Re: [AMaViS-user] Anyone else gets these?
CRivera, This is a higly annoying mail that started to flow through late yesterday, it doesn't get tagged at all, and I have the lower score set to 1.4 I posted about this to the list last week under the subject Stock tips Emails I am at a loss here on what to do, I have sare_stocks along with RBLS, SURBLS, DCC, PYZOR, and a pretty effective rule set which keeps everything else out. I disabled bayes and dspam for various reasons, but on a non-production system we have, it still does not catch them. Im open to any ideas here, and I apologize since I know this is more of an SA question than an amavisd-new question. Targeted rules on such touble-spam are the most effective: body L_MXXR /\b(MXXR|EQTD|AUNI|EGLY|Innomax)\b/ score L_MXXR 5 Also it usually hits BAYES_99 and L_P0F_W or L_P0F_WXP here, helping to tip it over the thershold. - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Anyone else gets these?
This is a higly annoying mail that started to flow through late yesterday, it doesn't get tagged at all, and I have the lower score set to 1.4 I posted about this to the list last week under the subject Stock tips Emails I am at a loss here on what to do, I have sare_stocks along with RBLS, SURBLS, DCC, PYZOR, and a pretty effective rule set which keeps everything else out. I disabled bayes and dspam for various reasons, but on a non-production system we have, it still does not catch them. Im open to any ideas here, and I apologize since I know this is more of an SA question than an amavisd-new question. (All the e-mail code): From - Thu Oct 26 18:38:22 2006 X-Mozilla-Status: 0001 X-Mozilla-Status2: Return-Path: [EMAIL PROTECTED] Received: from mail.the-server.net (192.168.222.210 [192.168.222.210]) by iris (Cyrus v2.1.15) with LMTP; Thu, 26 Oct 2006 18:37:57 +0200 X-Sieve: CMU Sieve 2.2 Received: from amavis.the-server.net (localhost [127.0.0.1]) by mail.the-server.net (Postfix) with ESMTP id 0A0851164 for [EMAIL PROTECTED]; Thu, 26 Oct 2006 18:37:57 +0200 (CEST) X-Virus-Scanned: amavisd-new, Kaspersky, NOD32 F-Secure AV at the-server.net Received: from mail.the-server.net ([127.0.0.1]) by amavis.the-server.net (siri.the-server.net [127.0.0.1]) (amavisd-new, port 10024) with LMTP id YZ1-ujHi-6CQ for [EMAIL PROTECTED]; Thu, 26 Oct 2006 18:37:12 +0200 (CEST) Received: from bvbv-e588b597e1 (pD9FDC3FE.dip.t-dialin.net [217.253.195.254]) by mail.the-server.net (Postfix) with ESMTP id 0092810E9 for [EMAIL PROTECTED]; Thu, 26 Oct 2006 18:37:11 +0200 (CEST) Received: from 203.199.107.114 (HELO mail.bhorukas.com) by norrbring.se with esmtp (81YP6PKHR7 2F0C) id 0HLBKF-H63YI8-KW for [EMAIL PROTECTED]; Thu, 26 Oct 2006 16:37:15 -0060 From: Aurelia Park [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: said Leslie Looney, who Date: Thu, 26 Oct 2006 16:37:15 -0060 Message-ID: [EMAIL PROTECTED] MIME-Version: 1.0 Content-Type: text/plain; charset=Windows-1252 Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Office Outlook, Build 11.0.6353 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Thread-Index: Aca6QV91BHH7RMS407OVOXKXNL0BC7== We are living in a time of natural resources , and those with the natural resources are those with the power and money. belongings, gold, oil; all at record highs. It's where you need to be. Our next feature has attained that position, and is now starting heavy weight advertising to let everybody know it. This company is none other than AUNI. AUNI is specialized in mineral wealth ventures. An incredible breakthrough is coming out of the company and will be backed up with a smashing publicity blitz. --- AUNI . OB Cap: 92.85M --- After a slight pullback on Wednesday, we are certain to see a soar of over 300% over the next week. There is no reason you should disallow yourself to benefit from a big break. Don't let this one slip by. [attachment smime.p7s deleted by Carlos Rivera/GA/CheckFree] - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Anyone else gets these?
