Matthias:
2008/8/22 Matthias Häker [EMAIL PROTECTED]:
Hi
i found
Wed Aug 20 19:10:54 2008 [81756] warn: rules: failed to run BAYES_99 test,
skipping:
Wed Aug 20 19:10:54 2008 [81756] warn: (Out of memory during ridiculously
large request at
2008/8/15 John Hardin [EMAIL PROTECTED]:
From a Slashdot thread about somebody suddenly seeing no spam on their mail
feed and wondering why:
A group of the original SpamAssassin developers got together
with a group of mercenaries and created SpammerAssassin. It's
in alpha, and looks good
Hello, list. I've been wondering how to stop traffic from certain
hosts which only seem to distribute spam. I'm tired of reporting the
emails to their ISP, Spamcop, etc. Since the servers are identically
configured (they seem to be virtual machines fired up/cloned from the
same template), and have
2008/5/20 mouss [EMAIL PROTECTED]:
Matt Kettler wrote:
Luis Hernán Otegui wrote:
Hello, list. I've been wondering how to stop traffic from certain
hosts which only seem to distribute spam. I'm tired of reporting the
emails to their ISP, Spamcop, etc. Since the servers are identically
Mark:
2008/5/18 Marc Perkel [EMAIL PROTECTED]:
Just looking for some my.cnf example files for SA.
Server has 4 gigs of ram, dual core CPU. What do I want in my my.cnf file?
Thanks in advance.
Could you AT LEAST post this kind of questions as OFF TOPIC??? Or
maybe to the right list? (Mysql,
Hi, Eric
2008/5/13 Erik Dasque [EMAIL PROTECTED]:
I checked the debug result of my a --lint and got:
[EMAIL PROTECTED]:~$ spamassassin 21 -D --lint | grep ounce
[13492] dbg: plugin: loading Mail::SpamAssassin::Plugin::VBounce from @INC
[13492] dbg: config: fixed relative path:
Karsten:
2008/5/13 Karsten Bräckelmann [EMAIL PROTECTED]:
Yup. Did you whitelist your servers? If you don't do it, SA doesn't
know how to tell a legit bounce from UBE-generated bounces.
You should have something like
whitelist_bounce_relays my.server.name other.server.name
in
Hi
2008/5/7 pingu22 [EMAIL PROTECTED]:
Hi,
what I want to do is:
If score = 5 = 15 change subject to ***SPAM***
If score = 15 change subject to HIGH_SPAM***
with procmail I can control the score level and p.e. put the mail in a
different folder.
The question here is how do
Hi, Jarek
2008/4/15, Jarek [EMAIL PROTECTED]:
Hi all!
I've a problem with mass of DSN messages, which are replays to spam
sent by spammers with my address.
How can I create rule to tag DSN as spam, if it is not the answer to
messsage send from my IPs ?
Boy, backscatter
2008/4/9, John Hardin [EMAIL PROTECTED]:
On Wed, 9 Apr 2008, mouss wrote:
Thanks for confirming that spf doesn't fix the problem.
There's no silver bullet. SPF will tend to reduce the problem.
Would't DKIM help also? I've implemented both methods, and encouraged
my colleagues to do it
Hi, everybody (but specially developers). I've been running a sitewide
Bayes setup for almost three years, with a wonderful result. Along
with that, I report spam messages to my local spamassassin setup (and
some to spamcop) via a web interface (embedded in our Webmail).
From the last training
Sn!iper quite a nick!:
2008/3/25, Matt Kettler [EMAIL PROTECTED]:
Sn!per wrote:
You should be able to just do something like this:
27 * * * * /usr/bin/sa-update /etc/init.d/spamd restart
Will that also update sought and openprotect when new rules are made
available?
$exitcodeC -ge 4 ]
then
echo Spamassassin update exited with error code of $exitcode
exit
fi
#--eof--
2008/3/25, Luis Hernán Otegui [EMAIL PROTECTED]:
Sn!iper quite a nick!:
2008/3/25, Matt Kettler [EMAIL PROTECTED]:
Sn!per wrote:
You should be able to just do something like
Hi,
2008/3/25, AM ImpacT [W. Kranenborg] [EMAIL PROTECTED]:
Hi,
We also have this problem at our company. It would be nice if there is a
rule for this spam.
Could you please post a full message to some place accessible to
everybody? (e.g., pastebin).
