On Wed, 21 Jan 2004, Matt Kettler wrote:
At 10:41 PM 1/20/04 -0600, C. Bensend wrote:
Is the problem that I'm _forwarding_ the tagged emails from one host
to the other? I don't have the capability to bounce, I can only forward.
A forwarded message is a brand new message. That brand new
On Mon, 26 Jan 2004, Paul Diaguila wrote:
No Bayes db yet, but I would think the one rule would score it a 5
Paul
Covington, Chris wrote:
Your Bayes must be hosed if what you think is spam gets BAYES_00.
Chris
[snip..]
Greetings
Using SA Ver. 2.63 with Mimedefang, and still
On Fri, 23 Jan 2004, Smart,Dan wrote:
Humm
This command works every time from command line, but not passed as a param
from SA_RESTART.
postfix stop ; sleep 15 ; /etc/init.d/spamassassin restart ; postfix start
It runs the postfix stop and then quits. Any idea why? I can create a sed
On Wed, 21 Jan 2004 [EMAIL PROTECTED] wrote:
I want to be able to take an email message that may contain MIME and HTML
and to strip it down to basically nothing but text. (I know that
SpamAssassin already does this in large part so that it can analyze the
message properly.) So I'm not
|-Original Message-
|From: Evan Platt [mailto:[EMAIL PROTECTED]
|Sent: Wednesday, January 21, 2004 15:03
|To: SpamAssassin
|Subject: Re: [SAtalk] How to stop this kind of stuff?
Real easy, this is a predictable spamhaus, Empire Towers
Go check the records on this outfit at
On Thu, 22 Jan 2004, Peter McGarvey wrote:
Greetings all,
I have a mailserver which handles all my incomming and outgoing mail.
Outgoing mail (stuff I send) is passed to the server via ASMTP.
Incomming mail (stuff sent to me) comes in via SMTP. There is
absolutely no way my server will
On Tue, 20 Jan 2004, Charles Gregory wrote:
Right now, there would be no statistics, because the text obfu has just
started. But as a side note, we don't have the disk space to run Bayes for
all our users though I'm getting awfully tempted to talk the boss into
an extra disk or two. So
On Wed, 21 Jan 2004, Justin Mason wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Will McCutcheon writes:
I am running SpamAssassin 2.61 with Sendmail 8.12.8 using Procmail 3.22.
[snip..]
A's IP as being in an RBL of dynamic IP's, despite my setting in
/etc/mail/spamassassin/local.cf
On Tue, 20 Jan 2004, Terry Shows wrote:
Maybe it is good for -16, but in every case I looked at that passed thought
with habeas set, none of them set the violator, and every single one was
flagrantly spam.
[snip..]
The way it is now, it is just another header that can be added by a spammer,
On Tue, 20 Jan 2004, Sean McCrohan wrote:
[snip..]
The problem is that the moderation request the list sends to me gets
wrapped in MIME, and SA (as currently installed) doesn't do a very good
job of analyzing it, in part because there's a set of instructions stuck
on the front that are the
On Fri, 16 Jan 2004, Ross Vandegrift wrote:
On Thu, Jan 15, 2004 at 02:20:16AM -0600, David B Funk wrote:
If you SMTP reject the spam, it never hits your queue, so no problem
with the garbage piling up and no bombarding poor innocent 'joe-job'
victims. It's better than auto-deleting spam
--On Friday, January 16, 2004 12:13:21 -0600 Carl Chipman
[EMAIL PROTECTED] wrote:
For the new people on the list, I was wondering what the following
acronyms mean:
LART
Luser Attitiude Readjustment Tool
Reporting the offending user to [EMAIL PROTECTED]
UBE/UCE
Unsolicited Bulk
On Wed, 14 Jan 2004, Matt Kettler wrote:
At 09:56 AM 1/15/04 +0545, Pankaj wrote:
I feel I am being a bit misunderstood. I simply need to configure my MX to
have SpamAssassin running.I do not need any antivirus .
