I would suggest you use SpamStats from http://www.gryzor.com/tools/
I ran both, and SpamStats reported more of both Spam and Ham. I suspect
sa-stats is missing some records.
<>
| -Original Message-
| From: AltGrendel [mailto:[EMAIL PROTECTED]
| Sent: Friday, January 23, 2004 11:43
We are using the script by Nikos Kantarakias called "yet another virus
recipe" for Procmail. See http://agriroot.aua.gr/~nikant/nkvir/
Nikos added Novarg this morning.
<>
| -Original Message-
| From: Jon [mailto:[EMAIL PROTECTED]
| Sent: Tuesday, January 27, 2004 5:08 AM
| To: Ric
iday, January 23, 2004 12:44 PM
| To: Smart,Dan; [EMAIL PROTECTED]
| Subject: RE: [SAtalk] Rules Du Jour v 1.07b
|
| Dan,
|
| On Fri, 2004-01-23 at 09:04, Smart,Dan wrote:
|
| > This command works every time from command line, but not
| passed as a
| > param from SA_RESTART.
| > "
each time putting the commands in one at a
time in the restart if block, which does work, but passing it as the
SA_RESTART parameter would be really nice.
<>
| -Original Message-
| From: Chris Thielen [mailto:[EMAIL PROTECTED]
| Sent: Thursday, January 22, 2004 5:18 PM
| To: S
Thanks. Will try in the AM.
<>
| -Original Message-
| From: Chris Thielen [mailto:[EMAIL PROTECTED]
| Sent: Thursday, January 22, 2004 5:18 PM
| To: Smart,Dan; [EMAIL PROTECTED]
| Subject: RE: [SAtalk] Rules Du Jour v 1.07b
|
| On Thu, 2004-01-22 at 22:57, Smart,Dan wrote:
|
need to make sure postfix starts if the SA_RESTART fails.
<>
| -Original Message-
| From: Chris Thielen [mailto:[EMAIL PROTECTED]
| Sent: Thursday, January 22, 2004 4:04 AM
| To: Smart,Dan; [EMAIL PROTECTED]
| Subject: RE: [SAtalk] Rules Du Jour v 1.07b
|
| On Thu, 2004-01-22 at 14:
Chris:
Great job on the scripts. I have modified the munging on Tripwire (set name
to TW) and BigEvil (comment out WXYZ). How do I add these custom munges to
my_rules_du_jour?
tia
<>
| -Original Message-
| From: Chris Thielen [mailto:[EMAIL PROTECTED]
| Sent: Thursday, January 22,
I hate how formatting gets screwed up sometimes...
##--
## Grab a copy of Habeas SWE with Spam-Status Yes
:0 c:
* ^X-Spam-Status: Yes.*HABEAS_SWE
${SPOOLDIR}/habeas
##--##
<>
| -Original Message-
| From: Smart,Dan
| Sent: Tuesday, January 13, 2004 3:40 PM
| To:
Great idea.
Here's my recipe...
##-
## Grab a copy of Habeas SWE with Spam-Status Yes
:0 c:
* ^X-Spam-Status: Yes.*HABEAS_SWE
${SPOOLDIR}/habeas
##--
Where spooldir is where I store my spam mbox files
<>
| -Original Message-
| From: Charles Gregory [mailto:[EMAIL PROTECTED
I run a P733 with 384MB RAM with Red Hat 7.3. Use
Postfix/Procmail/html-trap (Hardin's Sanitizer)/SpamAssassin combination.
Use DCC, DNSBLs, BigEvil/NovRules/OctRules, Jennifer's
Popcorn/Backhair/Weeds/Cpox, and Bayes with SA. The box is relay only. No
local mail.
I also keep a copy of all head
I'm waiting for Greylisting too. Vernon's DCC stuff is being debugged for
Greylisting which should soon be a reliable engine for this. I use Postfix
as my MTA, so I'm waiting for an integration that happens at MTA handshake.