This is a higly annoying mail that started to flow through late yesterday, it doesn't get tagged at all, and I have the lower score set to 1.4 (All the e-mail code): From - Thu Oct 26 18:38:22 2006 X-Mozilla-Status: 0001 X-Mozilla-Status2: Return-Path: [EMAIL PROTECTED] Received: from mail.the-server.net (192.168.222.210 [192.168.222.210]) by iris (Cyrus v2.1.15) with LMTP; Thu, 26 Oct 2006 18:37:57 +0200 X-Sieve: CMU Sieve 2.2 Received: from amavis.the-server.net (localhost [127.0.0.1]) by mail.the-server.net (Postfix) with ESMTP id 0A0851164 for [EMAIL PROTECTED]; Thu, 26 Oct 2006 18:37:57 +0200 (CEST) X-Virus-Scanned: amavisd-new, Kaspersky, NOD32 F-Secure AV at the-server.net Received: from mail.the-server.net ([127.0.0.1]) by amavis.the-server.net (siri.the-server.net [127.0.0.1]) (amavisd-new, port 10024) with LMTP id YZ1-ujHi-6CQ for [EMAIL PROTECTED]; Thu, 26 Oct 2006 18:37:12 +0200 (CEST) Received: from bvbv-e588b597e1 (pD9FDC3FE.dip.t-dialin.net [217.253.195.254]) by mail.the-server.net (Postfix) with ESMTP id 0092810E9 for [EMAIL PROTECTED]; Thu, 26 Oct 2006 18:37:11 +0200 (CEST) Received: from 203.199.107.114 (HELO mail.bhorukas.com) by norrbring.se with esmtp (81YP6PKHR7 2F0C) id 0HLBKF-H63YI8-KW for [EMAIL PROTECTED]; Thu, 26 Oct 2006 16:37:15 -0060 From: Aurelia Park [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: said Leslie Looney, who Date: Thu, 26 Oct 2006 16:37:15 -0060 Message-ID: [EMAIL PROTECTED] MIME-Version: 1.0 Content-Type: text/plain; charset=Windows-1252 Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Office Outlook, Build 11.0.6353 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Thread-Index: Aca6QV91BHH7RMS407OVOXKXNL0BC7== We are living in a time of natural resources , and those with the natural resources are those with the power and money. belongings, gold, oil; all at record highs. It's where you need to be. Our next feature has attained that position, and is now starting heavy weight advertising to let everybody know it. This company is none other than AUNI. AUNI is specialized in mineral wealth ventures. An incredible breakthrough is coming out of the company and will be backed up with a smashing publicity blitz. --- AUNI . OB Cap: 92.85M --- After a slight pullback on Wednesday, we are certain to see a soar of over 300% over the next week. There is no reason you should disallow yourself to benefit from a big break. Don't let this one slip by. smime.p7s Description: S/MIME Cryptographic Signature - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Anyone else gets these?