How do I do it ? Running RedHat Linux 8.1 and Sendmail 8.12.10 in it.
[snip..]
On Wed, 14 Jan 2004, Christopher Tarricone wrote:
The permissions on my bayes_journal and bayes_toks files keep changing. Has
anyone else encoutered this problem?
[snip..]
I look in /usr/share/spamassassin/db/ and behold! The permissions are:
[EMAIL PROTECTED] db]# ll
total 23012
On 15 Jan 2004, Rocky Olsen wrote:
I too would greatly appreciate any information - as we have 9 boxes
doing Spam scanning. Anyone tried this?
On Thu, 2004-01-15 at 13:31, Mike Jackson wrote:
If you have multiple SA filtering boxes, is it safe to NFS-mount a partition
with a system-wide
On Wed, 14 Jan 2004, Jonathan Nichols wrote:
Did the CAN-SPAM act really take away a citizen's right to sue spammers?
I'd like to write to this marketing company and have them provide me
with absolute proof that I signed up for *anything* at all. (they won't
be able to) I think the whole
On Tue, 13 Jan 2004, Mitch (WebCob) wrote:
I thought there was a patch that added the score to the headers... then you
didn't have to go looking - has anyone seen it lately?
m/
Depending upon how you have SA integrated into your mail system,
it may only require a change to your 'local.cf',
On Tue, 13 Jan 2004, Mail Monitor wrote:
Hi,
We have installed SA 2.6 on linux RH 9.0 on a mail
gateway. The total mail transaction/day through this
server is 75,000 and spam mails caught by SA is around
10-15%. But spam mails are still getting through, we
have not implemented razor,
On Mon, 12 Jan 2004, Larry Starr wrote:
Just noticed a message with an encoded URL, that misses, the BIZ_TLD rule,
etc.
The message body contains:
a href=3dhttp://gf=2eclearmath=2ebiz/jsimp/index=2ehtml;font
face=3darialscored /fontthis way=2e
brimg
On Tue, 13 Jan 2004, Justin Mason wrote:
David B Funk writes:
I can see two different ways to handle this, either make SA more
flexible and decode the bastardized QP so normal rules will hit
or write a rule that hits such bastardized QP coding as a spam-tool
signature.
Are you sure about
On Tue, 13 Jan 2004, Rich Puhek wrote:
[snip..]
Be patient. Use additional rules/tools to catch the latest spammers
(clue: most come from spam zombie processes). Report the Habeas
violators (more $$$ out of the spammers pockets!). Let's keep the Habeas
marks as a tempting target for the
On Mon, 12 Jan 2004, Mike Carlson wrote:
Right now I am using spamass-milter to send all the email into spamassassin
but I would like to implement a deletion process where the email gets deleted
if it gets certain score. As it stands I cannot do that right now with my
setup.
Read the
On Fri, 9 Jan 2004, David B Funk wrote:
Oh Joy, another abusable URI redirector. Saw this in a
recent spam:
http://www.google.com/url?q=http://cardtraffic.com
Proposed rule:
uri L_URI_REDIR3/http:\/\/www\.google\.com\/url?q=http:/i
describe L_URI_REDIR3 open URI redirector #3
On Fri, 9 Jan 2004, Steve Thomas wrote:
Yay. Yet another a-hole blatantly disregarding the various WHOIS directorys' terms
of use and raping it for marketing purposes. Gee, I can't wait to get three more
copies of the same spam for every domain I own...
Awww, Gee, I thought that he was
On Thu, 8 Jan 2004, Douglas Kirkland wrote:
On Thursday 08 January 2004 09:32, Ceva wrote:
hi everybody,
does sendmail and spamassassin must be on the same machine, or they can be
on diferent machines?
