Adam,
That example may have been overly simplistic, but I thought it conveyed
the idea. To see a real-world example, see KHOP_DNSBL_ADJ in
http://khopesh.com/sa/khop-bl/khop-bl.cf (though please use the actual
channel if you're going to use my rules, otherwise you won't get updates).
Btw,
Warren,
http://spameatingmonkey.com/usage.html
Are these URI rules really valid syntax? They don't look right, and
spamassassin lint rejects them.
rulesrc/sandbox/wtogami/20_unsafe.cf: 0 active rules, 5 other
lint: config: failed to parse line, skipping, in rules/70_sandbox.cf:
urirhssub
Rules are alright. What I can see is that build/mkrules intentionally
does not load plugins (except for the Plugin::Check), which means
the 'urirhssub' directive in your .cf file is not recognized.
Actually, the proper solution is probably just to enclose your
rules between:
ifplugin
On Thursday 08 October 2009 19:26:10 Shane Webster wrote:
I actually would be doing that but the filter does not know how to
handle int(), so I would have to build a filter for all possible number
combinations, but if I could just get SA to do the basic math for me and
write a header or
On Wednesday 30 September 2009 19:25:52 Charles Gregory wrote:
On Wed, 30 Sep 2009, Nauman Yousuf wrote:
Guys I am getting all my external domain emails tagged as SpamSpam
mail headers
X-Amavis-Alert: BAD HEADER Improper folded header field made up entirely
of whitespace (char 20
On Monday September 28 2009 04:58:42 MySQL Student wrote:
Mark suggested in the bugzilla update that I change SpamAssassin to
add 'use utf8' into code generated from rules when it sees it is being
run with a pre-5.8 version of perl. How do I do this for the time
being?
Try the following (for
LuKreme wrote:
Other surprises are that DKIM is pretty useless and SPF_PASS is
actually a slight spam indicator.
Benny Pedersen wrote:
so without some whitelist_from_* dkim and spf will not be helpfull
Indeed. Score points should be kept close to zero for rules
DKIM_SIGNED, DKIM_VALID and
On Tuesday September 22 2009 06:32:12 Benny Pedersen wrote:
On man 21 sep 2009 20:33:57 CEST, MySQL Student wrote
but this will invalidtate dkim headers if this headers
is signed, are spamassassin aware of this problem ? (in general)
Are you saying there is a bug?
partly yes, its not a
On Wednesday September 16 2009 22:03:17 Justin Mason wrote:
Who is running a mass-check that's still in progress? (fwiw, I am ;)
It'll be at least 5 users (with myself and John), but that's not a
great population of training data.
I spent a couple of afternoons cleaning up my corpus or 60.000
Austin,
now hope to do this Thursday/Friday. I should be able to scan my
million or so messages in a day on my cluster.
Wow, that makes me feel inadequate :) I'm struggling to clean up my
little ham sample of 3600 messages, and looking at another couple
thousand that I'll do if I've
I've opened the:
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6203
you can add your e-mail address as a CC if you want.
is the dkim awl not solveing it in 3.3 ?
Only if a mail has a valid DKIM signature and the feature is enabled
( auto_whitelist_distinguish_signed 1 ) and AWL
On Monday 14 September 2009 13:57:44 Benny Pedersen wrote:
why not adjust awl factor ?
(i hope ip can be set to other then /16 in 3.3.x) for the fyzzy
matching ip ranges
imho /24 should be default
Benny, I very much agree with you, the /16 is too wide, and I've seen
cases where good and
On Friday September 11 2009 13:27:11 franc wrote:
Yes, i restarted spamassassin, and now i found out, that amavis is handling
some configurations in 20-debian_defaults, here i can put some blacklist
(with amavis notation of course).
This is independent from SpamAssassin.
But i wonder why the
No, it means spamd isn't used. ...
This i misunderstood too, i thought spamd IS the spamassassin-daemon.
It is. And so is amavisd, just uses a different protocol to talk with a MTA.
You don't need both.
On my system, spamd is running. But i don't find any running spamassassin
process.
