Joey Davis wrote:
Greetings ...
I can not get spamassassin to work. I have seen this problem in some
newgroups but no definitive solution. Here is the information
OS Version: FC5
Sendmail: 8.13.7
Spamassassin: 3.1.3
Log entries:
Mar 19 17:28:32 obwat sendmail[29903]: l2JMSW21029903:
Joey Davis wrote:
It never creates the socket.
And you're expecting it to work? :)
Initially, the socket was set to reside in
/var/run/spamass.sock and then I saw one suggestion that said to change it
to /var/run/spamass-milter/spamass.sock. I made the change but still
received the unsafe
Sandeep Agarwal wrote:
On 3/7/07, Daryl C. W. O'Shea [EMAIL PROTECTED] wrote:
On 3/2/2007 2:50 AM, Sandeep Agarwal wrote:
any suggestions how to fix this or the reason for this.
It's probably being caused by bayes expiries. Disable auto expiry and
do the expiries via a cron job.
Daryl
Brian Wilson wrote:
Ok, I've got one; apparently from a gmail user to my gmail account, then
forwarded to an external account. The html links go to a blogspot.com
site, then redirect to some Pharmacy Express site.
Raw Message: http://bubba.org/spam/spam_lowscore.txt
Message renders like
Brian Wilson wrote:
On Wed, 14 Mar 2007, Daryl C. W. O'Shea wrote:
Brian Wilson wrote:
Ok, I've got one; apparently from a gmail user to my gmail account,
then forwarded to an external account. The html links go to a
blogspot.com site, then redirect to some Pharmacy Express site.
Raw
Michal Jeczalik wrote:
On Mon, 12 Mar 2007, Daryl C. W. O'Shea wrote:
after upgrading from 3.1.7 I have numerous problems with my spamd. It
hangs up during high load and become permamently unresponsive.
According to advices I have found on devel list, I'm using
--round-robin now and it hangs
gable wrote:
Yes! ... i now officially feel like a moron :-) ... yr right ... zabbix
makes a tcp connection to port 783 to check it's running ... switching
monitoring on and off ... switches the error on and off ... I'll look for
the spamd process instead as a monitoring means ... I guees the
Michal Jeczalik wrote:
On Mon, 12 Mar 2007, Daryl C. W. O'Shea wrote:
after upgrading from 3.1.7 I have numerous problems with my spamd. It
hangs up during high load and become permamently unresponsive.
According to advices I have found on devel list, I'm using
--round-robin now and it hangs
Cliff Stanford wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Justin Mason wrote:
Yes -- in SpamAssassin 3.2.0, it's picking up a more useful score:
0.509 in set 1 and 0.905 in set 3. (Not a huge score, but that's
where the GA set it... its optimal score, given FPs and other
rules it
On 3/2/2007 2:50 AM, Sandeep Agarwal wrote:
any suggestions how to fix this or the reason for this.
It's probably being caused by bayes expiries. Disable auto expiry and
do the expiries via a cron job.
Daryl
Chris wrote:
On Sunday 04 March 2007 11:54 pm, Theo Van Dinter wrote:
Anyway, reading the debug output... It appears that your installation is
very messed up. To start, get rid of the *.cf files in
/etc/mail/spamassassin which reference anything from sa-update. According
to the output
Doc Schneider wrote:
Mário Gamito wrote:
Don Ireland wrote:
Every email list I've ever subscribed to has had something in the
subject line (usually in square brackets) to identify 1) that it is a
mailing list and 2) what list it is.
Maybe, just maybe, you can filter through e-mail adresseses
Brian Wilson wrote:
On Mar 3, 2007, at 4:41 PM, Mário Gamito wrote:
Don Ireland wrote:
Every email list I've ever subscribed to has had something in the
subject line (usually in square brackets) to identify 1) that it is a
mailing list and 2) what list it is.
Maybe, just maybe, you can
Bart Schaefer wrote:
On 3/3/07, Don Ireland [EMAIL PROTECTED] wrote:
Every email list I've ever subscribed to has had something in the
subject line (usually in square brackets) to identify 1) that it is a
mailing list and 2) what list it is.
