Hi
i am at setup a new mailgateway and playing around
with spamassassin-3.4.0 and spamass-milter which
looks both well - but after the update tonight my
testmessage goes down from 7.5 to 5.3
that's one of the very high rated on a Barracuda
appliance downloaded to a folder and only posting
the
Hi
header contains X-Spam-Status: Yes, score=7.5 required=5.0
but the subject does not get [SPAM] tagging with the config
below - not sure what i am missing
spamassassin-3.4.0-7.fc20.x86_64
spamass-milter-0.3.2-11.fc20.x86_64
spamass-milter -p /run/spamass-milter/spamass-milter.sock -g sa-milt
Am 25.08.2014 um 16:58 schrieb Kevin A. McGrail:
On 8/25/2014 5:37 AM, Reindl Harald wrote:
header contains X-Spam-Status: Yes, score=7.5 required=5.0
but the subject does not get [SPAM] tagging with the config
below - not sure what i am missing
See
http://www.jigsawboys.com/2006/06/28
Am 25.08.2014 um 17:11 schrieb Kevin A. McGrail:
On 8/25/2014 11:08 AM, Reindl Harald wrote:
Am 25.08.2014 um 16:58 schrieb Kevin A. McGrail:
On 8/25/2014 5:37 AM, Reindl Harald wrote:
header contains X-Spam-Status: Yes, score=7.5 required=5.0
but the subject does not get [SPAM] tagging
Am 25.08.2014 um 17:21 schrieb Kevin A. McGrail:
On 8/25/2014 11:17 AM, Reindl Harald wrote:
Am 25.08.2014 um 17:11 schrieb Kevin A. McGrail:
On 8/25/2014 11:08 AM, Reindl Harald wrote:
Am 25.08.2014 um 16:58 schrieb Kevin A. McGrail:
On 8/25/2014 5:37 AM, Reindl Harald wrote:
header
Am 25.08.2014 um 17:29 schrieb Antony Stone:
Post follow-ups on an appropriate support forum. This is not it.
I think you're being unfairly rude to the original poster here.
His problem is not specific to spamass-milter (if it were, I would agree with
pointing him politely in the
Am 25.08.2014 um 17:43 schrieb John Hardin:
On Mon, 25 Aug 2014, Reindl Harald wrote:
Am 25.08.2014 um 16:06 schrieb John Hardin:
On Mon, 25 Aug 2014, Reindl Harald wrote:
i am at setup a new mailgateway and playing around
with spamassassin-3.4.0 and spamass-milter which
looks both well
Am 25.08.2014 um 18:00 schrieb Karsten Bräckelmann:
On Mon, 2014-08-25 at 11:37 +0200, Reindl Harald wrote:
header contains X-Spam-Status: Yes, score=7.5 required=5.0
but the subject does not get [SPAM] tagging with the config
below - not sure what i am missing
What does this command
Am 25.08.2014 um 18:28 schrieb John Hardin:
On Mon, 25 Aug 2014, Reindl Harald wrote:
the plain content i attached as ZIP (what made it to the listg) is used for
testing by just copy the content to a
formmailer or in a new plaintext message in TB point directly to the test MX
Am 25.08.2014 um 19:13 schrieb Karsten Bräckelmann:
On Mon, 2014-08-25 at 18:55 +0200, Reindl Harald wrote:
Am 25.08.2014 um 18:00 schrieb Karsten Bräckelmann:
X-Spam-Status: Yes, score=3.7 required=1.0 tests=MISSING_DATE,MISSING_FROM,
MISSING_HEADERS,MISSING_MID,NO_HEADERS_MESSAGE
Am 25.08.2014 um 19:35 schrieb Daniel Staal:
--As of August 25, 2014 7:06:32 PM +0200, Reindl Harald is alleged to have
said:
masscheck ties to ensure spams score at least 5 points, but doesn't
care beyond that
yes, but given that the intention is to flag message above
5 with [SPAM
Am 25.08.2014 um 20:03 schrieb Karsten Bräckelmann:
On Mon, 2014-08-25 at 19:43 +0200, Reindl Harald wrote:
Am 25.08.2014 um 19:13 schrieb Karsten Bräckelmann:
No tests at all. I doubt the milter generated all those missing headers
including From and Date, instead of a Received one only. So
Am 25.08.2014 um 20:41 schrieb Matus UHLAR - fantomas:
Given (a) you disabled RBL checks in SA
On 25.08.14 19:06, Reindl Harald wrote:
the reason for that is that postfix in front already does a damned
good job with RBL's
since SA uses deep header scanning in many times, which postfix
first - thank you for your feedback
SA is a new beat to me
Am 25.08.2014 um 22:00 schrieb Daniel Staal:
--As of August 25, 2014 7:49:39 PM +0200, Reindl Harald is alleged to have
said:
Am 25.08.2014 um 19:35 schrieb Daniel Staal:
--As of August 25, 2014 7:06:32 PM +0200, Reindl Harald
Am 26.08.2014 um 00:02 schrieb Ian Zimmerman:
On Mon, 25 Aug 2014 19:50:20 +,
David Jones djo...@ena.com wrote:
Ian I definitely have FNs today (about 10 by now today, normally 0).
