translations of SpamAssassin descriptions?
Are SpamAssassin descriptions available in other languages? For example, the following would produce SpamAssassin output below - are localized versions of it available anywhere? $ cat /tmp/new.eml | spamassassin -Lt (...) Content analysis details: (-1.9 points, 5.0 required) pts rule name description -- -- -1.9 RP_MATCHES_RCVDEnvelope sender domain matches handover relay domain 0.0 T_FRT_CLICKBODY: ReplaceTags: Click 0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid -- Tomasz Chmielewski http://wpkg.org
Re: translations of SpamAssassin descriptions?
W dniu 12.09.2011 13:18, Tomasz Chmielewski pisze: Are SpamAssassin descriptions available in other languages? For example, the following would produce SpamAssassin output below - are localized versions of it available anywhere? $ cat /tmp/new.eml | spamassassin -Lt [...] Hello, short answer: yes. spamc -R q1R2977-3240678 [...]X-Szczegoly:(poczta.cibet.pl)(16.3 points) pts rule name description -- - 2.6 RCVD_IN_BL_SPAMCOP_NET RBL: Odebrane od systemu klasy RELAY w/g: bl.spamcop.net [Blocked - see http://www.spamcop.net/bl.shtml?82.91.13.8] 0.4 RCVD_IN_XBLRBL: Received via a relay in Spamhaus XBL [82.91.13.8 listed in zen.spamhaus.org] 0.8 RCVD_IN_SORBS_WEB RBL: SORBS: nadawca posiada nadu�ywany serwer WWW [...] Did you set locale to pl? Regards
Re: SA on outgoing SMTP servers
Am 09.09.2011 17:20, schrieb Matus UHLAR - fantomas: due to many spam problems (outbreaks) in history, we check for spamminess on outgoing mail servers. However there are rules that should not apply on them. - Dynamic/blacklist (except URIBL) checks I can avoid these by defining local server to msa_networks - ALL_TRUSTED I'm sure I have to turn this off, does it also apply to dependencies? What about !ALL_TRUSTED dependencies? - SPF checks While we should reject/quarantine e-mail that does not match SPF, it should not apply to domains we are designed to send mail for . (SPF records include us) ... any other ideas? On 09.09.11 20:17, Robert Schetterer wrote: try using clamav-milter with sanesecurity antispam signatures this should avoid a lot of outgoing spam Maybe, but this is not what I have asked for, and it won't help me a bit resolving my problem, sorry. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Chernobyl was an Windows 95 beta test site.
Re: translations of SpamAssassin descriptions?
On 12.09.2011 13:25, Marcin Mirosław wrote: W dniu 12.09.2011 13:18, Tomasz Chmielewski pisze: Are SpamAssassin descriptions available in other languages? For example, the following would produce SpamAssassin output below - are localized versions of it available anywhere? $ cat /tmp/new.eml | spamassassin -Lt [...] Hello, short answer: yes. What's the long answer? Did you set locale to pl? Set to pl_PL.UTF-8: Szczeg��y analizy zawarto�ci: (-1.9 zaliczonych, 5.0 wymaganych) pkt nazwa regu�y kr�tki opis -- --- -1.9 RP_MATCHES_RCVDEnvelope sender domain matches handover relay domain 0.0 T_FRT_CLICKBODY: ReplaceTags: Click 0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid Set to pt_PT.UTF-8: pts regra descri��o -- -- -1.9 RP_MATCHES_RCVDEnvelope sender domain matches handover relay domain 0.0 T_FRT_CLICKBODY: ReplaceTags: Click 0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid So, rule descriptions are not translated. Do I have to set anything else? -- Tomasz Chmielewski http://wpkg.org
Re: translations of SpamAssassin descriptions?