So far, I haven't seen anything. Some said that there is a Postfix upgr
---Original Message-
| From: Carl Chipman [mailto:[EMAIL PROTECTED]
| Sent: Friday, January 09, 2004 10:32 AM
| To: Smart,Dan
| Subject: RE: [SAtalk] detecting large collections of random words
|
| Btw, why not rename your rules CP_RANDOMWORDS_10 and _15 so
| that the name is more accurate descrip
So I take it that the final rewrite of this rule would be:
cpeterson.cf -
## I've noticed that a lot of spams recently have been following the
random-words technique,
## with very little "spam" content - often just an image or some obfuscated
text. Has anyone
## given any thought to
Alan:
Do you find any value running Pyzor? I gave up on it long ago, as it never
seemed to hit on any quantity of Spam.
BTW: I normally test things by doing a spamassassin -D --lint
<>
| -Original Message-
| From: Alan Munday [mailto:[EMAIL PROTECTED]
| Sent: Tuesday, December 16,
I suggest that instructions to get dccifd running should be included in
INSTALL...
Compile the dcc as directed in INSTALL doc.
Get dccproc running first as described in INSTALL doc.
To use dccifd in Spamassassin fix the dcc_conf and add path settings.
In /var/dcc/dcc_conf:
DCCM_ENABLE=off
DCCM_L
Thanks for the insight.
When I run mass-check-results-to-mbox I get:
---
# sort -rn +1 ham.log | head -20 | ./mass-check-results-to-mbox
open /usr/local/src/confham.1173754 failed: at ./mass-check-results-to-mbox
line 125, <> line 1.
X-Mass-Check-Warning: open /usr/local/
I'm trying to do the mass-check corpus cleanup using the method in
CORPUS_SUBMIT file. My hard-sorted spams and hams are stored in MBOXs.
I'm assuming that the scripts: mass-check-results-to-mbox, mboxget, and
extract-message-from-mbox are used to help in this process to check and
purge improperl
Original Message-
| From: Matt Kettler [mailto:[EMAIL PROTECTED]
| Sent: Thursday, December 11, 2003 10:38 AM
| To: Smart,Dan; [EMAIL PROTECTED]
| Subject: Re: [SAtalk] Running mass-check with local rules
|
| At 10:57 AM 12/11/2003, Smart,Dan wrote:
| >How do you get mass-check to use your local &
How do you get mass-check to use your local "custom" rules in local.cf and
other .cf files?
TIA
<>
---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up for IBM's
Free Lin
e good to go.
|
| Oh, and appears to run faster in our environment than
| dccproc, since it does not need to be instantiated for each
| message scanned.
|
| Bill
| - Original Message -
| From: "Smart,Dan" <[EMAIL PROTECTED]>
| To: <[EMAIL PROTECTED]>
| Sent: Wedne
The DCC documentation says that the dccifd interface is much more efficient
than dccproc. I see from doing a spamassassin -D that it looks for it.
Is there any install procedure for dccifd, and should this be the generally
recommended interface for dcc?
Why or why not?
TIA
<>
--
How would you run a spamassassin --lint to check if the file is ok before
sending the mail and restarting?
Ideas?
<>
| -Original Message-
| From: Smart,Dan
| Sent: Friday, December 05, 2003 3:21 PM
| To: [EMAIL PROTECTED]
| Subject: RE: [SAtalk] bigevil.cf + rsync?
|
| Than
Thanks for the script Gary/Peter. I've cleaned things up and here is what I
put together:
#!/bin/sh
## This file updates the big evil policy file for spam assassin
DATE=`date +"%Y%m%d-%H%M"`
[ -f /tmp/bigevil.cf ] && rm -f /tmp/bigevil.cf
wget -N http://www.merchantsoverseas.com/wwwroot/gorilla
}"
:0 ci
| /usr/bin/sa-learn --forget
}
<>
| -Original Message-----
| From: Smart,Dan
| Sent: Friday, December 05, 2003 12:46 PM
| To: [EMAIL PROTECTED]
| Subject: RE: [SAtalk] SA-Talk poisoning Bayes
|
| Since this is not a delivering recipe (not to a file or pip
ering in the procmail log
LOG="${NL}Forgetting Bayes Poison${NL}"
:0 ci
| /usr/bin/sa-learn --forget
}
<>
| -----Original Message-
| From: Smart,Dan
| Sent: Friday, December 05, 2003 8:47 AM
| To: [EMAIL PROTECTED]
| Subject: RE: [SAtalk] SA-Talk poisoning B
This evaluates to an Or statement
:0 Ec
| /usr/bin/sa-learn --forget
---
Not sure if I need to clone,
<>
| -Original Message-
| From: Matt Kettler [mailto:[EMAIL PROTECTED]
| Sent: Thursday, December 04, 2003 10:22 AM
| To: Smart,Dan; [EMAIL PROTECTED]
| Sub
In reading the sa-learn man file, it says running discussions of spam
through sa-learn is bad. Does SA take this into account already, or should
I create a procmail rule to bypass SA for messages from SATalk and
(possibly) Postfix-List ?