Why doesn't this list have something similar?
Ben Wylie wrote:
but then refuses to do any more, as it claims not to be able to trust
the X-Envelope-From header because it has been through my AV gateway:
[2408] dbg: spf: relayed through one or more trusted relays, cannot use
header-based Envelope-From, skipping
Similarly:
[2408] dbg:
On 2/27/2007 12:45 PM, Ben Wylie wrote:
Daryl C. W. O'Shea wrote:
Assuming you've got your trusted_networks (and possibly
internal_networks) setup, you just need to add
always_trust_envelope_sender 1 to your local.cf.
Thanks for the help.
It now gives me the error
[3952] dbg: spf: cannot
On 2/24/2007 6:30 PM, Michael Parker wrote:
Michael Monnerie wrote:
Either a) you have something goofed up there or b) something is
goofed in how we setup the INC path for plugins.
Something must have changed that breaks DBIPlugin, because at 3.1.7
I don't have that error.
Please file
On 2/25/2007 3:57 PM, Brian Wilson wrote:
On Feb 25, 2007, at 3:24 PM, John Fleming wrote:
Thanks for the QA! Now, is there any functional difference between
using sa-update in this way and using RDJ to get the SARE rules?
(I'm using RDJ right now, so what would I gain by changing to
On 2/25/2007 5:13 PM, John Fleming wrote:
The sa-update channels allow you to check for new rulesets more often
than once a day, so you can get newly released rulesets a little
faster. Of course the SARE rules aren't really updated that often so
this may not be a big advantage for you.
So
On 2/25/2007 5:31 PM, John Fleming wrote:
- Original Message - From: Daryl C. W. O'Shea
[EMAIL PROTECTED]
To: users@spamassassin.apache.org
Sent: Sunday, February 25, 2007 5:21 PM
Subject: Re: how to start using sa-update
On 2/25/2007 5:13 PM, John Fleming wrote:
The sa-update
John Fleming wrote:
I also see an occasional message header that includes
autolean=unavailable - It that what ends up in the messages where the
tie fails?? I don't get the intermittent nature of this.
Yes. Learning is slow. If two spamd children try to learn at the same
time only one
David B Funk wrote:
On Thu, 22 Feb 2007, Daryl C. W. O'Shea wrote:
John Fleming wrote:
I also see an occasional message header that includes
autolean=unavailable - It that what ends up in the messages where the
tie fails?? I don't get the intermittent nature of this.
Yes. Learning is slow
David B Funk wrote:
On Thu, 22 Feb 2007, Daryl C. W. O'Shea wrote:
David B Funk wrote:
On Thu, 22 Feb 2007, Daryl C. W. O'Shea wrote:
Yes. Learning is slow. If two spamd children try to learn at the same
time only one will get a lock to write to the database. The child who
doesn't get
R Lists06 wrote:
May I ask...
Whis is this thread named as such.
Does Google help fund SA efforts in one or multiple ways?
If so, may I ask how or directions to already posted docs on it?
If you, uh, Google for Google Summer of Code I'm sure you'll find all
you want to know.
Daryl
I thought you voted for letting Mail::DKIM spew whatever it wanted. :)
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5095#c3
Probably not a bad idea since it may encourage people to upgrade to
newer versions of Mail::DKIM that fix whatever is being spewed about.
