I've updated 23_bayes_ignore_header.cf
(last update was from 2016 :)
https://svn.apache.org/repos/asf/spamassassin/trunk/rulesrc/sandbox/axb/23_bayes_ignore_header.cf
Axb
On 2/16/23 14:17, Dave Wreski wrote:
Here's also another 50+ headers we've collected over the years that I
believe started
On 8/25/22 16:10, Benny Pedersen wrote:
https://phishtank.com/phish_detail.php?phish_id=7691984
https://phishtank.com/phish_detail.php?phish_id=7680788
why is page.link have subdomain tjeking ?, is it marked at sa as a
redirector ?
tjeking?
i consider block all page.link, whois says its
Benoit had already confirmed that the redirector_pattern worked as expected.
On 11/2/21 6:07 PM, Bill Cole wrote:
On 2021-11-02 at 04:52:17 UTC-0400 (Tue, 2 Nov 2021 09:52:17 +0100)
Benoit Panizzon
is rumored to have said:
Hi SA Community
In the last couple of weeks, I see a massive
you're looking to use a redirector_pattern rule - weird that this hasn't
been yet been added in SA's default ruleset
Please submit a bug with a sample message
On 11/2/21 9:52 AM, Benoit Panizzon wrote:
Hi SA Community
In the last couple of weeks, I see a massive increase of spam mails
which
On 10/31/21 5:26 PM, Matus UHLAR - fantomas wrote:
Hello,
it looks like google has registered page.link domain and users are already
using it for spamming:
https://secretadultnightclub.page.link/...
I have added it to my local domain-based blocklist.
any idea/tip what to do with it next?
On 10/25/21 10:20 AM, Benoît Panizzon wrote:
Hi Gang
I am chasing some issue with email being flagged as spam by the
SpamAssassin CTASD Test run at other ISP, so I have no direct control
over it.
Google found, that his is a daemon used in F-Prot and Sophos Anti-Spam
Products. Probably run by:
On 10/19/21 8:06 PM, Jerry Malcolm wrote:
Where do I find a starter toks file?
You don't need a "starter" file. As soon as it needs them, SA
automagically creates the necessary files if it can write into the
defined path.
Just feed it some spams and hams as per docs and you'll see the
FTR: I'm on Centos 7
will test fixes
On 7/21/21 4:44 AM, Jared Hall wrote:
Axb wrote:
what is this about? seems like a massive bug
__
* 0.0 SYSTEM_INFO CHAOS: v1.2.1 SA: v3.4.6 PERL: v5.16.3 - This
* system rocks!CHAOS: v1.2.1 SA: v3.4.6 PERL: v5.16.3 - CHAOS
what is this about? seems like a massive bug
__
* 0.0 SYSTEM_INFO CHAOS: v1.2.1 SA: v3.4.6 PERL: v5.16.3 - This
* system rocks!CHAOS: v1.2.1 SA: v3.4.6 PERL: v5.16.3 - CHAOS:
* v1.2.1 SA: v3.4.6 PERL: v5.16.3 - This system rocks!CHAOS:
*
On 4/25/21 7:34 PM, Steve Dondley wrote:
On Apr 25, 2021, at 1:31 PM, Axb wrote:
What are you trying to do?
run masscheck for your rules or for the SA project?
I’m experimenting with writing my own rules. My machines are using SA 3.4.4 so
I want to use the 3.4.4 rules.
this may give
What are you trying to do?
run masscheck for your rules or for the SA project?
On 4/25/21 7:28 PM, Steve Dondley wrote:
mass-check -c parameter expects to find every config file in that single
directory. Now it's missing spamassassin updates and specifically
20_aux_tlds.cf from there. You
take place and reduce the amount of memory.
Greetings
/Christian
Am 16.04.2021 um 09:15 schrieb Axb:
To avoid suprises, remember to watch your memory usage.
Redis reads/writes the DB in memory and only dumps to disk for backup.
