, Mike Sassaman wrote:
> Well, I basically chose smtp-vilter because it was one of two milters in the
> OpenBSD ports tree and therefore I figured it would be easiest to integrate.
> I may have been wrong there...
>
> I contacted smtp-vilter's author and he said there was a know
On Tue, 24 Jan 2006, Matthias Fuhrmann wrote:
> > > whitelist_from_rcvd [EMAIL PROTECTED] domain
> > > whitelist_from_rcvd [EMAIL PROTECTED] 127.0.0.1
> > >
> > > and some more, but all failed.
> > > what went wrong, or does anyone know the correct pattern for
> > > whitelist_from_rcvd and mailman
On Wed, 15 Feb 2006, Bill Landry wrote:
> If you cannot prevent the message from being fed to SA via your MTA, you
> could use something like this in SA:
>
> whitelist_from_rcvd [EMAIL PROTECTED] apache.org #
> SpamAssassin List
>
> And if you are using bayes, you might also want to incl
On Mon, 27 Feb 2006, Johann Spies wrote:
> New information came to light and I retract my insinuation that SORBS
> was unreasonable: Apparently the owner(s) of the spesific mailing
> list populated the list with names harvested from the internet.
>
> Apologies to SORBS.
>
> Regards
> Johann
That
On Wed, 1 Mar 2006, Philip Prindeville wrote:
> Loren Wilton wrote:
>
> >>could I be doing that would avoid this sort of FP?
> >
> >You don't seem to be running net tests. I see headers for both SPF and
> >DomainKeys in that mail. These tests should have pulled the score down by
> >some amount i
On Fri, 3 Mar 2006, Philip Prindeville wrote:
> mouss wrote:
>
> >Philip Prindeville a écrit :
> >
> >
> >>I'm curious to know how the message could have been routed and delivered
> >>without ever getting an Message-Id: stamped on it...
> >>
> >>Sendmail, for instance, will always add a message-id
On Wed, 15 Mar 2006, Theo Van Dinter wrote:
> The problem is caused by a specific feature that was added into
> SpamAssassin in 3.1.1 -- namely that we'll use the same line endings that the
> original message uses (LF vs CRLF). spamass-milter relied on the previous
> behavior (always use LF), whi
On Wed, 15 Mar 2006, Stewart, John wrote:
> Also, and this is perhaps a bigger issue, if we were to set up a seperate
> SMTP server for only outgoing mail (and not incoming), would it be an issue
> if this outgoing SMTP server is not in the MX records for the artesyncp.com
> domain.
>
> So, for ex
On Tue, 28 Mar 2006, mouss wrote:
> Another thing is that I can't find a way to get the SA headers (as they
> would be added by spamassassin) without having the full message sent
> back (SYMBOLS doesn't return the score of each test). or am I missing
> something?
Use the 'REPORT' or 'REPORT_IFSPA
On Thu, 30 Mar 2006, mouss wrote:
> > Use the 'REPORT' or 'REPORT_IFSPAM' spamd command instead of 'SYMBOLS'
> > or 'PROCESS' to get the full score report but not the full message.
> >
>
> This requires parsing the message.
>
>
> I would like getting something like:
>
> ALL_TRUSTED=-1.44,MISSING_S
On Wed, 29 Mar 2006, Matt Kettler wrote:
> Andy Spiegl wrote:
> > Hi, I'm wondering why the default score for SPF_HELO_FAIL is only 0.001?
> > On the other hand SPF_HELO_SOFTFAIL adds 3.14
> >
> > After reading "man Mail::SPF::Query" I thought fail is a lot worse than
> > softfail, right?
>
> At l
On Mon, 3 Apr 2006, Matt Kettler wrote:
[snip..]
> (who on earth still uses SRV records for anything?)
The 800 Lb Gorilla of Redmond. ;)
Most modern Kerberos clients will use them to find KDCs
if properly set up.
--
Dave Funk University of Iowa
College
On Thu, 6 Apr 2006, Ed Kasky wrote:
> I have the following in /etc/mail/spamassasin/local.cf
> required_hits 6.9
>
> Yet I just noticed the following that started at some point Tuesday:
>
> Content analysis details: (18.3 points, 5.0 required)
>
> It's true for all users. I double checked fro m
On Wed, 12 Apr 2006, martin wrote:
>also, just wonder why at spam.log, some scanned message can't log down
> msgid
> (which at maillog using)
Because some messages arrive at your MTA without a msgid to log
(usually a sign of either a forged message or a brain-damaged
sending MTA).