They can be on different machines. You will have to call spamassassin with
spamc to
On Sun, 4 Jan 2004, oj wrote:
Hello,
Recentry i have had problem with spam that consist of html and one image only.
The image is fetched from different domains each time. The domains have one
thing in common though. They are all registered by the same registry:
Whois Server:
On Mon, 5 Jan 2004, Ed Kasky wrote:
At 08:56 AM Monday, 1/5/2004, Tom Meunier wrote -=
With bigevil.cf in /etc/mail/spamassassin, all I see that remotely relates
to the file is the following:
spamd[22495]: debug: using /usr/share/spamassassin for default rules dir
spamd[22495]: debug:
On Mon, 5 Jan 2004, SAtalk Mail User wrote:
Hello all,
I am needing some assistance in regards to the output below, I have added what
I think should get parsed out of the bigevil.cf file in /etc/mail/spamassassin
directory.
Added for testing ---
uri BigEvilList_193 /\b(?:hotmail)\.com\b/i
On Mon, 29 Dec 2003, Peter Kiem wrote:
Hi David,
So you either need to change your rule to match the header from address or
code it to look for the envelope from address.
What is the rule for matching envelope from address?
That is mail system dependent, as there is no standard
On Mon, 29 Dec 2003, Peter Kiem wrote:
Hi,
I'm trying to add local rules to allow certain senders that always get
caught by SA to lower their scores and give them a better chance of
getting through.
The rule I added was
header LOCAL_GOOD_SENDER_11 From =~ /[EMAIL PROTECTED]/
score
On Mon, 29 Dec 2003, Peter Kiem wrote:
Preferably not as if someone does forge it, then the mail goes straight
through...
Isn't that what whitelist_from_rcvd is for? man Mail::SpamAssassin::Conf
The point is I *DON'T* want to whitelist. I wanted just to lower the SA
scores with a
On Tue, 23 Dec 2003, Greg Webster wrote:
We're getting a TON of these, all of similar format.
htmlbody
center!--2rdxveiyf7a8--a
href=http://www.mdv678.com?rid=1098;!--srz4f4qaLBUw--img
src=http://www.whosout.com/c2.gif; border=0/a/center
/html/body
The '2rdxveiyf7a8' and 'srz4f4qaLBUw'
On Sat, 20 Dec 2003, Gary Smith wrote:
So we implemented SA some time ago because our clients were getting too much spam.
Lately we have found that several html marked up emails have been getting marked as
spam. These ones are clearly fp's.
Some of the domains include Morningstar.com,
On Thu, 18 Dec 2003, mairhtin wrote:
I am getting a new flood of spam that appears not to be even selling anything, but
merely trying to get through the filters.
Could they be trying to learn from this? I don't see how, but someone suggested
as much.
Here's a copy of the spam mail and
On Fri, 12 Dec 2003, J. S. Greenfield wrote:
I've been experimenting with configuration of spamassassin for sitewide
use (in particular, using spamassassin 2.60 with sa-exim 3.1 and exim
4.30, under Solaris 8), and for the life of me, I can't seem to get
bayesian classification and autolearn
On Wed, 10 Dec 2003, AthlonRob wrote:
Just for SG, try doing a 'sa-learn --dump magic' and see if it
likes what it sees. If you cannot even --dump magic then it's
truly corrupted, no repair, just delete and start fresh.
I got some funky output:
[EMAIL PROTECTED]:~/.spamassassin$
On Tue, 9 Dec 2003, Thomas Shoaf (PromoStep) wrote:
As for correcting the items listed in my original post, I am looking for an
example of the correct content that should be included in the content of the
HTML message relating to such items appearing in the Content Analysis when
checked
On Tue, 9 Dec 2003, Thomas Shoaf (PromoStep) wrote:
The answer to your question, Gary... We are an incentives marketing firm
with an affiliate element. Our members can send virtual promotions from
their account to friends, family, colleagues, etc; however, some email
services such as
On Wed, 10 Dec 2003, Ryan Lumsden wrote:
Hi all.
how do I get spamd to log to a diffrent file besides messages and mail.log.