Ian Looks like some/all RBLs tests are not working. I have not changed
Ian my configuration at all.
Am 26.08.2014 um 08:54 schrieb Matthias Leisi:
On Tue, Aug 26, 2014 at 12:08 AM, Reindl Harald h.rei...@thelounge.net
wrote:
Aug 26 00:01:32 mail-gw spamd[6836]: spamd: result: Y 5 -
ADVANCE_FEE_4_NEW,ADVANCE_FEE_4_NEW_MONEY,ADVANCE_FEE_5_NEW,ADVANCE_FEE_5_NEW_MONEY,ALL_TRUSTED,BAYES_99
ED, BAYES_99,BAYES_999,DEAR_SOMETHING,DKIM_ADSP_CUSTOM_MED,FREEMAIL_FROM,
LOTS_OF_MONEY,T_MONEY_PERCENT,URG_BIZ
Weitergeleitete Nachricht
Betreff: Re: no subject tagging in case of X-Spam-Status: Yes
Datum: Mon, 25 Aug 2014 19:43:29 +0200
Von: Reindl Harald h.rei...@thelounge.net
Am 26.08.2014 um 10:52 schrieb Matthias Leisi:
On Tue, Aug 26, 2014 at 10:16 AM, Reindl Harald h.rei...@thelounge.net
wrote:
ADVANCE_FEE_4_NEW,ADVANCE_FEE_4_NEW_MONEY,ADVANCE_FEE_5_NEW,ADVANCE_FEE_5_NEW_MONEY,ALL_TRUSTED,BAYES_99,BAYES_999,DEAR_SOMETHING,DKIM_ADSP_CUSTOM_MED,FREEMAIL_FROM
Am 26.08.2014 um 11:30 schrieb Axb:
On 08/26/2014 11:23 AM, Reindl Harald wrote:
i am at building the new MTA which will replace a commercial
spamfilter appliance and currently i am at training byes and
building admin backends
* postscreen with RBL/DNSWL weight
* PTR filters
* subject
Hi
i am tyring to write own RBL rules for blacklisting and
especially whitelisting using internal DNSBL/DNSWL but
my first try results in warnings at startup
sadly the Wiki don't refer to check_rbl()
https://wiki.apache.org/spamassassin/WritingRules
ifplugin Mail::SpamAssassin::Plugin::DNSEval
Am 26.08.2014 um 14:25 schrieb Joe Quinn:
On 8/26/2014 8:04 AM, Reindl Harald wrote:
i am tyring to write own RBL rules for blacklisting and
especially whitelisting using internal DNSBL/DNSWL but
my first try results in warnings at startup
sadly the Wiki don't refer to check_rbl()
https
Am 26.08.2014 um 15:54 schrieb Axb:
On 08/26/2014 03:00 PM, Reindl Harald wrote:
Am 26.08.2014 um 14:25 schrieb Joe Quinn:
On 8/26/2014 8:04 AM, Reindl Harald wrote:
sadly the Wiki don't refer to check_rbl()
https://wiki.apache.org/spamassassin/WritingRules
You can use KAM.cf for reference
Am 26.08.2014 um 17:18 schrieb Axb:
On 08/26/2014 04:28 PM, Reindl Harald wrote:
header RCVD_IN_RP_TLDNS1 eval:check_rbl('tldns1-lastexternal',
'dnswl.thelounge.net.')