"redis-cli info" is of help
On 4/16/21 9:10 AM, Christian
To avoid suprises, remember to watch your memory usage.
Redis reads/writes the DB in memory and only dumps to disk for backup.
"redis-cli info" is of help
On 4/16/21 9:10 AM, Christian Völker wrote:
Sorry to annoy you. Another addition to my tests:
When using redis it took me around
kend to do this
stuff in parallel?
Thanks
/Christian
Am 15.04.2021 um 14:38 schrieb Axb:
Depending on your Bayes backend, your bottleneck will not be the CPUs
but I/O.
Normally there's no need for running multiple sa-learn instances.
My sa-learn is learning +40 msgs/sec from a SSD into a Redis
Depending on your Bayes backend, your bottleneck will not be the CPUs
but I/O.
Normally there's no need for running multiple sa-learn instances.
My sa-learn is learning +40 msgs/sec from a SSD into a Redis DB.
On 4/15/21 2:33 PM, Christian Völker wrote:
Hi all,
I am going to add some large
Sought rules have been deprecated at least 5 years ago.
you can remove that part of the config.
h2h
Axb
On 3/12/21 1:16 PM, a...@onet.eu wrote:
Hi,
I'm getting this from cron since two days:
channel: no 'mirrors.sought.rules.yerp.org' record found, channel failed
11-Mar-2021 05:46:59
of the
past.
Pifalls? none so far.
I wouldn't go back anymore.
Obviously, it's global only, no per user.
Axb
On 1/31/21 8:04 PM, Bill Cole wrote:
On 31 Jan 2021, at 6:58, Axb wrote:
Happy Sunday !!!
Cisco forgot to renew spamcop.net
Registry Expiry Date: 2022-01-30T05:00:00Z
Better disable till it's fixed
score RCVD_IN_BL_SPAMCOP_NET 0
Stay safe!
SpamAssassin was already "
On 1/31/21 7:57 PM, Jared Hall wrote:
On 1/31/2021 6:58 AM, Axb wrote:
Happy Sunday !!!
Cisco forgot to renew spamcop.net
Registry Expiry Date: 2022-01-30T05:00:00Z
Better disable till it's fixed
score RCVD_IN_BL_SPAMCOP_NET 0
Stay safe!
OK. Thanks.
Issue has been FIXED.. all looks
On 1/31/21 3:35 PM, Matus UHLAR - fantomas wrote:
On 31.01.21 12:02, Georg Faerber wrote:
On 21-01-31 12:58:48, Axb wrote:
Cisco forgot to renew spamcop.net
Registry Expiry Date: 2022-01-30T05:00:00Z
That's still one year to go, isn't it?
seems that this has been overtaken by someone who
On 1/31/21 1:02 PM, Georg Faerber wrote:
On 21-01-31 12:58:48, Axb wrote:
Cisco forgot to renew spamcop.net
Registry Expiry Date: 2022-01-30T05:00:00Z
That's still one year to go, isn't it?
That is when the domain will be free for takers.
see https://spamcop.net/
Happy Sunday !!!
Cisco forgot to renew spamcop.net
Registry Expiry Date: 2022-01-30T05:00:00Z
Better disable till it's fixed
score RCVD_IN_BL_SPAMCOP_NET 0
Stay safe!
Posting this to avoid surprises:
As of the first week of 2021, the Composite Blocklist (CBL) is being
retired.
See:
https://www.spamhaus.org/news/article/803/
Please note that SA does NOT ship with any type of CBL lookup/rule.
Stay safe
Axb
/@CAUCE
On Tue, Dec 22, 2020 at 4:21 PM John Hardin wrote:
On Mon, 21 Dec 2020, Axb wrote:
On 12/21/20 7:19 PM, John Hardin wrote:
Quick question for anyone who knows:
Are the email addresses in the various domains in the yahoo family
(e.g.
yahoo.com, yahoo.com.hk, yahoo.com.my
whitelist_to ?
