Re: All RCVD_IN_VALIDITY rules being applied to every email.

On 18 Nov 2024, Nick Howitt stated: > The RBL's check the referring DNS Server. if you use someone like OpenDNS or > GoogleDNS, as many others do then, as far as the RBL > list is concernet it is receiving too many queries via those DNS servers. > > If you want to use these RBL's, it is recommend

Re: All RCVD_IN_VALIDITY rules being applied to every email.

On 18 Nov 2024, Bill Cole spake thusly: > On 2024-11-18 at 12:21:12 UTC-0500 (Mon, 18 Nov 2024 17:21:12 +) > Nix > is rumored to have said: > >> On 14 Nov 2024, Mark London uttered the following: >> >>> FWIW, Today I discovered that RCVD_IN_VALIDITY_CERTIFIED

Re: All RCVD_IN_VALIDITY rules being applied to every email.

inly does not mean you should run >>> dnsmasq locally, it means you need a REAL resolver. Unbound does a >>> good job without the rococo config options of BIND. Many people also >>> like the resolver half of the PowerDNS suite. > > On 18.11.24 18:18, Nix wrote: >>I

Re: All RCVD_IN_VALIDITY rules being applied to every email.

On 20 Nov 2024, Nick Howitt uttered the following: > > > On 20/11/2024 12:55, Nix wrote: >> On 19 Nov 2024, Greg Troxel told this: >> >>> Matija Nalis writes: >>> >>>> From >>>> https://knowledge.validit

Re: All RCVD_IN_VALIDITY rules being applied to every email.

On 19 Nov 2024, Matija Nalis stated: > On Mon, Nov 18, 2024 at 05:21:12PM +0000, Nix wrote: >> I'm not a high-volume site, a few thousand mails a day. If I'm blocked, >> probably more or less everyone is being blocked. (Are the DNSBLs above > > Yes, pretty mu

Re: All RCVD_IN_VALIDITY rules being applied to every email.

On 19 Nov 2024, Greg Troxel told this: > Matija Nalis writes: > >> From >> https://knowledge.validity.com/s/articles/Accessing-Validity-reputation-data-through-DNS >> : >> >>> Starting March 1, 2024, Validity will allow up to 10,000 requests to >>> anonymous users over a 30-day period. >> >>

Re: All RCVD_IN_VALIDITY rules being applied to every email.

On 14 Nov 2024, Mark London uttered the following: > FWIW, Today I discovered that RCVD_IN_VALIDITY_CERTIFIED, > RCVD_IN_VALIDITY_RPBL, and RCVD_IN_VALIDITY_SAFE, were being triggered for > every email that our server received.  I do not use a public DNS server.  I > disabled all of them.  Stran

Re: pyzor

On 22 Apr 2021, Eric Broch outgrape: >  pyzor.noarch 0:0.5.0-10.el7 Ah. Upgrade (pyzor moved, and is now found at https://github.com/SpamExperts/pyzor). Pyzor 1.0.* fixes this and many other problems, and is Python 3 compatible.

Re: OT - Possibly some good news

On 6 Jul 2017, Marc Perkel outgrape: > Hi Ted, > > You know what's interesting is that the adaptive immune system seems > to work a lot like a spam filter or an antivirus program. Heh, only if your spamfilters and/or antivirus programs intentionally launch computer viruses at themselves to corrup

Re: why don't banks do more against phishing?

Coming to this a few months late provides some... interesting perspective. On 24 Apr 2012, xTrade Assessory uttered the following: > Martin Gregorie wrote: >> But back to banking? In the UK, anyway, you don't need to be either >> intelligent or have any industry qualifications to run a bank. Back

Re: kam corpus

On 24 Jan 2018, Kevin A. McGrail uttered the following: > On 1/24/2018 6:08 AM, Rupert Gallagher wrote: >> >> Is this the "official" version of kam.cf? >> >> http://www.pccc.com/downloads/SpamAssassin/contrib/ >> > Yes.  Are there unofficial versions? I've long wondered whether there's an sa-upda

Re: TxRep increases sa-learn processing time exponentially

On 11 Feb 2019, Kevin A. McGrail uttered the following: > I would open a bug on bugzilla because that could be an issue but it > certainly points to optimization issues. This is probably . -- NULL && (void)

Re: TxRep increases sa-learn processing time exponentially

On 26 Feb 2019, n...@esperi.org.uk said: > On 11 Feb 2019, Kevin A. McGrail uttered the following: > >> I would open a bug on bugzilla because that could be an issue but it >> certainly points to optimization issues. > > This is probably .