describe RCVD_IN_RP_TLDNS1 Custom DNSBL/DNSWL
tflags RCVD_IN_RP_TLDNS1 net
scoreRCVD_IN_RP_TLDNS1 -5
spamd
Am 26.08.2014 um 17:30 schrieb Axb:
On 08/26/2014 05:25 PM, Reindl Harald wrote:
Am 26.08.2014 um 17:18 schrieb Axb:
On 08/26/2014 04:28 PM, Reindl Harald wrote:
header RCVD_IN_RP_TLDNS1 eval:check_rbl('tldns1-lastexternal',
'dnswl.thelounge.net.')
describe RCVD_IN_RP_TLDNS1 Custom DNSBL
Am 26.08.2014 um 18:11 schrieb Axb:
On 08/26/2014 05:42 PM, Reindl Harald wrote:
they are *not* i sepecially added the following lines
to prevent the automatic adding to trusted_networks
since the IP range is outside
clear_trusted_networks
trusted_networks 192.168.168.0/24
Am 26.08.2014 um 20:29 schrieb Axb:
On 08/26/2014 08:08 PM, Reindl Harald wrote:
Am 26.08.2014 um 18:11 schrieb Axb:
On 08/26/2014 05:42 PM, Reindl Harald wrote:
they are *not* i sepecially added the following lines
to prevent the automatic adding to trusted_networks
since the IP range
Am 26.08.2014 um 21:08 schrieb Martin Gregorie:
On Tue, 2014-08-26 at 20:08 +0200, Reindl Harald wrote:
Am 26.08.2014 um 18:11 schrieb Axb:
On 08/26/2014 05:42 PM, Reindl Harald wrote:
they are *not* i sepecially added the following lines
to prevent the automatic adding to trusted_networks
Am 26.08.2014 um 22:23 schrieb Matthias Leisi:
On Tue, Aug 26, 2014 at 9:25 PM, Reindl Harald h.rei...@thelounge.net wrote:
spamc -your_normal_spamc_options message_to_be_tested
are we really talking about the same?
that won't involve the network
You need a full message, include any
Am 27.08.2014 um 02:24 schrieb Karsten Bräckelmann:
On Wed, 2014-08-27 at 01:08 +0200, Reindl Harald wrote:
below the stdout/sterr of following script filtered for dns
so the lists are asked, but the question remains why that
don't happen from a IP in the same network
Nope, no RBL queries
Hi
is it somehow possible to get line-breaks in the
report headers to have them better readable?
given that Received and DKIM are coming with
more than one line and the additional ones with
a intention it should be technically possible
report_safe 0
clear_headers
add_header spam Flag _YESNO_
Am 28.08.2014 um 11:11 schrieb Marcin Mirosław:
I've noticed growing volume of emails listed by mailspike. Usually it's
spam listed as good reputation. On his webpage I can see only page
http://mailspike.org/contact.html , they want to fill many personal
information, I don't want to send it
Am 28.08.2014 um 16:55 schrieb Matus UHLAR - fantomas:
On 28.08.14 11:08, Reindl Harald wrote:
is it somehow possible to get line-breaks in the
report headers to have them better readable?
X-Spam-Status: No, score=-101.7/5.0,
tests=BAYES_50,CUST_DNSWL_5,HEADER_FROM_DIFFERENT_DOMAINS
Am 28.08.2014 um 19:11 schrieb Karsten Bräckelmann:
That long _TESTS_ string without line-breaks is due to the very long
_REPORT_ in that header. If you add a dedicated Report header, the
Status header and its list of tests will be wrapped appropriately, too.
FWIW, SA even generates the
Am 28.08.2014 um 22:18 schrieb Karsten Bräckelmann:
On Thu, 2014-08-28 at 21:43 +0200, Reindl Harald wrote:
Am 28.08.2014 um 19:11 schrieb Karsten Bräckelmann:
FWIW, SA even generates the Report header by default with your setting
of report_safe 0. Not in your case, because you chose
Am 28.08.2014 um 22:29 schrieb Karsten Bräckelmann:
On Thu, 2014-08-28 at 21:43 +0200, Reindl Harald wrote:
Am 28.08.2014 um 19:11 schrieb Karsten Bräckelmann:
FWIW, SA even generates the Report header by default with your setting
of report_safe 0. Not in your case, because you chose
besides that the setup is now in production
Am 27.08.2014 um 03:48 schrieb Karsten Bräckelmann:
Again: Craft your samples to match real-life (production) environment.
