At 01:10 PM 1/30/2004, Bob George wrote:
Are the spammers using some sort of filter to obscure the text
into something consistently decipherable? The messages I'm seeing
lately remind me of the 'haxor', 'jive', 'chef' and 'kraut'
filters (http://www2.dystance.net:8080/software/talkfilters/).
While
At 11:59 AM 1/30/2004, PieterB wrote:
Shouldn't a message that is identified as spam by the bayesian
filter of spamassassin (BAYES_90 or BAYES_99 in my case) never be
used as a message that is learned as ham? (I would expect it
not to be used for learning because it wouldn't improve the
Sweet.. thanks man, I've been meaning to run mass-check on it myself..
I've been wondering about the FPs in the MALEDYSFUNCTION rules.. it's
obvious all the FPs hit both it and obfu, which is weird.
I've had several technical mails hit, but upon trying to re-test them and
get them to hit, they
At 11:42 AM 1/30/2004, Chris Barnes wrote:
X-Spam-Status: No, hits=5.0 required=5.0
tests=HTML_60_70,HTML_IMAGE_ONLY_04,
HTML_MESSAGE,HTML_WEB_BUGS,LOCAL_PERLMX_TAG_80,MSGID_FROM_MTA_HEADER
autolearn=no version=2.61
It met the required hit total (exactly) to be classified as spam.
No, the
At 02:39 PM 1/28/2004, John Fleming wrote:
Below are example of 2 headers from the SATalk list. One was apparently
filtered by Spamassassin, and one not. What's the difference? Some of my
mail is being filtered, and some not, and I have no idea why! I thought a
reboot fixed it, but NOT!
Today I got an interesting form of obfuscation, apparently to avoid
antidrug.cf.
I'm not sure wether to bother with adding rules for this, or be satisfied
that the obfuscations are so severe that the messages are now barely legible.
Since spammers rely on responses from the mentally-deficient,
At 11:17 AM 1/28/2004, Robb Bryn wrote:
Is there anyway to clear all the HAM for Bayes and retrain it without
loosing all the SPAM?
I think that my HAM portion of the db has been corrupted by the autolearn
feature (which I have now disabled) and I'de really like to retrain it
manually.
One
http://mywebpages.comcast.net/mkettler/sa/antidrug.cf
Corrected mis-use of __DRUGS_MALEDYSFUNCTION13 in
LOCAL_DRUGS_MALDYSFUNCTION_OBFU. 13 does match the plain, unmodified
v-word, so it can't be used as a sign of obfuscation.
Corrected some un-escaped litteral ;'s in
At 11:51 AM 1/30/2004, Fred wrote:
A bug in 2.6 caused messages which hit BAYES_99 to be learned as ham, this
has been fixed, you should upgrade.
For reference, there was no bug per se. The fact that the message hit
BAYES_99 did not cause it to be learned as ham.
However, newer versions of
At 01:22 PM 1/30/2004, Spyros Tsiolis wrote:
1. spamassassin ! Plain sa installation . What next ? Training ?
1000 Spam and 1000 Ham ??
Bayes training is a good thing. Ideal is to have a spam/ham training ratio
close to what comes into your server in reality. However, considerable
At 08:10 AM 1/28/04 +0200, Thomas Kinghorn wrote:
My spamd is running as xadmin
xadmin 17057 1 0 Jan27 ?00:00:22 /usr/bin/perl -T -w
/usr/bin/spamd -d -a -u xadmin
Do I need to run sa-learn as xadmin
If so, I could kick myself, I have been training it while logged in as
At 10:22 AM 1/23/2004, JRiley wrote:
HolyMoly...69.27 seconds?!
How'd you port SpamAssassin to run on a Commodore Vic-20?
Something tells me that most of that time is likely due a couple of network
tests that are timing out for _every_ email.
ie: he might have DCC installed, but not allow the
At 02:00 AM 1/28/2004, Simon Byrnand wrote:
Has anyone else noticed frequent timeouts with Razor2 ?
I disabled it Friday due to timeouts.
In my experience, razor often has short-term problems that last a couple
days then clear up.
Right now they're probably experiencing high load, just like
At 02:39 PM 1/26/04 -0500, Kurt Yoder wrote:
snip
body PHISHERMEN /http:\/\/(\w*?\.)+[a-zA-Z]{2,10}?[^/\s]*?@/
score PHISHERMEN 5.0
snip
Don't use the body ruletype.. SA removes all HTML tags before running body.