Regards,
Wessel Kranenborg
AM
OK, Mouss
2008/3/18, mouss [EMAIL PROTECTED]:
Loren Wilton wrote:
Hi, I'm kinda getting tired of reporting these mails (both to my local
SA and to SpamCop), and so are my customers. My problem is that the
spammers are using a large ISP's mail server, and that particular ISP
(as all
Hi, I'm kinda getting tired of reporting these mails (both to my local
SA and to SpamCop), and so are my customers. My problem is that the
spammers are using a large ISP's mail server, and that particular ISP
(as all the others here in Argentina) don't bother checking the abuse
reports. What
Hi, Matthias
2008/3/18, Matthias Haegele [EMAIL PROTECTED]:
Luis Hernán Otegui schrieb:
Hi, I'm kinda getting tired of reporting these mails (both to my local
SA and to SpamCop), and so are my customers. My problem is that the
spammers are using a large ISP's mail server
Hi, Matthias
2008/3/1, Matthias Schmidt [EMAIL PROTECTED]:
Am/On Fri, 29 Feb 2008 15:23:28 -0300 schrieb/wrote Diego Pomatta:
Matthias Schmidt escribió:
Hello,
my mac os x leopard (10.5.2 with updated amavis-new and spamassassin)
runs a script, which calls sa-learn with sudo and
Well, same here, from Argentina
2008/2/29, DAve [EMAIL PROTECTED]:
User for SpamAssassin Mail List wrote:
I have the same problem here:
traceroute to www.rulesemporium.com (72.52.4.74), 30 hops max, 38 byte
packets
1 roxanne.pcez.com (209.102.124.1) 0.179 ms 0.146 ms 0.143 ms
Hi, tarak
2008/2/26, Tarak Ranjan [EMAIL PROTECTED]:
Hi List,
i have posted my RAW email in http://pastebin.ca/918849 ,
i'm receiving 1000 to 4000 per day this king of mesages.
SA also skipping this kind of mails
/
Well, I get a beautiful BAYES_99 on the mail you've shown. You
Hi, Scott, I'll give you my two cents here
2008/2/20, [EMAIL PROTECTED]
[EMAIL PROTECTED]:
Hi John,
Looks like yo replied directly to me. I couldn't find your reply on the
list yet?
At any rate...
The Bayes DB has been learned and in effect for a long time - years before
my time.
No
HI, Rocco
2008/2/21, Rocco Scappatura [EMAIL PROTECTED]:
Anyway I heard talking about URIBL, which as I have understod is a
quite different service (it blacklists 'domains' rather
'IPs'). But is
it maybe a dangerous practice to fight spam? Anyway, does anyone
suggest me to use
Hola, Diego
2008/2/21, Diego Pomatta [EMAIL PROTECTED]:
Hello list.
Does the bayes system use a separate db for the autolearn mode?
Today I noticed that my SA bayes has 50 spam and 45 ham mails learned,
when I thought the db had a lot more, because bayes IS being used.
# sa-learn
2008/2/17, comparity [EMAIL PROTECTED]:
I have found that in the last few months a lot of mail has been coming
through. I believe that the bayes filter isn't working. None of the caught
messages include a bayes score.
I have dutifully put all of my uncaught spam into a folder for the
Hi
2008/1/11, Bret Miller [EMAIL PROTECTED]:
New upgrade is running GREAT here :)
Running fine here on Windows Server 2003 with CommuniGate Pro. :)
Well, scan times went DOWN a LOT!!! According to Amavis-Logwatch:
Hi, Ram,
2008/1/4, ram [EMAIL PROTECTED]:
https://ecm.netcore.co.in/tmp/dinner.eml.txt
The scam works like this:
They send you a mail asking wether you accept credit cards at your
hotel
They get you to confirm you will accept credit card for payment. Once
you agree they ask you to bill
Merlin:
I have a couple of -very- old Postfix 2.1.5 mail servers up and
running with DKIM signing support. How did I achieve that? by means of
Amavisd-new and DKIM-Proxy. Basically, I route every mail originated
at my server (e.g, via webmail, OR TLS-authenticated users) to a
different Amavis
Hi, Rob,
2007/10/19, Rob Sterenborg [EMAIL PROTECTED]:
Luis Hernán Otegui wrote:
Anyway, the Faculty I work for tries to keep the e-mail system only
for research purposes, and mostly students and (sadly) technicians
tend to goof around with mail. Bandwidth isn't cheap here, so
Well,
2007/10/18, ram [EMAIL PROTECTED]:
On Thu, 2007-10-18 at 09:51 +0200, Yet Another Ninja wrote:
coming to your inbox: mp3 stock spams
Atleast 70% of email users dont have their speakers on, the spammer has
got his basics wrong
We block .avi, .mp3, .mpg, etc. here, because we think
Hi, Chuck
2007/10/18, Chuck Campbell [EMAIL PROTECTED]:
I'm sure this is a FAQ, but I didn't find it on the web page FAQ section.