Do not configure or try to fake an environment that will not match
production later. It won't work.
You want to configure
Am 25.08.2014 um 11:37 schrieb Reindl Harald:
header contains X-Spam-Status: Yes, score=7.5 required=5.0
but the subject does not get [SPAM] tagging with the config
below - not sure what i am missing
spamassassin-3.4.0-7.fc20.x86_64
spamass-milter-0.3.2-11.fc20.x86_64
spamass-milter -p
Am 29.08.2014 um 00:57 schrieb Karsten Bräckelmann:
the simple answer to my question would have been no, in no case SA does
any RBL check if the client is from the same network range and there is
no way to change that temporary even for development [...]
That would have been simpler indeed,
Am 29.08.2014 um 01:20 schrieb Karsten Bräckelmann:
On Fri, 2014-08-29 at 00:30 +0200, Reindl Harald wrote:
besides the permissions problem after the nightly sa-update the reason
was simply clear_headers without add_header spam Flag _YESNO which
is entirely unexpected behavior
Am 29.08.2014 um 01:51 schrieb Karsten Bräckelmann:
On Fri, 2014-08-29 at 01:06 +0200, Reindl Harald wrote:
the question was just how can i enforce RBL tests inside the own LAN
the question was just how can i enforce RBL tests inside the own LAN
the question was just how can i enforce RBL
Am 29.08.2014 um 02:15 schrieb Reindl Harald:
Am 29.08.2014 um 02:01 schrieb Karsten Bräckelmann:
On Fri, 2014-08-29 at 01:23 +0200, Reindl Harald wrote:
Besides, your own reply to my first post to this thread on Mon also
shows this claim to be false. The output of the command I asked you
Am 29.08.2014 um 02:29 schrieb Karsten Bräckelmann:
On Fri, 2014-08-29 at 01:59 +0200, Reindl Harald wrote:
You can easily run RBL tests against IPs from within the local network
and treat them like any other sending SMTP client, by (a) excluding
them from the appropriate *_networks settings
Am 29.08.2014 um 04:03 schrieb Karsten Bräckelmann:
On Fri, 2014-08-29 at 02:15 +0200, Reindl Harald wrote:
look at the attached zp-archive and both messages
produced with the same content before you pretend
others lying damned - to make it easier i even
added a config-diff
Am 29.08.2014 um 04:26 schrieb Karsten Bräckelmann:
On Fri, 2014-08-29 at 02:15 +0200, Reindl Harald wrote:
look at the attached zp-archive [...]
Since I already had a closer look at the contents including your local
cf, and I am here to offer help and didn't mean no harm, some comments
Am 30.08.2014 um 00:35 schrieb Karsten Bräckelmann:
On Fri, 2014-08-29 at 12:02 +0200, Reindl Harald wrote:
Am 29.08.2014 um 04:03 schrieb Karsten Bräckelmann:
Now, moving forward: I've had a look at the message diffs. Quite
interesting, and I honestly want to figure out what's happening
after two days running SA for the first two test-domains with a
well trained bayes for the global milter-user: impressive!
the few crap making it through poscreen RBL scroing is detected
0.000 0 3 0 non-token data: bayes db version
0.000 0 1389
on the youtube page of the blocked facebook notification
so i am glad that i have to do soem training by myself instead fear
of false positives which do much more harm
On 8/30/2014 2:41 PM, Reindl Harald wrote:
after two days running SA for the first two test-domains with a
well trained bayes
i guess it needs to adjust them depending on block score
was one of the typical enhance your penis mails
score BAYES_95 0 0 3.23.0
score BAYES_99 0 0 3.83.5
X-Spam-Status: No, score=4.4, tag-level=4.5, block-level=8.5
X-Spam-Report:
* 0.5 CUST_DNSBL_8 RBL: ix.dnsbl.manitu.net
Am 31.08.2014 um 12:20 schrieb Axb:
On 08/31/2014 11:58 AM, Reindl Harald wrote:
Are you using RAZOR PYZOR?
