Tom Bombadil wrote:
This is not really on-topic for the SA list, but what clamav support are you
missing?
Sorry... I guess I didn't explain myself properly. I don't want to go
off topic talking about exim, but basically clamav failover/load balance
is the problem. We already do what you s
Jonathan Armitage wrote:
Tom Bombadil wrote:
Thanks for the response Loren, but unfortunately, as far as I know we
can specify the "spamd" directive just once in exim.
I realise we're getting OT here, but there are at least two ways to call
SA from Exim, the built-in hook which you are using
Long time lurker… sometimes poster:
The marketplace of ideas is a century old concept that goes back to the days of
landmark U.S.S.C. First Amendment cases, and it is the “marketplace”’s duty to
weed out bad ideas (such like SpamAssassin is doing).
But again, SpamAssassin isn’t infringing on a
mistake and have) but half of me thinks both of these were on purpose
for the purpose of the lint fail thread... So, way to go Benny! 😊
Enjoy your day.
I love SA!!! Thank You everyone for your posts, help, and contributions to the
community!
Long time lurker... sometimes poster,
Steven
client).
Let me know if you are interested in hearing more offline.
P.S. I am mostly a lurker to this forum... until someone brings up the
word Exchange. :)
Steven
-Original Message-
From: Axb [mailto:axb.li...@gmail.com]
Sent: Wednesday, February 13, 2013 1:17 AM
To: users
On Wed, 13 Oct 2004 09:33:06 -0500, Chris Frederick <[EMAIL PROTECTED]> wrote:
>Hello everyone,
>
>I was wondering if SA had a rule or score that you could define a
>specific word to look for. I don't get a lot of spam mail and SA has
>been working well so far, but I've been getting a few loan
On Mon, 18 Oct 2004 15:09:11 -0400, Payal Rathod <[EMAIL PROTECTED]>
wrote:
>But that means again I have scan mailboxes manually for false positives
>or false negatives.
>
I have two mailboxes, "should-be-ham" and "should-be-spam" that are processed
by a cron job at noon and midnight. I just f
I've set up the SPF TXT record for my domain, although I'm not quite sure it's
correct or acceptable to SA 3 because I have to pass my outgoing mail through
Earthlink as a smarthost. I'd like to send a email to a few of you checking
SPF to see what result you get.
Please reply directly to me and
On Mon, 18 Oct 2004 17:02:11 -0400, Matt Kettler <[EMAIL PROTECTED]> wrote:
>Why ask any of us, look at the headers of your message on the list:
>
>Received-SPF: pass (hermes.apache.org: domain of
>[EMAIL PROTECTED] designates 207.217.120.253 as permitted sender)
D'oh!
Thank you for pointing o
I just upgraded sa from 2.64 to 3.0 via the .tar file from the spamassassin
site.
I've cleaned up the world, but get the following in my headers:
X-Spam-Status: NO, hits=-3.7 required=5.0 tests=AWL,BAYES_00
autolearn=unavailable version=3.0.0
autolearn was working before. What do I ne
What's the best way to clear the name of an important web site?
Why are these RBLs listing redhat.com?
Content analysis details: (8.3 points, 5.0 required)
pts rule name description
-- --
-2.6 BAYES_00
On Sat, 13 Nov 2004 18:11:11 -0800, Jeff Chan <[EMAIL PROTECTED]> wrote:
>However redhat.com is not on any SURBLs. Perhaps we should ask
>you to give some debugging info to the developers?
I'd be happy to. What information is relevant?
Using SA 3.0.1 on FC3 with no additional rulesets added.
-
who can tell me what the sa-learn learnt, and how to see what the
sa-learn learnt.
thanx
--
StevenPan
On Sat, 11 Dec 2004 06:39:38 -0500, "Steve Dondley" <[EMAIL PROTECTED]> wrote:
>I'm trying to train SpamAssassin. I've set up two mailboxes on my server.
>One for spam and one for non-spam. I'm trying to figure out how to deliver
>mail there from my client (Outlook 2000).