Re: TxRep increases sa-learn processing time exponentially

On 27 Feb 2019, David Gessel told this: > > check https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7164 > > My amateur analysis was summarized in this message > https://mail-archives.apache.org/mod_mbox/spamassassin-users/201711.mbox/browser btw, that's not a message, that's a whole mailbox. :

Re: TxRep increases sa-learn processing time exponentially

On 27 Feb 2019, David Gessel said: > > check https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7164 > > My amateur analysis was summarized in this message > https://mail-archives.apache.org/mod_mbox/spamassassin-users/201711.mbox/browser Yeah, constantly recreating the factory unconditionally w

Re: SA memory (Re: ".*" in body rules)

On 6 Dec 2019, Henrik K. spake thusly: > On Fri, Dec 06, 2019 at 10:23:15AM +0100, Matus UHLAR - fantomas wrote: >> >On Thu, 5 Dec 2019 17:07:05 +0100 >> >Matus UHLAR - fantomas wrote: >> >>seems some big mails were too long to scan, and SA even got killed. >> >> >> >>[2146809.213586] Out of memor

Re: sa-learn absurdly slow on re-iterating over mailboxes (TxRep involved)

On 8 Jan 2020, Benjamin Block told this: > Now, if I run sa-learn again on the same folder (the manual says > "SpamAssassin remembers which mail messages it has learnt already, > and will not re-learn those messages again, unless you use the --forget > option.", so I think this is OK to do), it

Re: sa-learn absurdly slow on re-iterating over mailboxes (TxRep involved)

On 14 Jan 2020, Henrik K. said: > On Tue, Jan 14, 2020 at 12:05:57PM +0000, Nix wrote: >> >> I've come to the conclusion that TxRep is essentially unmaintained and >> basically doesn't work unless you use SQL storage, and have migrated >> back to the AWL, whi

Re: sa-learn absurdly slow on re-iterating over mailboxes (TxRep involved)

On 14 Jan 2020, Dean Carpenter spake thusly: > On 2020-01-14 7:05 am, Nix wrote: >> On 8 Jan 2020, Benjamin Block told this: >> >> ... looks like it to me. It's at least spotting the lock and breaking >> it, but it's still taking a second and a half to do i

Re: UTF-7 emails

On 5 May 2020, Bill Cole outgrape: > Apparently Evolution supports UTF-7 and can be set to use it with the > user being unaware of it. Probably user error -- UTF-7 is right below UTF-8 in the list of encodings supported by the composer, so it's easy to aim for UTF-8, hit UTF-7 and whoops...

Re: Mail::SpamAssassin::Plugin::DCC error on spamd start: util: refusing to untaint suspicious path: "${exec_prefix}/lib" ?

On 11 Jun 2020, PGNet Dev outgrape: > for anyone interested, it appears the config, as advised, is a bit of a mess > > using _explicit_ config of > >./configure \ >--with-installroot=/ \ > --mandir=/usr/local/man \ > --bindir=/usr/local/bin \ > --libexecdir

Re: 1-Megabyte Spam

On Wed, 01 Sep 2004, [EMAIL PROTECTED] yowled: > So I'm wondering - any ideas on dealing with giant-attachment spam? How many of SA's rules run over non-textual attachments? (rawbody rules, I guess... there are only 41 of those. Not many.) It might be worthwhile arranging to have two limits, one

Re: shifting the midpoint between the average spam and average ham

On Fri, 03 Sep 2004, Joe Flowers yowled: > When I say "ham and spam curves", I'm envisioning 2 bell curves on the same > graph, significantly separated - I hope, and SA > automatically/continually keeping "5.0" sitting right in the middle between > their peaks. The GA (in 2.x) or perceptron (in

Re: 1-Megabyte Spam

On Fri, 3 Sep 2004, David B. Funk stated: > If you -know- that the non-binary part is small/moderate, throw it at > SA anyway. SA is programmed to skip over binary parts and not even try to > scan their contents, so no loss of speed. Rawbody rules still apply to them, don't they? That was my point

Re: 1-Megabyte Spam

On Tue, 7 Sep 2004, David B. Funk mused: > On Mon, 6 Sep 2004, Nix wrote: > >> On Fri, 3 Sep 2004, David B. Funk stated: >> > If you -know- that the non-binary part is small/moderate, throw it at >> > SA anyway. SA is programmed to skip over binary parts and n

Re: [sa-list] Re: DSPAM-plugin for SpamAssassin 3.* ?