W dniu 12.09.2011 13:59, Tomasz Chmielewski pisze: On 12.09.2011 13:25, Marcin Mirosław wrote: Hello, short answer: yes. What's the long answer? I wanted to say as a user i know there are available translations, but i don't know informations about how many translations are available or if are them up to date. [...] So, rule descriptions are not translated. Do I have to set anything else? I've found polish translations in file /var/lib/[..]/30_text_pl.cf , you should have it. I've tested on my box what to do to have description not translated;) Enviroment variable LANGUAGE is responsible for version of description used in report: $ LANGUAGE=de ;spamassassin -xtL q1R35OW-38036633 3.8 BAYES_99 BODY: Spamwahrscheinlichkeit nach Bayes-Test: 99-100% $ LANGUAGE=nl ;spamassassin -xtL q1R35OW-38036633 3.8 BAYES_99 BODY: Bayesiaanse kans op spam is 99 tot 100% [score: 1.] 0.0 HTML_MESSAGE BODY: HTML opgenomen in het bericht 0.0 HTML_FONT_SIZE_LARGE BODY: HTML font size is large 1.8 MIME_HEADER_CTYPE_ONLY 'Content-Type' gevonden zonder de benodigde MIME headers 0.2 KHOP_SC_TOP_CIDR8 Relay CIDR /8 leads SpamCop in worst /8s 2.6 SINGLE_HEADER_1K A single header contains 1K-2K characters Regrads
Re: translations of SpamAssassin descriptions?
On 12.09.2011 14:42, Marcin Mirosław wrote: I've found polish translations in file /var/lib/[..]/30_text_pl.cf , you should have it. I've tested on my box what to do to have description not translated;) Enviroment variable LANGUAGE is responsible for version of description used in report: $ LANGUAGE=de ;spamassassin -xtL q1R35OW-38036633 3.8 BAYES_99 BODY: Spamwahrscheinlichkeit nach Bayes-Test: 99-100% OK, I see only few descriptions are really translated, and the language I'm interested in mostly (Portuguese) barely has any translations: # wc -l /usr/share/spamassassin/30_text* 401 /usr/share/spamassassin/30_text_de.cf 287 /usr/share/spamassassin/30_text_fr.cf 35 /usr/share/spamassassin/30_text_it.cf 278 /usr/share/spamassassin/30_text_nl.cf 268 /usr/share/spamassassin/30_text_pl.cf 69 /usr/share/spamassassin/30_text_pt_br.cf And if the description is not available in a given language, it will be displayed in English. I.e. for Polish, it would translate just HTML_MESSAGE: Szczeg��y analizy zawarto�ci: (3.3 zaliczonych, 5.0 wymaganych) $ LANGUAGE=pl ; spamassassin -xtL /tmp/new.eml (...) pkt nazwa regu�y kr�tki opis -- --- 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (e.thomps[at]aol.com) 0.0 HTML_MESSAGE BODY: Wiadomo�� zawiera kod HTML 0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid 3.3 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different freemails 0.0 T_TO_NO_BRKTS_FREEMAIL To: misformatted and free email service For pt_br, it wouldn't translate anything: $ LANGUAGE=pt_br ; spamassassin -xtL /tmp/new.eml (...) pts regra descri��o -- -- 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (e.thomps[at]aol.com) 0.0 HTML_MESSAGE BODY: HTML included in message 0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid 3.3 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different freemails 0.0 T_TO_NO_BRKTS_FREEMAIL To: misformatted and free email service Does anyone have any more translations? :) -- Tomasz Chmielewski http://wpkg.org
Re: translations of SpamAssassin descriptions?
On 2011-09-12 14:58, Tomasz Chmielewski wrote: On 12.09.2011 14:42, Marcin Mirosław wrote: I've found polish translations in file /var/lib/[..]/30_text_pl.cf , you should have it. I've tested on my box what to do to have description not translated;) Enviroment variable LANGUAGE is responsible for version of description used in report: $ LANGUAGE=de ;spamassassin -xtL q1R35OW-38036633 3.8 BAYES_99 BODY: Spamwahrscheinlichkeit nach Bayes-Test: 99-100% OK, I see only few descriptions are really translated, and the language I'm interested in mostly (Portuguese) barely has any translations: language mantainers are welcome.
Re: translations of SpamAssassin descriptions?
On 12.09.2011 15:01, Axb wrote: On 2011-09-12 14:58, Tomasz Chmielewski wrote: On 12.09.2011 14:42, Marcin Mirosław wrote: I've found polish translations in file /var/lib/[..]/30_text_pl.cf , you should have it. I've tested on my box what to do to have description not translated;) Enviroment variable LANGUAGE is responsible for version of description used in report: $ LANGUAGE=de ;spamassassin -xtL q1R35OW-38036633 3.8 BAYES_99 BODY: Spamwahrscheinlichkeit nach Bayes-Test: 99-100% OK, I see only few descriptions are really translated, and the language I'm interested in mostly (Portuguese) barely has any translations: language mantainers are welcome. Is there a way to get ALL rule names used by a given spamassassin installation, together with their descriptions? Say, this non-existing switch to spamassassin would print all possible rules: $ LANGUAGE=de ; spamassassin --show-rules (...) 0.0 HTML_MESSAGE BODY: Nachricht enth�lt HTML 0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid This way, it would be easy to see what's translated for a given language (and, add the translations / contribute them back). -- Tomasz Chmielewski http://wpkg.org
Re: translations of SpamAssassin descriptions?