https://bugzilla.redhat.com/show_bug.cgi?id=1127650
perl-Razor-Agent - Only used for the not enabled by default Razor plugin
so i guess no
get the source from http
Am 31.08.2014 um 16:08 schrieb Ted Mittelstaedt:
On 8/31/2014 2:21 AM, Reindl Harald wrote:
Am 31.08.2014 um 02:15 schrieb Ted Mittelstaedt:
Yes, it does work great when you have the bayes filter turned on and you
take the time to feed it. And that means
you have to feed the
learner both
Am 31.08.2014 um 23:06 schrieb Ian Zimmerman:
On Sun, 31 Aug 2014 12:20:41 +0200,
Axb axb.li...@gmail.com wrote:
Axb Bayes scores are *not* set to be a sole indicator of spam/ham.
Axb They're supposed to be yet another indicator.
FWIW, I use both Razor and Pyzor, and there are times
Am 01.09.2014 um 13:19 schrieb Timothy Murphy:
Unfortunately if Bayes is not turned on, it does not catch more than
around 60-70% of spam. As a Spamassassin user server admin, I
would
really like to see that improve.
As a matter of interest, how can one turn Bayes on/off?
I take it
Am 02.09.2014 um 09:57 schrieb Ted Mittelstaedt:
On 8/31/2014 5:11 PM, LuKreme wrote:
On 31 Aug 2014, at 08:08 , Ted Mittelstaedtt...@ipinc.net wrote:
Google does it. It's not impossible.
[snip]
My experience is that the commercial providers like Gmail are now
so aggressive that false
Am 02.09.2014 um 12:15 schrieb Ted Mittelstaedt:
On 8/31/2014 7:35 AM, Reindl Harald wrote:
Am 31.08.2014 um 16:08 schrieb Ted Mittelstaedt:
On 8/31/2014 2:21 AM, Reindl Harald wrote:
Am 31.08.2014 um 02:15 schrieb Ted Mittelstaedt:
Yes, it does work great when you have the bayes
Am 02.09.2014 um 12:37 schrieb Ted Mittelstaedt:
On 9/2/2014 2:16 AM, Reindl Harald wrote:
and here you prove again that it don't work really out-of-the-box
because if i have to look all day long in my spam folder because
a noticeable part of my legit mail lands there it *do not work
Am 02.09.2014 um 13:43 schrieb Ted Mittelstaedt:
as explained above:
* the users don't want to see clear spam at all
* in many countries *you must* reject before-queue
* frankly, where i live for drop a accepted messages
you can go up to 2 years *in jail*
This is really getting silly
Am 02.09.2014 um 13:54 schrieb Reindl Harald:
Am 02.09.2014 um 13:43 schrieb Ted Mittelstaedt:
as explained above:
* the users don't want to see clear spam at all
* in many countries *you must* reject before-queue
* frankly, where i live for drop a accepted messages
you can go up
Am 02.09.2014 um 22:24 schrieb Bob Proulx:
Ted Mittelstaedt wrote:
Bob Proulx wrote:
Plus Google can undeliver a message from your Inbox if you have not
read it yet. Say a spammer slowly sends sneaky spam to 10,000 people.
After the first dozen report the message as spam then the next 9988
Am 02.09.2014 um 22:32 schrieb Ted Mittelstaedt:
On 9/2/2014 4:59 AM, Reindl Harald wrote:
just get a proper MTA, enable debug logging
and watch the commands / responses between
client and server due a message transmission
and to make it clear for you:
until after end of data itslef
Am 02.09.2014 um 22:40 schrieb Ted Mittelstaedt:
Yes, that is my experience when I setup test addresses on Gmail and
stick them into spammer unsubscribe links. Lots of spam starts showing
up and over 90% in the junk folder
Bruhaha and that is working out of the box?
your problem is that you
Am 03.09.2014 um 00:39 schrieb Bob Proulx:
Reindl Harald wrote:
schrieb Bob Proulx:
Ted Mittelstaedt wrote:
Bob Proulx wrote:
Plus Google can undeliver a message from your Inbox if you have not
read it yet. Say a spammer slowly sends sneaky spam to 10,000 people.