On Thu, 23 Sep 2004, Juhapekka Tolvanen spake: > "Myth 4: PERL is designed for language processing, so > SpamAssassin is written in a more appropriate language. > Let me preface this with the fact that I've had about 10 > years of experience coding PERL. ... yet he

Re: SA-Learn script

On Thu, 23 Sep 2004, Rubin Bennett said: > I've written a bash script that takes will run sa-learn against the > administrator specified False-Postive and False-Negative folders. Functionality-irrelevant pedant point: #!/bin/bash # Copyright (c) 2004 by Rubin Bennett <[EMAIL PROTECTED]> # All Ri

Re: Optimal amount of RAM?

On Thu, 23 Sep 2004, Paul Hutchings moaned: > The box is a PII-350mhz with 256mb ram and a pair of mirrored 10k SCSI > drives on a hardware raid controller, things vary but the machine processes > around 12,000 emails a week. > > I don't know much about the best ways to evaluate performance under

Sensible way to use SpamCop reporting?

I installed SA 3.0 (from SVN branch head) last night and found to my displeasure that it automatically reported all my spams to SpamCop. Rather, that was fine: the downside was that SpamCop bombed me with one email per spam reported, and required manual verification of every single one. Am I the

Re: Sensible way to use SpamCop reporting?

On Fri, 12 Nov 2004, [EMAIL PROTECTED] stated: > (And with >1000 spams a day, well, > the stuff comes in faster than I could verify them by hand in any case.) Note: where I said `verify', I meant `confirm' (i.e., with SpamCop). Mea culpa. Verifying that they're

Re: Sensible way to use SpamCop reporting?

On Fri, 12 Nov 2004, Larry stipulated: > You could comment out the "spamcop_to_address" in your configuration > file. Then SA will report to the "generic" spamcop address. Your > reports won't be given as much weight (whatever that means) but you > won't get the confirmation emails either. ... a

Re: Sensible way to use SpamCop reporting?

> I did once completely automate this using a script that fired > everything in my spam folder to spamcop, grepped 'sc?id' out of all > the spamcop replies, opened lynx with a command script which searched > for "Send Spam Report" and hit the link. This would be better done with LWP, I think; scri

Re: Solaris compile ld: fatal: Symbol referencing errors

On Tue, 16 Nov 2004, Keith Hackworth uttered the following: >> make[1]: Entering directory `/export/new_stuff/Mail-SpamAssassin-3.0.1' >> gcc -g -O2 spamc/spamc.c spamc/libspamc.c spamc/utils.c \ >> -o spamc/spamc -ldl -lnsl -lsocket >> Undefined first referenced >>

Re: sa-learn problem

On Fri, 19 Nov 2004, Bob Mortimer spake: > On Friday 19 Nov 2004 17:40, you wrote: > >> > when I try to sa-learn my ham/spam I get the following: >> > /usr/bin/sa-learn: /usr/bin/perl5.8.3: bad interpreter: No such file >> > or directory >> >> I've always thought that "No such file or directory" w

Re: OT - How often to reboot?

On Sat, 27 Nov 2004, Gary W. Smith yowled: > You only really need to reboot if you have applications that are poorly > writing and leak memory. s/applications/kernel modules/ If a memory leak propagates outside the app (and shared memory segments, and so on) it's the kernel's fault for letting

Re: sa-learn on a 15,000 email mbox file?