Daryl
Justin Mason
snowcrash+spamassassin wrote:
since i certainly trust the project, and DOS' contributions, should i
simply mod my cron jobs to,
sa-update --allowplugins --channelfile .../DIST-channels.conf
sa-update --allowplugins --channelfile .../SARE-channels.conf
Nope. Neither include plugins,
Justin Mason wrote:
Daryl C. W. O'Shea writes:
I thought you voted for letting Mail::DKIM spew whatever it wanted. :)
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5095#c3
Probably not a bad idea since it may encourage people to upgrade to
newer versions of Mail::DKIM that fix
Stephen Carter wrote:
Hi guys,
I'm running SA 3.1.1 and have imported openprotect's gpg sig, but when I try to
run sa-update on this channel with the debug switch turned on I get the error:
dbg: dns: query failed: 1.1.3.saupdates.openprotect.com = NXDOMAIN
Is SA 3.1.1 still supported with
Stephen Carter wrote:
On Fri, 2007-02-09 at 17:49 -0500, Daryl C. W. O'Shea wrote:
Stephen Carter wrote:
Hi guys,
I'm running SA 3.1.1 and have imported openprotect's gpg sig, but when I try to
run sa-update on this channel with the debug switch turned on I get the error:
dbg: dns: query
FWIW, if you were to write the rules using the X-Spam-Relays-External
pseudo header (or X-Spam-Relays-Untrusted for older versions of SA) you
could write generic rules that work for everyone (or survive changes to
your mail topology).
Daryl
Dan Barker wrote:
John, it almost workedg.
The
John D. Hardin wrote:
On Thu, 8 Feb 2007, Daryl C. W. O'Shea wrote:
FWIW, if you were to write the rules using the
X-Spam-Relays-External pseudo header (or X-Spam-Relays-Untrusted
for older versions of SA) you could write generic rules that work
for everyone (or survive changes to your mail
Philip Seccombe wrote:
[9013] dbg: generic: SpamAssassin version 3.1.0
Upgrade SA to anything newer than 3.1.0.
John D. Hardin wrote:
On Thu, 8 Feb 2007, Daryl C. W. O'Shea wrote:
John D. Hardin wrote:
On Thu, 8 Feb 2007, Daryl C. W. O'Shea wrote:
FWIW, if you were to write the rules using the
X-Spam-Relays-External pseudo header (or X-Spam-Relays-Untrusted
for older versions of SA) you could write
John D. Hardin wrote:
On Thu, 8 Feb 2007, Daryl C. W. O'Shea wrote:
You could, of course, check the helo instead.
Isn't the HELO easily forged?
Yeah (that's why I suggested a rule using rdns), but that has nothing to
do with the documentation about the pseudo headers in question (which
Matthew Bickerton wrote:
Hi
If I run : sa-update -D
After a long pause I get (at the end of the debug trace):
...
[8551] dbg: channel: attempting channel updates.spamassassin.org
[8551] dbg: channel: update directory
/var/lib/spamassassin/3.001007/updates_spamassassin_org
[8551] dbg: channel:
z3r0 wrote:
Asked my hosting about the issue. The response was:
We do not allow clients to install custom SpamAssassin rules.
That's terrible. Why can't users decide what rules to use. I want a life
spam free...
Myself, I'd be afraid of a provider who did allow user rules. It's
trivial to
z3r0 wrote:
rules that would kill system performance
I suppoused rules were nice and good, no time-bombs.
I'm not sure what you're saying there.
So any chances for me or I must forget SA?
That, of course, is up to you. If you've got a shell account that you
can run whatever you want on,
[copying Theo... I'm not sure if --channel and --channelfile not being
compatible is intended]
Sharman Tiladu wrote:
--- Daryl C. W. O'Shea [EMAIL PROTECTED]
wrote:
Personally, I'd add updates.spamassassin.org to your
channel file. As
the SARE channel how-to says, you need to update
Dhaval Patel wrote:
I am running a Debian stable system and have perl 5.8.4 installed from the
Debian packages.
I had a problem with the Net::DNS module a while back and upgrade perl to 5.8.8
using
CPAN. This upgrade installed perl 5.8.8 as the default perl version system wide.
Unfortunately
Dhaval Patel wrote:
I figured that spamc would not use perl but I though it might use one of the
other
things that are written in perl. I have looked at the spamassassin package and
see the
following binaries
/usr/sbin/spamd
/usr/bin/sa-learn
/usr/bin/spamassassin
/usr/bin/sa-update
Are
Matt Kettler wrote:
But this assumes that your SA is called after the Return-Path header is
added, and not before. If you're using a milter, this won't work, but if
you're calling from procmail, it will.