I am up2date with sa and I am running debian woody, any body have any ideas.
Thanks in advance.
Ryan
Yes, look at the man pages for syslogd and spamd. Note the
On Wed, 10 Dec 2003, Gary Funck wrote:
It might be convenient to view each these transformations as
operating on the output of the previous. I think you were.
By doing so, it avoids replicating the description of the
previous phase.
I meant to add the following sugested additional
On Wed, 10 Dec 2003, Matt Kettler wrote:
At 02:08 PM 12/10/2003, Justin wrote:
So that's how check_rbl and check_rbl_sub work? I always wondered about
that. So what happens if an IP exists in two subzones at the same time?
With SORBS, it's done by returning multiple results for a single
On Wed, 10 Dec 2003, AthlonRob wrote:
On Wed, 2003-12-10 at 19:50, Adam Denenberg wrote:
in the same directory as the bayes DB files.
Unfortunately, there are no .lock files in that directory.
[EMAIL PROTECTED]:~/.spamassassin$ sa-learn --rebuild -DD
debug: Final PATH set to:
On Tue, 9 Dec 2003, Jack Gostl wrote:
I sent you the error message, I'm pretty sure there was no user associated
with it. There were tens of thousands of those errors in the log. I'm not
sure how to pinpoint the culprit. I guess I'll have to go to each user and
rebuild their database.
Yes,
On Mon, 8 Dec 2003, Matt Kettler wrote:
At 10:54 AM 12/8/2003, Christopher X. Candreva wrote:
I just opened a Bugzilla report for this:
http://bugzilla.spamassassin.org/show_bug.cgi?id=2817
(SA 2.60, Solaris, perl 5.6.1)
For the moment, I'd suggest a rule like this one that I just cooked
On 8 Dec 2003, Scott A Crosby wrote:
On Mon, 08 Dec 2003 16:43:15 -0500, Matt Kettler [EMAIL PROTECTED] writes:
Or *, to catch more than one obfuscating character..
ie: V...i..a.gr..a
As I suggested in my email, there's lots of combinations that spammers
can do to avoid the original
On Mon, 8 Dec 2003 [EMAIL PROTECTED] wrote:
We've got SA 2.60 running on a Solaris 8 box with SunONE Messaging
Server. It is doing spam scanning for all our users (~7000). In
order to keep the system as speedy as possible, I've configured the
bayes journal to sit on /tmp which is a memory
On Mon, 8 Dec 2003, Jack Gostl wrote:
My bet is that your Bayes database got trashed.
Possible, but which database? We have many users all with their own? Also,
if its a trashed Bayes db, why does the message go away when I restart
spamd?
Which ever database it was looking at when it
On Sat, 6 Dec 2003, Lukreme wrote:
spamd[33762]: Cannot open bayes databases
/home/user/.spamassassin/bayes_* R/O: tie failed: Permission denied
spamd[33762]: processing message
[EMAIL PROTECTED] for kremels:5003.
spamd[33762]: clean message (0.8/5.0) for user:5003 in 0.2 seconds,
5526
On Wed, 3 Dec 2003, Fred I-IS.COM wrote:
Just a minor correction,
try this:
header__BLOCKTOFFICEOUTTo =~ /[EMAIL PROTECTED]/i
header__BLOCKFOFFICEOUTFrom =~ /[EMAIL PROTECTED]/i
metaBLOCK_MY_OFFICE(__BLOCKTOFFICEOUT !__BLOCKFOFFICEOUT)
describe
On Thu, 4 Dec 2003, Cheryl L. Southard wrote:
Hi All,
I've got two spamd processes that just wont go away. They've been
running for well over 11 hours and are taking up 100% of my cpu.