On Mon, 29 Nov 2004, [EMAIL PROTECTED] moaned: > Unless the address has never been used by a real person, you should > manually check each message to see whether it's spam. Personally, I > never have the endurance to check more than about 500 messages at a > shot. So I'd just cut it into files of a

Re: New Hardware

On Wed, 1 Dec 2004, Jeff Chan muttered drunkenly: > On Wednesday, December 1, 2004, 8:17:14 AM, Ronan Ronan wrote: >> how do i check whether SA is using >> the locally stored file or whether is still querying the surbl.org DNS? >> Is there an easy way if your not a bind / DNS guru? > > A dig may

Re: Image Composition Analysis

On Thu, 02 Dec 2004, Matt Kettler stated: > Actually, In my experience, DCC contains very little solicited > bulk. It also contains much less solicited bulk mail than razor > does. This is of course completely contrary to Razor's goal of not > containing solicited email, and DCC's claim of not cari

Re: Rules still not hitting right

On Wed, 1 Dec 2004, Matt Yackley yowled: > A few ways to look into this... [snip] Do you two mind trimming occasionally? Your top-posting is piling incredible amounts of quoted stuff on the ends of messages, and 900 lines of quotation for a few lines of comment is really excessive. Some subscribe

Re: Debugging lack of network tests

On Tue, 14 Dec 2004, Matt Kettler uttered the following: > At 11:47 AM 12/14/2004, Jon Dossey wrote: >>A lot of people are having problems resolving using the loopback address >>(127.0.0.1), try using an IP address that is bound to one of your NIC's. > > That's odd.. I myself have never done it an

Re: Debugging lack of network tests

On Tue, 14 Dec 2004, Matt Kettler stated: > At 06:27 PM 12/14/2004, Nix wrote: >>dig doesn't use the local nameserver unless you're looking up a name >>there: it queries remote nameservers directly. > > No it does not. By default, dig uses the nameservers in >

Re: Howto remove the X-Spam-Report: tag

On Thu, 6 Jan 2005, Roel Bindels murmured woefully: > Can anyone help me with my problem. I do not want SA to set the > X-Spam-Report: tag in the mail header or mailbody, but I can't find the > option how to set this. remove_header X-Spam-Report -- `The sword we forged has turned upon us Only n

Re: 3.02 on Debian Woody?

On 20 Jan 2005, Daniel Quinlan whispered secretively: > How do you remove a package installed with CPAN, anyway? Generate an autobundle, edit it, `rm -rf' your site-perl directory, and reinstall the autobundle. (Yes, it's a sick half-witted kludge.) >

Re: 3.02 on Debian Woody?

On Mon, 24 Jan 2005, [EMAIL PROTECTED] said: > What in the name of the great Fubar is an "autobundle" and how might > one gutsy enough to use one go about doing it? You create one by saying autobundle at the CPAN prompt. This writes a `bundle file' into your CPAN bundle directory (probably ~/.c

Re: how to call procmail for spam delete?

On Tue, 25 Jan 2005, Chris Santerre suggested: >:0: > * ^X-Spam-Level: \*\*\*\*\*\*\* > /dev/null > > Will delete only those emails scoring 7 or more. I find that very much clearer as :0 H: * ^X-Spam-Status: +(yes|no), +score=\/[^. ]* * ? (( ${MATCH} > 6 )) spambox because you don't have to co

Re: bayes db - export/import

On Fri, 28 Jan 2005, Justin Mason stated: > Rodney Green writes: >> I'd like to copy the bayes db to the temporary mail server so it can >> continue to be used and continue learning. >> >> Will I need to do some special export/import procedure or will I be >> able to just copy the db files into th

Re: using centralized spamasssassin machine

On Mon, 07 Feb 2005, Venelin Mihaylov stated: > I run spamassassin --list and no error were reported. > Could someone give a hint / idea on this issue ? How are you running spamd? Specifically, are you using the -i and -A options to make spamd listen on the appropriate interfaces and accept conne

Re: a problem with linux 2.6.11 and sa

On Thu, 3 Mar 2005, George Georgalis uttered the following: > I recall a problem a while back with a pipe from > /proc/kmsg that was sent by root to a program with a > user uid. The fix was to run the logging program as > root. Has that protected pipe method been extended > since 2.6.8.1? The enti

Re: a problem with linux 2.6.11 and sa

On Tue, 8 Mar 2005, George Georgalis announced authoritatively: > Here's what I'm doing that is broken. I use tcpserver (functionally > similar to inetd) to receive an incoming smtp connection. While the > smtp session is still open, the message is piped to a temp file which > is then scanned for s

Re: Excessive DNS Requests

On Tue, 22 Mar 2005, List Mail User stipulated: > 2) If you do mone than 10K messages a day, make your server "stub" > the roots of the bl domains. I'd be amazed if this was useful: if you're querying them, your nameserver should have queried them and cached them as a side-effect of