<>
Not to get nitpicky, but could you add a one line comment of what was
patched in the release, and retain old ones for history?
I just downloaded 1.57a and it would be helpful to know what was fixed.
Nothing detailed...like:
... Example
# Dec 4, 03 9:35 AM EST
## 1.57a - Typo fixed in BigE
So if I set the Journal to a really big number, like 10MB, then the
once-per-day opportunistic sync rule should kick in and sync once per day.
So a sync takes as much or more memory than an expiration run?
<>
| -Original Message-
| From: Theo Van Dinter [mailto:[EMAIL PROTECTED]
| Sent
?
Is the goal to get the journal syncing about the same frequency as an expiry
run is made?
TIA
<>
| -Original Message-
| From: Ted Cabeen [mailto:[EMAIL PROTECTED]
| Sent: Friday, November 14, 2003 6:22 PM
| To: [EMAIL PROTECTED]
| Cc: Smart,Dan; [EMAIL PROTECTED]
| Subje
Easynet.nl goes offline on Dec 1
Be sure to set
score RCVD_IN_DYNABLOCK 0
(unless you rsync this list locally)
Another DNSBL death
<>
---
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you b
I'm working on just that.
My thought, and I must admit I don't know all the theory involved, is that
the effectiveness of Bayes and the FN/FP is purely a function of how you
trained it. The *ONLY* way (in my mind) to score the Bayes functions would
be to train it and run the Mass-check. I'm work
0 3.0
score BAYES_98 4.0
score BAYES_99 5.4
-
Comments?
<>
| -Original Message-
| From: Ted Cabeen [mailto:[EMAIL PROTECTED]
| Sent: Friday, November 14, 2003 6:22 PM
| To: [EMAIL PROTECTED]
| Cc: Smart,Dan; [EMAIL PROTECTED]
| Subj
If you install the textcat with user root, but run spamd as another user,
make sure that everyone can read the installed libraries. I had this
problem. Not sure what caused it. Some libraries had global read, some
didn't.
<>
| -Original Message-
| From: Frederick M Avolio [mailto:[
Title: Blank Stationery
I'm running Bayes site wide with about
45,000 messages per day. Is there any harm in increasing the
bayes_expiry_max_db_size and bayes_journal_max_size limits?
If it's ok to make bigger, what is the
maximum before something bad starts happening?
<>
I don't use Razor or Pyzor partly for this reason, and partly due to delay
issues.
By the way...
When discussing why certain rules have certain scores, the set of scores
that make no sense to me is the scoring given to Bayes:
--50_scores.cf --
score BAYES_00 0 0 -4.901 -4.900
sco
Since we are a company, I don't get too hung up over these. I more worry
about newsletters people get for their work. I usually just delete the
"non-business" stuff, and don't run them as either spam or ham.
<>
| -Original Message-
| From: Larry Gilson [mailto:[EMAIL PROTECTED]
| Sent:
I use Bayes for site-wide and love it. I have a recipe in my Procmail to
grab any message that scores between 6 and 10, and store it in a "suspect"
MBOX. Once a week I look through this for false positives and move to a
"ConfirmedHam" MBOX, and move the rest to "ConfirmedSPAM" MBOX. I look at
th
I think my slowness was due to Razor. I disabled it, and now average 3.5
seconds on an 866Mhz RH7.3 box. Never tried pyzor, too much addons to get
working. I set my rbl and the rest to 5 seconds too..