On 12/23/20 12:56 AM, Grant Taylor wrote:
Is there a way to bypass RBL checks for a specific address?
I've tried the all_spam_to option, but it looks like it artificially
lowers the score and still runs normal tests.
I'd like to disable RBL checks for one address.
On 12/21/20 7:19 PM, John Hardin wrote:
Quick question for anyone who knows:
Are the email addresses in the various domains in the yahoo family (e.g.
yahoo.com, yahoo.com.hk, yahoo.com.my, yahoo.com.sg, yahoo.com.vn,
yahoo.co.jp, yahoo.co.nz, yahoo.co.th, yahoo.co.uk, yahoo.es, yahoo.fr,
Fuglu supports Sophos AV
See fuglu.org
On 11/23/20 5:37 PM, Joe Acquisto-j4 wrote:
So, beyond "experiences" any leads on generic "how to" guides that actually
work in
practice? I've found a few, rather than chase geese, I'm sure some here have
done
similar things, even if with other AV
so called Elena and Vladimir have been around for over a decade spamming
with different requests.
Vladimir's mother has died several times
use it to feed Bayes.
On 11/11/20 7:37 AM, Anders Gustafsson wrote:
I know it is a bit off-topic, but has anyone seen something like this:
"Greetings,
perhaps we should reopen that bug and add the exception.
AXB - any comments??
I'd lower the rule's score a bit. That way we don't have to track what
t-online.de does/or not does.
comments?
AXB
These forum messages probably have a common URL in them.
Use something like:
blacklist_uri_host solidworks.com
to score the common URL.
h2h
On 10/10/20 4:52 PM, Ramon F Herrera wrote:
Hello all:
I have been a very satisfied user of spamassassin for a long time. Now I
am facing a challenge,
Sad news. My thoughts are with his family.
On 9/21/20 4:31 PM, Kevin A. McGrail wrote:
Some know that Jari's mirror broke a few weeks ago and we've been trying
to reach him. I am sorry to announce that Jari Fredriksson was a great
supporter of the project running an sa-update mirror, helping
On 8/24/20 11:27 PM, micah anderson wrote:
What is the highest score you've seen a spam get? I think I just broke
my own high score, with a spam that managed to pile up 64 points.
I'm sure you all have seen much higher!
the score can depend on how creative you are.
score USER_IN_BLACKLIST
On 8/22/20 4:37 AM, Philip Prindeville wrote:
On Aug 21, 2020, at 1:28 PM, Rob McEwen wrote:
ANNOUNCEMENT: The NEW invaluement "Service Provider DNSBLs" - 1st one for
Sendgrid-spams!
...a collection of a new TYPE of DNSBL, with the FIRST of these having a focus
on Sendgrid-sent spams.
On 7/14/20 4:05 PM, Dave Goodrich wrote:
I can't stop it from happening, so be it.
Here's an idea..
if enough voices are loud enough... Make yourself heard, press, twitter,
etc.. use the same channels which are being used to favour the change.
Or are there too many ppl who fear being in the
On 7/14/20 12:55 PM, jdow wrote:
I gotta ask here, "Can't we all skip the ad hominem insults and stick to
technical merits and goals involved in this change?" Please.
from where I sit, it will be very hard or there are no such merits / goals.
On 7/14/20 9:41 AM, jdow wrote:
On 20200714 00:31:19, @lbutlr wrote:
On 14 Jul 2020, at 01:22, jdow wrote:
How does this move improve the technical quality of the product
from the end users' perspective?
You've been told repeatedly that the decision has been made, and
you have ignored
It's Sunday, Moderators also have lives...
Stay inside, Stay safe.