Re: yet another uribl evasion example

On Mon, 13 Jun 2005, Theo Van Dinter uttered the following: > On Mon, Jun 13, 2005 at 09:42:35PM +0200, wolfgang wrote: >> - 3.0.4 appears to bring new challenges (Net::DNS version and such) > > 3.0.4 should be a drop-in replacement for earlier versions. People seem > to be having issues if they

Re: Gocr gives an error while it is trying to read a pic sometimes

On 8 Aug 2007, Halid Faith said: > I use spamassassin3.1.7, fuzzyocr, gocr0.44 ( Before I used gocr 0.41 and > 0.43 ) > > Gocr gives an error while it is trying to read a picture sometimes as below; > > 1 - gocr -l 180 -d 2 -i italic.gif > giftopnm: Reading Image Sequence 0 > giftopnm: EOF or erro

Re: fake MX records

On 15 Aug 2007, Marc Perkel uttered the following: > I'm doing it and I'm not losing email from any senders. How can you possibly tell? You mean `none of the senders who I may have lost email from have noticed it and complained, or at least none have been able to get through to me to complain'. T

Re: Suggested botnet rule scores

On 17 Aug 2007, Robert Fitzpatrick verbalised: > Worms and spam have made it impossible for users to use their own > personal mail servers. Really? Fascinating, I'm doing the impossible. I had no idea. > More and more > ISP's are blocking p

Re: Suggested botnet rule scores

On 17 Aug 2007, Jerry Durand told this: > Why do they need a "personal mail server"? Well, I use my own MTA because I've had repeated problems with ISP MTAs losing my mail, corrupting it, going down at inconvenient moments (like Friday evening to come back up only on Monday). It's a single point o

Re: Suggested botnet rule scores

On 18 Aug 2007, Robert Fitzpatrick spake thusly: > On Sat, 2007-08-18 at 15:14 +0100, Nix wrote: >> On 17 Aug 2007, Robert Fitzpatrick verbalised: >> > Worms and spam have made it impossible for users to use their own >> > personal mail servers. >> >

Re: Suggested botnet rule scores

On 18 Aug 2007, Magnus Holmgren said: > On Saturday 18 August 2007 16:14, Nix wrote: >> On 17 Aug 2007, Robert Fitzpatrick verbalised: >> > ISP's are blocking port 25 from anything but their own stuff, especially >> > dial-up. >> >> Mine blocks until y

Re: Suggested botnet rule scores

On 18 Aug 2007, Kai Schaetzl stated: > Nix wrote on Sat, 18 Aug 2007 17:35:20 +0100: > >> Competent ISPs give you rDNS. (Really good ones delegate your rDNS to >> you.) > > So, your ISP is not competent? How would they give specific rDNS to > dynamic IP addresses, any

Re: Suggested botnet rule scores

On 18 Aug 2007, Kai Schaetzl said: > Nix wrote on Sat, 18 Aug 2007 15:14:53 +0100: > >> > Worms and spam have made it impossible for users to use their own >> > personal mail servers. >> >> Really? Fascinating, I'm doing the impossible. I had no idea. &g

Re: Suggested botnet rule scores

On 21 Aug 2007, Kai Schaetzl said: > Nix wrote on Tue, 21 Aug 2007 09:26:18 +0100: > >> It's not dynamic, but Botnet isn't just looking for dynamic IPed hosts, but >> also hosts with e.g. the string `adsl' in its rDNS, even if that host happens >> to have

Re: Suggested botnet rule scores

On 21 Aug 2007, Kai Schaetzl outgrape: > Nix wrote on Tue, 21 Aug 2007 09:27:11 +0100: > >> If anybody is really so stupid as to unconditionally block mail from >> hosts merely because of string matching in their rDNS, I'm not sure they >> *deserve* to see any email..

Re: Suggested botnet rule scores

On 22 Aug 2007, John Rudd spake thusly: > Nix wrote: >> My ISP doesn't give me that option (well, OK, it probably gives *me* >> that option because I can bug the ISP's technical director, but not >> people who've posted bonds). I'd venture to guess that

Re: For RMAIL in EMACS how do you setup a file of the spam messages?...

