M>-Original Message-
M>From: wolfgang [mailto:[EMAIL PROTECTED]
M>Sent: 08 May 2005 21:19
M>To: users@spamassassin.apache.org
M>Subject: blackholes.five-ten-sg.com
M>
M>after viewing
M>http://www.five-ten-sg.com/blackhole.php?221.143.43.231 I
M>would like to use the 127.0.0.2 section of
|-Original Message-
|From: alan premselaar [mailto:[EMAIL PROTECTED]
|Sent: 04 December 2004 15:23
|To: users@spamassassin.apache.org
|Subject: low scoring SPAM
|
|I've recently (about a month ago) installed a new mail server and
|upgraded to SA 3.01. I've been training the bayes da
|-Original Message-
|From: alan premselaar [mailto:[EMAIL PROTECTED]
|Sent: 19 December 2004 03:16
|To: users@spamassassin.apache.org
|Subject: trying to install 3.0.2 via CPAN
|
|for some reason i'm getting SPF failures during the 'make test' phase:
|
|t/spf...Not
|-Original Message-
|From: Kevin Curran [mailto:[EMAIL PROTECTED]
|Sent: 27 December 2004 07:09
|To: users@spamassassin.apache.org
|Subject: spamc/spamassassin = different scores
|
|Hello list,
|
|I don't know about you all, but I've been getting a lot of
|false negatives that have a h
|-Original Message-
|From: bubba [mailto:[EMAIL PROTECTED]
|Sent: 07 January 2005 10:28
|To: users@spamassassin.apache.org
|Subject: SA 3 - I'm Totally Stuck!
|
|Hi,
|
|I'm trying to install Spamassassin 3 on a Linux box w/Ensim
|control panel installed, but I'm experiencing a variety of
|-Original Message-
|From: Robert Markin [mailto:[EMAIL PROTECTED]
|Sent: 07 January 2005 10:00
|To: users@spamassassin.apache.org
|Subject: DCC and Razor2 have completely stopped hitting
|
|I hope that I am sending this to the correct address
|
|---
|-Original Message-
|From: bubba [mailto:[EMAIL PROTECTED]
|Sent: 07 January 2005 11:04
|To: users@spamassassin.apache.org
|Subject: RE: SA 3 - I'm Totally Stuck!
|
|> Drop the -u [EMAIL PROTECTED], its not needed since its being run
|> as the user and is semi-> obsolete anyway. Plus you
|-Original Message-
|From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
|Of Rosenbaum, Larry M.
|Sent: 21 January 2005 18:47
|To: users@spamassassin.apache.org
|Subject: Nigerian spams hit BAYES_00
|
|Using SpamAssassin 3.0.2 on Solaris 2.6, Perl 5.8.6.
|
|For some reason, I'm ge
|-Original Message-
|
|I can't say I've looked at very many of the 100,000 hams. I
|have a quarantine area where I can skim through the spam and
|borderline stuff, but I don't keep a copy of the ham.
|However, to be learned as ham, the Nigerian messages would
|have to score below 0.5,
|At 02:59 PM 1/26/2005, Dave Stern - Former Rocket Scientist wrote:
|>I put "score ALL_TRUSTED 0" in my user_prefs and the
|message was
|>detected as spam. I tried putting this iN LOcal.cf and it didn't work.
|
|If that didn't work, then one of two cases happened:
| 1) your local.
|-Original Message-
|Don Levey wrote:
|
|It was pointed out to me that SURBL lists only check URLs - I
|apologise for that. I *am* getting the problem described
|above with hits on Spamcop and SORBS. Additionally,
|apparently even the mere text mention of a .biz address
|triggers tha
Just found this, could be the cause of some of the problems.
2005-02-04
The public server changed its address; please re-run 'pyzor discover' to
find the new server.
http://pyzor.sourceforge.net/
Martin
I must have received this spam 12 times or more in the last 24 hours and
even though its listed on the SURBL, spamassassin fails to match it against
them.
When I submit the spams to spamcop it parses the url everytime.
SURBL seems to work on all other spams, just wondering if they have found a
way
|-Original Message-
|From: Theo Van Dinter [mailto:[EMAIL PROTECTED]
|Sent: 05 March 2005 01:27
|To: SpamAssassin Users
|Subject: Re: [SPAM-TAG] SURBL missing this spam
|
|On Fri, Mar 04, 2005 at 05:23:35PM -0800, Jeff Chan wrote:
|> Given that it's apparently fixed in 3.1 should we make a
|-Original Message-
|From: martin smith [mailto:[EMAIL PROTECTED]
|Sent: 05 March 2005 11:41
|To: Spamassassin
|Subject: RE: [SPAM-TAG] SURBL missing this spam
|
|Is there a uri rule we could use to catch e.g. .com: or .uk:
|in the mean time untill 3.1 becomes available, there is a
|
|uri SpoofPort_URL /.*\:.*|.*\...:.*/ score SpoofPort_URL 1
|
Ok MK2 that one could FP on genuine URLs with a port specified
uri SpoofPort_URL /.*\:.*|.*\...:.*/
score SpoofPort_URL 1
uri OkPort_URL
/.*\:|.*\...:./|/.*\:\/.*|.*\...:.\/.*/
score OkPort_URL -1
Sorr
|-Original Message-
|From: Duncan Hill [mailto:[EMAIL PROTECTED]
|Sent: 05 March 2005 15:02
|To: users@spamassassin.apache.org
|Subject: Re: [SPAM-TAG] SURBL missing this spam
|
|On Saturday 05 March 2005 14:49, martin smith wrote:
|> |uri SpoofPort_URL /.*\:.*|.*\...:.*/ sc
I managed to write a metarule for anyone interested, to catch a URL with
trailing : without a port specified, without FP on a 4 digit port.