If
Per,
http://jessen.ch/files/community36.eml
whitelist_from_dkim *...@community36.net
The actual author is 'keine-antw...@community36.net'; I have run it
through SA with debug on and I see it being added to whitelist
entries. Still when it is checked by DIM, it reports author
Benny,
Still when it is checked by DIM, it reports author
keine-antw...@community36.net, not in any dkim whitelist.
correct it happends here aswell
[22718] dbg: dkim: VALID third-party signature
by id keine-antwort=3dcommunity36@mcsv129.net,
author
On Tuesday September 8 2009 12:10:41 Clunk Werclick wrote:
I'm using syslog-ng, but despite listening to;
unix-stream(/dev/log);
It gets nothing - but I don't expect it to as the default spamassassin
conf has this line;
OPTIONS=--create-prefs --max-children 5 --username spamd
On Tuesday September 8 2009 21:23:42 Jason Haar wrote:
Actually, it's HAM - not spam. In the end it's really become clear it
shows limitations in perl's parsing power - so either we get gruntier
boxes - or increase the timeout. We've gone with the latter.
Some regexps do perform terribly when
On Sunday September 6 2009 11:03:23 jida...@jidanni.org wrote:
Help, sa-update gives:
rules: failed to run __RCVD_IN_2WEEKS test, skipping:
(Can't locate object method received_within_months via package
Mail::SpamAssassin::PerMsgStatus at (eval 755) line 19. )
channel: lint check of
forgive me, why do you want all that crap into your spamassassin when
postfix can solve it for you without a hick ?
Obvious answer: not everyone who uses SA uses postfix.
Another slightly less obvious: to let autolearning see what new
crap it has to learn, and/or to check rules
Gene,
But, I had installed all the perl stuff that a spamassassin -D --lint run
had complained about, and I just noted in the email sa-update sent me that
3 more bits of perl were on the missing list, and the final piece I can't
find in a fedora repo:
32760] dbg: diag: module not installed:
Alex,
Do we have an idea of a timeline for the next release and/or
production release currently?
Not a fixed date yet, but we are getting there, the light at the
end of a tunnel is getting bright. No problems with stability,
it just would be nice to finish some remaining details,
and The Great
On Saturday August 29 2009 19:47:32 R-Elists wrote:
have many, or any of you folks on the list migrated your production servers
to the 3.3.0 alpha 2 or later release?
We are certainly one of them (actually running CVS head,
which is pretty close to alpha2). About 1000 users here.
Mark
Michael,
FN on these three rules: (so how do I write a rule to match?)
header __ST_ISMMS exists:X-MMS-Message-Type
will also FN on THIS rule:
header __ST_ISMMS X-MMS-Message-Type =~ /./
and FN on this rule:
header __ST_ISMMS X-MMS-Message-Type =~ /0/
if header
X-MMS-Message-Type: 0
Michael,
Mark Martinec wrote:
Fixed in 3.3.0:
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5965
guess 3.3.0 is due out so soon that this won't be backported to 3.2.6?
would that patch work on 3.2.5? (giving me an excuse for another port
bump for SA?)
The posted patch
Mike,
- header L_TAB_IN_FROM From:raw =~ /^\t/m
It turns out, Mark's variation is too aggressive. I'm seeing some FPs
on mailing lists, which place separate the friendly name from the email
address by \n\t:
From: Joe User
joe.u...@example.com
Interesting.
The pattern
On Monday 17 August 2009 08:45:03 LuKreme wrote:
Received: from spam05.embarq.synacor.com (LHLO
smtpout01.embarq.synacor.com) (10.50.1.5) by md29.embarq.synacor.com
with LMTP; Sun, 16 Aug 2009 19:19:56 -0400 (EDT)
LMTP? Seriously? Does anyone use that? Well, yes, evidently.
A significant
On Monday 17 August 2009 11:50:53 Florian Sager wrote:
Correct, there is only a dependency on the results of the DKIM.pm module.
There are DKIM verifiers that add a Authentication-Results header to
an email, these results would suffice to request data from
dkim-reputation.org as well;
For those who missed it, the dkim-milter project forked.
Its principal developer is now with the OpenDKIM project.
The OpenDKIM v1.0.0 brings a couple of bug fixes over
the dkim-milter, and uses a new build mechanism.