On 4 Feb 2008, Don Saklad said: > For RMAIL in EMACS how do you setup a file of the spam messages?... I suspect that RMS is the only other rmail user left on Earth. You could try asking him :) -- `The rest is a tale of post and counter-post.' --- Ian Rawlings

Re: "Nice girl like to chat" spam

On 18 Feb 2008, Jari Fredriksson told this: > All it takes is a Unix/Linux user who does not know about smart hosts Or who doesn't have one because it costs a lot extra and/or because the smarthost is unreliable (and, no, `just change ISP' doesn't work: in much of the world one ISP has a quasi-mon

Re: For RMAIL in EMACS how do you setup a file of the spam messages?...

On 3 Mar 2008, [EMAIL PROTECTED] uttered the following: >>>>>> "Nix" == Nix <[EMAIL PROTECTED]> writes: [...] > and so on for a long time; recogmises mailing list, odd friends etc > etc. If it is of any use just mail me. I have run this for most of >

Re: SA Score -> Confidence Percentage

On Wed, 26 Jul 2006, [EMAIL PROTECTED] yowled: > My impression is that the perceptron tries to cluster scores NEAR 5.0 > with as much spam as possible over 5.0 and as little ham as possible > over 5.0. Well, it doesn't *try* to cluster, but since it'll keep tweaking until as many FPs and FNs as po

Re: Text::Wrap errors in log file

On Mon, 31 Jul 2006, Steve Martin prattled cheerily: > I'm seeing lots of errors like the following recently... > > spamd[945]: (?:(?<=[\s,]))* matches null string many times in regex; marked > by <-- HERE in m/\G(?:(?<=[\s,]))* <-- HERE \Z/ at > /System/ Library/Perl/5.8.6/Text/Wrap.pm line 46.

Re: postini.com

On Mon, 31 Jul 2006, negativescore gibbered uncontrollably: > Find a floppy disk. Format it. Move cpanel over to the floppy disk. > Remove the floppy disk from the system. Wrap the floppy in alternating > layers of foil, lead is best, and parafin until it is about 6" thick. > Save it until the n

Re: How do I assign a negative score to BAYES_00 ?

On Mon, 31 Jul 2006, [EMAIL PROTECTED] murmured woefully: > Find a floppy disk. Format it. Move cpanel over to the floppy disk. > Remove the floppy disk from the system. Wrap the floppy in alternating > layers of foil, lead is best, and parafin until it is about 6" thick. > Save it until the next f

Re: postini.com

On Tue, 1 Aug 2006, [EMAIL PROTECTED] stipulated: > From: "Nix" <[EMAIL PROTECTED]> > >> On Mon, 31 Jul 2006, negativescore gibbered uncontrollably: >>> Find a floppy disk. Format it. Move cpanel over to the floppy disk. Remove >>> the f

Re: merges bayes DB???

On Thu, 23 Jun 2005, Loren Wilton spake: > Also from almost complete ignorance: it seems unlikely since 3.0. > Previously the bayes database had the actual tokens and counts in it. Since > 3.0 the database has a hash of the token. I don't konw that the hashes from > two different systems would en

Re: Not delivering Spam with Procmail

On Tue, 9 Aug 2005, Joe Borg said: > Its easier not to try to count asterisks... > Sample procmailrc portion >:0 > * ^X-Spam-Status:.*score=[1-9][0-9] > { > >:0 > /dev/null > } > -end sample Agreed, but you don't have to use regexps for the counting job either. I use somet

Re: When is Bulk "Bulk"

On Tue, 09 Aug 2005, Justin Mason said: > BTW, before we go too far down this rabbit-hole, everyone please note > that actually, the SpamAssassin project *does* have its own definition > of spam: that being Unsolicited Bulk Email. There was a wonderful old post on news.admin.net-abuse.misc (messag

Re: Is there a UNIX socket test client program (a la NetCat)?

On Wed, 10 Aug 2005, Herb Martin wrote: > Is there a UNIX socket test client program (a la NetCat)? > > I need to test a variety of UNIX (not IP/INET) socket daemons for both > syntax and "are you running". > > Is there a program that can read-write to an arbitrary Unix-type socket in a > manner

Re: OK, got one for you experts

On Wed, 31 Aug 2005, [EMAIL PROTECTED] spake: > Backwards speak randomly not I do well, either. I perl inaccessible > find. It's Forth where you have to learn to speak backwards, not Perl. :) -- `... published last year in a limited edition... In one of the great tragedies of publishing, it was

Re: Very simple user query...