The stand
On Tue, 11 Apr 2006, Dallas L. Engelken wrote:
> > The problem seems to be that rawbody looks at the message "one
> > line at a time". I won't bore you with every way I've
> > tried to create a rule that spans this line break, but
> > none of them have worked.
> >
> > Has anyone enountered/resolv
On Thu, 13 Apr 2006, martin wrote:
> thx info, that mean that if email don't given msgid when arrived, sendmail
> default will add itself id for this mail and this msgid will not pass to
> milter?
> So is it no method to find related message from maillog at such case?
Exactly so.
Usually you c
On Fri, 28 Apr 2006, Dan wrote:
> > It looks like it might have some interesting purposes. But for the
> > most part, I can't think of what you would use it for. I can't
> > think of a single example where SARE could have used this before.
>
> Actually, the way I expect to use it is more like:
>
>
On Wed, 3 May 2006, Brent Kennedy wrote:
> rules. The issue before here, is that spamassassin doesn't split emails up
> between recipients when a message is sent to multiple people. If one user
> is on the whitelist_to or all_spam_to or some_spam_to list, then everyone
> gets its.
[snip..]
This
On Mon, 1 May 2006, Dan wrote:
> Bummer. That works with absolute blocking, like with narrow
> professional spammer ranges, but not so well with IP based suspect
> ISP, country or regional scoring for mixed spam/ham. I'll keep looking.
Can be done with brute-force rule creation, EG:
# ISKIMA
On Tue, 9 May 2006, martin wrote:
> Matt Kettler comcast.net> writes:
> > >
> > SpamAssassin cannot be configured to drop mail at all.
> >
> > Based on how SA integrates into the mail chain it can only modify the
> > contents of the message. It has no ability to delete or alter message
> > delive
On Mon, 15 May 2006 [EMAIL PROTECTED] wrote:
> Dan wrote:
> > the accuracy of the test is dependent on finding a
> > minimum count (30 and 60). Atomic groups are also not working:
> >
> > full FloatingTags3 /(?>>\s?[\$%A-Z0-9]\s?<.*?){90,}/is
>
> Two problems: .*? could go on forever, and {90
On Mon, 15 May 2006 [EMAIL PROTECTED] wrote:
> David B Funk wrote:
> > what is the meaning of ".{,50}?"
>
> a{m,n} matches any string of at least m and at most n copies of "a".
> a{m} is a shortcut for a{m,m}
> a{m,} has no upper bound on the length
&
On Mon, 15 May 2006 [EMAIL PROTECTED] wrote:
> David B Funk wrote:
> > Thus my suggested alternative to give it something to chew on
> > ('[^>]{0,50}') rather than the '.{0,50}' to provide an explicit
> > termination criteria.
>
> The termination
On Tue, 16 May 2006, Craig McLean wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> [snipped]
>
> I use this style to catch a couple of common text formatting oddities
> caused by machine-generated input, see:
> http://fukka.co.uk/sa-rules/local/textstyles.cf
>
> Thinking about it, this
On Wed, 17 May 2006, Stuart Johnston wrote:
> > "Every variation" includes the whole world: FREE. To exclude the whole
> > word, I created a meta exception but as you might guess, this also finds
> > the whole word elsewhere in the same message. While its odd to have one
> > word mangled and ano
On Fri, 19 May 2006, Mark Martinec wrote:
> > it's accually a 13 mg file
>
> a 13 milligram file, that is an amazingly lightweight file!
>
> (sorry, coudn't resist)
Well, you know how it is, even billions of those electrons
don't weigh very much. ;)
--
Dave Funk
On Wed, 24 May 2006, Rich Winkel wrote:
> According to Andrzej Adam Filip:
> > How do you deployed spamassassin?
>
> I use a milter ...
>
> Rich
Specifically which milter?
Different milters have different features/options for that task.
I use "miltrassassin" which did not have that feature, so I
On Fri, 26 May 2006, wrote:
> Is this a valid Message ID?