uri __SpoofPort_URL /.*\:.*|.*\...:.*/
uri __OkPort_URL
/.*\:[0-9]|.*\:[0-9].+\/.*|.*\...:[0-9]|.*\...:[0-9].+\/.*/
meta Spoof_Port_URL
Hi,
I have been playing about with senderbase a bit and have noticed that
SB_NSP_VOLUME_SPIKE is looking for S5 to be NSP but have also noticed that
they use unknown and in the case of my provider NTL the field is blank.
I tried:
header SB_NSP_VOLUME_SPIKE eval:check_rbl_sub('sb', 'sb:S5 =~ /[^I
M>I had the same problem. It turns out that if the email is being
M>relayed through trusted or internal hosts, SA will skip the
M>SPF checks on the belief that it cannot trust that one of
M>those hosts hasn't
M>changed the envelope headers.I ended up opening an enhancement
M>request to a
ts=256 verify=NO);
Tue, 12 Apr 2005 03:07:57 -0400
Message-ID: <[EMAIL PROTECTED]>
Date: Tue, 12 Apr 2005 03:08:04 -0400
From: "Daryl C. W. O'Shea" <[EMAIL PROTECTED]>
User-Agent: Mozilla Thunderbird 0.8 (Windows/20040913)
X-Accept-Language: en-us, en
MIME-Version: 1
M>
M>Martin, the mail didn't go through the same server. Is it possible
M>that you've omitted 212.250.162.17 from your list of trusted_networks?
M>This would cause an SPF failure.
M>
M>When I set my trusted_networks to 212.250.162.0/24 and run these
M>messages through, they both get SPF_PASS.
M>-Original Message-
M>From: Andreas Davour [mailto:[EMAIL PROTECTED]
M>Sent: 13 April 2005 21:23
M>Cc: users@spamassassin.apache.org
M>Subject: Need for a new rule?
M>
M>
M>The following message have many characteristics in common with much
M>spam I've been getting lately. It's about inve
M>-Original Message-
M>From: Steven Stern
M>Sent: 15 April 2005 15:56
M>To: spamass-milt-list@nongnu.org; spamass
M>Subject: Does -r reject or discard
M>
M>We're using spamass-milter with "-r 10". Does this reject
M>the message (causing Sendmail to send a reject) or just
M>discard it? I
M>-Original Message-
M>From: ROY,RHETT G [mailto:[EMAIL PROTECTED]
M>Sent: 26 April 2005 14:51
M>To: users@spamassassin.apache.org
M>Subject: SA config recommendations to block these spammers?
M>
M>I have two spammers that consistently get messages through to
M>my inbox.
M>Based on the
M>-Original Message-
M>From: Chris Santerre [mailto:[EMAIL PROTECTED]
M>Sent: 26 April 2005 21:26
M>To: 'martin smith'; Spamassassin
M>Subject: RE: SA config recommendations to block these spammers?
M>
M>
M>Martin, could we get permission to put this in
M>-Original Message-
M>From: Antonio DeLaCruz [mailto:[EMAIL PROTECTED]
M>Sent: 28 April 2005 23:12
M>To: Pettit, Paul
M>Cc: users@spamassassin.apache.org
M>Subject: RE: Blacklists entries not getting blocked
M>
M>Attached is a file that contains the header information and
M>the preview o
M>-Original Message-
M>From: Jeff Chan [mailto:[EMAIL PROTECTED]
M>Sent: 04 May 2005 02:29
M>To: users@spamassassin.apache.org
M>Subject: Re: [SURBL] how to report
M>
M>On Monday, May 2, 2005, 11:34:14 PM, hamann w wrote:
M>> I just came across this website
M>> www.webspawner.com/users/mon
M>-Original Message-
M>From: Rakesh [mailto:[EMAIL PROTECTED]
M>Sent: 07 May 2005 07:41
M>To: [EMAIL PROTECTED]; users@spamassassin.apache.org
M>Subject: Way to evade URI checks
M>
M>Seems Spammers have found a way to evade the URI checks
M>
M>the domain coolestrxever.com is listed in mult
M>-Original Message-
M>From: Eddy Beliveau [mailto:[EMAIL PROTECTED]
M>Sent: 12 May 2005 16:49
M>To: users@spamassassin.apache.org
M>Subject: spammer is using html code for spamming
M>
M>Hi!