>
>There is some advice
I'm trying greylisting as a way of reducing spam.
By themselves, both milter-greylist and spamass-milter work OK. When I
combine them, spamass-milter dies with the error "cmd read returned 0
expecting 5"
It seems that the problem is with the milter macros required by
milter-greylist. If they def
I'm trying greylisting as a way of reducing spam.
By themselves, both milter-greylist and spamass-milter work OK. When I
combine them, spamass-milter dies with the error "cmd read returned 0
expecting 5"
It seems that the problem is with the milter macros required by
milter-greylist. If they def
On Sat, 18 Dec 2004 13:18:20 -0600, "Thomas Cameron"
<[EMAIL PROTECTED]> wrote:
>
>Here is what I have in mine (each line separated by a newline for clarity):
>
>dnl Milter-Greylist
>INPUT_MAIL_FILTER(`greylist',`S=local:/var/milter-greylist/milter-greylist.sock')dnl
>define(`confMILTER_MACROS_HE
For reasons unknown, the list keeps sending out copies of my earlier message,
"Spamassassin, greylist, and sendmail". I'm not sending them.
I'll double check my system, but if there's a sysadmin for this out there, can
you take a look at this? Please reply privately, not on the list. Thanks.
--
I'm updating an SA installing on a machine using qmail packages. It appears
that the "report_safe" settings (and many other rewrites) are ignored by
qmail_scanner. So far, I've been told "read the documentation". Aargh. Been
doing that! If only it were obvious.
Anyhow, does anyone here use RE
On Mon, 03 Jan 2005 12:53:21 -0800, Evan Platt <[EMAIL PROTECTED]>
wrote:
>At 12:49 PM 1/3/2005, you wrote:
>>I know that it's generally frowned upon to actually "block" SPAMs (as
>>opposed to marking them as SPAM and letting the user decide) but my
>>company has some instances where we get things
On Mon, 3 Jan 2005 16:45:41 -0500, "Gustafson, Tim" <[EMAIL PROTECTED]> wrote:
>Thanks for all the help everyone. I guess the real question for me is
>"how do I make spamass-milter block e-mails of a certain score", because
>that's how I integrate SpamAssassin into Sendmail.
>
>Thanks again!
>
T
On Mon, 03 Jan 2005 13:47:44 -0800, [EMAIL PROTECTED] wrote:
>By the way, we reject messages that score above 10 with a 550. We found
>that almost 95% of spam scores over 10, and almost zero ham scores above
>five. Messages scoring between 5 and 10 are accepted, tagged, and
>relayed to their reci
I'm looking for an RPM for spamass-milter for Fedora Core 3 (or a source RPM)
built from the version that can use the "-r" parameter with SA 3.x. The files
I can find at Dag and Crashhat don't have this fix included.
(If I have to, I'll figure out how to use CVS and build from source, but maybe
o
I have been lurking for a while and finally come up for air. I recently
upgraded to 3.0.2, added appropriate rulesemporium.com rulesets (removed the
old 2.6X rules), and modified some scores for our clients. We are still
getting a ton (100-150) investor/stock spams a day. Just checking to see
Thanks to all and I will be looking into the rules that were provided. I do
use network tests but they were not hitting the stock spams. I will let you
know how it goes and if I make any changes to be more effectivenesser. That's
a word, right? ;-)
Thanks again,
Steve
On Sun, 30 Jan 2005 22:57:52 -0500, EB <[EMAIL PROTECTED]> wrote:
>I got
>ps aux |grep milter
>root 2083 0.0 0.2 65904 984 ?Sl 22:52 0:00 spamass-milter
>-p
> /var/run/spamass.sock -f -m -r 15
>root 2910 0.0 0.1 5408 660 pts/0R+ 22:54 0:00 grep milter
>
>Do y
After many suggestions from this group, I have come up with the following rule.