<>
| -Original Message-
| From: Henrik Schmiediche [mailto:[EMAIL PROTECTED]
| Sent
OK,
I'm thinking this has something to do with my config. Will tell you what I
come up with when done testing.
<>
| -Original Message-
| From: Theo Van Dinter [mailto:[EMAIL PROTECTED]
| Sent: Friday, October 03, 2003 10:04 AM
| To: Smart,Dan
| Cc: [EMAIL PROTECTED]
|
| -Original Message-
| From: Theo Van Dinter [mailto:[EMAIL PROTECTED]
| Sent: Friday, October 03, 2003 9:42 AM
|
| nothing from the SA side. if your libdb/DB_File is out of
| date, you may want to update them.
perl-DB_File-1.75-36.1.73
Not sure how to check the libdb version, but
nk of?
<>
| -Original Message-
| From: Theo Van Dinter [mailto:[EMAIL PROTECTED]
| Sent: Friday, October 03, 2003 8:39 AM
| To: Smart,Dan
| Cc: [EMAIL PROTECTED]
| Subject: Re: [SAtalk] 2.60 Upgrade - SpamD not using trained
| bayes databas e
|
| On Fri, Oct 03, 2003 at 08:33:06AM -0500, Smar
| -Original Message-
| From: Theo Van Dinter [mailto:[EMAIL PROTECTED]
| Sent: Thursday, October 02, 2003 9:13 AM
|
| Just to check: are you learning to journal, and did you sync
| the journal before "dump magic"?
I'm not sure I understand your question. If you are asking if I tried a
| -Original Message-
| From: Theo Van Dinter [mailto:[EMAIL PROTECTED]
| Sent: Thursday, October 02, 2003 9:13 AM
| Just to check: are you learning to journal, and did you sync
| the journal before "dump magic"?
Could the database size have caused all my learned spam/ham to be
eliminated
That worked. I did a --forget for both ham and spam files then relearned
them.
Now the --dump magic looks right. Thanks for the suggestions.
Mission control, I think we have a problem here...
<>
| -Original Message-
| From: Smart,Dan
| Sent: Wednesday, October 01, 2003 9:53 A
| -Original Message-
| From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
| Sent: Wednesday, October 01, 2003 5:58 PM
| It's got to be reading the wrong files.
|
| Do an "sa-learn" of a small number of mails with -D on. Then run
| "sa-learn -D --dump magic". Post the 2 log files and
Title: Blank Stationery
Can you trap just headers to train
bayes? An :0hci created file is much smaller than a :0ci
file.
<>
ubject: RE: [SAtalk] 2.60 Upgrade - SpamD not using trained
| bayes databas e
|
| On Tue, 30 Sep 2003, Smart,Dan wrote:
|
| > For whatever reason, SA does not think I have any ham. Yet
| when I run
| > sa-learn --ham I get:
| >
| > debug: Failed to parse line in SpamAssa
oken data:
bayes db version0.000
0
1687 0 non-token
data: nspam0.000
0
0 0 non-token data:
nham0.000
0
36864 0 non-token
data: ntokens snip
What
gives?
<>
From: Smart,Dan Sent: Tu
er pid: 19659logmsg: server
started on port 783/tcp (running version 2.60)
snip
Its not a
config file issue.
From: Smart,Dan Sent: Tuesday, September
30, 2003 8:22 AMTo:
[EMAIL PROTECTED]Subject: RE: [SAtalk] 2.60
Upgrade - SpamD not using trained bayes databas e
Title: Blank Stationery
A little more info:
Just upgrade from SA 2.55 to 2.60. I've got everything working except for
SPAMD not using the Bayes database. I need help debugging.
I run this on RH 7.3 with
Postfix and Procmail
<>
From: Smart,Dan Sent: Monday, Sept
Title: Blank Stationery
I just finished training my new bayes
classifier with my spam and ham files. Since I run SPAMD as a user "-u
filter", I did this as user "filter".
'su filter', then sa-learn --ham and
--spam. The database has been created, and running sa-learn --dump I
get:
/5.6.1/i386-linux to 0755 using command
chmod -v 755 `find . -type d `
<>
From: Smart,Dan Sent: Thursday, September
25, 2003 11:01 AMTo:
'[EMAIL PROTECTED]'Subject: Sa 2.60 SPAMD
errors... And razor 2.36 errors...