I've run truss spamd-pid but it doesn't report anything. The same
user, coincidentally, is the recipient
On Thu, 4 Dec 2003, Pete Henshall wrote:
Hi dan, list,
I think it's simply a function of load. The first system gets the bulk of
the mail thoughput. You can see that the erratic loads
tail off over the weekend. It's wierd. I have tried disabling RBL, bayes
and even removing all my
On Thu, 4 Dec 2003, Scott Harris wrote:
Because I don't have sourceforge whitelisted, 6 of the last 20 messages to
the list were labeled as spam.
Rules that hit were:
3.0 BigEvilList_70 BODY: Generated BigEvilList_70
3.0 BigEvilList_150BODY: Generated BigEvilList_150
On Thu, 4 Dec 2003, Kenneth Porter wrote:
I'm getting a bunch of these. Are these just intended to poison Bayes DB's?
What's the sender's objective?
Forwarded Message
Return-Path: [EMAIL PROTECTED]
Received: from 212.199.108.10.forward.012.net.il
On Tue, 2 Dec 2003, Robert Menschel wrote:
headerRM_hx_from exists:From
describe RM_hx_from From header found
score RM_hx_from 0.001
meta RM_hn_from !RM_hx_from
describe RM_hn_from From header not found
score RM_hn_from 1.00
The first rule tests for the existence
On Tue, 2 Dec 2003, Chris Santerre wrote:
BIG HUGE NEWS
A major breakthrough has taken place
ALL EVILRULES FILES HAVE BEEN COMBINED!! 2622 domains into 178 rules!!!
Ramdon/tracking hosts tags removed!
They only increase spamd memory by 1 meg!!! 1 meg!
You read correctly!
On Thu, 4 Dec 2003, Richard Bewley wrote:
Hi,
Now, I have the following:
header RCVD_IN_MY_BNBLeval:check_rbl('bl', 'bl.blueshore.net.',
'2')
describe RCVD_IN_MY_BNBL Listed by bl.blueshore.net
tflags RCVD_IN_MY_BNBLnet
score RCVD_IN_MY_BNBL
On Thu, 27 Nov 2003, Martin Lyberg wrote:
Hi,
I want to whitelist the SA mailinglist. Is this the right way to do it:
whitelist_from_rcvd [EMAIL PROTECTED] sourceforge.net
Thanks in advance
/ Martin
Almost,
whitelist_from_rcvd [EMAIL PROTECTED] sourceforge.net
will work PROVIDED
On Tue, 25 Nov 2003, Yevgeniy Miretskiy wrote:
Hello,
sa-learn stopped learning messages. Debugging shows that it can
successfully tie Bayes db, extracts tokens, etc, but never actually
writes data to the database.
I had a db corruption issue some time ago, so, this could very
well be
On Wed, 26 Nov 2003, alan premselaar wrote:
I've recently noticed something I think is a little strange but I'd
like to confirm it with the list.
My bayes database seems excessively large at 967M:
-rw-rw-rw-1 defang defang61k Nov 26 16:34 bayes_journal
-rw-rw-rw-1 defang
On Wed, 26 Nov 2003, German Staltari wrote:
On Wed, 26 Nov 2003 14:30:02 -0500, JC [EMAIL PROTECTED] wrote:
I'm going to guess that you are running spamassassin as an unprivliged
user... Based on that, I would like to suggest that you run spamd and
spamc
on a port higher than 1024.
On Wed, 26 Nov 2003, Matt Kettler wrote:
At 11:10 PM 11/26/03 +, Alan Munday wrote:
If I lint with this in the SaUriCustomRules
uri MY_YAHOO_BOUNCED /http:\/\/srd\.yahoo\.com\/drst\/.*\*
http:\/\/
describe MY_YAHOO_BOUNCED Trying to hide real URL through Yahoo redirect
On Tue, 25 Nov 2003, Brian Knittel wrote:
Hi,
Is there a way to inhibit auto-learning when any specific rule
is matched? I noted that the auto-whitelist filters inhibit auto-
learning, but can this be extended to arbitrary other rules?