Use uri instead of body.
It also seems you're just going to catch any URL which
At 12:13 PM 1/26/04 -0500, WA9ALS - John wrote:
This one even has the V word spelled correctly as part of a bigger word.
How is it getting past the DRUGS and MRWIGGLY rules?
http://wa9als.com/spam2.html
I've gotten a couple of these now and have added a body check for the grax
word, but that
At 02:10 PM 1/27/04 +0200, Thomas Kinghorn wrote:
While using spamd -D, I can see the messages being learned as ham.
However, while doing a spamassasin -D --lint, it shows only 1 ham.
sa-learn --dump magic shows
[EMAIL PROTECTED] exim]# sa-learn --dump magic
snip
I have attached the --lint
At 10:55 AM 1/27/2004, Mark Merchant wrote:
i can get AWL working with regular spamassassin, but NOT with spamc/d.
is there tip/trick i'm missing ?
what -u parameters are you using?
If you don't use -u, and both spamd and spamc are run as root, spamd will
su itself to nobody for safety.
On
At 08:25 AM 1/27/04 -0800, Ricardo Kleemann wrote:
How does the Bayes training work, anyway..
In short:
First, you need to understand bayes is based on breaking email down into
tokens. For simplicity, you can just consider each word of an email to be
a token. SA uses other tokens (header
At 12:22 PM 1/27/04 +0100, jean-christophe valiere wrote:
Hi,
I've got a little problem with the mail that is attached.
When I try spamassassin -t -D rulesrun=255 mail.txt it is
nor considered as spam.
So I do spamassassin -r -D rulesrun=255 mail.txt ans
At 07:00 PM 1/26/04 -0800, ricardo wrote:
Does anyone have any suggestions on how to possibly make SA get a higher
score for this type of message? Any new recipes that might improve the
scoring?
Quite frankly, that email with all its mis-spelled words should be easy
pickings for bayes. Train.
At 07:08 AM 1/23/04 -0600, Who Knows wrote:
I have been receiving a good many of these lately. I am hestant to add any
rules for them yet because all the ones I have been receiving seem to also
contain a list of words that can only be there to spoil baysian tracking.
Is there anyway to avoid
At 01:16 AM 1/23/04 -0600, David B Funk wrote:
Trim off the Bayes poison and relearn it as spam. The payload
contains several unique misspellings that would be good Bayes
signatures.
Why trim off the bayes poison? Doing so just poisoning your bayes database
in a different way.
At 04:40 PM 1/23/04 +0200, snowchyld wrote:
how do you turn _off_ AWL ?
Depends on version, but in 2.6x it is use_auto_whitelist 0 in your config
also, where would one put sitewide whitelists ? (assuming
/etc/mail/spamassassin as default directory)
Any *.cf file in /etc/mail/spamassassin.
At 09:39 AM 1/23/04 -0500, John Fleming wrote:
Where is the auto_learn parameter - which file? tnx
You can specify that value in ANY of the config files that SA parses. So
there's no one specific file it belongs in.
If you want to change the value on a site-wide basis, put it in
At 10:19 AM 1/23/2004, Mark Squire wrote:
Hi all,
I have been training SA manually for a couple of weeks now. I estimate
a good 2000 emails for both Spam and Ham have been learned by it.
Coupla questions though . . . I want to put it into auto-learn mode
because I have only trained it on a few of
At 10:52 PM 1/21/2004, Mitch \(WebCob\) wrote:
I've been told this can filter legitimate mail.
Agreed Mitch.. if you read the rest of my message, I had a long warning
about that.
courier added a freemail concept, BUT, the yahoo servers send directly
from the
webmail appliances, which are not
I would have posted this sooner, but the editor I use on my home machine
got mangled and won't run. (yay, time for a physical disk test).
Changes:
-Added an optional X to the end of the v-drug test, to catch another spelling.
-Fixed a typo in the mis-spelled c-drug test.
-added a few
At 08:21 PM 1/21/04 -0600, George Matos wrote:
I just got my domain name and am trying to setup spam assassin. I have
never used it before so I was looking for some setup instructions etc.
what kind of MTA (mailserver software) are you running? What OS/distro are
you running it on?
At 01:05 AM 1/22/2004, Thomas Kinghorn wrote:
I have attached a few mails that are still getting through.
These are scoring extremely low.
The number of mails like these that slip through is on the increase.
Any ideas as to how I can block them?