On Mon, 12 Sep 2005, Steve whispered secretively: > Genius answer! For some reason it had completely escaped my notice > that all of the spams missed by SA over the past month had a > uk.geocities.com address! I've opted for a score of 4 for any mail > mentioning a uk.geocities.com URL - which is

Re: DCC and spamassassin -r

On Sun, 18 Sep 2005, Graham Murray stipulated: > The DCC checkers, dccproc and dccifd, not only check the mail but also > increment the 'bulkiness' counts at the server. Spamassassin and spamd > use one of these (if dcc checking is enabled) when scoring the > mail. So is it correct for spamassassin

Re: Drug e-mail obfuscated with

On Tue, 20 Sep 2005, Kenneth Porter murmured woefully: > --On Monday, September 19, 2005 10:35 PM -0700 Loren Wilton <[EMAIL > PROTECTED]> wrote: > >>> Ie a test for >>> lots of divs that have been floated left and contain lots of breaks? >> >> Really bad thing to test for. FPs all over the plac

Re: Prefork efficiency

On Fri, 23 Sep 2005, Lefteris Tsintjelis wrote: > I see a lot of forking ever since I switched to 3.1. Is there a > way to tell the maximum and the average number of forks reached? I'm afraid I don't know what `the maximum and the average number of forks reached' means. Maxima and minima are set b

Re: SA tags above header info

On Sat, 1 Oct 2005, [EMAIL PROTECTED] stated: > Which begs the question I don't remember anybody asking: "What the > is "DomainKeys" and why should it experience a special > exception to sane ordering if header information with time of > application ordered message tags? It's a scheme whereby the

Re: Explosion in uk.geocities.com spam

On Sat, 8 Oct 2005, Loren Wilton murmured woefully: >> They use html and tables very smart, thus avoiding Bayes rules. >> Basically it is an invisible tables, using one row and several columns. >> The first column contains the first letter of every line, separated by >> "" and optionally some style

Re: Using spam tools for viruses

On Mon, 24 Oct 2005, [EMAIL PROTECTED] whispered secretively: > I'm not sure what the SA folks think about this now a days. A while > back, they removed the checks for MS executables as being spam > indicators even though the test actually is a very good indicator of > spam. That's because it did

Re: [EMAIL PROTECTED]: Mail delivery failed: returning message to sender]

On Sun, 30 Oct 2005, Michael Monnerie moaned: > On Sonntag, 30. Oktober 2005 08:38 [EMAIL PROTECTED] wrote: >> This domain is not a dialup and is a static IP address, and >> completely traceable to me. It has also never been involved in >> sending spam. If the anti-spam community start misbehavin

Re: What Optional Rules do I really need?

On Fri, 2 Dec 2005, Rob Skedgell announced authoritatively: > At the moment I have to use a condition in an Exim ACL to exclude > HTML.Phishing.* "malware" from being discarded so that it can be > filtered an reported. Indeed. You can do the same sort of thing if running sendmail and the clamav

Re: X-Spam headers placement issue

On Tue, 6 Dec 2005, [EMAIL PROTECTED] stipulated: > Don't bother to try to report spam with that header placement if you > expect outfits that use DCC to respond. Placing the headers at the > bottom that way will screw up the DCC hash they can use to identify > the message details as "truth". AIUI

Re: Compiling re2c with gcc 2.95

On 2 Apr 2009, Mark uttered the following: > Has anyone been able to compile re2c with a gcc 2.95 compiler? I have a > gcc43 also, but Perl was compiled with 2.95, so the Rule2XSBody stuff > needs to be compiled with 2.95, too, right? Not really, no. The C ABI doesn't change much (or at all), cer

Re: RFC's suck

On 30 Mar 2009, Kenneth Porter spake thusly: >> It's a good overview of how broken the RFCs are, with an extra helping >> of zombie humour on top. Worth a look if you have an hour to spare, >> though some of the slides are a bit blurry. s/a bit blurry/completely unreadable/ Are the slides themse

Re: RFC's suck

On 3 Apr 2009, n...@esperi.org.uk stated: > (Worst *video* of a talk, from the POV of actual videoing, that I've > ever seen. Almost solid black screen plus encoding artifacts. Focus on > the screen, ye gods!) I hasten to point out (a little late) that the talk itself was excellent and hiliarious,

Re: OT: Nehelam's New HT ability....