Ideally a milter will fake a return-path header when it fakes the
required received
Sharman Tiladu wrote:
As root, I ran sa-update. Then I created the file
sare-sa-update-channels.txt that contain these lines:
70_sare_adult.cf.sare.sa-update.dostech.net
70_sare_bayes_poison_nxm.cf.sare.sa-update.dostech.net
70_sare_specific.cf.sare.sa-update.dostech.net
Tom wrote:
Hi there
I have a machine running Fedora Core 6 with Postfix and am attempting to
get the most recent Spamassassin running.
I check my /var/log/maillog and I keep seeing the error listed below
---Error--
config: cannot
My question... why **exactly** can't webmail line wrap messages? :)
Rob McEwen (PowerView Systems) wrote:
1st question:
Some of my incoming mesasges involve messages forwarded to my server via a rule
from accounts that some of my clients have on other ISPs mail servers. For such
incoming
David B Funk wrote:
On Fri, 26 Jan 2007, Daryl C. W. O'Shea wrote:
Some of my incoming mesasges involve messages forwarded to my server via a rule
from accounts that some of my clients have on other ISPs mail servers. For such
incoming messages, I have been creating a temporary copy
[back on list]
Brian C. Huffman wrote:
On Tue, 2007-01-23 at 16:55 -0500, Daryl C. W. O'Shea wrote:
Brian C. Huffman wrote:
Looking through /usr/sbin/amavisd, it appears that it *does not* add the
Received header if it is called via a milter (which it is). So, this wouldn't
seem
Brian C. Huffman wrote:
Daryl C. W. O'Shea wrote:
You are running the latest version of amavisd, correct? I know for
*sure* that a milter must fake a received header before passing the
message to SA and I'm 99.9% sure that it was amavisd that wasn't doing
this only a couple of months ago
Florent Gilain wrote:
Hi all,
It seems i have a problem with sa-update using my SARE rules channels ;
i followed the doc at URL :
http://daryl.dostech.ca/sa-update/sare/sare-sa-update-howto.txt and used
the rules from here : http://wiki.apache.org/spamassassin/SareChannels
Any idea
Rich Shepard wrote:
The quantity of spam for various varieties of quicker-dicker-upper pills
into my inbox has increased over the past couple of weeks. The filters in
/usr/share/spamassassin/20_drugs.cf don't seem to be up to full strength.
Are there newer rules (I'm running 3.1.7) to cover
Rich Shepard wrote:
On Wed, 24 Jan 2007, Daryl C. W. O'Shea wrote:
Use sa-update.
Thank you, Daryl. I guess that I'm up to date on those rules so I need to
tweak elsewhere.
I read in the man page that the default directory is
/var/lib/spamassassin/3.001007. That directory does not exist
Rich Shepard wrote:
On Wed, 24 Jan 2007, Daryl C. W. O'Shea wrote:
Have you actually run sa-update?
I just did so. Nothing was returned.
There's usually no output if you run it without the debug option -D. An
exit code is returned though.
I have no idea what rules you're copying
For the SARE rules you only need to use ONE of sa-update or
rules_du_jour. Either works fine. sa-update has the potential to get
you newer rules faster without any significant additional load on the
servers serving the channels.
Assuming you want to use sa-update for everything...
-
Brian C. Huffman wrote:
All,
I've searched but can not find the answer to this. I'm running RedHat
Enterprise Linux v4 with all latest updates and am using the
amavisd-milter to call amavisd-new (v2.4.4) which in turn is using spamd
(spamassassin v3.1.7). It appears that every single email
Brian C. Huffman wrote:
Looking through /usr/sbin/amavisd, it appears that it *does not* add the
Received header if it is called via a milter (which it is). So, this wouldn't
seem to be the issue.
New versions do. The old versions that don't are broken and have
greater issues (most DNSBL
Sherman Lilly wrote:
I have spam getting through that would get filtered if they were not
getting -100 because of the USER_IN_WHITELIST rule. I do have a whitelist but
no of these spam email have anything close to my whitelist.
Yes they do, otherwise you wouldn't see USER_IN_WHITELIST
Drew Burchett wrote:
Do you have some example headers?