Is there a how to for upgrading from 2.63 to present release (3.2.3)?
If not, please, some pointers on what to read to make this as painless as
possible.
As
Hi, Per
2007/10/18, Per Jessen [EMAIL PROTECTED]:
Luis Hernán Otegui wrote:
We block .avi, .mp3, .mpg, etc. here, because we think it's a waste of
bandwith to share those extensions via email,
Voicemail (from a mobile for instance) is quite often sent in .wav
or .mp3 format, so we don't
Hi, everybody, sa-compile was running allright in my systems, and the
saturday it began to spit out this output (from sa-compile -D):
cd /tmp/.spamassassin28680clJUyOtmp
cd Mail-SpamAssassin-CompiledRegexps-body_0
Wide character in print at /usr/local/bin/sa-compile line 379, $fh line 4428.
re2c
Hi, list. In the past few months, I've seen an increasing rate of
mails coming from many servers hosted here in Argentina, with valid
domains, and Linux architecture (at least, that's what p0f is
reporting), thus they get -1'ed at scoring.
Digging around I've found many of these companies offering
2007/9/25, John D. Hardin [EMAIL PROTECTED]:
On Tue, 25 Sep 2007, Luis Hernán Otegui wrote:
I want to know how to report them to a RBL server (currently I report
them via SpamCop, Razor and DCC, besides I'm blacklisting them at
local.cf), but I think it would be good for the rest of us
Raquel,
2007/9/24, Raquel [EMAIL PROTECTED]:
On a new server I'm running Debian Etch, Sendmail and SpamAssassin,
hosting email for a few accounts. I'm contemplating converting my
SpamAssassin to using MySQL. Is there a HOWTO somewhere which
would be good to follow?
--
Raquel
Hi, feral
2007/9/24, feral [EMAIL PROTECTED]:
Sorry if this is a well-known issue... first I have encountered it.
I am using SA 3.1.9 installed on a CentOS Linux system.
One of my clients just noticed a huge spike in spam getting
through, even though SA is turned on for his email account
2007/9/21, Richard Smits [EMAIL PROTECTED]:
Hi,
In a spammail I found this rule :
RCVD_IN_DNSWL_MED=-4
The DNSWL check went stock over sa-update some time ago. However, it
might happen that some spam could get passed through a server with a
good reputation (or a medium one, lithe the header
2007/9/13, Skip [EMAIL PROTECTED]:
This is probably going to be a stupid question, but how do I go about
implementing patches like this? Should this file be copied in place of the
file located here?:
/usr/lib/perl5/site_perl/5.8.0/Mail/SpamAssassin/
- Skip
ASQ (another stupid question):
2007/9/12, Marc Perkel [EMAIL PROTECTED]:
I just added you to my blackhole list.
So, You've just added Gmail to it. A Wise one, eh?
--
-
GNU-GPL: May The Source Be With You...
Linux Registered User #448382.
When I grow up, I wanna be like
2007/9/12, Jon Trulson [EMAIL PROTECTED]:
On Wed, 12 Sep 2007, Jason Bertoch wrote:
On Tuesday, September 11, 2007 7:07 PM Marc Perkel wrote:
The details are a little to complex for this forum ...
OK - had quite a few trolls here who seem to be hostile to my
breakthroughs so I wasn't
Hi, Jean Paul, check this site:
http://www.robtex.com/rbl.html
It does multi RBL checks, saved my butt a few times ;)
Peace,
Luis
2007/8/28, Jean-Paul Natola [EMAIL PROTECTED]:
Hi all,
I saw that my server wound up on http://spamcop.net/bl.shtml so I had my
server removed- however , I
2007/8/27, Marc Perkel [EMAIL PROTECTED]:
Meng Weng Wong wrote:
On Aug 27, 2007, at 11:39 AM, Kelson wrote:
Jason Bertoch wrote:
Is it wise to blacklist both, or is this yet another case where SPF
has failed
to meet projections?