Mark
Here is the announcement posted on 2009-08-14:
==
The OpenDKIM
Giampaolo,
The DKIMrep.pm loaded fine, but then it complained that the
effectiveTLDs.pm file was not in the Mail::SpamAssassin::Plugin stock dir.
I had to copy it there to fix this issue.
I think it wouldn't be too bad to somehow have a way to specify the full
path to effectiveTLDs.pm.
Per,
I see DKIM_VERIFIED hit in mails from example.com, but the
whitelisting
doesn't happen for some reason. What am I doing wrong?
this should not happend, check spamassassin --lint
Yep, I always do before loading a new ruleset, shows no problems.
output from spamassassin 21
Per,
The lint test-message presumably wouldn't cause DKIM_VERIFIED to hit
anyway, but DNS is most definitely enabled.
Please send the debug output on a real signed message run, e.g.:
spamassassin -D -t test.msg test.log 21
Mark
On Thursday 13 August 2009 14:13:33 LuKreme wrote:
I am starting spamd (/usr/local/etc/rc.d/sa-spamd start or spamd -d -
r /var/run/spamd.pid -c -s /var/log/spamd) and then a few seconds
later it is dying without an error.
[Never mind, spamassassin --lint was dying with a core dump. I removed
Per Jessen,
Per Jessen wrote:
I was just wondering -
RCVD_NUMERIC_HELO will match helo=2xx4.2.2xx.62.fix.example.com -
but is that intentional? It's not exactly a numeric helo?
That should have read helo=2xx.2.2xx.62.fix.example.com.
Bug 5878
Giampaolo,
I was looking at some kind of open-source DKIM-signing piece of code, and
fall into this site:
http://www.dkim-reputation.org/
It has nothing to do with what I'm looking for, nevertheless it seemed
interesting to me and I wanted to give it a try.
Unfortunately, the
Don't know how/if the project has progressed meanwhile.
If anyone is interested, I can send him the DKIMrep.pm.
i like to try it
Sent off-list.
Mark
LuKreme,
I'm considering 3.3, and am currently trying to overcome my aversion
to things labeled 'alpha'.
Understood. It is mainly labeled as alpha because some new things are
not finished (like the new bayesbdb backend to Bayes), and it would
be nice to close some stale problem reports (almost
Tobias, Giampaolo, Bill, and others
I'm interested too, thanks in advance
I've place it on the web page:
http://www.ijs.si/software/amavisd/DKIMrep.pm
http://www.ijs.si/software/amavisd/effectiveTLDs.pm
(the effectiveTLDs.pm is exactly the same as in the
Florian's package, the DKIMrep.pm
Benny,
http://www.ijs.si/software/amavisd/effectiveTLDs.pm
this file seams buggy, not all lines begins with a ' and others dont end
with } but }}
hope its just me that cant read perl :)
???
Does perl complain?
$ perl effectiveTLDs.pm
Mark
Ryan,
I am trying to implement an anti-phishing strategy and was hoping some of
you could point me in the right direction. I want to keep track of how many
recipients a user sends mail to on a 24-hour basis. When a given threshold
is met, that user's email would then go into quarantine until
header L_TAB_IN_FROM ALL =~ /\nFrom:\t/s
- header L_TAB_IN_FROM From:raw =~ /^\t/m
Mark
Joseph Brennan writes:
date:31 Jul 09 10:13 -0800
Do they really write date: instead of Date:? That violates RFC 2822.
No it doesn't. Header fields names are case-insensitive.
A space after : is shown in every example in 2822, but I don't see a
requirement that it be there. It is
Terry Carmen wrote:
Actually, I was looking at it from the other (ham) direction.
Say I live in Rochester, NY. Chances are pretty good that mail I receive
from IP addresses in or near Rochester would be ham (friends/business/etc.)