This is a legitimate email, but it got flagged as USER_IN_WHITELIST
while CNN is not listed in my whitelist:
You didn't include the envelope from address in any of your examples.
Daryl
Rolf wrote:
Hello
Using sa-update successfully. I'd like however to be able to exclude
some of the rules it retrieves. Is there a configurable way to do
this? I suppose after it runs I could manually remove the fie of the
ruleset in question, but if the programme takes an option somehow,
Gary W. Smith wrote:
Mail::SpamAssassin:Client seems to work but is alpha. Any ideas on the
status of this?
I've been using it for a long time with no problems at all. The
check_spamd Nagios plugin (available in contrib/ in svn) uses it too.
Daryl
Jason Haar wrote:
Justin Mason wrote:
24F434CE is the active subkey of 5244EC45:
...
sounds like your sa-update key info got lost somehow?
Yeah. This is a CentOS-4 server I installed yesterday. Looks like
something went wrong with it.
The error message says:
Perhaps you need to import
Dan Barker wrote:
customercenter.net. How do I go about influencing someone to research the
corpus of names BofA might use, and update 70_SARD_spoof.cf to match?
Emailing the current maintainer, Fred, would probably be effective. His
address is in the seventh line of the file.
Failing
Marc Perkel wrote:
What do the letters IBK mean in the prefork child states line. SA seems
to be using more ram than usual and I'm trying to figure out why.
I Bought Kalua, or Idle Busy Killing, whichever you prefer.
Daryl
John Andersen wrote:
On Tuesday 09 January 2007 06:47, Jack Gostl wrote:
Now that you mention it, yes, it had a Geocities URL.
- Original Message -
From: John Andersen [EMAIL PROTECTED]
To: users@spamassassin.apache.org
Sent: Saturday, January 06, 2007 10:09 PM
Subject: Re: Dear
Daryl C. W. O'Shea wrote:
Can someone forward me a copy of the spam in question as an attachment?
Nevermind, I just found one. 16.4 on this particular one. My bayes
rules are scored a little higher than default and I've got a few
additional rules though:
* 0.0 DK_POLICY_SIGNSOME
John Andersen wrote:
On Thursday 11 January 2007 07:37, Daryl C. W. O'Shea wrote:
One more reason to permanently blacklist geocities in SURBL IMHO.
Small deployments could get away with it, but if you're a large ISP
you'd never here the end of the complaints about it. My WebRedirect
plugin
Roman Serbski wrote:
I played yesterday with trusted_networks settings. It looks like it
only accepts networks and not IPs? If I add the whole trusted
network as trusted_networks I can see that messages being marked with
-1.8 ALL_TRUSTED. But if I add IP only - it doesn't work.
Single IPs are
Rob Mangiafico wrote:
It's probably because I need sleep, but I'm confused on this scenario:
User emails from his/her dialup IP directly to trusted_networks server 1
(which is allowed by access not SMTPAUTH), which then goes to my server.
It seems this email gets flagged as DUL, PBL, etc...
Rob Mangiafico wrote:
On Mon, 8 Jan 2007, Daryl C. W. O'Shea wrote:
User emails from his/her dialup IP directly to trusted_networks server 1
(which is allowed by access not SMTPAUTH), which then goes to my server.
It seems this email gets flagged as DUL, PBL, etc...
user1 - trusted_networks
Justin Mason wrote:
Daryl C. W. O'Shea writes:
If you're
referring to jm's post, I think he just made those rules up as they're
not what we're publishing for 3.1.
It's the rules from SVN trunk.
Ah.
-lastexternal is exactly what they're asking for. In the case where the
client connects
John Rudd wrote:
Is there an SA function that will just return an array of Relays that
fit a given one of these criteria? Such as:
@relays = get_relays(options);
There are no accessors for it, you've got to access the arrays directly. :(
where options is a comma delimited string of
snowcrash+spamassassin wrote:
i'm asking what *specifically* needs to change, if anything, in SA ...
i'd prefer NOT to be blind about it.