Mark Martinec skrev: Anders, It also hits SARE_MLB_Stock6 and SARE_LWSYMFMT here. Hmmm... I haven't even seen those rules on rules emporium... Where are they found, and can they be used with rules_du_jour? 70_sare_stocks.cf Not sure how/when I got them, the file here dates a week ago. Weird... I have 70_sare_stocks as well, downloaded it today! Makes me wonder if SA actually use it... But according to the horrendous -D --lint output below, it sure does parse it.. spamassassin -D --lint [15641] dbg: logger: adding facilities: all [15641] dbg: logger: logging level is DBG [15641] dbg: generic: SpamAssassin version 3.1.7 [15641] dbg: config: score set 0 chosen. [15641] dbg: util: running in taint mode? yes [15641] dbg: util: taint mode: deleting unsafe environment variables, resetting PATH [15641] dbg: util: PATH included '/sbin', keeping [15641] dbg: util: PATH included '/usr/sbin', keeping [15641] dbg: util: PATH included '/usr/local/sbin', keeping [15641] dbg: util: PATH included '/opt/gnome/sbin', keeping [15641] dbg: util: PATH included '/usr/local/bin', keeping [15641] dbg: util: PATH included '/usr/bin', keeping [15641] dbg: util: PATH included '/usr/X11R6/bin', keeping [15641] dbg: util: PATH included '/bin', keeping [15641] dbg: util: PATH included '/usr/games', keeping [15641] dbg: util: PATH included '/opt/gnome/bin', keeping [15641] dbg: util: PATH included '/usr/lib/mit/bin', keeping [15641] dbg: util: PATH included '/usr/lib/mit/sbin', keeping [15641] dbg: util: PATH included '/usr/lib/qt3/bin', keeping [15641] dbg: util: final PATH set to: /sbin:/usr/sbin:/usr/local/sbin:/opt/gnome/sbin:/usr/local/bin:/usr/bin:/usr/X11R6/bin:/bin:/usr/games:/opt/gnome/bin:/usr/lib/mit/bin:/usr/lib/mit/sbin:/usr/lib/qt3/bin [15641] dbg: message: MIME PARSER START [15641] dbg: message: main message type: text/plain [15641] dbg: message: parsing normal part [15641] dbg: message: added part, type: text/plain [15641] dbg: message: MIME PARSER END [15641] dbg: dns: is Net::DNS::Resolver available? yes [15641] dbg: dns: Net::DNS version: 0.55 [15641] dbg: diag: perl platform: 5.008008 linux [15641] dbg: diag: module installed: Digest::SHA1, version 2.10 [15641] dbg: diag: module installed: HTTP::Date, version 1.47 [15641] dbg: diag: module installed: Archive::Tar, version 1.24 [15641] dbg: diag: module installed: IO::Zlib, version 1.04 [15641] dbg: diag: module installed: HTML::Parser, version 3.48 [15641] dbg: diag: module installed: MIME::Base64, version 3.07 [15641] dbg: diag: module installed: DB_File, version 1.814 [15641] dbg: diag: module installed: Net::DNS, version 0.55 [15641] dbg: diag: module installed: Net::SMTP, version 2.29 [15641] dbg: diag: module installed: Mail::SPF::Query, version 1.999001 [15641] dbg: diag: module installed: IP::Country::Fast, version 604.001 [15641] dbg: diag: module installed: Razor2::Client::Agent, version 2.82 [15641] dbg: diag: module installed: Net::Ident, version 1.20 [15641] dbg: diag: module installed: IO::Socket::INET6, version 2.51 [15641] dbg: diag: module installed: IO::Socket::SSL, version 0.999 [15641] dbg: diag: module installed: Time::HiRes, version 1.9 [15641] dbg: diag: module installed: DBI, version 1.50 [15641] dbg: diag: module installed: Getopt::Long, version 2.35 [15641] dbg: diag: module installed: LWP::UserAgent, version 2.033 [15641] dbg: ignore: using a test message to lint rules [15641] dbg: config: using /etc/mail/spamassassin for site rules pre files [15641] dbg: config: read file /etc/mail/spamassassin/init.pre [15641] dbg: config: read file /etc/mail/spamassassin/v310.pre [15641] dbg: config: read file /etc/mail/spamassassin/v312.pre [15641] dbg: config: read file /etc/mail/spamassassin/v314.pre [15641] dbg: config: using /var/lib/spamassassin/3.001007 for sys rules pre files [15641] dbg: config: read file /var/lib/spamassassin/3.001007/saupdates_openprotect_com.pre [15641] dbg: config: read file /var/lib/spamassassin/3.001007/updates_spamassassin_org.pre [15641] dbg: config: using /var/lib/spamassassin/3.001007 for default rules dir [15641] dbg: config: read file /var/lib/spamassassin/3.001007/saupdates_openprotect_com.cf [15641] dbg: config: read file /var/lib/spamassassin/3.001007/updates_spamassassin_org.cf [15641] dbg: config: using /etc/mail/spamassassin for site rules dir [15641] dbg: config: read file /etc/mail/spamassassin/70_sare_evilnum2.cf [15641] dbg: config: read file /etc/mail/spamassassin/70_sare_genlsubj1.cf [15641] dbg: config: read file /etc/mail/spamassassin/70_sare_genlsubj2.cf [15641] dbg: config: read file /etc/mail/spamassassin/70_sare_header.cf [15641] dbg: config: read file /etc/mail/spamassassin/70_sare_obfu1.cf [15641] dbg: config: read file /etc/mail/spamassassin/70_sare_obfu2.cf [15641] dbg: config: read file /etc/mail/spamassassin/70_sare_uri1.cf [15641] dbg: config: read file /etc/mail/spamassassin/70_sare_uri3.cf [15641] dbg: config: read file
Re: [AMaViS-user] Anyone else gets these?