Problems with the new 2.60
sa...
u
Title: Blank Stationery
I used to run timelog_path when I wanted to
see how long things took in SA?
now spamd says its can't parse this
variable.
How do you get timings now?
<>
Title: Blank Stationery
I might mention on the
razor issue is that is works when running as 'root', but not as user
'filter'
Also, SPAMD loads fine as
user 'root' but not 'filter'
From: Smart,Dan Sent: Thursday, September
25, 2003
Title: Blank Stationery
Problems with the new 2.60
sa...
using user filter...
/root:# spamd -D -x -u filter -H /home/filterdebug: Score set 0
chosen.debug: Running in taint mode, removing unsafe env vars, and resetting
PATHdebug: PATH included '/usr/local/adm', which doesn't exist,
dropp
Classification: PUBLIC
In a sitewide config I run:
Postfix v1.1.11
Procmail v3.15.2 (Most stable version)
Hardin's html-trap recipe v1.136
SpamAssassin v2.43
Razor2 v2.20
Pyzor v0.4.0
DCCProc v1.1.15
All works well. Only issue is sometimes SPAMD daemon quits. I understand
this is fixed in the v
Classification: PUBLIC
My start script looks like this:
Use chkconfig --add to run at startup...
-
#!/bin/sh
#
# spamassassin This script starts and stops the spamd daemon
#
# chkconfig: 2345 80 30
#
# description: spamd is a daemon process which uses SpamAssassin to check
#
Classification: PUBLIC
If anyone is interested
I run a low/medium volume (35,000/day), site-wide SA corporate installation
behind Postfix. Here's my local.cf updates that seem to have tuned things
well for me.
BTW: I kill messages 7.0 and higher (but carboncopy headers to MBOX). I
carbonc
tting razor debug level to 15, verbose debug is written by razor to
razor-agent.log.
By looking at the razor-agent.log, I saw that the two files weren't being
written to.
Be sure to set debuglevel back to 5 for transactions or 1 for startup and
errors only
<>
|-Original Message-----
|
Classification: PUBLIC
I'm located on a T-1 into the AT&T Atlanta hub. No "barbed wire" here.
Thanks for the info.
<>
|-Original Message-
|From: Theo Van Dinter [mailto:[EMAIL PROTECTED]]
|Sent: Monday, November 04, 2002 10:31 AM
|To: Smart, Dan
|Cc: [EMAI
Classification: PUBLIC
In my timings, I have found that the public Razor2 takes a minimum of 8
seconds, and an average of 10 seconds. It often goes much longer: 15-18
seconds.
Question #1: Has the timeout parameter for Razor been fixed?
Question #2: Does anyone get better performance than this?
Classification: PUBLIC
I should note that I snipped off all the variable assignment for clarity...
|-Original Message-
|From: Smart, Dan
|Sent: Friday, November 01, 2002 8:55 AM
|To: 'Thomas Nyman'; [EMAIL PROTECTED]
|Subject: RE: [SAtalk] spamd/spamc and J.Hardin Email
Classification: PUBLIC
Here's my Procmail that runs like a champ.
= procmailrc ==
# Run Sanitizer
INCLUDERC=${BINDIR}/local-rules.procmail
INCLUDERC=${BINDIR}/html-trap.procmail
# Run SpamAssassin Daemon Client
# Calling SpamAssassin D
Classification: PUBLIC
Ralf is a *major* contributor to Postfix group. He's the king of REGEX in
Postfix. I moved to SA after trying to do filtering in Postfix. The binary
mode of one hit killing a message caused too many false positives. That's
why I moved to SA for SPAM filtering.
