Hi,
I've been looking at doing the Sitewide Bayes and
Sitewide Bayes Feedback. My mail server averages a KNOWN spam
every 2 seconds, so I'd like to feed it to a site wide database.
THEN, would like to score mail completely by the users private
one, but then RESCORE it against the site one.
> Tuc at T-B-O-H wrote:
> >> That's as much detail as I'm going to go into here. But the result is
> >> that I have 720,000 IP addresses of virus infected computers and I'm
> >> fiultering about 1600 domains and I'm not getting any more than the
> >> normal few false positive complaints. And tho
>
> Tuc at T-B-O-H.NET wrote:
> >> Tuc at T-B-O-H wrote:
> >>>> That's as much detail as I'm going to go into here. But the result is
> >>>> that I have 720,000 IP addresses of virus infected computers and I'm
> >>&
Hi,
An inordinate amount of people are telling me I'm
ending up in spam folders, so I wondered if there was
some "objective" site where I might be able to run a
message through and have it score an email. I realize this
could also be used by spammers to check about getting past
the filte
www.robtex.com/rbl.html and http://www.dnsstuff.com/ .
>
> 2007/9/14, Bowie Bailey <[EMAIL PROTECTED]>:
> > Tuc at T-B-O-H.NET wrote:
> > > Hi,
> > >
> > > An inordinate amount of people are telling me I'm
> > > ending up in spam folder
Hi,
Our mail server receives about 128K emails a day. Of
those, 120K are absolutely known spam so I don't even run
them through spamassassin. Of the 8K left, 6K are determined
to be spams, and 2K are considered "good".
I'm wondering if there is some way to help the
community (an
Hi,
We are in the middle of a migration of users from a
system which we can't upgrade running 3.1.8, to a new system
(which can of course be upgraded) running 3.2.4 .
I'm contemplating having the .procmailrc of users
on the old system call spamc with the hostname of the system
ru
> > We are in the middle of a migration of users from a
> > system which we can't upgrade running 3.1.8, to a new system
> > (which can of course be upgraded) running 3.2.4 .
> >
> > I'm contemplating having the .procmailrc of users
> > on the old system call spamc with the hostname of th
> > Is that to the "Any issues" or "Libwrap"? :) I'm guessing
> > just to the libwrap.
>
> Both.
>
Thanks.
>
> > Will probably try it over the weekend and see what happens.
> >
> > Which system will it update the .spamassassin directory on?
> > The "spamc" client, or "spamd"
>
> On 08.03.08 18:28, Tuc at T-B-O-H wrote:
> > > Our mail server receives about 128K emails a day. Of
> > > those, 120K are absolutely known spam so I don't even run
> > > them through spamassassin. Of the 8K left, 6K are determined
> > > to be spams, and 2K are considered "good".
> > >
> >
>
> At 17:51 08-03-2008, Tuc at T-B-O-H.NET wrote:
> > As part of it all, I also want to try to keep disk usage and CPU
> >down to as little as possible. With 120,000 per day, thats a junk mail
> >every 3/4's of a second. Since I have it set to deliver to /dev
>
> Automatic reporting - that's another thing entirely. As was pointed out in
> previous replys, the user
> community is not always accurate in reporting what is legit spam, and what
> is/was requested
> or "permitted". I tend to report manually, although I am writing some code
> to semi-auto
>
> I see delivery attempts to invalid email address regularly. They get
> rejected at the SMTP level. Running such messages through
> SpamAssassin doesn't make sense. Your previous message mentioned
> that you wanted to report these "spam" messages and my reply was
> based upon that.
>
>
> > Hi,
> >
> > Thanks for the reply. In as much as I'd like to help the community,
> > I'm under a set of constraints. Starting a whole other server to start
> > doing
> > this isn't something that fits under those constraints. It looks like
> > I'll probably just end up having to /dev/nul
>
> If you are proposing some kind of checksums or other types of 'message
> identifying' techniques on the messages, those few mistyped addresses
> could certainly make a difference for your site. What if bongo's mom
> mistypes to bungo, realizes her mistake and resends it to bongo a few
> min
> The same argument applies to mail to valid addresses (bingo, bango, ...)
> as well. would you like to use all your mail as a spam corpus? after
> all, you get only 10 out of 12 messages to these addresses :)
>
Well, bingo DOES like to hear from his mom, SOMETIMES. ;)
I understand yo
> > Bango said that if his mom can't spell his name right, he doesn't
> > care if he gets her emails. :)
> >
>
> fair enough (he can also discard delivered mail anyway). but I've seen a
> lot of people subscribing to services with a mistyped address (their
> own) and then calling us to co
>
> Seriously...
>
> How hard is it to setup the MX boxen to only allow 4 email addresses to pass
> for that particular domain, rejecting all others in the SMTP conversation?
>
> Unless the customer is dropping BIG DADDY $$$ with you, tell him policy
> change and that he isn't losing any email i
Hi,
I wanted to thank everyone who responded both on and off list.
In the end there was still alot of confusion from people about my
configuration, my intentions, my set up, some things I said But its
really not worth rehashing again. The end result is I've changed my
setup.
Hi,
At around 1p yesterday all of a sudden I started to see some
messages out of the ordinary. I've tracked it down to happening around
the same time SA is running.
I syslog everything to /var/log/spool, and if I do :
egrep 'clean |nologin' /var/log/spool | grep -v kernel
I se
>
> From: "Tuc at T-B-O-H.NET" <[EMAIL PROTECTED]>
>
> > Hi,
> >
> > At around 1p yesterday all of a sudden I started to see some
> > messages out of the ordinary. I've tracked it down to happening around
> > the same time SA is running
> Daniel J McDonald wrote:
> > On Tue, 2008-06-24 at 10:19 -0400, Randy Ramsdell wrote:
> >
> >> ram wrote:
> >>
> >>> I am seeing a clear downtrend in the number for spams hitting our
> >>> servers, I am not sure why ? Since Last week spams are at 50% of what
> >>> they used to be last mon
Hi,
I'm running 3.1.5 on FreeBSD from ports. I have a unique
situation and I wondered if I was doing something to confuse SA.
My server has a series of users :
server:*:1004:1004:TBOH Listproc:/usr/local/etc/server:/usr/local/bin/zsh
stcomp:*:1004:1004:TBOH
Listproc:/usr/local/e
> If sa-update finds an update, you will also need to restart spamd if you
> are using the daemon. See the wiki for more details:
>
> http://wiki.apache.org/spamassassin/RuleUpdates
>
Maybe run a script like this... (UNTESTED*)
#!/bin/sh
SAUPDATE="/usr/local/bin/sa-update"
SAUP
Hi,
Is anyone else seeing these. They seem to have 2 word subjects
starting with "at", "for" or "good". I don't seem to get any personally,
but one of my users seems to get 500 or 600 a week
Thanks, Tuc
Hi,
It comes as a blank message with a "bulletin.zip". Its actually a
RAR file. You unrar it and it produces "bulletin.txt". Then its a stock
spam.
Tuc
>
> > It comes as a blank message with a "bulletin.zip". Its actually a
> > RAR file. You unrar it and it produces "bulletin.txt". Then its a stock
> > spam.
>
> I guess they've given up on hoping PC owners will sucker for their game.
> I can't imaging that one PC owner in 100K knows what a RAR f
27 matches
Mail list logo