On 1 Aug 2009, Linda Walsh stated: > > > Per Jessen wrote: >> Not sure about that - AFAICT, it's exactly the same technology. (I >> haven't done in exhaustive tests though). > > > Supposedly 'Very' different (I hope)... Oh yes. I have a P4 here (2GHz Northwood), and two Nehalems (one

Re: OT: Nehelam's New HT ability.... and ability to handle spamd high load (preheating cache?)

[This is really OT for spamassassin, isn't it? Should we take it off-list?] On 8 Aug 2009, Linda Walsh spake thusly: > That's w/8 hard disks inside (though not under load...just spinning). OK, you've out-RAIDed me. > Seems to be no way on my machine (Dell is so limiting sometimes), to > turn of

Re: OT: Nehelam's New HT ability....

On 8 Aug 2009, Per Jessen told this: > Nix wrote: >> On 1 Aug 2009, Linda Walsh stated: >> >>> Per Jessen wrote: >>>> Not sure about that - AFAICT, it's exactly the same technology. (I >>>> haven't done in exhaustive tests though). >>

Re: KHOP_NO_FULL_NAME

On 18 Oct 2009, Henrik K. said: > On Sat, Oct 17, 2009 at 07:22:19PM -0400, Adam Katz wrote: >> Keep in mind that this rule is only worth 0.259. > > Sorry but it's not worth that either.. it's not just "people" who send mail > and even people have nicknames and whatever in their name fields. Inde

Re: Around the web what particular link explains the ins and outs specifically about the asterisks used in the headers?...

On 19 May 2008, Theo Van Dinter said: [Don talking about `asterisks'] > What are you talking about? I *think* he's talking about default score thresholds. -- `If you are having a "ua luea luea le ua le" kind of day, I can only assume that you are doing no work due [to] incapacitating nausea ca

Re: can we make AWL ignore mail from self to self?

On 21 May 2008, Jo Rhett stated: > On May 20, 2008, at 1:07 PM, Justin Mason wrote: >>> 2. How can I easily see the AWL database for a given destination >>> address? >> >> tools/check_whitelist > > Where can I find this? It's not in the Mail-SpamAssassin tarfile... It's in SVN. -- `If you are

Re: Handy script for generating /etc/resolv.conf

On 28 Aug 2008, Marc Perkel told this: > Here's something I threw together to make sure the /etc/resolv.conf > points to a working nameserver. I run this once a minute. How do you arrange that all the existing programs that have already sucked in resolv.conf note the change? They're generally not

Re: Handy script for generating /etc/resolv.conf

On 31 Aug 2008, Giampaolo Tomassoni stated: >> How do you arrange that all the existing programs that have already >> sucked in resolv.conf note the change? They're generally not going to >> unless you restart them: nothing polls resolv.conf looking for changes >> to it as far as I know, that woul

Re: Handy script for generating /etc/resolv.conf

On 31 Aug 2008, Giampaolo Tomassoni outgrape: > Uff! > > Stock glibc v.2.6.1, source file resolv/res_libc.c, line#167: > > if (stat (_PATH_RESCONF, &statbuf) == 0 && last_mtime != > statbuf.st_mtime) { > > _PATH_RESCONF is /etc/resolv.conf; last_mtime is the last modify time (the > previous

Re: R: R: R: Relay Checker Plugin (code review please?)

On 1 Nov 2006, Andreas Pettersson stated: > Steven Dickenson wrote: >> I can't agree with this. Many small businesses in the US get just these >> kind of static connections from broadband ISPs. >> Comcast, for example, has all of their static customers using rDNS that >> would fail your test

Re: R: Relay Checker Plugin (code review please?)

On 31 Oct 2006, John Rudd verbalised: > And, while I may be a little unyielding wrt to people whose ISPs are > like Telecom Italia, I'm not unsympathetic. I think, in this case, if > Italy did get mass quarantined by the rest of the world, it might > cause enough of an uproar to force Telecom Ital

Re: RelayChecker 0.3

On 17 Nov 2006, Michael Alan Dorman outgrape: > I lowered the score from 6 to 4.5, though, and it's continued to be > effective, while letting those emails through. 6 is an insane score for *any* rule, IMNSHO. -- `The main high-level difference between Emacs and (say) UNIX, Windows, or BeOS...

  1   2   >