I am using SA2.62, Exim 4.30 (with the exiscan
Define refuses to send it to the list?
Does it bounce, or has it just not shown up yet?
The sourceforge.net lists are on occasion incredibly slow.. 4-hour posting
delays are NOT unheard of, although uncommon.
Just because it takes a while, don't assume it's not in the queue.. sf.net
processes
At 08:49 PM 1/22/04 -0600, Chris wrote:
I'm new to using spamassassin and have a question about auto white-listing.
I have a file, auto-whitelist.db in my /var/spool/spamassassin directory
however its empty. The file was created 6 days ago when I installed
spamassassin. Should something be in
At 04:33 PM 1/20/04 +0100, Ralf Vitasek wrote:
i tested many things with the trusted users settings and googled around
but i had no luck so far.
except that i stumbled on a posting from this lists archive that makes me
think that something is broken and that it would be fixed in the upcoming
At 11:56 AM 1/21/04 +0100, Jürgen R. Plasser wrote:
Is there any way to get rid (say: score 5) of those mails with SA? Some
rules?
I have SA 2.61 and the latest Bigevel rules installed.
Well, antidrug is a good start.
http://mywebpages.comcast.net/mkettler/sa/antidrug.cf
At 12:37 AM 1/21/04 -0500, Pedro Sam wrote:
My question, should
bayes ignore the habeas headers by default?
Perhaps not by default, but right now it's probably a good idea.
In general, any sudden shift of behavior from something commonly seen only
in nonspam to commonly seen in both causes
At 10:41 PM 1/20/04 -0600, C. Bensend wrote:
Is the problem that I'm _forwarding_ the tagged emails from one host
to the other? I don't have the capability to bounce, I can only forward.
A forwarded message is a brand new message. That brand new message is NOT
sa tagged, even though it may
At 09:51 AM 1/21/2004, Nicholson, Rob wrote:
We've been looking and trialling No Spam Today which is based upon
spamassasin. When we first tried it, it was catching probably 99% of all
spam. However, over the past three months this figure has decreased
noticeably. It appears to be because
At 10:55 AM 1/21/2004, Paul Diaguila wrote:
X-Spam-Score: 1.8
BAYES_30,HTML_60_70,HTML_IMAGE_ONLY_02,HTML_MESSAGE,HTML_TAG_BALANCE_BODY,MSGID_GOOD_EXCHANGE,OACYS_CONS_6,RM_rb_ANCHOR,RM_rb_BODY,RM_rb_HTML,RM_sl_Parens,SUBJECT_ENCODED_MY_TEST
What am I missing?
What version of SA are you
At 10:36 AM 1/21/2004, Jody Cleveland wrote:
I'm running spamassassin 2.62 with MailScanner on redhat 9. What I'm
trying to run is this:
sa-learn -p /etc/MailScanner/spam.assassin.prefs.conf --spam --mbox
/var/spool/mail/bayes
But, it just sits there. Sa-learn --rebuild and --force-expire work
Well, your rule is pretty wildly off.. ToCc is going to look for a header
named ToCc, not To headers and/or CC headers.
header __TO_EXISTS exists:to
header __CC_EXISTS exists:cc
meta NO_TO_OR_NO_CC (!__TO_EXISTS || !__CC_EXISTS)
Or perhaps you want
meta
At 01:02 PM 1/21/2004, st semps wrote:
You see I thought that ToCc was valid. I thought I had read that
somewhere. Obviously Im wrong.
Actually, it apparently is valid.. my bad..
However, the string returned won't contain the To: or Cc: parts, just the
email addresses.
Correction: the rm should rm bayes.lock, not bayes_*.lock. My typo.
At 01:41 PM 1/21/2004, Jody Cleveland wrote:
Here's what I get:
debug: Syncing Bayes journal and expiring old tokens...
debug: lock: 21404 created
/etc/MailScanner/bayes/bayes.lock.mystique.winnefox.org.21404
debug: lock: 21404
At 01:41 PM 1/21/2004, Jody Cleveland wrote:
Here's what I get:
debug: Syncing Bayes journal and expiring old tokens...
debug: lock: 21404 created
/etc/MailScanner/bayes/bayes.lock.mystique.winnefox.org.21404
debug: lock: 21404 trying to get lock on /etc/MailScanner/bayes/bayes
with 0 retries
The
At 02:00 PM 1/21/2004, [EMAIL PROTECTED] wrote:
The spam I was trying to catch doesn't seem to be going through the rules
I added. What else do I have to do?