Le 12/09/2011 15:20, Tomasz Chmielewski a écrit : Is there a way to get ALL rule names used by a given spamassassin installation, together with their descriptions? grep -R describe /var/lib/spamassassin/3.003002/ would probably be a good place to start John. -- -- Over 4000 webcams from ski resorts around the world - www.snoweye.com -- Translate your technical documents and web pages- www.tradoc.fr
Re: critsend (/gridsend?)... what's the(ir) trick?
On 9/12/11 1:14 AM, Yanek wrote: Well, I don't use spamc. SA is called by amavisd-new, but I don't think that makes any difference, does it? The message posted here (http://pastebin.com/dpnYY16K) is 30k big. since this is amavisd-new, I would suggest starting over again in the amavisd-new users group. (please don't crosspost, people replying might get bounces) looking at these headers, I only see this Received: from localhost (vscan1 [10.10.10.15]) by smtp.abetternet.net (Postfix) with ESMTP id 742831A8351 forya...@abetternet.net; Thu, 8 Sep 2011 01:34:23 +0200 (CEST) X-Virus-Scanned: antivirus scanner at abetternet.net this seems to bean that 10.10.10.15 is running amavisd-new, right? and that in your amavisd.conf file you have something like this: $X_HEADER_LINE = $myproduct_name $myversion_id at $myhostname; or, you have '$myproduct_name = 'antivirus scanner'; myhostname='abetternet.net'? but I don't see any other amavisd-new headers. also, you make MOST of your SA settings in the amavisd.conf file, NOT ../local.cf set $sa_tag_level_deflt = -999; (default is 2.0), set it in amavisd.conf and then restart amavisd-new. if that didn't help by adding more status lines, then ask in amavisd-new group. again, this is most likely an amavisd.conf issue, so start your question in the amavisd-new users group. don't assume they read spamassassin group. some do, some don't. -- Michael Scheidell, CTO o: 561-999-5000 d: 561-948-2259 *| *SECNAP Network Security Corporation * Best Mobile Solutions Product of 2011 * Best Intrusion Prevention Product * Hot Company Finalist 2011 * Best Email Security Product * Certified SNORT Integrator __ This email has been scanned and certified safe by SpammerTrap(r). For Information please see http://www.spammertrap.com/ __
Re: translations of SpamAssassin descriptions?
On 2011-09-12 15:36, John Wilcock wrote: Le 12/09/2011 15:20, Tomasz Chmielewski a écrit : Is there a way to get ALL rule names used by a given spamassassin installation, together with their descriptions? grep -R describe /var/lib/spamassassin/3.003002/ would probably be a good place to start John. take in account that rules which are autopromoted from sandboxes and which may only be active for a short period, may never see a translation. Rules which are deprecated will probably keep an orphaned descritpion from the lang files. best will probably be to skip translations for rules in 72_scores.cf. Those are the ones which come and go...
Re: translations of SpamAssassin descriptions?