On 7/12/20 8:10 PM, jason hirsh wrote:
is there a moderator. or do i have to unsubscribe
On Jul 12, 2020, at 2:07 PM, rtroy wrote:
On Sun, 12 Jul 2020, Eric Broch wrote:
...a bunch of stuff that doesn't belong on the
Fuglu docs are extensive.
you shouldn't need help to get started off
On 7/12/20 12:54 PM, Matthew Broadhead wrote:
mailing is shut down
https://gitlab.com/fumail/fuglu/-/issues/30
On 11/07/2020 20:35, Benny Pedersen wrote:
Matthew Broadhead skrev den 2020-07-11 10:11:
fuglu looks nice. it
heir face.
I don't wish them the best. They will be causing a huge amount of ppl a
truckload of grief and unnecessary work.
Axb
On 7/11/20 10:11 AM, Matthew Broadhead wrote:
fuglu looks nice. it even handles the vacation messages from database,
whereas i have been struggling with sieve.
can it train the bayes as well?
nope - bayes learning is handled by SA's sa-learn (see docs)
fuglu is just glue between your MTA
I voted aginst it, loudly.
On 7/11/20 4:35 AM, Noel Butler wrote:
Who is "we"
Name the people who decided this pathetic communist dictatorship change
and who want to enforce this upon members of 160 odd other countries
just because theirs is fucked up?
I want names
I want to see the voting,
On 7/10/20 8:31 PM, Bill Cole wrote:
The SpamAssassin Project has a particular self-interest in attracting
contributors from a diversity of cultures, because we are always at risk
of mislabelling a pattern of letters or words as 'spammy' when in fact
it is entirely normal in a cultural context
Not sure if this is sarcasm or not... but just in case:
Whoever may be the Marxist/Socialists, the're definitely not in the
US... Assuming you never lived under such a government you're just
talking thru your hat.
and now lets put this offtopic blah to rest.
On 7/10/20 7:07 PM, Eric Broch
no problem unless they use third party DNS
resolvers which are blocked.
if you're local resolver is forwarding to some ISP's resolver then you
also get blocked.
Am 10.07.20 um 13:23 schrieb Axb:
On 7/10/20 1:20 PM, Philipp Ewald wrote:
Hey everyone,
we got a nice mail from spamhaus.
We have used
On 7/10/20 11:02 AM, Matthew Broadhead wrote:
i tried to set up bayes training before but i feel that i was
unsuccessful. is there a definitive guide on setting this up on postfix
with amavis? if my user were the one that was training it for the other
users that would be ideal
unless you
On 7/10/20 1:20 PM, Philipp Ewald wrote:
Hey everyone,
we got a nice mail from spamhaus.
We have used their DNS Query's.
Important is that we thought we have disabled them by:
score __RCVD_IN_ZEN 0
But tcpdump says we make dns querys to spamhaus, but the result got
ignored.
you forgot that
On 7/10/20 10:57 AM, jdow wrote:
On 20200710 01:53:30, Axb wrote:
On 7/10/20 10:36 AM, Matus UHLAR - fantomas wrote:
while I am not a fan of renaming, I think that
"welcome list" and "block list" are more informational.
SA doesn't block anything so a blocklist only m
On 7/10/20 10:36 AM, Matus UHLAR - fantomas wrote:
while I am not a fan of renaming, I think that
"welcome list" and "block list" are more informational.
SA doesn't block anything so a blocklist only makes stuff naturally
confusing
so glad to read this...
confirms my picture of you.
now back my pet project: rewrite Tom Sawyer
On 7/10/20 10:02 AM, jdow wrote:
The problem is that at least one woman (me) reading this list doesn't
give a tinker's damn. The intent is communicated and that's sufficient
to satisfy my
Jul 10, 2020 at 2:50 AM Axb wrote:
the US problems won't be fixed with renaming B lists.
Seriously.. you have more important issues...
On 7/10/20 8:42 AM, jdow wrote:
Be sure to purge every instance of "fork" in the code because it sounds
too close to the other F..K word. Get
the US problems won't be fixed with renaming B lists.
Seriously.. you have more important issues...