I'd start off with a run of spamassassin --lint to make sure you don't have
a typo.
After that, if it still doesn't work check the debug
At 04:56 PM 1/21/2004, you wrote:
Hi
SA offers the possibility of having a smarter whitelist which
whitelists only if the sending relay is related to the sending email,
like
whitelist_from_rcvd [EMAIL PROTECTED] example.com
is there a possibility to somehow do the opposite, ie
blacklist [EMAIL
Why not change your domain whitelist to a whitelist_from_rcvd command,
instead of whitelist_from.
You'll avoid the forgery problem outright.
At 04:43 PM 1/21/2004, Brad Hazledine wrote:
Has anyone written a rule that catches mail supposedly sent by yourself to
yourself?
Example here...
At 06:56 PM 1/21/2004, Kelson Vibber wrote:
I suspect he did:
At 04:43 PM 1/21/2004, Brad Hazledine wrote:
However, the rule seems to pick up the by fargo.caledoncard.com in the
header and thinks that all is well.
No, he did not use whitelist_from_rcvd.
If you bring in more context, rather than
At 09:02 PM 1/19/04 +0100, Anders Sveen wrote:
I'm actually listed because it originates from a dynamic ip-range. Nothing
more. It surprises me that they lists ip's for only beeing dynamic, but
then I discovered the way RBLs are being used by mailservers and then it
actually made sense. It
At 12:27 PM 1/20/04 +, Adrian Simmons wrote:
Is there an easy way to get a total of the spam/ham in the bayes db? I've
noticed the total come up in the log when running SA in debug mode, and
one could probably dump the db and go hunting for the magic numbers, but
is there really nothing
At 09:13 AM 1/20/04 -0500, David Roback wrote:
debug: DNS MX records found: 0
snip
Shouldn't I be seeing more than 1 query for all messages?
Hmm.. looks like your DNS is flaking out.. I'm pretty sure you should
always have at least one MX success from the DNS_AVAILABLE test...
What happens
Are you sure you want that rule to be case sensitive, lower-case only?
try
header SUBJECT_VICODIN Subject =~ /\bvicodin\b/i
(note the added i at the end)
At 11:48 AM 1/20/04 +, David Logan wrote:
header SUBJECT_VICODIN Subject =~ /\bvicodin\b/
describe SUBJECT_VICODIN Mentions vicodin
At 11:49 AM 1/20/04 +0800, Fritz Mesedilla wrote:
Hello folks!
I wanted to update my bigevil list but when I did a locate on them I got this:
/var/amavis/.spamassassin/bigevil.cf
/etc/mail/spamassassin/bigevil.cf
Now I really forgot where the correct location is. Both files are identical.
I know
At 09:54 PM 1/19/04 -0500, Barry Jaspan wrote:
The OPT_HEADER (in 2.5x and 2.6x) rule does not make much sense to me:
header __OPT_HEADER_SUBJALL =~
/^(?:Resent-)?Subject:.*opt.?(in|out|oem|ed|ion-in|[EMAIL PROTECTED])(?:\b|\d|\@)/im
header __OPT_HEADER_ALL ALL =~
At 08:49 AM 1/20/04 -0600, Scott Williams , Area4 wrote:
I just started using the FVGT rules and got this FP.
Do I understand this right, the rule below penalizes (scores high) anyone
with a .us domain?
Yes, but it only penalizes them when used in a web-page link. Your From:
address, etc won't
At 10:50 AM 1/20/2004, Ricardo Kleemann wrote:
Hi,
How can I change the text that is included in tagged
messages, that includes the servername and also includes my
email address?
perldoc Mail::SpamAssassin::Conf
see the report and clear_report_template options.
(note: don't edit 10_misc.cf..
Changes:
-now catches some gapped-and-obfuscated v-words.
on a test-list of 100 v-word spellings v 0.2 caught 37 of them. v 0.3
catches 65. more improvements in the works.
(thanks for the list Gary)
comments at top have a link to where the file comes from
The ruleset is located at:
If you want your server to be in german, tell it.
export LANG=de
note: this may affect other programs on the system that are language-smart
as well.
At 12:01 PM 1/20/2004, Christopher Kunz wrote:
just a quick question: How do I enable localized rule descriptions?