Email becomes more hammy as it's origination point gets
Sasa,
Hi, in log file I have this error with SA-3.2.5 and MySQL-5.0.77 (with
amavisd-new, postfix, maia):
Jul 23 11:03:35 mail amavis[6329]: (06329-02-2) SA TIMED OUT, backtrace: at
/usr/lib/perl5/vendor_perl/5.10.0/Mail/SpamAssassin/BayesStore/MySQL.pm
line 492\n\teval {...} called at
Eddy,
So I spin it again with -L -D
09:24:10.109 16.022 0.036 [20476] dbg: rules: ran rawbody rule
__SARE_HAS_FG_COLOR == got hit: color:
09:45:09.826 1275.740 1259.717 [20476] dbg: rules: ran eval rule
__SARE_HTML_HAS_BR == got hit (1)
So, after the 20 minutes delay, it says:
Steven,
Jul 6 22:38:08 saturn spamd[32217]: Argument 2.long isn't \
numeric in numeric lt () at \
/usr/lib/perl5/vendor_perl/5.10.0/Mail/SpamAssassin/PerMsgStatus.pm line
1004.
Should I be concerned?
595 spamassassin -V
SpamAssassin version 3.2.5
running on Perl version 5.10.0
Eddy,
I'm using spamassassin 3.2.5 on my academic RHEL server and it works
well :-)
I'm also using Net::DNS version: 0.65, amavisd-new 2.6.4, postfix 2.5.6
I'm receiving an email which take too much time to process.
I have to remove it from my postfix's mail queue
here is part of the
Fletcher,
I seem to be having a hard time writing rules which anchor
a string to the start of the line in the body of a text message.
e.g., suppose I get a lot of phish which contain text (not html)
like this:
Username:..
Password:..
I try what seemed intuitively easy:
X-spam-report: Score=-6.9
tests=BAYES_00,DCC_CHECK,RCVD_IN_DNSWL_HI autolearn=ham
That is not a standard SA header. Actually, there's quite a lot fishy
about that.
First of all, SA is incapable of adding it -- all SA generated headers
start with X-Spam- (note the uppercase S,
Is the Day Old Bread list a reliable list. I found that their DNS times
out a lot of times.
When DOB turned sour last year, I switched to Blaine Fleming's
spameatingmonkey.net. The list is accessible through rsync
and needs to be fed as a zone file to a local DNS.
Contact Blaine for rsync
This issue has been unresolved for way too long. All of this, in my
mind, this makes the plugin orphaned and unusable if not patched with
Mark's patch.
Actually it's a patch by Daniel J McDonald from 2007-06-15.
I just refreshed it for 0.8 and reposted it two months later.
Credits where
Stefan,
I'm in the progress of setting up a new Server with amavisd-new and
spamassassin. I like to run the recent versions of this programms, but
therefore I need some perl modules from cpan (e.g. IP::Country::Fast),
because they are not in the repository of my distribution (SLES 11).
The
Stefan,
It would be simplest to install missing modules in one of the
perl-default directories, such as /usr/lib/perl5/site_perl/5.10.0/ .
Or try adding: use lib your-directory at the start of file amavisd.
I added
use lib '/usr/local/perl/lib';
to /etc/amavisd.conf and it seams to
Stefan,
I just had a closer look at the header of an email which should have
been recognized by spamassassin as spam.
Waht I found was this:
X-SpamScore: 0
tests= SIZE_LIMIT_EXCEEDED
I have checked /usr/share/spamassassin/ for a rule which might contain a
size limit, but didn't
Tony,
Hope for some insight into what I'm looking at...
Brand new install Scalix/SuSE11.1/Amavis/Amavisd1.4/SA/ClamAV
Following How To published on the Scalix Wiki at
http://www.scalix.com/wiki/index.php?title=Scalix/Sendmail_%26_Amavisd-New_
HOWTO
All seemed to be working except when I
Chris,
AFAIK though it isn't possible to place a cap on the FuzzyOCR score. I
don't want to, but I detune it purely to reduce the likelyhood of
something hitting my discard threshold by OCR alone.
If you consider this feature so important, then I could implement a
max_score feature that
Linda,
I see this message coming out of my SA alot these days since upgrading to
3.2.5:
[23920] warn: netset: cannot include 127.0.0.0/8 as it has already been
included
Where is this local net being 'included', and how can I suppress
the duplicate inclusion message?
Michelle,
On my own courier server, there is no problem with it now, because I am
blocking any mx*.incometitanic.com but there is a problem with my
secondary MX.