It's a case where the spammer has just handed you
2007/8/27, Marc Perkel [EMAIL PROTECTED]:
Luis Hernán Otegui wrote:
2007/8/27, Marc Perkel [EMAIL PROTECTED]:
Meng Weng Wong wrote:
On Aug 27, 2007, at 11:39 AM, Kelson wrote:
Jason Bertoch wrote:
Is it wise to blacklist both, or is this yet another case where SPF
has
2007/8/27, Marc Perkel [EMAIL PROTECTED]:
http://homepages.tesco.net/J.deBoynePollard/FGA/smtp-spf-is-harmful.html
SPF is harmful. Adopt it. You've come to this page because you've said
something similar to the following:
SPF (sender permitted from a.k.a. sender policy framework) is a
It could be good if you provide us with some details about your
installation (OS, method of installation at least).
If you want to go the old compile way, backup your /etc/spamassassin
(or /etc/mail/spamassassin/), and then:
#wget last-version-of-spamassassin.tar.gz
#tar xzvf
Funny how the closed-source companies need to base their marketing
policies on FUD, or even worse, user-defined indexes. If I'm allowed
to non-literally quote Homer Simpson here:
Ah, Kent, everything can be proven these days with statistics. 60% of
the people knows it...
I used to work as
2007/7/12, Meng Weng Wong [EMAIL PROTECTED]:
On Jul 12, 2007, at 9:15 AM, Marc Perkel wrote:
Need a rule written to take advantage of this trick and this could
be a major breakthrough in white listing.
Here's what it needs to do:
1) Take the IP of the connecting host and do an RDNS lookup
Hi,
2007/7/3, [EMAIL PROTECTED] [EMAIL PROTECTED]:
We are trying to upgrade from 3.1.0 on SLES9 using spamd. I have viewed
the install notes and downloaded the zip. Extracted and CD'd to that new
SA dir. Followed these install instructions:
[unzip/untar the archive]
cd
thought SA uses both directories and includes 2 sets of rules.
Since it uses only 1 directory, it puzzles me where these duplicates are
coming from. Does anybody know?
Thank you
Irina
===
- Original Message -
From: Luis Hernán Otegui [EMAIL PROTECTED]
To: Irina
Irina:
This is normal. Stock distribution rules are installed in
/usr/local/share/spamassassin when you install SA. But as new rules
are updated via SARE, they get downloaded to
/var/lib/spamassassin/3.002001/updates_spamassassin_org/. Notice the
version dependent subdir. After sa-update, SA will
OK, here we go me and my big mouth... No, really, thanks for the
explanations, Bowie and Theo...
Luix
2007/6/29, Theo Van Dinter [EMAIL PROTECTED]:
On Fri, Jun 29, 2007 at 01:14:03PM -0300, Luis Hernán Otegui wrote:
This is normal. Stock distribution rules are installed in
/usr/local/share
Hi, list, several of my users are beggining to use the SASL method to
send mails trhough the server. The point is that the messages from one
of these users are getting tagged as spam (the lil' bastard uses
Incredimail, so a bunch of another stuff regardind this crappy piece
of software gets his
Hi, list, I've recently added the feature of SMTP Auth to my MTA
(Postfix running on Debian Sarge), and when any user tries to send a
mail trhoug the server, it hits SPF_FAIL (which, on the other hand,
seems natural, since one of the relays sits outside of the
mynetworks directive of Postfix. Is
has the exact reverse score of SPF_FAIL. I think it would be
more elegant to zero that rule in this particula case. But I don't
know how to do it...
Thanks
Luis
2007/6/13, Daryl C. W. O'Shea [EMAIL PROTECTED]:
Luis Hernán Otegui wrote:
Hi, list, several of my users are beggining to use
OK, got the picture. Guess I'll go for the upgrade of postfix.
Thanks again,
Luis
2007/6/13, Daryl C. W. O'Shea [EMAIL PROTECTED]:
Luis Hernán Otegui wrote:
OK, Daryl, got the point. Made a rule to match my Postfix-2.2 auth
headers. Now, a question: how do I assign a score of zero
Well, I dint't have rbl_timeout set, but after your mail, I did. The
DNSs I have set in resolv.conf are mine, they both cache and work as
internal and external resolvers. But the UNLP NOC got screwed in the
last days, so setting the timeout a little higher wont't hurt. Thanks
for the suggestion.