It works great!!!
headerSR_SUB_STOCKS Subject =~
/0[tT[cC]|[pP]erf0rmance|[fF]r0[mM]|[wW]a\|\||[aA]\|ert|[gG]r0wth|[pP]\|ay|[yY]0[uU]|[sS]tOck|[sS]t0ck|[iI]nvest0r|[iI]nvestOr|[pP]OwerhOuse|[pP]0ssib\|e|[
ed: from [66.167.178.157] by web90102.mail.scd.yahoo.com via HTTP; Tue,
15 Feb 2005 04:57:49 PST
Date: Tue, 15 Feb 2005 04:57:49 -0800 (PST)
From: Steven Stern <[EMAIL PROTECTED]>
Subject: test from yahoo
To: [EMAIL PROTECTED]
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Greyli
Matt wrote:
Hi,
Is there any kind of plugin or patch for spamassassin that will allow
me to selectively turn on GREYLISTing for certain user accounts?
When I say greylist I mean: All e-mail coming into them is bounced
with a temporary error the first time, and then accepted the second
time. If a
Matt wrote:
What do I have to do to get spamassassin to use a global bayes
database for all users on the system, rather then per user?
http://wiki.apache.org/spamassassin/SiteWideBayesSetup
Steven
--
Steven Dickenson <[EMAIL PROTECTED]>
http://www.mrchuckles.net
Matt wrote:
Steven,
I run qmail in my environment but have used sendmail in the past...
can sendmail happily handle 500,000 messages a day? Say if I were to
JUST pass them through and send them on to my qmail server?
On Wed, 02 Mar 2005 07:34:46 -0600, Steven Stern
<[EMAIL PROTECTED]> wrote
jdow wrote:
From: "Steven Stern" <[EMAIL PROTECTED]>
Please keep replies on the list.
In my former job, we ran 50,000 messages/day through sendmail on a sparc
20. It chugged a little, but it handled it. I think a decent Xeon box
with a decent amount of memory could easily handle
Jon McGreevy wrote:
Tried both of those and not successful, anymore ideas
Why are you processing outgoing mail? How are you calling SpamAssassin?
I would look at bypassing SA for outgoing mail.
Steven
mw wrote:
What should I do in order to see mail with the header autolearn=spam ?
I've prepared script which makes my own spams and sends them to my mail
server.
This server is placed in local net, not in Internet because I'm only testing
SpamAssassin.
I've sent more than 500 spams, but I didn't see
wiki.apache.org/spamassassin/AutolearningNotWorking
Steven
--
Steven Dickenson <[EMAIL PROTECTED]>
http://www.mrchuckles.net
My SPF record was working, but is now failing for this list. So, it
seems that SPF checking has ratcheted up a notch. I've deleted my SPF
txt record in order to send this.
Anyhow...
The record was
"v=spf1 a mx ptr include:earthlink.net ~all"
I smarthost my mail through smtpauth.earthlink.net. The
Earthlink seems to have updated their spf TXT record. Let's see if
apache will accept it.
--
Steve
Steven Stern wrote:
Earthlink seems to have updated their spf TXT record. Let's see if
apache will accept it.
Good news. There's still an issue with the "ip:..." part of the record,
but the server now does a soft fail.
--
Steve
rains them. It's not a perfect system, as
users have to figure out how to drag and drop the messages into the
public folder, plus Exchange will strip some headers out and add some of
its own when you access a message through IMAP, but its better than nothing.
Steven
--
Steven Dickenson &l
th: <[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
X-OriginalArrivalTime: 27 Mar 2005 17:53:57.0443 (UTC)
FILETIME=[F2F4C130:01C532F5]
Date: 27 Mar 2005 10:53:57 -0700
Received: from localhost by homeexch2.manross.net
with SpamAssassin (version 3.0.2);
Sun, 27 Mar 2005
t all).
:(
Steven
-Original Message-
From: Matthew Lenz [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 30, 2005 3:02 PM
To: Spamassassin Users
Subject: Re: my girlfriend is getting ticked :)
On Wed, 2005-03-30 at 16:45 -0500, Tim Donahue wrote:
> On Wed, 2005-03-30 at 15:27 -0600, Matt
score in v3 than it did in v2. My users started bitching
after the upgrade the 3 because all the sudden spam was starting to get
through. Tweaking up the bayes scores a bit helped significantly.