There's a lot of german rule
At 12:14 PM 1/20/2004, Kenneth Andresen wrote:
Will SA-learn filter all mails for everybody using the same rules, or
how can it work with different rule set for each user/mail account?
by default bayes databases and rulesets are specific to the user that
executes SA (note: that's execution, which
At 12:24 PM 1/20/2004, Pat Traynor wrote:
Spamassassin a couple of times, and I have to suspect that a new version
changed things. Is this something that I can configure somewhere?
start off with spamassassin --lint
I suspect you've got some old and invalid things like defang_mime that are
sounds like you're making your own version of bigevil.cf.
Chris S found that memory usage was greatly reduced by using regex combos
to reduce the number of rules.
At 12:31 PM 1/20/2004, Dan Kennedy wrote:
How efficient are URI rules? I am probably going to have several hundred
of these rules,
At 01:52 PM 1/20/2004, JRiley wrote:
Just curious, if there is a script (be it perl or otherwise), that anyone
has written, that will perform an automated 'download' of the different
SARE (or other) SA rulesets?
I wouldn't think this would too difficult to do, and have a scheduled
restart of
At 03:36 PM 1/20/2004, Adrian Simmons wrote:
Ralf Vitasek wrote:
in case you have SA 2.6x
then just type sa-learn --dump magic
Ah, yes, exactly. And now that I re-read the man page that seems obvious.
I put my lack of understanding down to the non-intuitiveness of the term
'magic' :) Well, at
At 04:25 AM 1/19/2004, Mrvka Andreas wrote:
hi,
i've made a dump of my bayes db but i don't
know exactly the columns.
please explain them.
thanks.
Andrew
Let's use this fictitious example line:
0.029 0 2 1071094490 word
The above line indicates:
0.029: the calculated spam
At 10:40 AM 1/19/2004, John Fleming wrote:
Does that use timing from the sender's computer time, ISP times, or what?
It compares the date and time of the Date: header against the timestamps
added into the Received: headers by the various mail relays.
since the error is in the 6-12 hour range, I
At 11:16 AM 1/19/2004, Claude Frantz wrote:
But when messages
are passed via sendmail (dual config) and amavis, the config file
in /etc/mail/spamassassin/local.cf is not used.
What is wrong here ?
what signs of said failure are you seeing? Keep in mind that any
spam-markup changes you apply to
One more suggestion, in addition to reducing the score for HABEAS_SWE, if
you use bayes, I'd suggest telling bayes to ignore SWE headers.
bayes_ignore_header X-Habeas-SWE-1
bayes_ignore_header X-Habeas-SWE-2
bayes_ignore_header X-Habeas-SWE-3
bayes_ignore_header X-Habeas-SWE-4
At 11:27 AM 1/19/2004, Ron Culler wrote:
I'm having problems with forged headers allowing email with the habeas
tags. What is the best way to force a score for habeas tagged email? I
use spamassassin with spamd and sql based user black/white lists but a
common bayes db.
put something similar to
At 03:02 PM 1/18/04 +0100, Erik van der Meulen wrote:
I get:
debug: Razor Agents 1.20, protocol version 2.
razor 1.20 is a very old version of razor, and 1.x versions are no longer
supported by SA.
try getting razor 2.36 and applying the taint-safeness patch.
At 11:22 PM 1/18/04 +0100, PieterB wrote:
What's the best practice preventing this? Changing SpamAssassin in
some way, masquerading/munging Received-headers, or something else?
1) work with the RBL to get de-listed
2) change ISPs to move your IP to a different block.
And that's about it.. The
] On Behalf Of Matt
Kettler
Sent: Saturday, January 17, 2004 12:06 AM
To: Spamassassin-Talk
Subject: [SAtalk] [RD] antidrug 0.2 available
Fixes a few minor issues:
1) corrected spelling of sildenafil citrate.
2) added vigara to the v-word mis-spelling list
3) added optional leading and trailing gap
At 08:23 PM 1/18/04 -0500, Gerry Doris wrote:
My ip is listed in SORBS for the simple reason that it is in a dynamic
block of addresses administered by my ISP. SORBS just states that I
should use my ISP mail server which I already do.
Since SORBS only adds 0.10 to the spamassassin total I'm not
At 05:49 PM 1/18/04 -0800, Mitch \(WebCob\) wrote:
Problem with this fix is it only fixes things for my users locally - when my
users send mail to someone else, they would have to set the same networks as
trusted.
This is untrue..