<>
|
Classification: PUBLIC
Install daemon version of SpamAssassin
Copy script from tar directory/spamd for redhat to /etc/rc.d/init.d
directory
cp redhat-rc-script.sh /etc/rc.d/init.d/spam
this also renames it to spam
chmod 755 /etc/rc.d/
Dinter [mailto:felicity@;kluge.net]
|Sent: Wednesday, October 16, 2002 6:32 PM
|To: Smart, Dan
|Cc: [EMAIL PROTECTED]
|Subject: Re: [SAtalk] Pyzor & DCC not found
|
|
|On Wed, Oct 16, 2002 at 01:59:53PM -0500, Smart, Dan wrote:
|> debug: DCC is not available: dccproc not found
|> debug: Pyzor is not avai
Classification: PUBLIC
I tried back revving to Razor 2.14. This didn't make a difference.
Not sure what to do next.
<>
|-Original Message-----
|From: Smart, Dan [mailto:[EMAIL PROTECTED]]
|Sent: Wednesday, October 16, 2002 2:00 PM
|To: [EMAIL PROTECTED]
|Subject: [SAtalk]
Classification: PUBLIC
I'm running the release 2.43 code.
I had Razor2, DCC, and Pyzor all running under 2.42 and 2.43.
Now, all of a sudden, DCC and Pyzor have quit running.
When I loaded spamd from command prompt it says:
> spamd -D -x -a -m 8 -u filter -H /home/filter
debug: DCC is not ava
My SA is taking 10 seconds each run now with 2.42. How do I figure out
where the delay is?
Also, is there a way to add headers from Razor and Pyzor to messages the
same way you can for DCC?
<>
Dan Smart
Vulcan Materials
Daniel J Smart (E-mail).vcf
Description: Binary data
mailto:[EMAIL PROTECTED]]
|Sent: Wednesday, October 09, 2002 5:54 PM
|To: Smart, Dan
|Cc: [EMAIL PROTECTED]
|Subject: Re: [SAtalk] Razor can't log
|
|
|On Wed, Oct 09, 2002 at 05:04:45PM -0500, Smart, Dan wrote:
|> razor2 check skipped: Permission denied Can't call method "log&quo
I've loaded SA 2.42. I'm trying to get Razor2 to run. All registration,
etc is running fine. However, I get the following error in my Maillog:
razor2 check skipped: Permission denied Can't call method "log" on unblessed
reference at /usr/lib/perl5/site_perl/5.6.1/Razor2/Client/Agent.pm line 21
Got the dist from python.org
http://www.python.org/ftp/python/2.2.1/rpms/rh7.2/python2-2.2.1-1.i386.rpm
Surprised its not in there.
Will get the TAR and load that way.
<>
|-Original Message-
|From: Nix [mailto:[EMAIL PROTECTED]]
|Sent: Monday, October 07, 2002 2:52 PM
|To: Smar
I'm trying to load Pyzor. I get an error:
[root@lewis pyzor-0.4.0]# python setup.py build
Traceback (innermost last):
File "setup.py", line 2, in ?
import distutils.core
ImportError: No module named distutils.core
I've loaded a current copy of python 2 (Python 1 is still loaded)
[root@le
I use John Hardin's Sanitizer Procmail script for this.
http://www.impsec.org/email-tools/procmail-security.html
<>
|-Original Message-
|From: Skip Montanaro [mailto:[EMAIL PROTECTED]]
|Sent: Friday, September 13, 2002 9:12 PM
|To: Lars Hansson
|Cc: [EMAIL PROTECTED]
|Subject: Re: [SAtal
>From another list (for John Hardin's Sanitizer)...
-- Snip ---
On Fri, 2002-07-05 at 15:21, Brett Glass wrote:
(Subject, dropped F at start of message.)
> This problem is so common that maybe someone should publish an AQ
> about it. ;-)
Just had this happen the other day because
Oops.
Finally saw the last Procmail example.
Ok, I know why the E flag is being used.
But why the EXITCODE. I use Postfix for MTA. Will it understand some
specific errorlevel that SPAMC is setting?
<>
|-Original Message-
|From: Smart, Dan [mailto:[EMAIL PROTECTED]]
|Sent: Wed
Olivier:
Looked at your Procmail script
What comes before the recipe:
:0fwE
| /usr/local/bin/spamc -u $LOGNAME
The "E" flag says run of preceding recipe conditions were not met. What is
this test?
Also, why do you set the ExITCODE in case of a failure?