After the first dozen
Am 03.09.2014 um 01:07 schrieb LuKreme:
I am getting the following error repeated many times a second:
/usr/local/libexec/mysqld: Table './bayes/bayes_token' is marked as crashed
and should be repaired
well, repair table bayes_token in MySQL
or use the following option in /etc/my.cnf to
remember that.
read the whole thread and how much time i alreay wasted
trying to explain Ted how a MTA works to get at the end
explained i leak my valid users list
that's a thead i started and if he needs basic MTA
lessons he could start a own topic!
On 03/09/2014 06:52, Reindl Harald wrote:
Am
Am 03.09.2014 um 19:16 schrieb Ted Mittelstaedt:
On 9/2/2014 1:52 PM, Reindl Harald wrote:
Am 02.09.2014 um 22:32 schrieb Ted Mittelstaedt:
On 9/2/2014 4:59 AM, Reindl Harald wrote:
just get a proper MTA, enable debug logging
and watch the commands / responses between
client
Am 03.09.2014 um 22:29 schrieb Adam Moffett:
I've been thinking it could easily be a full time job to read spam, write sa
rules, test sa rules, etc.
There isn't enough time in my day for that, so I'm pretty much running SA
un-customized. I do have bayes, which I
do train with my own
Am 04.09.2014 um 19:08 schrieb Ted Mittelstaedt:
there are no countermeasures for a spammer against make it
on a RBL or use a zombie on a infected machine and get
blocked by Dialup-RBL's before the first mail or by
get rejected because the dynamic PTR of the infected
zombie
Yes, there
Am 04.09.2014 um 19:25 schrieb Reindl Harald:
Now as for dynamic or dialup RBLs go, UNFORTUNATELY although
many responsible ISPs do insert the word dynamic or dialup
in the PTRs of their dialup or dynamic pools, a great many
still do not. Which means the RBL's that track those need
to try
Hi
i got recently a clear spam message which would have
a score of 6.9 but RP_MATCHES_RCVD removed 1.7 points
is that not a little too much?
* X-Spam-Status: Yes, score=5.2, tag-level=4.5, block-level=8
* 5.0 BAYES_95 BODY: Bayes spam probability is 95 to 99%
* -1.7 RP_MATCHES_RCVD Envelope
Am 05.09.2014 um 08:40 schrieb Adi:
i got recently a clear spam message which would have
a score of 6.9 but RP_MATCHES_RCVD removed 1.7 points
is that not a little too much?
think so too. I set it into local.cf:
score RP_MATCHES_RCVD -0.1
thanks for confirmation
i give it even -0.5
Am 05.09.2014 um 09:04 schrieb Matus UHLAR - fantomas:
On 05.09.14 08:37, Reindl Harald wrote:
i got recently a clear spam message which would have
a score of 6.9 but RP_MATCHES_RCVD removed 1.7 points
is that not a little too much?
yes, it is, mentioned multiple times.
* X-Spam-Status
Am 05.09.2014 um 09:19 schrieb Matus UHLAR - fantomas:
Am 05.09.2014 um 09:04 schrieb Matus UHLAR - fantomas:
and I see more things that are way too much
5.0 BAYES_95
tag-level=4.5
On 05.09.14 09:13, Reindl Harald wrote:
# adjust IADB scoring (way too high defaults)
score
Am 05.09.2014 um 16:49 schrieb Mike Grau:
I'm testing versions that insist on .php and am getting very good
results. Thanks to the OP for pointing this out!
I'm also getting WP phishing urls that end in /, like so:
... /wp-includes/logs/
Presumably, this is the equivalent of
Am 09.09.2014 um 03:45 schrieb Karsten Bräckelmann:
This incidence is part of the initial round of IANA accepting generic
TLDs. There's hundreds in this wave, and some are abused early. This is
moonshine registration, nothing like new TLDs being accepted in the
coming years.
Or is it? Will
something is here terrible wrong
why does average is preferred over excellent
why do H3 and H4 get a very less WL score?
recently a clear spam message slipped by the -1.7 through
describe RCVD_IN_MSPIKE_H2 Average reputation (+2)
describe RCVD_IN_MSPIKE_H3 Good reputation (+3)
describe
Am 10.09.2014 um 13:33 schrieb Matus UHLAR - fantomas:
On 10.09.14 13:22, Reindl Harald wrote:
something is here terrible wrong
why does average is preferred over excellent
why do H3 and H4 get a very less WL score?