What ALL affected admins must do is set trusted_networks to is
At 07:56 AM 1/16/04 -0500, Theodore Heise wrote:
cat tmp | formail -s sendmail theo
Apparently this must process the mail differently than the normal
receiving routine. If I use bounce in Pine, the Bayes results are
approximately the same as before adding the new rules. I don't
quite
At 09:03 AM 1/16/04 -0500, Segree, Gareth wrote:
Text = Rule
1) Received: from [109.42.168.192] by 24.193.45.130 with HTTP = Received
=~ /with HTTP/i
That works..
2) Subject: ?ISO-8859-1? = Subject =~ /(ISO-8859|iso-8859)/ (score = 3.0)
Won't work.. that's a character encoding tag
At 10:03 AM 1/16/04 +0530, Rahul Baweja wrote:
Hi,
How can i check if the Spam Assassin is working or not?
send yourself a GTUBE:
http://www.spamassassin.org/gtube/
---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on
At 09:55 AM 1/16/2004, Michael H. Collins wrote:
line in Spamassassin configuration, skipping: report_header 1
Failed to parse line in Spamassassin configuration, skipping: defang_mime 0
snip
but it has been working for a couple of months through upgrades. And
those lines look good in the
Due to the fun of online pharmacies, I've made this ruleset in my spare time.
http://mywebpages.comcast.net/mkettler/sa/antidrug.cf
It's not perfect, and needs some cleanup and some more obfuscated variants
added in.
However some of the rather abusive pill-spammers of late have made me
decide
Due to the LARGE number of emails coming in citing the same suggestion,
I'll publicly explain one of the rules.
I very much on purpose did not use . for __DRUGS_MALEDYSFUNCTION7 and
__DRUGS_MALEDYSFUNCTION8.
I very purposefully match \W in one, and _ in the other. Between the two it
will
At 01:13 PM 1/16/2004, Carl Chipman wrote:
For the new people on the list, I was wondering what the following acronyms
mean:
LART
Luser Attitude Readjustment Tool.
See http://www.catb.org/~esr/jargon/html/L/LART.html
UBE/UCE
Unsolicited Bulk Email / Unsolicited Commercial Email.
At 04:26 PM 1/16/2004, David Roback wrote:
spamd[28929]: debug: RBL: success for 1 of 1 queries
snip
There is a line for a RBL query, but shouldn't the RBL tests shop up in
the tests line in the debug log? If RBL is not running site wide, any
ideas why?
The thing that strikes me most about that
Fixes a few minor issues:
1) corrected spelling of sildenafil citrate.
2) added vigara to the v-word mis-spelling list
3) added optional leading and trailing gap-characters to the gapped
versions of rules.
4) added some gapped and obfu versions of Cilais
5) added some commentary
At 08:34 AM 1/15/04 -0500, Jeff Fulmer wrote:
Why does HABEAS_SWE score -8.0? EVERYmessage that I recieve that matches
that criteria is spam. I've since added 16 point to HABEAS_SWE.
Read the archives of this list.. this has been discussed almost nonstop
since the weekend...
or read
At 11:14 AM 1/15/04 +0100, Gunther Heintzen wrote:
X-Spam-Status: No, hits=2.6 required=3.9 tests=FORGED_HOTMAIL_RCVD2,
HTML_MESSAGE autolearn=ham version=2.61
It should be autolearn=no because hits=2.6 ist beetween 0.1 and 12.0
Autolearning is not based on the normal message score, it's based
At 09:49 AM 1/15/04 +0100, Sönke Ruempler wrote:
I wonder if i can to something against these spam messages:
Simple starting things to check (if you're not already doing them)
1) use razor, dcc and/or pyzor.
2) Make sure your bayes is heavily trained (really, this batch of poison
has not been
At 07:50 AM 1/15/2004, Tim B wrote:
Hey does anyone know if there are any spamassassin books comming out?
None that I'm aware of.
I've been thinking of writing more guides to go with the rule-writing guide
I made, but haven't started yet.
At 07:11 AM 1/15/2004, Adrian Simmons wrote:
I have a setup involving procmail, SA and Razor, at the moment, every time
I do a razor-report (with | /usr/bin/spamassassin -r in my procmailrc)
my mail spool gets poisoned with something like this:
X-Spam-Checker-Version: SpamAssassin 2.61
At 02:59 PM 1/15/2004, Pierre Thomson wrote:
For some reason, my users don't like to receive these
non-communications. They slip right past SA with only a BAYES_99 penalty,
not enough to stop them. I could add a SUBJECT_MISSING test but it can't
have a high score; any other bright ideas?