Hi, Raymond, I don't have any URIBL rules firing up (SA 3.2.0 from
source here, most of the other relevant info is in the header of the
mail I sent before to test). Where did you get them?
Thanks,
Luis
2007/6/8, Raymond Dijkxhoorn [EMAIL PROTECTED]:
Hi!
They aren't scoring very much
. O'Shea [EMAIL PROTECTED]:
Luis Hernán Otegui wrote:
Hi, Raymond, I don't have any URIBL rules firing up (SA 3.2.0 from
source here, most of the other relevant info is in the header of the
mail I sent before to test). Where did you get them?
Run sa-update to get URIBL_BLACK and URIBL_GREY.
Daryl
updates.spamassassin.org you've
got a working set of rules for URIBL_BLACK and URIBL_GREY. It turns out
that they didn't hit for Raymond either, so you won't see them in this case.
Daryl
Luis Hernán Otegui wrote:
Well, right now I'm running these commands to get updates:
sa-update --gpgkey GPGKEY --channel
at 18:46 -0300, Luis Hernán Otegui wrote:
OK, i?ve been googlin' around, and it seems like an issue between
Amavis (or MailScanner, for waht I've found) and some unsupported
versions of Net::DNS, because when I run the message through SA by
itself, this comes out:
Whatever you manually fed SA
You're probably loading the plugin twice, one from your local.cf or a
v3**.pre file, and the other from the ImageInfo.cf. Take out one of
the LoadPlugin directives (preferably the one from local.cf or the
*.pre files), and everything will go fine.
Luix
2007/6/5, CHIME System Admin [EMAIL
Search through the archives, there was a patch to add it to SA.
Luix
2007/6/1, Martin Jürgens [EMAIL PROTECTED]:
Hi,
I am running Debian Etch, Exim4 and Spamassassin 3.1.7.
Now I am trying to find out how to make Spamassassin use Spamhaus Zen.
I am stuck.
Could anyone please tell me what I
Well, it isn't working here too. Came up since upgrade to 3.2.0.
Worked fine with 3.1.8...
Luis
2007/5/27, Henrik Krohns [EMAIL PROTECTED]:
On Sat, May 26, 2007 at 10:12:27AM +, Bob Mortimer wrote:
Hi,
I had Justin's VBounce ruleset working fine until I switched to 3.2.0 and I
seem to
You should start probably by checking file permissions on the dir awl
sits, and its parent...
Luix
2007/5/17, Daniel Aquino [EMAIL PROTECTED]:
I seem to see this message allot...
warn: auto-whitelist: open of auto-whitelist file failed: locker:
safe_lock: cannot create lockfile
Interesting approach by M$... offering an alerts service for PayPal,
which is supposed to be secure, and then using mailservers which don't
resolv to anything...
This came up today (the user deleted the mail, and then decided to
give me a call, so all I have are the mail logs):
May 16 11:48:15
How are you calling SA? procmail? Amavis? plugins? Which version are
you running? Most likely, the RBL checks are the reason for that
delays. Try setting
skip_rbl_checks 1
in the local.cf, then look over the statistics again. If scan times go
down, blame your nameserver...
Luix!
2007/5/15,
Yup, it's Amavis. What could be ahppening is that either the
no-quarantine threshold was too low, or the mails never got
quarantined because they never scored high enough.
Chech you Amavis config. For instance, I don't quarantine, just change
the subject of mails with scores between 5 and 8 and
Hi, list, I'm currently running zen.spamhaus.org and cbl.abuseat.org
as RBLs over Postfix, how can I disable them in SA? (I mean, if I'm
already blocking connections which got listed in those RBLs, why let
SA check them? I suppose it should lower scan times...)
Thanks,
Luix
--
0.0
Cheers,
Phil
--
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK
-Original Message-
From: Luis Hernán Otegui [mailto:[EMAIL PROTECTED]
Sent: 11 May 2007 14:33
To: users@spamassassin.apache.org
Subject: Disabling some DNS tests
Hi, list, I'm currently running
First, RTFM.
Second, Google.
Third, oh, well... You NEED to feed Bayes a significant amount of
data, so it knows what is spam and waht is ham, due to the fact that
the kind of spam and ham you receive is different from the ones I get
on my servers. Then it will start auto learning on that basis.
Have you trained the bayes database? Is this a fresh install? It needs
at least 200 spam and 200 ham messages to get it going. However, the
more ham and spam you can feed it, the better it will perform...
