On Tue 25 May 2010 10:01:12 PM CEST, Benny Pedersen wrote
# save rule as 99_local_bugs_331.cf
# SA = 3.3.1
if (version == 3.003001)
uri __PROTOCOL_OK m{^https?://\w+}
meta PROTOCOL_FIX (!__PROTOCOL_OK)
describe PROTOCOL_FIX protocol in uri is not lowercase
score PROTOCOL_FIX 5.0
On 2010/05/25 7:02 PM, Karsten Bräckelmann wrote:
On Wed, 2010-05-26 at 10:35 +1200, Jason Haar wrote:
Not as far as ok_locales and the respective CHARSET_FARAWAY rules are
concerned, IIRC. They have been written long ago to trigger on the
char-sets used. They don't detect the char-set based on
Hello,
for the first time two weeks ago I received a kind of spam that SA doesn't
check at all. Similar ist always the URL one-liner and a faked yahoo.com
sender. If manually checked by SA, it gets score 40:
http://pastebin.com/4arTzeRu
Setup: Postfix 2.7.0 with spampd proxy.
Postfix seems
Benny Pedersen wrote:
On Tue 25 May 2010 10:01:12 PM CEST, Benny Pedersen wrote
# save rule as 99_local_bugs_331.cf
# SA = 3.3.1
if (version == 3.003001)
uri __PROTOCOL_OK m{^https?://\w+}
meta PROTOCOL_FIX (!__PROTOCOL_OK)
describe PROTOCOL_FIX protocol in uri is not lowercase
On Wed, 2010-05-26 at 16:05 +0200, Jan-Kaspar Münnich wrote:
Setup: Postfix 2.7.0 with spampd proxy.
Postfix seems to just don't send these mails to the proxy, without any
warning in the logs.
If, as you say, SA never gets these messages for scanning, it cannot be
a problem with SA or its
Is there any way to take a domain listed with util_rb_2tld, and
un-2tld it (similar to how you can unwhitelist stock whitelist entries
if they don't work well with your mail)?
I recently came across a free-subsite domain that seems to be part of
a cluster of **very** similar sites which I've
On 05/26/2010 09:33 PM, Lennart Johansson wrote:
My first post, please don't kill me for doing some things wrong.
I see quite a few of these from hotmail orginating from China.
http://pastebin.com/q308E7ZG
SA score:
Score Matching Rule Descriptioncached not
result=0.002
I see quite a few of these from hotmail orginating from China.
X-Originating-IP: [123.161.74.4]
is listed in Spamhaus (SPL) and I deep parse headers so I got a hit on this.
Unlike PBL and XBL, Spamhaus SBL is safe for deep-parsing. Which SA does
for this part (only) of ZEN.
Unfortunately
Hi,
On Wed, May 26, 2010 at 6:59 PM, Philip Prindeville
philipp_s...@redfish-solutions.com wrote:
Anyone else seeing the following in their cron logs:
http: GEThttp://yerp.org:8080/rules/stage/330948267.tar.gz request failed:
500 Can't connect to yerp.org:8080 (connect: Connection refused):
On 5/26/10 11:06 AM, Mikael Syska wrote:
Hi,
On Wed, May 26, 2010 at 6:59 PM, Philip Prindeville
philipp_s...@redfish-solutions.com wrote:
Anyone else seeing the following in their cron logs:
http: GEThttp://yerp.org:8080/rules/stage/330948267.tar.gz request failed:
500 Can't connect to
On Wed, 2010-05-26 at 11:22 -0600, Philip Prindeville wrote:
On 5/26/10 11:06 AM, Mikael Syska wrote:
Anyone else seeing the following in their cron logs:
http: GEThttp://yerp.org:8080/rules/stage/330948267.tar.gz request
failed:
500 Can't connect to yerp.org:8080 (connect:
On Tue, 25 May 2010 22:01:12 +0200
Benny Pedersen m...@junc.org wrote:
On Tue 25 May 2010 08:38:29 PM CEST, Karsten Bräckelmann wrote
On Tue, 2010-05-25 at 14:20 +0200, Benny Pedersen wrote:
i see spam mails that using Http://example.com
Yes, it is a known issue. Fixed in SVN already,
From: Jason Bertoch [mailto:ja...@i6ix.com]
Sent: Wednesday, May 26, 2010 3:34 PM
On 2010/05/25 7:02 PM, Karsten Bräckelmann wrote:
On Wed, 2010-05-26 at 10:35 +1200, Jason Haar wrote:
Not as far as ok_locales and the respective CHARSET_FARAWAY rules are
concerned, IIRC. They have been
On 05/26/2010 05:29 PM, Karsten Bräckelmann wrote:
Also, these Hotmail injected footers always use long-ish URIs with a
path, no? In that case, a meta with __URI_NO_PATH could help. Something
like this.
uri __URI_NO_PATH m~^https?://[^/]+/?$~
That's possibly a good idea. I was thinking
Yes, it is a known issue. Fixed in SVN already, and will be
shipped with the next release 3.3.2.
when will 3.3.2 be pushed out?
- rh
On Wed, 2010-05-26 at 11:14 -0700, R-Elists wrote:
Yes, it is a known issue. Fixed in SVN already, and will be
shipped with the next release 3.3.2.
when will 3.3.2 be pushed out?
We're gearing up towards a release. See the dev list. ;)
--
char
Hello List Folks,
I have used procmail in the past to move mail to a spam file on the
server but I am wondering if there is another way.
I found
http://wiki.apache.org/spamassassin/IntegratedSpamdInPostfix?action=fullsearchcontext=180value=move+spam+to+foldertitlesearch=Titles
and used
On Wed 26 May 2010 07:39:53 PM CEST, RW wrote
# save rule as 99_local_bugs_331.cf
# SA = 3.3.1
if (version == 3.003001)
uri __PROTOCOL_OK m{^https?://\w+}
meta PROTOCOL_FIX (!__PROTOCOL_OK)
describe PROTOCOL_FIX protocol in uri is not lowercase
score PROTOCOL_FIX 5.0
endif #
On Wed, 26 May 2010, Karsten Br?ckelmann wrote:
The correct answer to both these statements is -- because it is in the
mirrors list. ;)
$ lynx -dump http://yerp.org/rules/MIRRORED.BY
http://yerp.org:8080/rules/stage/ weight=10
http://yerp.org/rules/stage/
...a botched attempt to set up Coral
On 05/26/2010 07:32 PM, John Hardin wrote:
On Wed, 26 May 2010, Karsten Br�ckelmann wrote:
The correct answer to both these statements is -- because it is in the
mirrors list. ;)
$ lynx -dump http://yerp.org/rules/MIRRORED.BY
http://yerp.org:8080/rules/stage/ weight=10
20 matches
Mail list logo