:0e
{
EXITCODE=$?
}
Does Procmail
Right before resending, kill the bad ones. Just test for 20 *'s. I write
the killed to a MBOX I can review later for collateral damage. Just send to
/dev/null to kill. If you kill, you don't need locking so the :0 should be
used instead of :0: BTW.
<>
# Save SPAM to SPAM MBOX and kill
# Tes
Is the 2.40 CVS good enough to use in production yet?
<>
|-Original Message-
|From: Theo Van Dinter [mailto:[EMAIL PROTECTED]]
|Sent: Wednesday, July 17, 2002 12:51 PM
|To: Smart, Dan
|Cc: [EMAIL PROTECTED]
|Subject: Re: [SAtalk] Razor no longer works for me!
|
|
|On Wed, Jul 17
Not sure when this started, but Razor no longer works. When running spamd
-D, I get the following.
After messing with configs, now I get a new error
Original spamd output
debug: Razor is available
debug: Razor Agents 1.20, protocol version 2.
debug: Read server list from /home/filte
I didn't install IP-Tables / Linux Firewall when setting up my mail server
concerned about a performance hit. I have since reconsidered, as this would
beef up security. Is there any issue with running a local firewall on the
mail / SA gateway. I know I need to worry about the DCC / razor protoc
I do this in Procmail with the following right before copying tagged
messages to MBOX files for logging.
- snip -- procmailrc -
# Put From at beginning for MBOX format so Pine can read
:0 fhw
| formail -I "From " -a "From "
- snip ---
<>
|-Original Message-
|From:
New Razor 2.08 was a breeze to install. Just need the prereq libraries that
you can get using the perl CPAN function that the SA Install suggest for
SpamAssassin. Be sure to download the SDK, and it will save a big headache.
DCC was trickier since there's zip for documentation. Key is to creat
_NULL_BLOCK,EXCUSE_16,FORGED_EBAY_RCVD,RCVD_IN_XBL,AWL
version=2.40
X-Spam-Level:
Parts/Attachments:
|-Original Message-
|From: Bart Schaefer [mailto:[EMAIL PROTECTED]]
|Sent: Friday, June 21, 2002 12:49 PM
|To: Smart, Dan
|Cc: spamassassin li
The CVS won't let me login either, to try for any updates.
Anything up with that?
|-Original Message-
|From: Smart, Dan [mailto:[EMAIL PROTECTED]]
|Sent: Friday, June 21, 2002 12:21 PM
|To: [EMAIL PROTECTED]
|Subject: [SAtalk] FORGED_EBAY_RCVD broken!
|
|
|
|What'
sassin list
|Subject: Re: [SAtalk] FORGED_EBAY_RCVD broken!
|
|
|Dan,
| How do you "set score to 0.0"? I'm having the opposite
|problem. All
|my scores in the Debug log are 0.0! But spamassassin -t works fine.
|
|Any suggestions?
|
|-j
|
|On Fri, 21 Jun 2002, Smart, Dan wrote:
|
What's up with FORGED_EBAY_RCVD? Installed the CVS and now its been hitting
on most (all?) messages. Had to set score to 0.0
<>
---
Sponsored by:
ThinkGeek at http://www.ThinkGeek.com/
___
Spamass
Since things are fairly stable now with 2.31, might I suggest we share our
local.cf updates to learn from each other what site-specific tuning we have
done. May help the whole group and give ideas for better base rules.
local.cf
--- snip ---
required_hits 5.1
scor
hu, 20 Jun 2002 08:57:33 -0500,
|Smart, Dan said
|that ...
|
|>SD- I copy all message headers as a log to a MBOX mailbox
|using the Procmail
|>SD- :0chi: command. The 'c' command copies rather than
|filters, i ignores write
|>SD- errors.
|>SD- I copy all the full mail
|-Original Message-
|From: Chris Lott [mailto:[EMAIL PROTECTED]]
|Sent: Thursday, June 20, 2002 12:16 PM
|I am using spamd and postfix... two quick questions:
|
|1) Do I need to restart spamd or postfix after making changes to the
|local.cf?
Yes. I do a postfix stop, then restart spamd
91 matches
Mail list logo