On Mon, 12 Sep 2011, Tomasz Chmielewski wrote: Is there a way to get ALL rule names used by a given spamassassin installation, together with their descriptions? Say, this non-existing switch to spamassassin would print all possible rules: $ LANGUAGE=de ; spamassassin --show-rules (...) 0.0 HTML_MESSAGE BODY: Nachricht enth???lt HTML 0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid This way, it would be easy to see what's translated for a given language (and, add the translations / contribute them back). Not presently, no, but that strikes me as a useful tool and fairly easy to implement. It's also be a good way to check what rules are locally disabled. You might want to submit a feature request so that it can be tracked formally. -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- Liberals love sex ed because it teaches kids to be safe around their sex organs. Conservatives love gun education because it teaches kids to be safe around guns. However, both believe that the other's education goals lead to dangers too terrible to contemplate. --- 5 days until the 224th anniversary of the signing of the U.S. Constitution
Re: How to get rid of spam with From spoofed to my own domain
Date: Sun, 11 Sep 2011 17:02:58 -0700 (PDT) From: John Hardin jhar...@impsec.org To: users@spamassassin.apache.org Subject: Re: How to get rid of spam with From spoofed to my own domain On Sun, 11 Sep 2011, René Berber wrote: On 9/11/2011 3:47 PM, rutra80 wrote: Hello, lately I receive spam which looks like coming from my domain, sometimes it is spoofed like coming from accounts that don't exist, and sometimes from the ones that really do. The only SA rule that it triggers is Bayesian one, with nearly 100% probability - it assigns 3.5 points, but my rejection limit is set to 4.5 and I'm not eager to lower it. What would be the most elegant and technically correct way to get rid of the problem? 1. Require authentication. 2. SPF. 3. If your domain's mail will only ever originate from your MTA, then set up your MTA to reject any mail having a From address in your domain unless it comes from your trusted network(s). John Hardin -- My MTA is Sendmail and I use Milter-Regex which can compare against the server's proper IP address and reject any that You are not me. Not sure if this fits your issue, but sounds like it. If not using Sendmail, then something like milter-regex perhaps. Jack (^_^) Happy trails, Jack L. Stone System Admin Sage-american
Re: translations of SpamAssassin descriptions?
Hi! If you are intrested in Portuguese translations check this ( http://old.nabble.com/Questions-about-translating-rules-descriptions-td30642308.html). I'm not sure if the bug was actually open, but ,at least, you can have the translated file. José Borges Ferreira PS: It's pt_BR and not pt_PT. 2011/9/12 Tomasz Chmielewski man...@wpkg.org On 12.09.2011 14:42, Marcin Mirosław wrote: I've found polish translations in file /var/lib/[..]/30_text_pl.cf , you should have it. I've tested on my box what to do to have description not translated;) Enviroment variable LANGUAGE is responsible for version of description used in report: $ LANGUAGE=de ;spamassassin -xtL q1R35OW-38036633 3.8 BAYES_99 BODY: Spamwahrscheinlichkeit nach Bayes-Test: 99-100% OK, I see only few descriptions are really translated, and the language I'm interested in mostly (Portuguese) barely has any translations: # wc -l /usr/share/spamassassin/30_text* 401 /usr/share/spamassassin/30_text_de.cf 287 /usr/share/spamassassin/30_text_fr.cf 35 /usr/share/spamassassin/30_text_it.cf 278 /usr/share/spamassassin/30_text_nl.cf 268 /usr/share/spamassassin/30_text_pl.cf 69 /usr/share/spamassassin/30_text_pt_br.cf And if the description is not available in a given language, it will be displayed in English. I.e. for Polish, it would translate just HTML_MESSAGE: Szczeg��y analizy zawarto�ci: (3.3 zaliczonych, 5.0 wymaganych) $ LANGUAGE=pl ; spamassassin -xtL /tmp/new.eml (...) pkt nazwa regu�y kr�tki opis -- --- 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (e.thomps[at]aol.com) 0.0 HTML_MESSAGE BODY: Wiadomo�� zawiera kod HTML 0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid 3.3 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different freemails 0.0 T_TO_NO_BRKTS_FREEMAIL To: misformatted and free email service For pt_br, it wouldn't translate anything: $ LANGUAGE=pt_br ; spamassassin -xtL /tmp/new.eml (...) pts regra descri��o -- -- 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (e.thomps[at]aol.com) 0.0 HTML_MESSAGE BODY: HTML included in message 0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid 3.3 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different freemails 0.0 T_TO_NO_BRKTS_FREEMAIL To: misformatted and free email service Does anyone have any more translations? :) -- Tomasz Chmielewski http://wpkg.org
Some SpamAssassin Score Translations Please ?
Came across these in one of my SpamAssassin reports... Can someone please help me with what they mean exactly so that I can try to pinpoint what is triggering this. Thanks! 5.0 CT_MAILBOX_QUOTA Fake Mailbox Quota Phish 8.0 CT_QUOTA_PHISH Quota Phishing Kind Regards, Tom
Re: Some SpamAssassin Score Translations Please ?
On 9/12/2011 12:36 PM, Thomas Grossmann wrote: Came across these in one of my SpamAssassin reports... Can someone please help me with what they mean exactly so that I can try to pinpoint what is triggering this. Thanks! 5.0 CT_MAILBOX_QUOTA Fake Mailbox Quota Phish 8.0 CT_QUOTA_PHISH Quota Phishing Those do not appear to be standard rules. Search your local rules directory for the rule name. If you find it, post the rule definition and we can tell you what it does. -- Bowie
Re: translations of SpamAssassin descriptions?