Luix
2007/5/11, Daniel Aquino [EMAIL PROTECTED]:
I setup Bayes and whitelist db paths in
Well, here, P4 HT 3.06 GHz, 2 GB RAM (just added 1GB, wanted to test
performance) Debian Sarge pretty standard, Perl 5.8.8 from Backports,
SA 3.2.0 from source, re2c 0.12.0 from source, a bunch of SARE and
openprotect rules, several plugins, sa-compile delivered this:
# time sa-compile
real
Hi, try Amavis Logwatch, by Mike Capella. It's working great here, and
you could run it from logwatch, or standalone:
http://www.mikecappella.com/logwatch
It's pretty straightforward to install and run, and it gives you lots
of info about Amavis performance, as well as antivirus antispam
Well, it all depends on how do you run SA (as a content filter,
through AMAVIS, via procmail, etc). Via AMAVIS you could use the log
parser which MrC wrote, which works like a charm here. It could work
as a control, since it tell you which rules hitted harder, which ones
didn't, etc. SA cannot
[EMAIL PROTECTED]:
-Messaggio originale-
Da: Luis Hernán Otegui [mailto:[EMAIL PROTECTED]
Well, it all depends on how do you run SA (as a content filter,
through AMAVIS, via procmail, etc). Via AMAVIS you could use the log
parser which MrC wrote, which works like a charm here. It could
Hi, list, I have a cron job running in order to learn from each user's
HAM and SPAM subdirs. Whenever it runs, it complains like this:
Subroutine FuzzyOcr::O_NONBLOCK redefined at
/usr/share/perl/5.8/Exporter.pm line 65.
at /usr/lib/perl/5.8/POSIX.pm line 19
Any hints on how to avoid this nag?
Yup. Maybe a little too early to jump to conclusions, but since we're
running SA 3.2.0 here (two days ), less spam has made through it. I
have some spam trap accounts set up, and since the upgrade, none of
them has got any messages! (their daily rate varied from 2 to 10
messages a day).
As for
Ditto. I'm running 5.8.4 in one machine, and 5.8.8-4 in another, and
happens in both of them...
2007/5/4, Graham Murray [EMAIL PROTECTED]:
Matt Kettler [EMAIL PROTECTED] writes:
This apparently is fixed in perl 5.8.8, but still happens in 5.8.6,
5.8.5, etc.
I see it in perl 5.8.8
--
Hi, list, I know this is one of those egg and chicken kind of questions,
but having now the possibility of checking the impact of various setups, I
was wondering if it is more convenient to let the MTA perform the RBL
checks, or disable them and let SA do this job.
Currently I am using
currently running on
saupdates.openproect.com. Any suggestions on this subject?
Thanks,
Luis
2007/4/25, Randy Smith [EMAIL PROTECTED]:
Luis Hernán Otegui wrote:
Hi, list, I know this is one of those egg and chicken kind of
questions, but having now the possibility of checking the impact
As I recall, this has been discussed earlier on the list. It seems like
spammers are fishing for valid addresses Not lately, but I have seen
this kind of spam a lot two months ago or so...
Luix
2007/4/24, Marc Perkel [EMAIL PROTECTED]:
I'm seeing a lot of one words spam. I'm guessing
The last one is the lowest scoring here, look at the results:
For the first mail:
Content analysis details: (13.2 points, 5.0 required)
pts rule name description
--
--
-0.0 SPF_HELO_PASS SPF: HELO
Chris, would you, by chance, share your modified scripts? I've been looking
for a tool to test the effectiveness of rules since a long time ago, and
your comment on the ability to test the effectiveness of RBLs has just
stunned me... BTW, I'm no Perl guru, or anything close to that...
Thanks,
Well, if you have Postfix and Amavis, I've tried amavis-stats (a little bit
old now, and frankly, never worked correctly on my Debian-based servers).
I'm currently using Mailgraph, from the Debian package. Works like a charm
almost out-of-the-box. Though it should be available as a package for
Hi, List, could somebody run these messages trhough SA and give me the
scores? On my servers they aren't scoring much, as you can see from the
headers added by SA. Any special rules to catch them?
Thanks,
Luis
--
-
GNU-GPL: May The Source Be
Thanks, these Stocks Du Jour rules have been created by you, aren't they? or
is there a script to create/download them?