On 7/10/20 8:42 AM, jdow wrote:
Be sure to purge every instance of "fork" in the code because it sounds
too close to the other F..K word. Get the fork out of there.
{O,o}
i.e are you guys
On 7/7/20 2:57 PM, Benny Pedersen wrote:
Axb skrev den 2020-07-07 14:46:
That isn't only Phishtank data...
+1
and using that data in that particular way hardly scales to bigger setups
data could be stored in DB_File just like GeoIP2, that saves ram imho
rblnsd is the way to go:
- you
On 7/7/20 2:39 PM, Benny Pedersen wrote:
Axb skrev den 2020-07-07 13:23:
domains listed in Phishtank are picked up by SURBL
and rbldnsd support a fix of this
https://www.isc.org/blogs/qname-minimization-and-privacy/
i have disabled it in bind9
Phishtank signatures in SpamAssassin
On 7/7/20 1:20 PM, Benny Pedersen wrote:
KADAM, SIDDHESH skrev den 2020-07-07 13:13:
Can anybody suggest me a best possible way to block phish/malware url
from body of an email using spamassassin.
report to https://phishtank.com/ 1 step :=)
next is to use https://sanesecurity.com/ with
On 7/7/20 1:13 PM, KADAM, SIDDHESH wrote:
Guys,
Can anybody suggest me a best possible way to block phish/malware url from body
of an email using spamassassin.
I Tried GoogleSafeBrowsing but not helping much as it has very low detection
ratio.
Regards,
Siddhesh
iirc "ramprasad at
On 5/22/20 12:18 PM, Maurizio Caloro wrote:
Hello
I have here spamassassin with Postfix and Dovevot on Debian 9 and 10 running.
i need to go shure if all Email that declare as spam, are relay spam so
defininig this rule.
/etc/spamassassin# cat local.cf | grep all_spam_to
all_spam_to
Riccardo,
Is it also available to Spamhaus Rsync Datafeed customers?
On 2020-04-30 10:50, Riccardo Alfieri wrote:
Hello,
I'm happy to announce to the SpamAssassin community that Spamhaus has
released an updated version of our plugin that solves minor issues and,
more importantly, adds
So?
That's their rule.
Nothing the SA user list or dev team can help you with.
On 2020-04-08 17:17, Toolworker wrote:
IMH_ED_SPAM is peculiar to InMotion Hosting.
It causes a lot of false positives for me too.
Their support advised:
"IMH_ED_SPAM is a InMotion Hosting rule that matches known
On 2020-03-11 00:15, Daryl Rose wrote:
I receive several marking emails from chimpmail. I've tried adding the
from email address to the blackfrom_list, but that does not block
chimpmail. How can a person block these?
Thank you.
Daryl
header XMAILER_MAILCHIMP =~ /^MailChimp Mailer/
or an
On 2020-02-13 04:11, John Hardin wrote:
On Wed, 12 Feb 2020, Pedro David Marco wrote:
Hi..
i am getting errors from Byes because it is not able to lock Bayes
files...
Error log is:
bayes: cannot open bayes databases /etc/spamassassin/bayes/bayes_*
R/W: lock failed: Interrupted system
On 2019-11-28 13:43, Anders Gustafsson wrote:
Assume I want to give extra points to e-p...@pedago.fi? This is our
adress as given on our wesite so many spammers harvest that. I waht to
bump it sligtly, but have been unable to write a regexp that catches it.
Can anyone help?
this could work:
On 2019-11-22 07:53, Jerry Malcolm wrote:
Where is the configuration parameter that governs where bayes_toks is
stored for global use (not per user)? I am on an AWS Linux EC2
environment. I've seen comments on the net that say it's in
/.spamassassin and other comments that say it's in
What is a "faked mail" ?
On 11/1/19 3:15 PM, Joseph Brennan wrote:
MALFORMED_FREEMAIL is a meta on:
(MISSING_HEADERS||__HDRS_LCASE) && FREEMAIL_FROM
So that and MISSING_HEADERS itself add up to 3.0 points. This seems high.