I'd say, it's because of number of spams/hams received from hosts
Am 10.09.2014 um 16:50 schrieb Jose Borges Ferreira:
On Wed, Sep 10, 2014 at 12:22 PM, Reindl Harald h.rei...@thelounge.net
wrote:
something is here terrible wrong
why does average is preferred over excellent
why do H3 and H4 get a very less WL score?
recently a clear spam message
not a big deal but the second line has a rounding bug
or maybe it don't round but just cut the comma part
Sep 11 16:54:46 localhost spamd[8205]: spamd: identified spam (8.0/4.5) for
sa-milt:189.
Sep 11 16:54:46 localhost spamd[8205]: spamd: result: Y 7 -
BAYES_99,BAYES_999,DKIM_SIGNED
Am 12.09.2014 um 15:26 schrieb Giles Coochey:
On 12/09/2014 13:47, Rick Macdougall wrote:
I have used imap-sa-learn.pl for years. Works great.
Google imap-sa-learn.pl to get the perl source code.
Wouldn't mind using it, but don't think I can get it working as my IMAP
server requires SSL
Am 12.09.2014 um 17:48 schrieb Giles Coochey:
On 12/09/2014 14:30, Reindl Harald wrote:
Wouldn't mind using it, but don't think I can get it working as my IMAP
server requires SSL
have you tried it?
these days almost anything works with SSL
because common used libraries
It times out
Hi
score LIST_PARTIAL 2.000 1.999 2.000 1.999
that feels too high, as example we add List-Unsubscribe
headers in case of ordiany newsletters to support MUA
which read that header (for TB a extension exists)
IMHO that penalty hits senders which try to be responsible
Am 16.09.2014 um 12:46 schrieb John Wilcock:
Le 16/09/2014 12:24, Reindl Harald a écrit :
score LIST_PARTIAL 2.000 1.999 2.000 1.999
that feels too high, as example we add List-Unsubscribe
headers in case of ordiany newsletters to support MUA
which read that header (for TB a extension
Am 16.09.2014 um 12:51 schrieb Reindl Harald:
Am 16.09.2014 um 12:46 schrieb John Wilcock:
I have a low-scored local rule for List-Unsubscribe: without List-Id:, and
it does indeed see hits on legit
newsletters as well as plenty of not-so-legit ones. But not one of the legit
newsletters
Am 16.09.2014 um 14:07 schrieb John Wilcock:
Le 16/09/2014 13:29, Reindl Harald a écrit :
works, however, the penalty of 2 for 'List-Unsubscribe' without 'List-Id'
feels a little bit unfair
What's unfair about being penalised for not being standards-compliant?
RFC2919 states
Am 16.09.2014 um 16:01 schrieb John Hardin:
On Tue, 16 Sep 2014, Reindl Harald wrote:
Le 16/09/2014 12:24, Reindl Harald a écrit :
score LIST_PARTIAL 2.000 1.999 2.000 1.999
that feels too high, as example we add List-Unsubscribe headers in case
of ordiany newsletters to support MUA
which
Am 16.09.2014 um 16:20 schrieb John Hardin:
On Tue, 16 Sep 2014, Reindl Harald wrote:
Am 16.09.2014 um 16:01 schrieb John Hardin:
On Tue, 16 Sep 2014, Reindl Harald wrote:
Le 16/09/2014 12:24, Reindl Harald a écrit :
score LIST_PARTIAL 2.000 1.999 2.000 1.999
that feels too high
Am 16.09.2014 um 17:11 schrieb RW:
On Tue, 16 Sep 2014 16:07:47 +0200
Reindl Harald wrote:
in that case not, but depends on some wired HTML, bad chosen
subject or so hit another rule where 2 points penalty may
come closer to spam, keep in mind nobody knows how good or
bad a bayes
Hi
for some mailing-lists a more_spam_from would make
sense instead whitelist a sender- is there a rule i
don't see or has somebody a working one for local.cf?