M>
M>I'm using spamassassin 2.64 with success
M>
M>I'm having problem catching some specific spamme
Whoops outlook capitalised this wrong with an I instead of i at the end.
This is what it should have been;
body MS_Body_Hide_DRUG /\b(?:R[!a-z]?eta il|P[!a-z]?ri ces|V.?I RA|C[!a-z]?I
S|(?:V|U)L AM|U[!a-z]?LTRAM|S[!a-z]?MA)\b/i
M>-Original Message-
M>From: Valery V. Bobrov [mailto:[EMAIL PROTECTED]
M>Sent: 14 May 2005 13:36
M>To: users@spamassassin.apache.org
M>Subject: more spam with SpamAssassin version 3.0.2
M>
M>Hello!
M>
M>I upgraded to SpamAssassin version 3.0.2 from 2.64 and I
M>noticed the amount of spa
M>-Original Message-
M>From: Dan Simmons [mailto:[EMAIL PROTECTED]
M>Sent: 14 May 2005 18:13
M>To: users@spamassassin.apache.org
M>Subject: Drug SPAM problem..any fixes?
M>
M>Hi All,
M>
M>I am having an issue with the following DRUG related spam. Does
M>anyone have any rules to catch this
M>-Original Message-
M>From: Matt Kettler [mailto:[EMAIL PROTECTED]
M>Sent: 14 May 2005 18:37
M>To: Dan Simmons
M>Cc: users@spamassassin.apache.org
M>Subject: Re: {SPAM} Drug SPAM problem..any fixes?
M>
M>Dan Simmons wrote:
M>> Hi All,
M>>
M>> I am having an issue with the following DRUG
M>-Original Message-
M>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
M>Sent: 15 May 2005 10:46
M>To: users@spamassassin.apache.org
M>Cc: Loren Wilton
M>Subject: Re: Bombarded by German political spam
M>
M>npd.de is "Nazi" political party
M>
M>
M>>> Kanzler erleichtert Visaverfahren fü
M>-Original Message-
M>From: Chris [mailto:[EMAIL PROTECTED]
M>Sent: 30 May 2005 04:00
M>To: users@spamassassin.apache.org
M>Subject: cannot open bayes databases
M>
M>While running my sa-learn script I'm suddenly getting the below:
M>
M>debug: lock: 26313
M>created
M>/home/chris/.spamassa
M>-Original Message-
M>From: Martin Hepworth [mailto:[EMAIL PROTECTED]
M>Sent: 31 May 2005 17:45
M>To: Robert Menschel
M>Cc: SpamAssassin Users
M>Subject: Re: problem with split line URL's
M>
M>Robert
M>
M>just got one in - no matches...
M>
M>If anyone wants an example let me know..
M>
M>-
-Original Message-
M>From: Martin Hepworth
M>Sent: 31 May 2005 17:45
M>To: Robert Menschel
M>Cc: SpamAssassin Users
M>Subject: Re: problem with split line URL's
M>
M>Robert
M>
M>just got one in - no matches...
M>
M>If anyone wants an example let me know..
M>
M>--
M>Martin Hepworth
Ok just
For those thinking of upgrading who have patched earlier versions of 3.0.
you will need to do it again after upgrading.
I was disappointed to see the fix for the above bug was not included in
3.0.4, just had to apply the fix again to get the surbl to work with caps in
the URI.
Martin
Has the behaviour of the uri rule been changed at some point to match the
whole of the URL? I have just noticed I am getting some FP when one of my
uri rules matches against the URL rather than URI.
To prevent FP would be very difficult, I think to match the whole of the URL
with uri rules is not s
M>Not that I'm aware of. To my knowledge the URI rule always
M>matches the full URL. There are several SA and/or SARe rules
M>which depend upon this.
M>
M>Or do you mean something different by URI and URL than I do.
M>I generally use the definitions found at
M>http://www.adp-gmbh.ch/web/uri_
M>Hello martin,
M>
M>
M>SARE has been playing around with URI rules lately, and when
M>we need to test for something in the host/domain area, we use
M>something like:
M>> uri rule_name m'(?:https?://)?[^/]*testgoeshere'
M>In other words, the test must precede any/all slashes except
M>for those
M> 10BAYES_9915351 4.46% 45.42% 60.57%
M> 19BAYES_50 6443 1.87% 19.06% 25.42%
M> 31BAYES_80 1154 0.34% 3.41% 4.55%
M> 32BAYES_60 1147 0.33% 3.39% 4.53%
M>
M>-Original Message-
M>From: Scott Russell [mailto:[EMAIL PROTECTED]
M>Sent: 13 March 2006 18:41
M>To: users@spamassassin.apache.org
M>Subject: X-Spam-Relay-Country header always empty
M>
M>Greets.
M>
M>I've seen this under both SA 3.1.0 and 3.1.1 and I have
M>IP::Country 2.20 installed.
44 matches
Mail list logo
