They seem to have resolved that problem now.
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
Mouss wrote on Sun, 05 Oct 2008 21:40:26 +0200:
From here too, but the .com work :-)
Right. But the normal way would be to deduce URL from the lookup URL which
ends up in .net. On the other hand that's not even mentioned in the rule
which might lead to a search for Day Old Bread list and
Am 2008-09-25 09:43:06, schrieb mouss:
We do business all over the world and I see a lot of fp's on Zen.
in which sublist? xbl, sbl or pbl? and when you say a lot, how many?
can you show an example of an IP that you consider as an FP?
I am interested in to, since I had uses sbl-xbl
and
We do business all over the world and I see a lot of fp's on Zen.
in which sublist? xbl, sbl or pbl? and when you say a lot, how
many?
can you show an example of an IP that you consider as an FP?
I am interested in to, since I had uses sbl-xbl and then zen and
never gotten FPs
Greetings
Rasmus Haslund wrote:
We do business all over the world and I see a lot of fp's on Zen.
in which sublist? xbl, sbl or pbl? and when you say a lot, how
many?
can you show an example of an IP that you consider as an FP?
I am interested in to, since I had uses sbl-xbl and then zen and
never
Hello there!
I am making a new plugin and in order gather enough data about its
performance I need to turn off all other tests. I was very surprised that
there aren't any topics about it.
So how does one turn off all SA tests?
What I tried to do is the following: I created a list with all various
On Mon, Oct 06, 2008 at 08:19:49AM -0700, NeoSHNIK wrote:
I am making a new plugin and in order gather enough data about its
performance I need to turn off all other tests. I was very surprised that
there aren't any topics about it.
So how does one turn off all SA tests?
Set their scores to 0
Hello,
did anyone try to use DNSBL lookups for header(s) X-PHP-Script?
I have patch into PHP that inserts IP address into that header, and looking
in dnsbl for spam sources could help me filter out spam posted through HTTP.
I could prepare such rules, but if anyone has such, I'd be glad not to
Hi,
I am pretty new at writing local rules, and since we've been getting
a lot of targeted phishing emails i've been writing some rules to stop
them ( running them thru the public corpus's after i write them )
I have a rule body __LOCAL_IT_SPOOF_1 m'account
On 06.10.08 11:43, Joe Vieira wrote:
I have a rule body __LOCAL_IT_SPOOF_1 m'account
(?:verification|expire|detail|expiration)'i
the __ rules are indirect and not scored. You can use them in meta rules.
remove those __ at begin and see if they hit
--
Matus UHLAR - fantomas, [EMAIL
On Mon, October 6, 2008 16:26, Rasmus Haslund wrote:
Another fresh example from today is 193.173.161.178 from XBL inherited
from CBL.
please contact postmaster at that ip, maybe thay are intrested to know
there problem users give them ? :-)
From what I can see something on the IP is
Rasmus Haslund a écrit :
We do business all over the world and I see a lot of fp's on Zen.
in which sublist? xbl, sbl or pbl? and when you say a lot, how
many?
can you show an example of an IP that you consider as an FP?
I am interested in to, since I had
Matus UHLAR - fantomas a écrit :
Hello,
did anyone try to use DNSBL lookups for header(s) X-PHP-Script?
I have patch into PHP that inserts IP address into that header, and looking
in dnsbl for spam sources could help me filter out spam posted through HTTP.
you'd need a plugin for that.
I know they are indirect, in debug mode it shows __ rules that hit as
well. other non-scored rules do hit.
Joe
Matus UHLAR - fantomas wrote:
On 06.10.08 11:43, Joe Vieira wrote:
I have a rule body __LOCAL_IT_SPOOF_1 m'account
(?:verification|expire|detail|expiration)'i
the __
On Mon, Oct 06, 2008 at 05:31:55PM +0200, Matus UHLAR - fantomas wrote:
Hello,
did anyone try to use DNSBL lookups for header(s) X-PHP-Script?
I have patch into PHP that inserts IP address into that header, and looking
in dnsbl for spam sources could help me filter out spam posted through
Theo Van Dinter-2 wrote:
On Mon, Oct 06, 2008 at 08:19:49AM -0700, NeoSHNIK wrote:
I am making a new plugin and in order gather enough data about its
performance I need to turn off all other tests. I was very surprised that
there aren't any topics about it.