Steven
ences (@array = split(...)) from the code below.
It seems odd that it would only mess up on the real mail, but it's fixed
now so I won't worry about such trivialities. :)
Thanks for the continuing great work on the Module, Rulesets, and last
but not least, documentation.
Steven
-O
We're using spamass-milter with "-r 10". Does this reject the message
(causing Sendmail to send a reject) or just discard it? If it's a
reject, how can I change it to a discard?
I'm asking because I'm seeing stuff in our outgoing mail queue that
looks like reject messages.
--
Steve
Todd Lyons wrote:
Steven Stern wanted us to know:
We're using spamass-milter with "-r 10". Does this reject the message
(causing Sendmail to send a reject) or just discard it? If it's a
reject, how can I change it to a discard?
It rejects it at the SMTP level before send
Rakesh wrote:
Content preview: Seems Spammers have found a way to evade the URI
checks the domain coolestrxever.com is listed in multi.surbl.org. But
the spammers managed to to evade the URI checks by appending special
charaters at the end of the url which are happily allowed by the
br
nks,
Steven
-Original Message-
From: Michael Parker [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 12, 2005 10:11 AM
To: users@spamassassin.apache.org
Subject: Re: SQL Question
On Thu, May 12, 2005 at 05:47:26PM +0100, Alan Munday wrote:
>
> Thanks, though I can't seem to find
Friday, May 13, 2005 8:57 AM
To: Steven Manross
Cc: users@spamassassin.apache.org
Subject: Re: SQL Question
On Fri, May 13, 2005 at 08:35:08AM -0700, Steven Manross wrote:
> On that same note,
>
> I was playing around with BAYES on a MS SQL Server...
> (I followed the directions in the r
scenario.
I'll play with it more (work on some possible solutions and report
back).
Coincidentally, if you have the code (mysql or otherwise) for RPAD, I
could just look at it and mangle for MS SQL to see if it helps/works.
Thanks again.
Steven
-Original Message-
From: Michael P
even in the docs? Through bugzilla?
Thanks to all involved in SA.. I've been using SA for a couple years
now, and it's a truly remarkable piece of work!
Thanks,
Steven
bayes_mssql.sql
Description: bayes_mssql.sql
David B Funk wrote:
Tonight our site is being bombarded by German political spam or
Joe-jobbed bounce fall-out. So far it appears to all be coming
from trojaned PCs. Other than the specific URLs in the messages
havn't found any easily identified parts to create rules for.
anybody else seeing this?
Along those same lines, is the message limit of 250K with or without
attachments?
Steven
-Original Message-
From: Matt Kettler [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 19, 2005 3:56 PM
To: Jim Maul
Cc: Ingo Reinhart; users@spamassassin.apache.org
Subject: Re: sa-learn and big
.log);
(I end up getting a 0-length file, and yes, debug = 1)..
I find it odd that MS would not give my access to STDERR, but it looks
to be the case. :(
Steven
Thanks for the response.
Well, I am calling the SA classes directly as perl via "PerlScript"...
Similar to VB and how an ASP page is called from IIS (but by
perlse.dll).
EX:
use Mail::SpamAssassin;
Etc, etc.
Namely, the SMTP Exchange interface ('Simple Mail Transfer Protocol'
service) allow
Thanks Justin. I'll try that later.
Steven
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Monday, May 23, 2005 12:05 AM
To: Steven Manross
Cc: Loren Wilton; users@spamassassin.apache.org
Subject: Re: debug and STDERR
-BEGIN PGP SIGNED ME
Yes, BAYES is an integral part of SA!
It's like a constantly changing rule (without the need to tweak the rule
ever so slightly for nuances in the "new" mail.
There are mails that don't trip any standard rules, but are caught by
bayes alone.
Steven
-Original Message---
Eric A. Hall wrote:
Every filtering system requires admin time, and if the reviews don't say
as much then they're junk.