Luis
2007/3/30, Bill Randle [EMAIL PROTECTED]:
On Fri, 2007-03-30 at 11:18 -0300, Luis Hernán Otegui wrote:
Hi, List, could somebody run these messages trhough SA and give
Well, let me see... 15 domains... 3000 users approx... oh, and two small
ones with 1 user each...
Luix
2007/3/24, Andy Figueroa [EMAIL PROTECTED]:
Gary V wrote:
I've been on this mail list only for a few months now, and am
wondering if I am the smallest guy here.
No, you're not.
Oh
Well, my two cents on this:
When I upgraded my servers (about half a year ago) and started using a
mysql-based Bayes DB, image spams began to drive me crazy. Seemed like there
was no way to stop them. But with a good purge of bayes, a rebuild, and the
addition of sa-update rules, it all began to
Well, I got it working (started a thread like this one month ago or so)
thanks to some other users contributions.
What I did (following someone elses instructions) was insert these lines in
local.cf:
code
bayes_ignore_header ReSent-Date
bayes_ignore_header ReSent-From
bayes_ignore_header
Hi, several of my users have mail lists (such as Yahoo ones, or some other,
at elsevier.com, or other scientific publications).
I've been searching the web, trying to find a way to whitelist the messages
from these lists. Could anyone point me some directions?
Thanks in advance,
Luis
--
OK, but the point is that I run SA trough AMaViS, so procmail recipes aren't
the answer. Thanks a lot, I suppose I should create some type of whitelist
in AMaViS to avoid SA.
Luis
2007/3/6, David Goldsmith [EMAIL PROTECTED]:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Luis Hernán Otegui
the forwarded one?
Thanks,
Luis
2007/3/2, Chris St. Pierre [EMAIL PROTECTED]:
On Fri, 2 Mar 2007, Luis Hernán Otegui wrote:
Hi, people, I am currently researching, trying to implement a way for my
POP3 users to train SA via message forwarding. I've read in the list
that
the messages should
Hi, people, I am currently researching, trying to implement a way for my
POP3 users to train SA via message forwarding. I've read in the list that
the messages should be forwarded as attachments. My question is how do you
make SA process them. I was thinking of creating two accounts (
[EMAIL
Hi, List, my users are getting increasing amounts of Mail Delivery
Subsystem mails, and I suspect spammers are using their addresses as
senders. I have my servers registered with SPF, but now I wonder how could I
stop this mails from getting to their accounts?
I've tried to explain to them that
OK, I'll give it a try. Thanks a lot
Luis
2007/2/20, Justin Mason [EMAIL PROTECTED]:
Jeff Chan writes:
On Tuesday 20 February 2007 06:08, Luis Hernán Otegui wrote:
Hi, List, my users are getting increasing amounts of Mail Delivery
Subsystem mails, and I suspect spammers are using
Hi, list. I have been under heavy stocks alerts spamming. Currently, my
setup goes like this:
-Debian Sarge
-Postfix 2.1.5-9 with VDA patch
-Amavisd-new 2.4.2
-SA 3.1.5
-ClamAV 0.84-2.sarge.1
-Mysql 4.0.24-10sarge
System was installed and is mantained via apt. I've recently added the
sa-update
OK, I'm using sa-update AND Rules Du Jour. However, I'm not sure about which
rulesets are te most convenient to download. Could somebody pass a config
file for RDJ?
Thanks again,
Luis
2006/12/26, Chris [EMAIL PROTECTED]:
On Tuesday 26 December 2006 9:04 am, Luis Hernán Otegui wrote:
Hi
Well, I've upgraded to SA 3.0.1 several of my servers, and since the
bugfixes seemed so promising, I decided to give it a try on the server
which had the memory issues (I've sent a couple of mails to the list a
month ago, or so).
Good news is spamd doesn't chew up the memory as fast as with 3.0.0.
I use ok_locales es en
On Sat, 9 Oct 2004 22:03:21 -0700 (PDT), Jerry Glomph Black
[EMAIL PROTECTED] wrote:
In the default /usr/share/spamassasin/10_misc.cf file, I have
ok_locales all
ok_languagesall
Nothing related in the personalized files in
In my setup this is not an option, because I run SA as a milter, via
spamass-milter. If every process has to die after the scan, it cannot
pass the results of the scan to Sendmail (at least, this is what
happened after I tried this option, so I kept on receiving messages
like this:
Oct 4
1 - 100 of 110 matches
Mail list logo