I'm my network's postmaster and I get nondeliverable
On Tue, 25 Nov 2003, Robert Menschel wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello Aaron,
Tuesday, November 25, 2003, 8:58:58 AM, you wrote:
AY ... Recently I started getting a lot of false positives with SA 2.60.
AY I noticed that all my mail was getting a bayesian score
On Tue, 25 Nov 2003, Nick Tong wrote:
If so is this possible on a windows platform?
Nick Tong
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Nick
Tong
Sent: 25 November 2003 17:12
To: [EMAIL PROTECTED]
Subject: [SAtalk] SpamScore check
Dear
On Mon, 24 Nov 2003, Chris Cook wrote:
Hello,
We are currently using Spamassassin + sendmail + spamass-milter to tag
our mail, but we would like to not have outgoing mail scanned. lda and
outgoing mail are on the same box. I have tried to just use
spamassassin+procmail but the load
From: Gorm Jensen [mailto:[EMAIL PROTECTED]
Sent: Friday, November 21, 2003 12:04 PM
I run sa-learn as root using SA 2.55 and 2.6 on two redhat systems.
Both systems run spamd and call spamc from procmail with -u user1 (or
user2). Because there are only two users, each system has a common
On Fri, 21 Nov 2003, Dan Tappin wrote:
I have recently installed SA 2.60 from the source code on OS X along side Tenon's
Post.Office mail server. This was a manual
upgrade from the Tenon supplied SA 2.55 release to be used with their supplied SA
'plug-in'. All is well and e-mail is being
On Fri, 21 Nov 2003, Gorm Jensen wrote:
I run sa-learn as root using SA 2.55 and 2.6 on two redhat systems.
Both systems run spamd and call spamc from procmail with -u user1 (or
user2). Because there are only two users, each system has a common
bayes database with file access permitted to
On Thu, 20 Nov 2003, Josh Dayberry wrote:
I would appreciate any help that can be offered to me. I was using spamd and spamc,
and everything was working fine. For some reason I upgraded spamassassin to the
newest version and now spamd and spamc won't run the dcc and pyzor tests. If I use
On Thu, 20 Nov 2003, Carlos Jorge Santos wrote:
Thanks a lot for your answer.
The problem now is that SpamAssassin (spamc to be more precise) is
called by Qmail-Scanner, which in turn adds this headers to emails:
Received: from [EMAIL PROTECTED] by mail.host-services.com by
uid 101 wi
On Wed, 19 Nov 2003, Chris Santerre wrote:
Thanks, I got it now. I updated my evilrules last night, and they tested
great overnight! I shall post them shortly. This should speed them up
greatly for everyone! Would this help even more?
/?:\bsomedomain\.com\b/i
would the addition of the ?:
On Wed, 19 Nov 2003, Chris Santerre wrote:
LOL, the only reason I recognise the name Larry Wall is because of Theo's
sigs! :)
I guess I need to go but that book and help support the man.
--Chris Santerre
Mumble Mumble, kids these days, no respect for their elders.
OK, mandatory homework
On Wed, 19 Nov 2003, Bryan Hoover wrote:
The reason I mention it - aside from being pleased - is to point out
that it appears the problem was either the old spambouncer headers, or
forgetting, wasn't (the latter being what I started out suspecting,
until I discovered the spambouncer headers).
On Wed, 19 Nov 2003, Marc Steuer wrote:
Hi list members,
I want to score messages from [SAtalk] with a negative score so examples
posted to the list won't be tagged as spam. This is my first venture into
regex and I've tried:
header MY_SATALK Subject =~ /\[SAtalk\]\b/
On Wed, 19 Nov 2003, Robert Davidson wrote:
Hi everyone,
I set up a SpamAssassin system for a company but they alerted me to a
problem today.