On 10/26/06, Anders Norrbring [EMAIL PROTECTED] wrote: Mark Martinec skrev: Anders, This is a higly annoying mail that started to flow through late yesterday, it doesn't get tagged at all, and I have the lower score set to 1.4... . body L_MXXR/\b(MXXR|EQTD|AUNI)\b/ scoreL_MXXR6 It also hits SARE_MLB_Stock6 and SARE_LWSYMFMT here.Hmmm... I haven't even seen those rules on rules emporium... Where are they found, and can they be used with rules_du_jour?They're on rulesemporium.com, and can be used with rules_du_jour so long as you have the latest version. Simply add SARE_STOCKS to your TRUSTED_RULESETS line, minus the quotes. - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Anyone else gets these?
Mark Martinec skrev: Anders, It also hits SARE_MLB_Stock6 and SARE_LWSYMFMT here. Hmmm... I haven't even seen those rules on rules emporium... Where are they found, and can they be used with rules_du_jour? 70_sare_stocks.cf Not sure how/when I got them, the file here dates a week ago. Weird... I have 70_sare_stocks as well, downloaded it today! Makes me wonder if SA actually use it... But according to the horrendous -D --lint output below, it sure does parse it.. [15641] dbg: plugin: fixed relative path: /var/lib/spamassassin/3.001007/saupdates_openprotect_com/70_sare_stocks.cf [15641] dbg: config: using /var/lib/spamassassin/3.001007/saupdates_openprotect_com/70_sare_stocks.cf for included file [15641] dbg: config: read file /var/lib/spamassassin/3.001007/saupdates_openprotect_com/70_sare_stocks.cf -- Anders Norrbring Norrbring Consulting - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Anyone else gets these?
When I try to update my SARE rules I get an error for SARE_STOCKS:No index found for ruleset named SARE_STOCKS.Check that this ruleset is still valid.You must be using an older version of rules_du_jour that is unaware of the ruleset. I'm running version 1.28, and it has it. - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Anyone else gets these?
On 10/27/06, Anders Norrbring [EMAIL PROTECTED] wrote: Ralf Hildebrandt skrev: * Anders Norrbring [EMAIL PROTECTED]: AFAIK, no. But SpamAssassin need to lint the new rulesets, so I've added a lint into my update script, like this: cat /etc/cron.daily/spamassassin #!/bin/sh /usr/bin/sa-update -D --channel saupdates.openprotect.com --channel updates.spamassassin.org --gpgkey D1C035168C1EBC08464946DA258CDB3ABDE9DC10 sa_exit=$? if test $sa_exit = 4; then echo Problem with sa-update.. elif test $sa_exit = 1; then echo No SA updates available.. elif test $sa_exit = 0; then echo SA updates downloaded and installed. /usr/bin/spamassassin --lint fi If I understand sa-update's perl code well enough, it appears that it does a lint as part of installing the updates, so you shouldn't need to run it again, yourself. -- -ste - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Anyone else gets these?