There is a critical difference with SA, however, which is that the admins
need to be proficient at stuff like CPAN, Perl, etc., while some of the
packaged offerings provide si
Martyn Drake wrote:
Ironically, after many years of faithful Linux use we're going down the
Exchange route and mail handling to be given over to another department.
I doubt we'll see a SA Linux box there. Oh well. I'm used to
disapointments over the years, so it wasn't too much of a surprise
Craig Jackson wrote:
I'd like to turn off AWL. I remember there used to be a switch in SA to
do this but it's not there any more. I start spamd with -x -L
It was moved to the configuration files in v3. Put
use_auto_whitelist 0
in your local.cf.
- S
Ronan McGlue wrote:
I like a lot of you regularly get SA list traffic being diverted to the
junk folder.. mydomain.com as a main focus in our examples...
but in the local.cf file i have the following
whitelist_from [EMAIL PROTECTED] [EMAIL PROTECTED] *.apache.org *.exim.org
Use whitelist_to.
[EMAIL PROTECTED] wrote:
Bingo. I have a similar setup in place (s/postfix/sendmail/) and I
don't have my Exchange box listed as an MX at all. I also have port
25 to the Exchange box firewalled off at the router to avoid
portscanning.
Not a good idea, IMHO. What happens if your SA gateway go
Matthew S. Cramer wrote:
If an email is from <> or then I check the mail for a
line that looks like /^Received.*one.of.our.ip.addresses/. If it
doesn't have the line, then I reject the mail with a 554 and "Bounced
message did not originate here."
This has eliminated all the bogus bounces of sp
Justin Mason wrote:
It appears that Exiscan has now become part of Exim by default,
and it also appears that (at least in the default exiscan patch)
it doesn't modify the config files directly to add itself to
the MTA's flow.
This is correct. The shipped configuration file doesn't include any
Craig Jackson wrote:
Is there a possibility that in default Exim setups, or default
OS-specific Exim packages, the exiscan config lines are being
inserted *without* the required message size limits, thereby
allowing massive emails to be scanned by SpamAssassin? that
would inflate scanner sizes n
Kirk D Bailey General Mismanager wrote:
I want to use spamassassin with sendmail. Maybe it's buried on the
website, but I am not finding instructions on how to use it with
sendmail MTA. Can anyone point me at the procedure to do this?
Spamass-milter. It sits between Sendmail and spamd and does
Kevin Peuhkurinen wrote:
I've noticed recently in my MTA logs a growing trend of attempts to send
email to numbered email addresses, such as:
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
Anyone have any ideas why spammers would be
Kevin Peuhkurinen wrote:
Steven Stern wrote:
I got a similar bunch of messages (approx 250) between 6:05 and 6:15
CDT, from about 10 unique IP addresses, yesterday and today, but on only
one of my 3 MX servers.
Interesting. For me, they started May 28th at almost exactly noon
EDT.I&#
Jeffrey N. Miller wrote:
I want to use Spamassassin with MIMEDefang and Sendmail as a SMTP
Gateway. Can you use spamd/spamc with this method or does it just
invoke the script method? Also, what is the best way to train
spamassassin if I have a SPAM dump in MSExchange public folders? Or is
t
[EMAIL PROTECTED] wrote:
can i whitelisting a host?
If yes, how can i do this ?
This is probably better done in your MTA or Procmail file, but something
like this should suffice.
whitelist_from_rcvd [EMAIL PROTECTED] host.tld
Replace host.tld with the actual hostname of the server you wish
Vadym Chepkov wrote:
I have read ResendingMailWithHeaders document and I couldn't find is there a
plug-in available for
Outlook so you can provide a feedback to Bayes just by pressing 'Spam' or 'Ham'
buttons? Thank
you.
Nothing I've found yet.
This page comes close:
http://www.peculiarities.