We rejected a message from gmail that hit MALFORMED_FREEMAIL and
as per AskDNS.pm (lottsa info in there)
Currently recognized RR types in the rr_type parameter are: ANY, A,
,MX, TXT, PTR, NAPTR, NS, SOA, CERT, CNAME, DNAME, DHCID, HINFO,
MINFO, RP, HIP, IPSECKEY, KX, LOC, SRV, SSHFP, SPF.
On 10/4/19 3:54 PM, Tobi wrote:
Yes I mean the _tags_ like
UN_educated guess - I don't use DKIM... does it stop happening when you
restart your DNS recursor instead of rebooting?
On 9/23/19 7:00 AM, Jari Fredriksson wrote:
Hello again.
I have a problem that arises after my mail server has been up for maybe
two days. Suddenly all DKIM-verifications
I doubt you'll see many hits on that rule as I'd expect most URIS being
included in the infected attachments.
Imo, the ClamAV sigs make more sense.
On 9/17/19 12:36 PM, hg user wrote:
It is a "dumb" rule but the quicker I could create.
https://pastebin.com/bxRSds7a
On Tue, Sep 17, 2019 at
On 9/14/19 9:30 PM, @lbutlr wrote:
I am still getting spammed processes that last for hours or days. When I kill
them, `kill -9` they come back after the load drops. The processes use 100% of
the processor.
nobody 72041 100.0 2.2 87264 76940 - R10:36 35:28.97 spamd
child
On 8/26/19 1:54 PM, Antony Stone wrote:
On Monday 26 August 2019 at 13:29:45, Axb wrote:
On 8/26/19 3:24 AM, Rob McEwen wrote:
announcement about invaluement (or more like a tease?)
https://www.linkedin.com/feed/update/urn:li:activity:6571558988201148416/
I don't do linkedin - what
On 8/26/19 3:24 AM, Rob McEwen wrote:
announcement about invaluement (or more like a tease?)
https://www.linkedin.com/feed/update/urn:li:activity:6571558988201148416/
I don't do linkedin - what is it?
On 6/24/19 11:56 AM, Brent Clark wrote:
Good day Guys
This was project was posted on kitploit.com, i.e. Whatbreach
https://www.kitploit.com/2019/06/whatbreach-osint-tool-to-find-breached.html
On further investigation I thought this would be a cool project to have
a SA plugin to query
While blogs may be interesting to read and keep track of stuff...
Is there any code to look at and start testing?
The summer is short...
Axb
On 6/14/19 10:56 AM, Shreyansh Shrivastava. wrote:
This is the second blog of the series. It covers data cleaning, feature
extraction, model training
MDAEMON_DNSBL is not a stock SA rule.
This is a custom rule added by Alt-N/MDAEMON which uses SA.
You will need to contact them for further help
On 5/14/19 11:44 AM, cyflhn wrote:
It has happened many times that the emails from our server were identified as
spam. I have checked the emails
On 3/25/19 7:01 PM, Henrik K wrote:
On Mon, Mar 25, 2019 at 06:49:49PM +0100, Tobi wrote:
Am 25.03.19 um 15:18 schrieb Henrik K:
On Mon, Mar 25, 2019 at 03:00:30PM +0100, Tobi wrote:
You are matching "any uri" and expect it to be "reliable"? Perhaps consider
first what you are trying to
/article.aspx?p=19798
John,
Your suggestions don't apply to this user's case.
He's using the so called "Datafeed over DNS" and not a local rsync'd
version.