honestly i would like to have 4 options depending
on sender or RCPT
* more_spam (-2)
* most_spam (-4)
* lot_of_spam (-6)
* all_spam
Am 17.09.2014 um 11:31 schrieb Axb:
On 09/17/2014 10:51 AM, Reindl Harald wrote:
Hi
for some mailing-lists a more_spam_from would make
sense instead whitelist a sender- is there a rule i
don't see or has somebody a working one for local.cf?
honestly i would like to have 4 options
Am 17.09.2014 um 14:43 schrieb RW:
On Wed, 17 Sep 2014 11:50:43 +0200
Reindl Harald wrote:
what i want to achieve is 4 levels of negative score for
both - FROM and TO just because it makes sense to handle
some mailing lists different without whitelist them completly
and the same
Am 17.09.2014 um 16:27 schrieb Jesse Norell:
On Wed, 2014-09-17 at 14:54 +0200, Reindl Harald wrote:
Am 17.09.2014 um 14:43 schrieb RW:
On Wed, 17 Sep 2014 11:50:43 +0200
Reindl Harald wrote:
what i want to achieve is 4 levels of negative score for
both - FROM and TO just because it makes
Am 17.09.2014 um 16:47 schrieb Axb:
On 09/17/2014 04:27 PM, Jesse Norell wrote:
snip
Just a thought - maybe a config setting to not do automatic bayes
training for a give from/to addr would be more appropriate? Say a meta
rule (more a flag but I don't know enough SA rules to know if
Am 17.09.2014 um 21:10 schrieb Jari Fredriksson:
What kind of simple load balancers are you using? I have been using just
DNS multiple address but that does not work any more. Something a *bit*
more intelligent is needed
have you considered how to reduce the amount making it
to SA at all? 3
Am 17.09.2014 um 23:51 schrieb RW:
On Wed, 17 Sep 2014 17:24:10 +0200
Reindl Harald wrote:
please read my previous message
what i asked is careful considered and exactly what i need
even if you could reach something similar with other ways
because the admin backend needs to be understood
Am 18.09.2014 um 21:58 schrieb Bob Proulx:
Jari Fredriksson wrote:
haproxy is just a small app capable of working as a proxy for http
or plain tcp connections. HA.
What are you using for the Bayes database on the distributed compute
farm? (Just curious...)
something like MySQL is a
Am 19.09.2014 um 13:44 schrieb RW:
On Thu, 18 Sep 2014 22:09:23 -0700
Ian Zimmerman wrote:
On Wed, 17 Sep 2014 13:43:49 +0100,
RW rwmailli...@googlemail.com wrote:
RW A lot of people don't put mailing lists through Spamassassin, most
RW of them have already been spam filtered, and to get
Am 19.09.2014 um 14:42 schrieb Martin Gregorie:
On Fri, 2014-09-19 at 13:47 +0200, Reindl Harald wrote:
Most DNSBL tests are done on the last relay into the internal network.
I'm not say this should be done, I'm saying that it's one reason why
scanning mailing list can be more trouble than
http://www.antivirushelptool.com/spamassassin/header/USER_IN_DEF_DKIM_WL
that's too much and gives even a message on systems where
BAYES_99 and BAYES_999 would reach 8.0 a negative score
adjusted also some other scores in local.cf
reputation to prevent from false positives is good
but not that
Am 20.09.2014 um 23:54 schrieb RW:
On Sat, 20 Sep 2014 15:48:05 +0200
Reindl Harald wrote:
http://www.antivirushelptool.com/spamassassin/header/USER_IN_DEF_DKIM_WL
that's too much and gives even a message on systems where
BAYES_99 and BAYES_999 would reach 8.0 a negative score
Do you
Am 21.09.2014 um 03:29 schrieb John Hardin:
On Sun, 21 Sep 2014, Reindl Harald wrote:
Am 20.09.2014 um 23:54 schrieb RW:
On Sat, 20 Sep 2014 15:48:05 +0200
Reindl Harald wrote:
http://www.antivirushelptool.com/spamassassin/header/USER_IN_DEF_DKIM_WL
that's too much and gives even
is best treated as a
stain, washed away with good rules :-)
what about just shut up instead starting flamewars on
every list we both meet if you have nothing to say?
On 9/21/14, RW rwmailli...@googlemail.com wrote:
On Sat, 20 Sep 2014 15:48:05 +0200
Reindl Harald wrote:
http
1 - 100 of 1405 matches
Mail list logo