And of course, the user jfc53 (does not exist on my system) is very
popular because he her over 8 spams per day
LuKreme,
* -1.3 DKIM_VERIFIED Domain Keys Identified Mail: signature passes
* verification
* -1.0 DKIM_SIGNED Domain Keys Identified Mail: message has a signature
* -0.7 ENV_AND_HDR_DKIM_MATCH Env and Hdr From used in default DKIM WL
total of -6.3 if ham scores, sigh.
These rules are
Karsten wrote:
On Wed, 2009-05-20 at 13:52 +0100, Justin Mason wrote:
there is another catch, too, for HTML messages -- it's trivial with
CSS or javascript
That's trivial to do with pure HTML, too, no need for funky tricks some
MUAs might not understand or render. Oh, and it actually is
Mike,
One of SpamAssassins weaknesses is that it only has access to the
message body of the email. It can't create rules to detect certain
behaviours of the connecting host during delivery.
[...]
I was thinking along the lines of an interface where the mta connects to
SpamAssassin when a
On Saturday 25 April 2009 07:44:01 Matt Kettler wrote:
Phibee Network Operation Center wrote:
my logs of spamassassin put:
netset: cannot include 127.0.0.1/32 as it has already been included
anyone know what is this ?
I'd guess you tried to declare 127.0.0.1 in either your
On Saturday 25 April 2009 16:31:38 Rik wrote:
On Sat, 2009-04-25 at 06:47 -0600, LuKreme wrote:
On 25-Apr-2009, at 01:55, Rik wrote:
Sadly I have discarded the mail, but the server time stamp and header
stamp were within seconds of each other, so I don't think it's a time
zone issue as
Jean-Paul,
I have freebsd running exim clam and sa sitewide config-
I upgraded from 3.1.8 if memeory serves-
So I installed the URI perl module tried to run sa-update and it tell me
that Im missing the IO/Zlib module- but when I go to install it, it tells
me the io/zlib is already
Richard,
We sometimes have in our loggin for spamassassin the following entry :
mail_id: 3pCjeOEN7rlE, Hits: -, size: 6408, queued_as: 6B9B150489, 185 ms
This seems normal, but there are some blacklisted url's in this message,
so it seems that spamassassin is giving up because it does not
Giampaolo,
3.2.4 here.
This message:
http://www.spamcop.net/sc?id=z2777168254z0fdfee4493414fc9bde77b85d4d93f01z
;action=display
yields this:
kernel: amavisd[nnn]: segfault at bf5eae7c ip 081162a5 sp bf5eae80
error 6 in perl5.8.8[8048000+11]
A segfault also happens when directly
Perl just doesn't segfault normally, even when a regex is
(too) complex.
Wishful thinking. s/normally/usually/
The rules that come with SpamAssassin are resonably safe from
exploding - unlike some third party or home-grown rules.
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=4570
Marc,
What source file is the registry barrier code in?
Mail/SpamAssassin/Util/RegistrarBoundaries.pm
but is slightly out of date, for example it does
not include registered IDN tld names:
XN--0ZWM56D
XN--11B5BS3A9AJ6G
XN--80AKHBYKNJ4F
XN--9T4B11YI5A
XN--DEBA0AD
XN--G6W251D
XN--HGBK6AJ7F53BBA
Anders,
got a problem with SA from qmail auto-reply mail.
The users got a full mbox and thats makes SA to timeout when checking the
mail.
Apr 7 14:16:50 spam.jll.se /usr/local/sbin/amavisd[27353]: (27353-02-63)
LMTP:[127.0.0.1]:10024
/var/amavis/amavis_temp/amavis-20090407T141038-27353:
On Wednesday 08 April 2009 12:40:26 Karsten Bräckelmann wrote:
On Wed, 2009-04-08 at 04:29 -0600, LuKreme wrote:
On 8-Apr-2009, at 04:04, Mark Martinec wrote:
set it to something like:
$sa_mail_body_size_limit = 420*1024;
Isn't the limit still 256K unless overridden
Andrew,
Odd, because on SpamAssassin it never showed that header unless the message
was marked as spam. Although I should have mentioned that it's being
called through amavisd-new which may have had something to do with it.