--Axb
"Datafeed over DNS
Allows end users to continue to utilize the public DNS system for URIBL
resolution. This will allow
On 3/2/19 3:45 PM, John Schmerold wrote:
I subscribed to uribl's datafeed service and have read their usage
documentation on http://uribl.com/usage.shtml
I think I understand how it works, but I am confused by how things work
with the default 25_uribl.cf file if I want to change the
On 10/21/18 4:38 PM, Henrik K wrote:
On Sun, Oct 21, 2018 at 04:28:58PM +0200, Axb wrote:
On 10/21/18 4:21 PM, Henrik K wrote:
On Sun, Oct 21, 2018 at 04:07:40PM +0200, Axb wrote:
On 10/21/18 1:25 PM, Jari Fredriksson wrote:
./btcabuse.pl >btcabuse.cf.tmp && mv -f btcabuse.cf.tmp
On 10/21/18 4:21 PM, Henrik K wrote:
On Sun, Oct 21, 2018 at 04:07:40PM +0200, Axb wrote:
On 10/21/18 1:25 PM, Jari Fredriksson wrote:
./btcabuse.pl >btcabuse.cf.tmp && mv -f btcabuse.cf.tmp btcabuse.cf
would be nice to have it write \b to the cf
as in
body B
On 10/21/18 4:07 PM, Axb wrote:
On 10/21/18 1:25 PM, Jari Fredriksson wrote:
./btcabuse.pl >btcabuse.cf.tmp && mv -f btcabuse.cf.tmp btcabuse.cf
would be nice to have it write \b to the cf
as in
body BTC_16LU6SWU /16LU6SwUDdLsAy7XXHSMg7BRbA1kfDoBnZ/
body B
On 10/21/18 1:25 PM, Jari Fredriksson wrote:
./btcabuse.pl >btcabuse.cf.tmp && mv -f btcabuse.cf.tmp btcabuse.cf
would be nice to have it write \b to the cf
as in
body BTC_16LU6SWU /16LU6SwUDdLsAy7XXHSMg7BRbA1kfDoBnZ/
body BTC_16LU6SWU /\b16LU6SwUDdLsAy7XXHSMg7BRbA1kfDoBnZ\b/
On 9/15/18 3:44 AM, Alex wrote:
On Fri, Sep 14, 2018 at 4:24 PM Daniel J. Luke wrote:
On Sep 14, 2018, at 3:26 PM, Kevin A. McGrail wrote:
On 9/14/2018 3:22 PM, Alex wrote:
I wish it were that easy. /etc/resolv.conf is set up to use 127.0.0.1,
which is bind configured as a my local caching
I'm not a spamass-milter but google helps
you are using -m switch with spamass-milter which as per docs: "Disables
modification of the 'Subject:' and 'Content-Type:' headers and message
body."
more details from spamass-milter man page
On 09/09/2018 03:34 PM, thatvolvonut wrote:
On 08/19/2018 06:56 PM, Alex wrote:
Hi,
Can someone help me understand what file types these odttf files are,
and how to read/process them from the command-line in Linux? They
don't appear to be ODT/opendoc files...
Google has all the info
On 08/07/2018 08:09 PM, Alex wrote:
Hi,
Anyone have ideas for viewing inside of an XPS file or otherwise
blocking phish attempts with xps attachments?
https://pastebin.com/KtMnNPAg
Still not detected by virus scanners and passing through Mimecast.
On 07/17/2018 08:29 PM, Kevin A. McGrail wrote:
I'll defer that question to Alex Broens. He can do it more justice than I
ever could. AXB?
--
Kevin A. McGrail
VP Fundraising, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail
On 05/31/2018 06:36 PM, Pedro David Marco wrote:
>On Thursday, May 31, 2018, 6:24:06 PM GMT+2, Reindl Harald
wrote:
>>Am 31.05.2018 um 18:17 schrieb Pedro David Marco:
No not discard they are botnet commands!!>
and why yould you not want do discard / reject them then?
WTF!