I'd be happy to beta that one.. :)
Steven
I've got something like that in the works. :)
Hopefully I can get a beta release put out soon, management has OK'ed us
to release
it as GPL software, so I need to do a little documentation and get my
dev to clean
up a few errors and
Peter Guhl wrote:
Well, still... somehow I don't get why the software is running as spamd
and tries to write into /root. I wouldn't say anything if the sofware
inwvolved wasn't designed to cooperate (spamd, spamass-milter). But -
well, it works now.
Whatever is calling spamc (or interfacing wit
Ronan McGlue wrote:
This is because SA doesn't use the system resolver, it uses Net::DNS's
resolver. This gives SA a lot of control over queries, but doesn't
take advantage of things like /etc/hosts, and only uses your primary DNS.
ahhh ok
anyway i can hack it??
*go
Alejandro Lengua wrote:
I am installing a new email server with spamassin included,
but I would like to extract the database I have created
in my old spamassassin bayes database and copy it
to the new installation.
Is this possible?, what is the easier way to do this?
Of course both SA intalla
Matt Kettler wrote:
qmail-scanner may have many positive attributes, but flexible control of
scanning is not one of them.
I don't think it's so much their problem, as it is a general limitation
of SMTP-time rejection. Since a single message could be intended for
multiple recipients (and thus
Ben O'Hara wrote:
Anyways, Ive installed SpamAssassin and ClamAV on a dedicated *nix box
with exim which works great for filtering the mail...however, id
rather deliver ALL mail onto exchange and have "spam" messages moved
into a "SPAM" Folder within the users Private Information Store.
You can
a somewhat
low-level MAPI tool like Outlook SPY.
Steven
-Original Message-
From: Ben O'Hara [mailto:[EMAIL PROTECTED]
Sent: Friday, June 10, 2005 7:50 AM
To: Kang, Joseph S.
Cc: users@spamassassin.apache.org
Subject: Re: SA and Exchange 5.5
On 6/10/05, Kang, Joseph S. <[EMAI
James Bucanek wrote:
Greetings, As you can see, the Bayes filter has nailed it as spam,
but it still only gets a score of 3.6.
Bayes scores are really quite low in SA v3 - 3.0.2. You may want to
upgrade to 3.0.3 to get the newer Bayes scores, or revert to the v2.6x
scores in your local.cf.
Peter Guhl wrote:
Sendmail, Spamass-Milter.
After installing spamass-milter it is set to run as root but it has a
security fallback; it doesn't use root all the time. Maybe that's
causing this behaviour that it writes into /root/.spamassassin but using
the user "spamd".
Likely so. I would set
Jim Schueler wrote:
My users have been getting particularly insidious emails containing a
windows virus that purports to come from the system administrator.
[snip]
I would expect this test would be part of the distributed SpamAssassin
configuration files. Can anybody recommend an approach
Ron McKeating wrote:
I notice this upgraded itself yesterday, today I notice I am getting the
following error.
The following rules had 404 (not found) errors:
SARE Adult Content Ruleset not found (404) at
http://67.67.32.202/rules/70_sare_adult.cf
SARE HEADER Ruleset 2 for SpamAssassin not found
On a brand new RHEL4 installation, I've having problems with Net::DNS:
debug: is Net::DNS::Resolver available? yes
debug: Net::DNS version: 0.51
debug: trying (3) apache.org...
debug: looking up NS for 'apache.org'
debug: NS lookup of apache.org failed horribly => Perhaps your
resolv.conf isn't
s it
over to the public folder (headers in tact) and you can get to it
without problem from there as well.
Steven
-Original Message-
From: Jon Dossey [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 21, 2005 12:10 PM
To: users@spamassassin.apache.org
Subject: Exchange/Outlook - how do you l
Igor Chudov wrote:
> I am considering a local deal related to hosting by Comcast cable
> (8mbps down, 1 mbps up).
>
> I am concerned, however, with me sending email and being on comcast IP
> range, due to bad rap that Comcast has due to spamming by Comcast
> hosted zombies.
>
> Do you think that m
Sorry for jumping in late to this thread.. But, I currently run SA3.18
with a similar yet different Exchange Sink and have no such problems as
the original poster.