I've added a custom header, and played with the $sa_tag_level_deflt
I just now moved and registered my DomainKey eval stuff to the
DomainKeys.pm Plugin (makes sense, no?), where I simply knew
'get_pristine_header ()' would have to be available. See:
The DomainKeys plugin is going away, its underlying perl module
is no longer maintained. The DKIM plugin covers
LuKreme,
I've thought about going with amavis (mostly for spam rejection, I
don't run VirusOS computers) but my problem has been that it seems
that either amavis runs and rejects spam (in which case I need to set
the threshold high) OR spamassasin runs and tags spam (in which case I
can
alexus,
SpamAssassin is EXTREMLY slow
mx1# /usr/local/bin/spamd --allow-tell --vpopmail --username=spamd
[96985] dbg: message: main message type: text/plain
[96985] dbg: message: MIME PARSER START
[96985] dbg: message: parsing normal part
[...]
Find out what is taking most of
Guido,
I am trying to configure my system that it can assign user specific
scores. I therefore set up a table like described in [1]. This runs fine,
as long as I use spamc to scan mails.
But actually I want to use Amavisd-new using spamassassin. Here
spamassassin complety ignores the sql
Bogdan,
I'm trying to make use of Mail::SpamAssassin::Plugin::AccessDB plugin.
This is what I have in config:
body GMAIL_IZDANJA eval:check_access_database('/etc/mail/gmail_spam.db')
describe GMAIL_IZDANJA spam from gmail.com
score GMAIL_IZDANJA 35.000
Content of /etc/mail/gmail_spam is
Bogdan,
The test is supposed to receive a header as argument, not a body:
thanks for the reply. What I am trying to do is actually have access map
of blacklisted email addresses or websites that are mentioned in the
*body* of email, not in header.
I'm afraid you'd need to enhance the
Martin Gregorie wrote:
OTOH I have a similar plot. The idea is that mail from an exact address
that I've previously sent mail to will not be spam. My system consists
of two parts:
- the first automatically records every address I've sent mail to.
This uses a table in a PostgreSQL database
Chris,
Mar 23 18:01:08 localhost spamd[3676]: dns: sendto() failed:
Connection refused
at /usr/lib/perl5/site_perl/5.10.0/Mail/SpamAssassin/DnsResolver.pm
line 395, GEN71 line 45.
man 2 sendto
[ECONNREFUSED] The socket received an ICMP destination
unreachable message from the
Sheeen,
We have an amavisd/spamassassin/clamav gateway before our Exchange server.
I've trained spamassassin with about 3500 hams / 3500 spams, it should work
correctly, and I'm training it regularly.
But we're receiving some spams yet.
I've looked into the headers of spams received
Dan,
I normally disable bayes, because without proper training it tends to make
spamassassin less reliable. But I've got one installation that is
stubbornly running bayes even though I have disabled it.
I set use_bayes 0 in /etc/mail/spamassassin/local.cf
I set use_bayes 0 in
Adi,
First, it read the sender, and put it into a variable
Then, it check, if the recipient is the same as that variable
if true, then give score 3.0
The trick is to let a regexp see an entire mail header section.
Unfortunately it means we can't reuse already parsed addresses
in From and To
Jason,
I have a freebsd 7.0 RC3 server running postfix amavisd-new clamavd and
SpamAssassin... Having just upgraded ports I believe they are all current
releases
In this set up I am lead top believe that Amavisd-new handles the SA config
but I did not see a process for spamd so i enabled
Jonas,
I just found one reason for FPs in the Botnet plugin. It doesn't
make a difference between timeouts (and other DNS errors) and
negative answers. So if your DNS server/proxy is overloaded (or
slow for some other reason), you'll get FPs
Since 15 minutes ago, I'm running a slightly
Eddy,
I sent this email to the amavisd-new group but didn't received any replies
I give it a spin on this group
Maybe someone can help
Yes, this is probably a more suitable place for this question.
We are using Postfix 2.5.5 on our RHEL AS release 4 (Nahant Update 6)
academic server.