Specifically, nothing. The updates already include it:
updates_spamassassin_org/20_dnsbl_tests.cf:header __RCVD_IN_ZEN
eval:check_rbl('zen',
snowcrash+spamassassin wrote:
In any case, why the fuss? You've had three SA developers tell you the
rules that are published are fine how they are.
wow.
what fuss ? i've been polite in my intent and in my asking. this
*is* the users list after all.
Nah, I'm probably just in a really
Rodney Richison wrote:
did you install Mail::DKIM?
I just now did, no luck.
DomainKeys requires Mail::DomainKeys, DKIM requires Mail::DKIM.
Daryl
Martin von Gagern wrote:
To look at it from a different angle, whether or not an X-Authenticated
header has any special meaning at all probably depends on the MTAs in
the chain, so special knowledge is needed to be sure. And with the same
kind of knowledge you'd know that mail.gmx.net is not
Martin von Gagern wrote:
Daryl C. W. O'Shea wrote:
So long as the problem relays are acting solely as MSAs and never MXes
for your mail this patch will solve your problem:
http://people.apache.org/~dos/sa-patches/msa_networks.3.1
This patch will solve my problems on receiving such mails from
Jan Doberstein wrote:
Please take a look at this header:
Received: by wp030.webpack.hosteurope.de running Exim 4.43 using esmtp
from mi012.mc1.hosteurope.de ([80.237.138.243]);
id 1Gvsa8-0007VG-JW; Sun, 17 Dec 2006 10:45:20 +0100
Received: by mx0.webpack.hosteurope.de
Thomas Bolioli wrote:
You are speaking for me... This became a very relevant topic when the
spf tests were packaged with SA by default. As someone who is having a
major issue with spf, it is very important that those making these
decisions here about the issues that most are having with SPF.
Robert Swan wrote:
Let's say I wanted to score everything but the US. Do I have to write
rule for every country or is there an easier way?
Despite me thinking that that is a horrible idea, probably because you
wouldn't get this message if my primary out-mx is down, you could just
use a meta
Martin von Gagern wrote:
Hello!
I've been using SpamAssassin here for some time now, and haven't done
much configuration. Procmail calls spamassassin on my Gentoo Linux box,
configured without bayes but with network checks.
Configure your trusted_networks.
Marc Perkel wrote:
Justin Mason wrote:
Marc --
Please pay attention to what Matt wrote yesterday. Repeat: SPF is *NOT*
for catching spam. It works great at what we use it for in SpamAssassin
-- as an authentication mechanism, to detect legit ham and whitelist it.
This is what you use
Marc Perkel wrote:
OK Daryl,
How do you deal with people forwarding email from another domain when
using SPF?
Marc, please stop for a moment and make sure you have a clear picture of
what you're trying to achieve by this debate which is really close to
turning into a big flame war. If you
Marc Perkel wrote:
I'm not the one who started this discussion. I did change the subject
line when the pro SPF lobby entered my other thread and moved it off the
topic I was talking about.
Right, I forgot. Your original topic was about securing consumer
networks, something that is way off
Marc Perkel wrote:
Daryl C. W. O'Shea wrote:
Marc Perkel wrote:
So - if you use it for whitelisting - how do you distinguish a good
sender using SPF and a spammer using SPF? Wouldn't you be
whitelisting spam?
A good sender is someone or an organization I know I want to receive
mail from
Robert LeBlanc wrote:
Connections arriving on port 25 can be assumed to come from
servers with MX records, so that becomes a testable assumption and a
precondition for connection.
Since when? If I rejected mail on that condition I would never have
received your message.
Daryl
James Davis wrote:
I'm using Debian's 3.0.3-2sarge1 spam assassin package and I'm
attempting to use sa-learn to train the bayesian filter. I've built up a
corpus of spam in an IMAP/mbox folder using Thunderbird. The folder has
approximately 500 messages.
Something appears to be going wrong
Robert LeBlanc wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Daryl C. W. O'Shea wrote:
Robert LeBlanc wrote:
Connections arriving on port 25 can be assumed to come from
servers with MX records, so that becomes a testable assumption and a
precondition for connection.