They have content filtering rules to stop people from abusing their
employees. Basically any e-mails with naughty words are given 50 points
and
On Tue, 18 Nov 2003, William Stearns wrote:
anchoring with \b = fast
OK, cool. As I'm doing full domains, I'll change:
uri WLS_URI_1 /0-go.org/i
to
uri WLS_URI_1 /\b0-go.org\b/i
in the next version.
Also escape that '.' so that it's taken as a litteral
On Tue, 18 Nov 2003, Chris Santerre wrote:
uri WLS_URI_1 /^http:.*\b0-go.org\b/i
Regex confusion on my part! '\b' is bounding, but I thought that meant bound
by space??? wouldn't this above regex _NOT_ hit :
http://stuff.0-go.org/stuff
Isn't it looking for:
http://stuff. 0-go.org
On Tue, 18 Nov 2003, Charles Gregory wrote:
Hello,
Lately on several e-mails from the list, I've been seeing an error message
in my Pine mail program that says:
[Error: Formatting error: Non-hexadecimal character in QP encoding]
More importantly, the message is *truncated* in the
On Tue, 18 Nov 2003, Øystein Halvorsen wrote:
Our only MTA for externally received email is sendmail, which again
forwards user emails to an internal exchange server. In fact, we have
tried this out, and it works quite nicely (at least our local users are
delighted). In order to make spamc
On Mon, 17 Nov 2003, Eduardo Alfonso wrote:
Hi
I've been trying to configure SpamAssasin to check for the existence of the user on
the local machine that is
trying to send the message and I couldn't find how to do this.
Is it possible ??
Thanx
I'm using sendmail MTA in a RedHat9 box
On Mon, 17 Nov 2003, Martin McWhorter wrote:
I am having a problem with whitelist_from_rcvd not working.
I have Spamassassin running on a redhat 9 box with sendmail 8.12.8 as
our companies gateway MTA. I have MIMEdefang running as well, but with
the Spamassassin portion of the defang.conf
On Mon, 17 Nov 2003, Justin Mason wrote:
BTW, given that a URI DB cannot use regular expressions, or patterns,
would this really be useful?
Basically with a DB you only gain efficiency when looking up exact
strings. So for this to be useful against URIs, you'd have to pick out
*just* the
On Sat, 15 Nov 2003, Carl R. Friend wrote:
On Sat, 15 Nov 2003, David B Funk wrote:
I've been thinking about that exact topic. The Bayes engine
already parses and tokenizes hostnames from URIs (the UD: tokens).
If there were a hash DB made with the spam-site hostname as key
On Fri, 14 Nov 2003, Bob Amen wrote:
We've been seeing a problem with spamd that happens at random times.
Occasionally, a spamd thread will spin, clocking up CPU time and never
finish. This causes other spamd processes to hang and eventually all
memory and swap is used up by multiple
On Fri, 14 Nov 2003, Carl R. Friend wrote:
For the assembled group -- is it possible to do a DB lookup,
either in an eval() or some other mechanism, in a uri rule?
If we could do a DB lookup on URIs (or, more properly, the
domain portion of URIs) I think that'd be a win (at, of course,
On Thu, 13 Nov 2003, MIKE YRABEDRA wrote:
I have found that spamd will not use razor on my system because of
permissions. Is it safe to run spamd as root?
Mike,
spamd will not run as root, it is a security risk.
If you start it as root and you do not tell it who you want to run as
(IE leave
On Thu, 13 Nov 2003, MIKE YRABEDRA wrote:
I have been trying to get razor to work with spamd.
I know it works with ./spamassassin --lint -D
It also works with CGPSA (calls SA directly).
But it does not want to work with spamd?