On 12.09.2011 18:26, Jose Borges Ferreira wrote: Hi! If you are intrested in Portuguese translations check this ( http://old.nabble.com/Questions-about-translating-rules-descriptions-td30642308.html ). I'm not sure if the bug was actually open, but ,at least, you can have the translated file. Thanks much! -- Tomasz Chmielewski http://wpkg.org
Re: How to get rid of spam with From spoofed to my own domain
On 9/11/2011 20:02, John Hardin wrote: On Sun, 11 Sep 2011, René Berber wrote: On 9/11/2011 3:47 PM, rutra80 wrote: Hello, lately I receive spam which looks like coming from my domain, sometimes it is spoofed like coming from accounts that don't exist, and sometimes from the ones that really do. The only SA rule that it triggers is Bayesian one, with nearly 100% probability - it assigns 3.5 points, but my rejection limit is set to 4.5 and I'm not eager to lower it. What would be the most elegant and technically correct way to get rid of the problem? 1. Require authentication. 2. SPF. 3. If your domain's mail will only ever originate from your MTA, then set up your MTA to reject any mail having a From address in your domain unless it comes from your trusted network(s). 4. If #3 is not feasible, validate apparently-local sender addresses and reject messages with invalid sender addresses. This will reduce the number of messages that require more costly processing. -- Paul Russell, Senior Systems Administrator OIT Messaging Services Team University of Notre Dame
Re: Some SpamAssassin Score Translations Please ?
On Mon, 12 Sep 2011, Thomas Grossmann wrote: Came across these in one of my SpamAssassin reports... Can someone please help me with what they mean exactly so that I can try to pinpoint what is triggering this. Please do not reply to an existing thread and then completely change the topic like that. It breaks threading and may keep people from reading your question if they've decided the existing thread isn't interesting. Start a new thread with a subject that accurately describes the topic. Thanks. -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- There is no doubt in my mind that millions of lives could have been saved if the people were not brainwashed about gun ownership and had been well armed. ... Gun haters always want to forget the Warsaw Ghetto uprising, which is a perfect example of how a ragtag, half-starved group of Jews took 10 handguns and made asses out of the Nazis.-- Theodore Haas, Dachau survivor --- 5 days until the 224th anniversary of the signing of the U.S. Constitution
Re: Some SpamAssassin Score Translations Please ?
yOn Mon, 12 Sep 2011, John Hardin wrote: On Mon, 12 Sep 2011, Thomas Grossmann wrote: Came across these in one of my SpamAssassin reports... Can someone please help me with what they mean exactly so that I can try to pinpoint what is triggering this. Please do not reply to an existing thread and then completely change the topic like that. It breaks threading and may keep people from reading your question if they've decided the existing thread isn't interesting. ...dammit. Never mind, that subject was too close to the subject from the preceding message, rant withdrawn. Sorry. -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- 5 days until the 224th anniversary of the signing of the U.S. Constitution
commercial ESP for forwarded SMTP?
We'll be deploying a mail server on a Rackspace cloud server, and they suggested that because their offering is 'utility computing' the IP addresses included are dirty (in a blacklist kind of way) and we should use a commercial ESP such as SendGrid, PostMark, CritSend, CloudSMTP, or the like. Has anybody done research in this field? Any favorites? We'll just be forwarding our outgoing SMTP traffic to their service for its quality of deliverability. I doubt we'll use any of reporting features, or even SPF/DKIM. Quinn -- Strangecode, LLC http://www.strangecode.com/ +1 530 636 2633
Re: commercial ESP for forwarded SMTP?
Hi, Quinn, On 9/13/11 2:39 AM, Quinn Comendant wrote: We'll be deploying a mail server on a Rackspace cloud server, and they suggested that because their offering is 'utility computing' the IP addresses included are dirty (in a blacklist kind of way) and we should use a commercial ESP such as SendGrid, PostMark, CritSend, CloudSMTP, or the like. Has anybody done research in this field? Any favorites? We'll just be forwarding our outgoing SMTP traffic to their service for its quality of deliverability. I doubt we'll use any of reporting features, or even SPF/DKIM. my company is offering such a service, contact me off-list if you're interested. Regards, /rolf