Anders, Or maybe a amavis RELOAD is enough, not doing a complete restart? Mark? Same thing. 'amavisd reload' first stops the currently running daemon, then promotes itself to become a new daemon. It is equivalent to: amavisd stop; amavisd start ('start' kw is optional). It is probably (hopefully) the same as your startup script does on 'restart'. Mark - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Anyone else gets these?
--- Jo Rhett [EMAIL PROTECTED] wrote: Anders Norrbring wrote: Or maybe a amavis RELOAD is enough, not doing a complete restart? Mark? Seems to be. That's what I'm doing, and I saw the latest sare stock updates take effect immediately. When I try to update my SARE rules I get an error for SARE_STOCKS: No index found for ruleset named SARE_STOCKS. Check that this ruleset is still valid. Peter __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Anyone else gets these?
--- D.J. [EMAIL PROTECTED] wrote: When I try to update my SARE rules I get an error for SARE_STOCKS: No index found for ruleset named SARE_STOCKS. Check that this ruleset is still valid. You must be using an older version of rules_du_jour that is unaware of the ruleset. I'm running version 1.28, and it has it. I checked and I am running 1.27. The link I have (http://www.exit0.us/) is not available. Are there other places to d/l it? Peter __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Anyone else gets these?
This is a higly annoying mail that started to flow through late yesterday, it doesn't get tagged at all, and I have the lower score set to 1.4 (All the e-mail code): From - Thu Oct 26 18:38:22 2006 X-Mozilla-Status: 0001 X-Mozilla-Status2: Return-Path: [EMAIL PROTECTED] Received: from mail.the-server.net (192.168.222.210 [192.168.222.210]) by iris (Cyrus v2.1.15) with LMTP; Thu, 26 Oct 2006 18:37:57 +0200 X-Sieve: CMU Sieve 2.2 Received: from amavis.the-server.net (localhost [127.0.0.1]) by mail.the-server.net (Postfix) with ESMTP id 0A0851164 for [EMAIL PROTECTED]; Thu, 26 Oct 2006 18:37:57 +0200 (CEST) X-Virus-Scanned: amavisd-new, Kaspersky, NOD32 F-Secure AV at the-server.net Received: from mail.the-server.net ([127.0.0.1]) by amavis.the-server.net (siri.the-server.net [127.0.0.1]) (amavisd-new, port 10024) with LMTP id YZ1-ujHi-6CQ for [EMAIL PROTECTED]; Thu, 26 Oct 2006 18:37:12 +0200 (CEST) Received: from bvbv-e588b597e1 (pD9FDC3FE.dip.t-dialin.net [217.253.195.254]) by mail.the-server.net (Postfix) with ESMTP id 0092810E9 for [EMAIL PROTECTED]; Thu, 26 Oct 2006 18:37:11 +0200 (CEST) Received: from 203.199.107.114 (HELO mail.bhorukas.com) by norrbring.se with esmtp (81YP6PKHR7 2F0C) id 0HLBKF-H63YI8-KW for [EMAIL PROTECTED]; Thu, 26 Oct 2006 16:37:15 -0060 From: Aurelia Park [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: said Leslie Looney, who Date: Thu, 26 Oct 2006 16:37:15 -0060 Message-ID: [EMAIL PROTECTED] MIME-Version: 1.0 Content-Type: text/plain; charset=Windows-1252 Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Office Outlook, Build 11.0.6353 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Thread-Index: Aca6QV91BHH7RMS407OVOXKXNL0BC7== We are living in a time of natural resources , and those with the natural resources are those with the power and money. belongings, gold, oil; all at record highs. It's where you need to be. Our next feature has attained that position, and is now starting heavy weight advertising to let everybody know it. This company is none other than AUNI. AUNI is specialized in mineral wealth ventures. An incredible breakthrough is coming out of the company and will be backed up with a smashing publicity blitz. --- AUNI . OB Cap: 92.85M --- After a slight pullback on Wednesday, we are certain to see a soar of over 300% over the next week. There is no reason you should disallow yourself to benefit from a big break. Don't let this one slip by. -- Anders Norrbring Norrbring Consulting - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Anyone else gets these?