>
>
>
>
No, see RFC-2822 section 3.6.4
It clearly says that a Message ID must be:
\s "<" id-left "@" id-right ">" \s
where you can more-or-less call the left & right parts: [\w\.-\?]{1,}
(using perl reg-ex syntax, this is a
On Wed, 31 May 2006, Thomas Bolioli wrote:
> I have included the mailing in it's entirety below. Is this an old trick
> I just have not seen or is this something new using mailman to send
> spam. I assure you I neither signed up nor confirmed a submission for
> this mailing list. Is this just a po
On Fri, 2 Jun 2006, Marc Perkel wrote:
> The reason I chose MyDNS was it was MySQL based and could be updated
> live. And I thought that if I added a field that set an expiration of
> now+24 hours then I could expire old entries with a simple script.
rbldnsd can be updated semi-live. Every "check
On Wed, 21 Feb 2007, R Lists06 wrote:
> May I ask...
>
> Whis is this thread named as such.
>
> Does Google help fund SA efforts in one or multiple ways?
>
> If so, may I ask how or directions to already posted docs on it?
>
> - rh
>
> --
> Robert - Abba Communications
Yes, if you Goole for "Goo
On Thu, 22 Feb 2007, Daryl C. W. O'Shea wrote:
> John Fleming wrote:
>
> > I also see an occasional message header that includes
> > "autolean=unavailable" - It that what ends up in the messages where the
> > tie fails?? I don't get the intermittent nature of this.
>
> Yes. Learning is slow. If
On Thu, 22 Feb 2007, Daryl C. W. O'Shea wrote:
> David B Funk wrote:
> > On Thu, 22 Feb 2007, Daryl C. W. O'Shea wrote:
> >
> >> Yes. Learning is slow. If two spamd children try to learn at the same
> >> time only one will get a lock to write to the da
On Thu, 8 Mar 2007, Matt Kettler wrote:
> Directories should have RWX permessions, not RW.
>
> In Directories, X takes on a different meaning, and refers to the
> ability to list files in the directory.. Without that, apps can only
> open files they already know the exact name of.
No the 'r' bit
On Sun, 11 Mar 2007, gable wrote:
>
>
> we have monitoring in place .. zabbix in this case .. The process isn't
> dying, tailing the logs .. and checking processes .. the spamd process is up
> and running ... but the connection between spamc and the daemon isn't
> talking correctly A fellow s
On Tue, 13 Mar 2007, Damon McMahon wrote:
> Greetings,
>
> I'd like to integrate SpamAssassin with the sendmail vacation(1)
> autoresponder program. According to sendmail's vacation(1) man page:
>
> 'Messages will not be replied to if any of the following conditions are true:
> ...
> - A ``Precede
On Fri, 23 Mar 2007, Loren Wilton wrote:
> Well, of course you can't "block" with SA itself. But I assume you knew that.
>
> You can't do what you want quite the way you showed it. But you can get the
> effect you want:
>
> header __MC_MY_FROMFrom =~ /[EMAIL PROTECTED]/i
> header __MC_MY_EN
On Wed, 23 May 2007, Doug Phillips wrote:
> Hi all. I'm working with an issue that has been really driving me
> crazy. I've searched the archives and not found anything that is really
> pertaining to my problem, so I'd like to run this by the list and see
> what I'm missing.
>
> First off, confi
On Thu, 19 Jul 2007, Dave Pooser wrote:
> Actually I've seen one C/R variant that addresses the backscatter C/R issue
> quite nicely; it dropped the suspected spam in a quarantine folder and
> issued an SMTP fakereject after DATA that included a link to a website where
> the sender could release t
On Thu, 19 Jul 2007, Matthew Dickinson wrote:
> Hi,
>
> I'm using milter-p0f to add a "X-milter-p0f-Report:" to emails. Email are
> passed via spamassass-milter to spamd. I've written some rules, that I
> thought would catch things in the headers with spamd, but unfortunately they
> don't appear t
On Fri, 20 Jul 2007, John Rudd "@ucsc.edu" wrote:
> Jonas Eckerman wrote:
>
> > What do they think will happen when someone who doesn't know english
> > tries to send to a user of such a system that outputs english error
> > mesages that directs the sender to web pages with english instructions?
>
On Mon, 23 Jul 2007, Chr. v. Stuckrad wrote:
> On Mon, 23 Jul 2007, John Scully wrote:
>
> >... After adding the sanesecurity sigs to clamd last
> > week not one PDF has made it through. And since clamd unpacks and examines
> > every attachment anyway it is no additional loa
501 - 565 of 565 matches
Mail list logo