Anton,
I'm currently having a problem with spamassassin (SpamAssassin version
3.2.5, running on Perl version 5.10.0). I'm using Spamassassin within
postfix/spamd/spamc in /etc/postfix/master.cf:
smtp inet n - n - - smtpd
-o
* If circumstances permit, make use of extensive whitelisting, so that
you can increase the score of rules (or maybe lower the threshold after
which you consider a message to be spam).
When whitelisting, never whitelist just based on a plain sender or author
address (such as 'whitelist_from').
Marcin,
Did you manually (initially) train it
with your collected ham and recent (not older than 3 months) spam?
No, I just waited until default 200 hams and 200 spams kicked it in. As
I mentioned elsewhere, I get a weird effect of correct positives, but
relatively many false negatives
Michael,
I am completing some testing on new altermime version 0.3.10 for freebsd
(it has already been submitted to ports)
If you remember, using dkim signing and altermime would add \r\n to
emails if you added disclaimers.
(i have separate plain text and html disclaimers)
Actually just a
On Friday 28 November 2008 22:45:24 Karsten Bräckelmann wrote:
body __L_LARGE_MONEY1
m{(?:\x{A3}|\$|Pounds?|Dollars?|GBP|EURo?).*\d\d\d[,.]\d\d\d}i
body __L_LARGE_MONEY2
m{\d\d\d[,.]\d\d\d.*(?:\x{A3}|\$|Pounds?|Dollars?|GBP|EURo?)}i
I guess these should better be bound in both
Andrew,
Our setup seems to work pretty well, but some spams are slipping
through. Has anyone got any suggestions of rules that will catch these
types of emails: http://www.pastebin.ca/1266571
I had trouble with these too.
Try the following rules (watch for line wraps by your MTA):
body
ram,
Enabling dkim plugin, will it increase resource requirements on my
server ? The SPF checks are just on the envelope/helo and ip .. so
obviously must be much cheaper
If you have a recent version of SpamAssassin (3.2.4 or later)
and fairly recent version of Mail::DKIM (0.32) the
I have been using USER_IN_SPF_WHITELIST to whitelist mails from google
alerts
It had been working fine , but last 2-3 days I see that these mails dont
get an SPF-pass. Seems guys at google are using some other servers
whitelist_from_dkim [EMAIL PROTECTED]
Mark
Yes. It's also pointless imho to ise DomainKeys and DKIM both, DKIM is
preferred afaik.
Well, I have them both to for when other people use one or the other;
currently I'm not using either on outbound.
It is pointless to use DomainKeys SA plugin when a DKIM plugin is in use.
The DKIM
Luis,
I was doing some tests with all the recommendations you sent me...
and I can make to work the server correctly... I was filtering spam with
no problems and my performances troubles dissapeard...
I just configured 5 procs for amavis and postfix content filter and
I turn off
My guess is that you have too many processes running for the
amount of ram you have.
I doubt it.
each vscan process take 60 - 75 MB.
That doesn't make a whole lot of sense to me.
10 * 70mb = 700mb for vscan/spam
200mb +/- for clamd
50 mb +/- for postfix / amavis etc
= 950 mb used.
Benedict,
Thing is, what is causing the nan?
My guess is that a NaN somehow got into your AWL database.
I have reopened bug 3364, and attached a richer patch:
Deal with NaN in AutoWhitelist and PerMsgStatus
which includes my previous patch and also instruments
AutoWhitelist module to check
Guenther, Benedict,
My guess is that a NaN somehow got into your AWL database.
Things are much more complicated, or rather weird, than that.
According to Benedict's reports and pasted snippets, he got an NaN score
for at least 3 rules: FROM_ILLEGAL_CHARS, AWL, MSOE_MID_WRONG_CASE
You are
Benedict,
I found bug # 3364 in the buglist and according to this it seems like a
Debian issue. It doesn't seem to occur on other systems or at least it's
not reproducable.
The uri bl black is scored as nan again.
It's really annoying as this is what probably is causing the score not
to be
Guenther wrote:
Do you use customized headers? (Sorry, don't have the OP, but IIRC I
spotted some.) What are the results of the snippets in comment 4, and
what about comment 11?
A question is for Benedict I suppose.
Puzzling, how he gets NaN in the first place. Benedict, did you lint
your
401 - 500 of 740 matches
Mail list logo