Anders, This is a higly annoying mail that started to flow through late yesterday, it doesn't get tagged at all, and I have the lower score set to 1.4 body L_MXXR /\b(MXXR|EQTD|AUNI)\b/ score L_MXXR 6 It also hits SARE_MLB_Stock6 and SARE_LWSYMFMT here. Mark - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Anyone else gets these?
Mark Martinec skrev: Anders, This is a higly annoying mail that started to flow through late yesterday, it doesn't get tagged at all, and I have the lower score set to 1.4 body L_MXXR /\b(MXXR|EQTD|AUNI)\b/ score L_MXXR 6 It also hits SARE_MLB_Stock6 and SARE_LWSYMFMT here. Hmmm... I haven't even seen those rules on rules emporium... Where are they found, and can they be used with rules_du_jour? -- Anders Norrbring Norrbring Consulting - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Anyone else gets these?
Anders, It also hits SARE_MLB_Stock6 and SARE_LWSYMFMT here. Hmmm... I haven't even seen those rules on rules emporium... Where are they found, and can they be used with rules_du_jour? 70_sare_stocks.cf Not sure how/when I got them, the file here dates a week ago. Mark - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Anyone else gets these?
It also hits SARE_MLB_Stock6 and SARE_LWSYMFMT here. ... and L_P0F_WXP or L_P0F_W usually (3.5 or 1.7 score points here) p0f is quite useful substitute for greylisting. Mark - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Anyone else gets these?
Mark Martinec skrev: It also hits SARE_MLB_Stock6 and SARE_LWSYMFMT here. ... and L_P0F_WXP or L_P0F_W usually (3.5 or 1.7 score points here) p0f is quite useful substitute for greylisting. Maybe I should take a look at it... I hardly know what it is.. :) -- Anders Norrbring Norrbring Consulting - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Anyone else gets these?
On Thu, Oct 26, 2006 at 07:26:45PM +0200, Anders Norrbring wrote: Mark Martinec skrev: Anders, This is a higly annoying mail that started to flow through late yesterday, it doesn't get tagged at all, and I have the lower score set to 1.4 body L_MXXR /\b(MXXR|EQTD|AUNI)\b/ score L_MXXR 6 It also hits SARE_MLB_Stock6 and SARE_LWSYMFMT here. Hmmm... I haven't even seen those rules on rules emporium... Where are they found, and can they be used with rules_du_jour? The SARE stocks rules got updated last week; there seems to be some good stuff in the latest version, at least from the tests I'm running. -- Clifton -- Clifton Royston -- [EMAIL PROTECTED] / [EMAIL PROTECTED] President - I and I Computing * http://www.iandicomputing.com/ Custom programming, network design, systems and network consulting services - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Anyone else gets these?
* Clifton Royston [EMAIL PROTECTED]: The SARE stocks rules got updated last week; there seems to be some good stuff in the latest version, at least from the tests I'm running. Got a question regarding sa-update: It can automatically fetch rules updates, and these are downloaded to /var/lib/spamassassin/spamassassin/3.001007 (or more precise /var/lib/spamassassin/spamassassin/$VERSION) But how do these updates take effect? According to http://wiki.apache.org/spamassassin/RuleUpdates, SA will use them automatically. But do I have to restart amavisd-new? -- Ralf Hildebrandt (i.A. des IT-Zentrums) [EMAIL PROTECTED] Charite - Universitätsmedizin BerlinTel. +49 (0)30-450 570-155 Gemeinsame Einrichtung von FU- und HU-BerlinFax. +49 (0)30-450 570-962 IT-Zentrum Standort CBFsend no mail to [EMAIL PROTECTED] - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Anyone else gets these?