Where are some places I can look , things I can try, to
On Tue, 11 Nov 2003, Larry Gilson wrote:
The preferred method is any way you prefer. ;) That is really an honest
answer. Everyone has their own preferred method and a lot of times it
depends on your specific situation. Some people will pipe to a filter shell
script, Procmail, maildrop, or
On Wed, 12 Nov 2003, Matt Kettler wrote:
At 01:38 PM 11/12/2003, Scott Antonivich wrote:
but can attachments be tagged as spam per user? If
so, what do I need to place in this users config file?
You'd have to create a custom rule to look for mime boundaries..
However, to do it per-user,
On Sun, 9 Nov 2003, Tristan Nixon wrote:
Hello all,
I have a question regarding the way in which SA deals
with whitelisting blacklisting. If I want to whitelist
all but a few select entries from a domain, how would I do it.
Should the following work?
whitelist_from [EMAIL PROTECTED]
On Sat, 8 Nov 2003, Debbie D wrote:
Thanks.. ut yes Ishold have stated that.. stop start..
[root admin]# /etc/rc.d/init.d/spamd stop
Shutting down spamd: ok
[root admin]# /etc/rc.d/init.d/spamd start
Starting spamd: spamdCould not create INET socket: Address already in use
On Mon, 10 Nov 2003 [EMAIL PROTECTED] wrote:
eManager Notification *
The following mail was blocked since it contains sensitive content.
Love the stupid -PC- double-talk here. Gee, what was the content
sensitive to? (is it sensitve to light, heat, shock...)
On Mon, 10 Nov 2003, Chris Barnes wrote:
I am in need of a rule that will tell SpamAssassin to whitelist all
email traffic which comes from our local Listserv (tm - www.lsoft.com)
lists.
The problem is that messages from the Listserv list have the original
author's email address in the
On Fri, 7 Nov 2003, Chr. von Stuckrad wrote:
Hi
[snip..]
The mail also contained a broken variant of the wrong/forgotten
Parameter of their Spam-Mailer: ' $RANDOM IZE '
So:
body RANDOM_IZE / \$RANDOM IZE /
score RANDOM_IZE2
describe RANDOM_IZE contains broken
On Thu, 6 Nov 2003, Peter Buonora wrote:
Ok, I am running on Solaris 8, latest version of Spamassassin, perl 5.8.
For some reason when using the 'spamassassin' executable, razor works.
When I try to switch over to spamc/spamd everything works except razor.
There isnt even anything in the
On Fri, 7 Nov 2003, Justin Mason wrote:
BTW, SpamAssassin originally started with accumulating rules. But I took
it out, as it meant a long hammy mail had a much higher chance of FP'ing,
due to containing more text.
I'd be worried that accumulating hits would reintroduce the same
On Fri, 7 Nov 2003, Maarten J H van den Berg wrote:
I eventually found the reason for this behaviour after I noticed that root
could start it okay, but the unpriv user spamd couldn't...:
machine:~ # ls -la /usr/lib/perl5/site_perl/5.6.0/Mail/SpamAssassin
drwx--2 root root
On Fri, 7 Nov 2003, Robert Menschel wrote:
Or better: what if we specified in the rule a maximum score to accumulate
to? Maybe something like:
accumbody T_SAMPLE /(?:word1|word2|word3|word4|word5)/i,max=2.5
describe T_SAMPLE Message has medical words frequently used in spam
score
DBF On Fri, 7 Nov 2003, Robert Menschel wrote:
Or better: what if we specified in the rule a maximum score to accumulate
to? Maybe something like:
accumbody T_SAMPLE /(?:word1|word2|word3|word4|word5)/i,max=2.5
describe T_SAMPLE Message has medical words frequently used in spam
On Tue, 4 Nov 2003, Steven W. Orr wrote:
My ISP went down, so when it came back up aqnd my secondary mx record
kicked it all back to me I got a lot of messages from sendmail saying
Nov 4 06:58:26 saturn spamd[952]: hit max-children limit (5): waiting for
some to exit
I bumped it up to 10
1 - 100 of 150 matches
Mail list logo