At 04:01 PM 1/15/2004, Andrew Cranson wrote:
Would it be possible for an additional mysql preferance for a threshold to
be added to an upcoming spamassassin release for mail deletion? e.g. A
user sets required_hits to 5, and sets deletion_hits to 10, any mail
between 5 and 10 is tagged, anything
At 05:23 PM 1/15/2004, Brian Ipsen wrote:
What would a rule look like to match a pattern like (I've read a little
about matching, but not enough to get it working):
http://(anything).(com|net|org|info)?rid=[0-9]{1,5}
use the uri ruletype.. it will only search within web links:
uri MY_URI_RULE
At 08:01 PM 1/15/2004, Theodore Heise wrote:
My problem is that now Bayes doesn't seem to be working right, as if
SA is ignoring my learned tokens? It also seems to be now missing
some rules that I presume are default (e.g., MSGID_FROM_MTA_SHORT,
PRIORITY_NO_NAME, and CLICK_BELOW) The results
At 08:05 PM 1/15/2004, Adrian Simmons wrote:
After running SA with the -D switch when reporting it looks like there
might be some problems with my Razor installation:
Jan 15 12:29:55.046480 report[14997]: [ 6] computing sigs for mail 1.0,
len 9577
Jan 15 1razor2 report failed: Bad file
At 06:49 PM 1/15/2004, Alice Pawlowich wrote:
Can someone please help me to remove, unsubscribe or disable the spam
assassin? I am a new computer owner and really didn't know what I was
getting into. But do know that I opened an attachment that contained a
virus. I open a lot off these spam
At 03:19 PM 1/14/04 +1100, [EMAIL PROTECTED] wrote:
3. edited /etc/mail/spamassassin/local.cf as
follows
required_hits 6.0
rewrite_subject 1
report_header 1
use_terse_report 1
defang_mime 1
dns_available yes
dcc_add_header 1
use_dcc 1
What version of SA are you using? defang_mime is illegal in any
Yes, it is theoretically possible to do what you suggest..
The first drawback is resources...Habeas would have a fairly heavy-duty
server to generate and validate the signatures..
CPU time might be cheap on a single-user machine, but when you're talking
about global scales, a little bit of
At 09:15 AM 1/14/04 +0100, Jan Erik Skogsholm wrote:
Some Norwegian character will come out with errors and we got
2.8 points from the language test. Is it possible to add this chars to a
list for the Norwegian language?
Not sure how, but there appears to be a database called 'languages' in the
At 08:48 AM 1/14/04 -0500, Jeff Fulmer wrote:
I'd like to assign spam points to any message whose body does not contain
any one of several keywords. But unfortunately, I can't find a body
directive reads all body attachments. I tried body and rawbody but
there are still many body attachments
At 09:20 AM 1/14/04 -0500, Jeff Fulmer wrote:
No. I wouldn't expect it to read PDFs. For example, just now it didn't
read these types:
[-- Type: text/plain, Encoding: 8bit, Size: 1.7K --]
[-- Type: text/plain, Encoding: 7bit, Size: 2.3K --]
[-- Type: text/html, Encoding: 7bit, Size: 4.3K --]
Some examples:
Re: FQCDW, thousand years waiting
Yes, I've seen them.. my bayes training is chewing them up... DNSBLs and
the popcorn rules seem helpful too.
Note that I personally run the popcorn ruleset collapsed into one rule. It
contributes less score overall because it doesn't cascade,
At 03:57 PM 12/19/2003, Kenneth Porter wrote:
I'm seeing a lot of spam with this as the X-Mailer. Is this a real program or
ratware?
(better late reply than never).
This seems to be a somewhat uncommon, but is occasionally used for
legitimate mail (I've only seen it used by Russian posters).
At 01:44 PM 1/14/2004, Gary Funck wrote:
I'd asked this before (with no answer on the 'dev' list),
Not surprising.. unless it's part of active development work ie: discussion
of methods to fix a bug, coding, test results, etc, a post of a general
question to sadev will generally be ignored as
General guidance for unsubscribing yourself from a sorceforge list.
First, find the List-Unsubscribe header embedded in any post to the list.
Such as the one below for this list.
List-Unsubscribe:
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
If your mailclient is brain dead
1 - 100 of 1162 matches
Mail list logo