:-DD of
On 05/30/2018 02:35 PM, Rupert Gallagher wrote:
What happens when your coitus with Spamhaus is interrupted by a man
in the middle? I mean someone that either cuts your link or plays the
role of your partner while delivering poisoned answers? Good luck...
doesn't happen. I only use lists which
, 2018 at 06:06, Axb wrote:
On 05/30/2018 12:50 AM, Rupert Gallagher wrote: > We spent months herding those
free-range animals... Catching them is tedious, because there is no standard that binds ISPs
to just prefix all such domains with "dyn-". which is why it's so efficient to
On 05/30/2018 12:50 AM, Rupert Gallagher wrote:
We spent months herding those free-range animals... Catching them is tedious, because
there is no standard that binds ISPs to just prefix all such domains with
"dyn-".
which is why it's so efficient to use Spamhaus' PBL (included in Zen)
On 05/27/2018 09:50 AM, Palvelin Postmaster wrote:
Can anyone offer suggestions as to why I get these invalid argument warnings
when I run spamassassin —lint —debug:
warn: plugin: eval failed: bayes: Redis failed: Error: Invalid argument at
or relevant in any way.
X-CTCH-* headers are added by Commtouch / Cyren
Google will probably help you further..
Axb
AppRiver Acquires Roaring Penguin
https://globenewswire.com/news-release/2018/03/26/1453063/0/en/AppRiver-Acquires-Roaring-Penguin.html
On 03/17/2018 06:34 PM, Alex wrote:
Hi,
On Sat, Mar 17, 2018 at 12:25 AM, Benny Pedersen wrote:
Alex skrev den 2018-03-17 02:28:
https://pastebin.com/CEuFfb7K
is this pdf sendt to virustotal.com ?
does it survice clamav testing ?
It appears it's not widely recognized by
On 03/13/2018 07:13 PM, Olivier Coutu wrote:
In the last few months, we have seen an increase of generic emails (e.g.
regarding unpaid invoices) being sent with links to infected legitimate
websites hosting malware. This malware often comes in the form of docs
with macros e.g.
On 03/02/2018 12:54 PM, Daniele Duca wrote:
Hello list,
apologies if this is not directly SA related. "Lately" I've started to
notice that some (not saying names) VPS providers, when offering v6
connectivity, sometimes tends to not follow the best practice of giving
a /64 to their customer,
On 02/25/2018 05:13 PM, Peter Thomassen wrote:
Reminder: My question was not "how to run DNS efficiently" or "how does
SpamAssassin run DNS queries", my question was "how can I influence the
order of tests".
You will have to hack the priorities in the plugins & rules.
This is definitely not
On 02/23/2018 03:26 PM, shridhar shetty wrote:
Hello,
In our infra we use spamassassin to scan our **outgoing** mails too. This
is to prevent spammers using our infra to send mails and get our IP's
blacklisted. We perform various DNSBL tests on the mail body.
One of our IPs got listed in
On 02/23/2018 04:33 PM, David Jones wrote:
On 02/23/2018 08:26 AM, shridhar shetty wrote:
Hello,
In our infra we use spamassassin to scan our **outgoing** mails too.
This is to prevent spammers using our infra to send mails and get our
IP's blacklisted. We perform various DNSBL tests on the
oooppps - missing a backslash
mimeheader AXB_CTYPE_SPELLHERO Content-Type =~ /\bapplictaion\/pdf\b/
On 02/19/2018 05:24 PM, Axb wrote:
catch today's PDF pillz spam
mimeheader AXB_CTYPE_SPELLHERO Content-Type =~ /bapplictaion\/pdf\b/
the typo is the trait ;)
enjoy while it lasts
catch today's PDF pillz spam
mimeheader AXB_CTYPE_SPELLHERO Content-Type =~ /bapplictaion\/pdf\b/
the typo is the trait ;)
enjoy while it lasts
Where I sit this is done by feeding spamtraps to Bayes.
No need to name it something fancy.
It's been working for over a decade and will keep on feeding my 30GB
Bayes/Redis DB.
On 01/26/2018 08:49 PM, Ted Mittelstaedt wrote:
Hi All,
OK I've been doing some sociological analysis of the spam
1 - 100 of 1219 matches
Mail list logo