Steven
> -Original Message-
> From: Loren Wilton [mailto:[EMAIL PROTECTED]
> Sent: Monday, August 13, 2007 5:2
, I currently run
> > SA3.18 with a similar yet different Exchange Sink and have no such
> > problems as the original poster.
>
> > Steven
>
> So which sink do you use? Maybe he should use it instead?
>
> Loren
>
I created it myself.. There's d
sing 3.17.
There could be a bug in 3.19 still, but I don't have time to validate
that possibility. Maybe the poster's problem was just an install
issue(that's what I am leaning towards). Anyways, he is happy and
filtering spam!
FYI to all.
Steven
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 08/15/2007 10:11 PM, Marc Perkel wrote:
> As opposed to preprocessing before using SA to reduce the load. (ie.
> using blacklist and whitelist before SA)
>
>
We do, except for virus processing through clamav.
- --
Steve
-BEGIN PGP SIGNATUR
Marc Perkel wrote:
OK - it's interesting that of all of you who responded this is the
only person who is doing it right. I have to say that I'm somewhat
surprised that so few people are preprocessing their email to reduce
the SA load. As we all know SA is very processor and memory expensive.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 08/16/2007 10:43 AM, Matt wrote:
>> I'm on Comcast and am having no problems. I set the smarthost for
>> sendmail to "smtp.comcast.net" and, at least so far, have not triggered
>> anything that would block incoming or outgoing mail. All mail from
I had great results from grey-listing but my users didn't like
having to wait 30-60-90 minutes for mail, and I understand that. When
you're on the phone with someone and they say "Just sent it," they
expect you to have it in a matter of seconds. As I'm often in that
positition, I had to sup
I don't know, but botnet hits a significant amount
of legitimate email here, regardless of how badly configured the sending
servers are.
I set botnet to score two, and I flag as spam at four. Every time I've
had a false positive botnet hit, other rules have been enough to keep
the score bel
If you have one MX and you create a fake low MX and a fake high MX (or
many fake high MX) about 75% to 95% of your spam goes away. It's that
simple.
How do you deal with the false-positives, legit servers that are blocked
by this configuration?
There aren't any false positives. That
mfahey wrote:
SpamAssassin-3.2.0
Freebsd6.2
The file bayes_seen has grown in size to 256GB! (274992939008)
How do I cap the size limit of this file? I want to have it not grow larger
then say 800mb at the most!
Thanks.
You can 'rm' the file or use MySQL for your backend and write a
mainte
We get many, many emails from a "Robert Sexton" who claims he'll do
wonders with search engine placement. As fast as I add an address to
the blacklist, he comes in with another. For example, from the AWL
tables on one of our MX servers:
+--+-+-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 10/02/2007 11:06 AM, Theo Van Dinter wrote:
> On Tue, Oct 02, 2007 at 10:58:26AM -0500, Steven Stern wrote:
>> We get many, many emails from a "Robert Sexton" who claims he'll do
>> wonders with search engine p
Or think of it as a way of SA saying "when I get twelve spams of
score 10+ from ip 208.23.118.172...I will feed the auto-expiring RBL,
which *SENDMAIL* works off of, thus keeping my *SPAMASSASSIN* load
lower. Thus a spam deluge via a dictionary attack that may take hours
is mitigated in the c
Parsing the SA logs would be easy, but the connecting IP isn't listed
there.
As I mentioned, I'm parsing exim's logs. It contains the spam score and
the IP address.
My question is - Does spamassassin scan the mail for each recipient? or
does it scan only once? If it is the later I would not expect
spamassassin to fall over each time one of these mailouts is sent.
Is this due to it being in the acl of exim? does anyone have any advice
on how to avoid this?
I
Philip Prindeville wrote:
Between the truly clueless administrator, and those that feign
ignorance to cover up their implicit approval of spammers...
What do you do in the case where someone is filtering deliveries to
their "abuse" mailbox? (Like 99% of mail sent there isn't going to
score p
1 - 100 of 378 matches
Mail list logo