Since when? If I
David Morton wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I've been getting an occasional efax spam that registers -212... I'm
using SA 3.1.7 and SARE rules from openprotect:
- -15.000 USER_IN_DEF_WHITELIST From: address is in the default
white-list
- -100.000
Bret Miller wrote:
I should probably submit this to bz, but I thought I'd ask here first in
case it's obvious... Why is SFP_PASS not firing on this?
Run the message through spamassassin -Dspf and find out.
Daryl
Alan Munday wrote:
Daryl C. W. O'Shea wrote the following on 06/12/2006 17:31:
Is a migration document really necessary? Stop using the rule files
you got via RDJ that you now want to get with sa-update. Start using
sa-update for those rule files. Have some lunch.
Agreed - I do like
Jim Maul wrote:
oh? Care to explain how spamd would call spamassassin? That would be a
neat trick ;)
Neat, but really simple with the plugin interface. :)
Duncan Findlay wrote:
Anyways... maybe I should get back to doing something useful like
studying for tomorrow's exam...
Boo exams... road trip! I hear the 401 is fun at this time of year. ;)
Alan Munday wrote:
Daryl C. W. O'Shea wrote the following on 06/12/2006 00:31:
Advantage over sa-update? Other than the issue with 3.1.6 (only),
there shouldn't be any issues with how sa-update lints rules.
This is not obvious as there is no mention of linting in the docs
http
Matthias Leisi wrote:
For certain kinds of spam, it would be advantageous to have a highly
dynamic set of rules (eg stock spams). The usual methods (à la sa-update)
are usually slow - slow as in once or twice a day; however I think it
would make sense to have them fast - fast as in continuously
René Berber wrote:
Daryl C. W. O'Shea wrote:
René Berber wrote:
I read all the page before asking, and I understand that it follows the trust
path page. The fact is SA is not detecting the authentication, and there is
nothing in that page that gives a clue as to why, it just mentions
René Berber wrote:
Daryl C. W. O'Shea wrote:
[snip]
Sendmail should be putting a (authenticated bits=0) line in its
Received header when the user authenticates. SA will automatically use
this to extend the trust path if the header above it is trusted.
Let's start by saying two things:
1
John Rudd wrote:
Though, CommuniGate Pro's authenticated received header looks like this:
from [$ipaddr] (acccount $account HELO $helostring) by $host
(CommuniGate Pro
So, you could match that with:
/^from \[\S+\] \(account [EMAIL PROTECTED] .*\) by \S+ \(CommuniGate Pro/
Cool, I don't
David B Funk wrote:
On Tue, 5 Dec 2006, Jo Rhett wrote:
In short, this may have been a deliberate choice to prevent a match on
hosts with forged helo names. It would make sense.
Jo you are mistaken. Sendmail adds the (may be forged) comment when
the client's IP rDNS and DNS don't match, it
John Rudd wrote:
Daryl C. W. O'Shea wrote:
John Rudd wrote:
Though, CommuniGate Pro's authenticated received header looks like this:
from [$ipaddr] (acccount $account HELO $helostring) by $host
(CommuniGate Pro
So, you could match that with:
/^from \[\S+\] \(account [EMAIL PROTECTED
John Rudd wrote:
Daryl C. W. O'Shea wrote:
Could you provide me with some sample headers so that I can add these?
I can't add them without regression tests.
SMTP-AUTH:
Received: from [128.114.2.223] (account [EMAIL PROTECTED] HELO
[128.114.2.223])
by silver.ucsc.edu (CommuniGate Pro
Mark Martinec wrote:
Not sure if the following one is relevant, but it just fell into my hands:
Received: from 10.235.209.117
(SquirrelMail authenticated user sername)
by xxx.ijs.si with HTTP;
Tue, 5 Dec 2006 15:31:13 +0100 (CET)
Thanks Mark. Anything with a with
Jo Rhett wrote:
While you are fixing bugs related to authentication, any chance you'll
fix the SPF plugin to skip checks on authenticated delivery? Or have an
option to enable this behavior?
Or do you want a patch from me? It'll take me a lot longer than you,
since I'll spend hours just
401 - 500 of 1074 matches
Mail list logo