So how does one turn off all SA
On Mon, Oct 06, 2008 at 08:04:56PM +0300, Henrik K wrote:
On Mon, Oct 06, 2008 at 05:31:55PM +0200, Matus UHLAR - fantomas wrote:
Hello,
did anyone try to use DNSBL lookups for header(s) X-PHP-Script?
I have patch into PHP that inserts IP address into that header, and looking
in dnsbl
It would seem the whitelist_from_rcvd is incorrectly propigating to the wrong
users in the same thread.
For example usera has whitelist_from_rcvd *.sonic.net sonic.net setup. If
userb gets sent mail that is
processed by that same thread it will pickup the whitelist_from_rcvd from usera
Any
On Mon, Oct 06, 2008 at 08:55:29PM +0300, Henrik K wrote:
X-PHP-Script doesn't seem to be very widely patched - or PHP isn't abused
that much, which is nice. I grepped 3 weeks worth of spam quarantine, 17335
messages. 46 contained it. 28 unique IPS, out of which 8 was on sbl-xbl and
one or two
Can SpamAssassin negative score emails that are sent using TLS?
I realize anyone (even spammers) can use TLS, but I tend to trust
encrypting mail servers more than I do non-encrypting ones.
However, I'm guessing all evidence of TLS usage has disappeared by the
time SpamAssassin gets the message?
Can SpamAssassin negative score emails that are sent using TLS?
I realize anyone (even spammers) can use TLS, but I tend to trust
encrypting mail servers more than I do non-encrypting ones.
However, I'm guessing all evidence of TLS usage has disappeared by the
time SpamAssassin gets the
On Mon, Oct 06, 2008 at 05:31:55PM +0200, Matus UHLAR - fantomas wrote:
did anyone try to use DNSBL lookups for header(s) X-PHP-Script?
I have patch into PHP that inserts IP address into that header, and looking
in dnsbl for spam sources could help me filter out spam posted through HTTP.
SpamAssassin version 3.2.5, running on Perl version 5.8.8, Solaris 9
Using MySQL for Bayes database.
I'm wondering if our Bayes token database is too big, and why.
Based on some posts to this list, I decided to try converting our Bayes and AWL
databases to InnoDB to improve performance. So I
On Mon, Oct 06, 2008 at 03:42:53PM -0400, Rosenbaum, Larry M. wrote:
And here is the information from the local.cf file:
bayes_expiry_max_db_size 50
So the config file says 500 thousand tokens, but the database has 105 million
entries. Have I misunderstood something, or is expiry
Kelly Jones [EMAIL PROTECTED] wrote:
Can SpamAssassin negative score emails that are sent using TLS?
I realize anyone (even spammers) can use TLS, but I tend to trust
encrypting mail servers more than I do non-encrypting ones.
However, I'm guessing all evidence of TLS usage has disappeared
From: Theo Van Dinter [mailto:[EMAIL PROTECTED]
On Mon, Oct 06, 2008 at 03:42:53PM -0400, Rosenbaum, Larry M. wrote:
And here is the information from the local.cf file:
bayes_expiry_max_db_size 50
So the config file says 500 thousand tokens, but the database has 105
million
On 06/10/2008 2:30 PM, William Taylor wrote:
It would seem the whitelist_from_rcvd is incorrectly propigating to the wrong
users in the same thread.
For example usera has whitelist_from_rcvd *.sonic.net sonic.net setup. If
userb gets sent mail that is
processed by that same thread it will
Larry M. Rosenbaum wrote on Mon, 06 Oct 2008 15:42:53 -0400:
So I copied
the database to a non-production MySQL server and tried to convert
it there. It has taken 4 days to convert! I'm thinking something
must be wrong.
Yes, converting a database with a 100 million records will take that
Rosenbaum, Larry M. wrote:
104999743 entries kept, 147355 deleted
bayes_expiry_max_db_size 50
So the config file says 500 thousand tokens, but the database has 105 million
entries. Have I misunderstood something, or is expiry not working correctly?
Check and make sure you haven't
It's like Theo suggested. You likely have a structure that has many old
tokens and fewer new tokens. If you want to shrink your database decide
how many tokens you want to keep (for instance one million) and then
determine the date that fits this (e.g. token count where atime 'your
time' is
From: Ned Slider [mailto:[EMAIL PROTECTED]
The easy solution for you is to whitelist any such domains that you
absolutely don't want blocked at the smtp level.
Well Ned, the thing is our company is located in 12 different countries
and dealing with an endless amount of domains situated all
31 matches
Mail list logo