Ralf Hildebrandt skrev: * Clifton Royston [EMAIL PROTECTED]: The SARE stocks rules got updated last week; there seems to be some good stuff in the latest version, at least from the tests I'm running. Got a question regarding sa-update: It can automatically fetch rules updates, and these are downloaded to /var/lib/spamassassin/spamassassin/3.001007 (or more precise /var/lib/spamassassin/spamassassin/$VERSION) But how do these updates take effect? According to http://wiki.apache.org/spamassassin/RuleUpdates, SA will use them automatically. But do I have to restart amavisd-new? AFAIK, no. But SpamAssassin need to lint the new rulesets, so I've added a lint into my update script, like this: cat /etc/cron.daily/spamassassin #!/bin/sh /usr/bin/sa-update -D --channel saupdates.openprotect.com --channel updates.spamassassin.org --gpgkey D1C035168C1EBC08464946DA258CDB3ABDE9DC10 sa_exit=$? if test $sa_exit = 4; then echo Problem with sa-update.. elif test $sa_exit = 1; then echo No SA updates available.. elif test $sa_exit = 0; then echo SA updates downloaded and installed. /usr/bin/spamassassin --lint fi -- Anders Norrbring Norrbring Consulting - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Anyone else gets these?
Mark Martinec skrev: Anders, It also hits SARE_MLB_Stock6 and SARE_LWSYMFMT here. Hmmm... I haven't even seen those rules on rules emporium... Where are they found, and can they be used with rules_du_jour? 70_sare_stocks.cf Not sure how/when I got them, the file here dates a week ago. Weird... I have 70_sare_stocks as well, downloaded it today! Makes me wonder if SA actually use it... But according to the horrendous -D --lint output below, it sure does parse it.. [15641] dbg: plugin: fixed relative path: /var/lib/spamassassin/3.001007/saupdates_openprotect_com/70_sare_stocks.cf [15641] dbg: config: using /var/lib/spamassassin/3.001007/saupdates_openprotect_com/70_sare_stocks.cf for included file [15641] dbg: config: read file /var/lib/spamassassin/3.001007/saupdates_openprotect_com/70_sare_stocks.cf - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Anyone else gets these?
On Thu, Oct 26, 2006 at 09:52:02PM +0200, Anders Norrbring wrote: Ralf Hildebrandt skrev: But how do these updates take effect? According to http://wiki.apache.org/spamassassin/RuleUpdates, SA will use them automatically. But do I have to restart amavisd-new? AFAIK, no. But SpamAssassin need to lint the new rulesets, so I've added a lint into my update script, like this: AFAIK, and last I checked, you do need to restart amavisd - it loads all the SpamAsssasin modules and rule files on startup. This might be your problem right there if amavisd has been running for longer than the last update without restart. -- Clifton -- Clifton Royston -- [EMAIL PROTECTED] / [EMAIL PROTECTED] President - I and I Computing * http://www.iandicomputing.com/ Custom programming, network design, systems and network consulting services - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Anyone else gets these?
* Noel Jones [EMAIL PROTECTED]: You must restart amavisd-new to load the new rulesets, same as if you were using spamd to scan your mail. Both these tools keep an in-memory copy of the rules and will not recognize changes without a restart. Thought so, thanks -- Ralf Hildebrandt (i.A. des IT-Zentrums) [EMAIL PROTECTED] Charite - Universitätsmedizin BerlinTel. +49 (0)30-450 570-155 Gemeinsame Einrichtung von FU- und HU-BerlinFax. +49 (0)30-450 570-962 IT-Zentrum Standort CBFsend no mail to [EMAIL PROTECTED] - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Anyone else gets these?
On 10/26/06, Mark Martinec [EMAIL PROTECTED] wrote: Anders, This is a higly annoying mail that started to flow through late yesterday, it doesn't get tagged at all, and I have the lower score set to 1.4 body L_MXXR /\b(MXXR|EQTD|AUNI)\b/ score L_MXXR 6 It also hits SARE_MLB_Stock6 and SARE_LWSYMFMT here. I'd recommend great care when implementing such rules, especially when they are case-insensitive, and grepping through the dictionary every time, as you may block many innocent messages. Check the most often encountered bug: grep -i cialis /usr/share/dict/words Regards, Andrzej Kukula - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/