How can I verify whether my system is really using DNSBLs? From what I have
read all I need to
do is install Net::DNS. I have read as well that if the filtering gateway is
running a local
nameserver that it should not be pointing to itself otherwise the DNSBLs
mechanism will fail.
And is
Hello Loren, Stuart,
Monday, December 6, 2004, 9:27:52 PM, you wrote:
LW Most of the empty spams also lack a To: address, although
LW they may have a From. I've found that checking for missing body,
LW missing subject, and missing To: is pretty accurate.
LW One could probably argue that a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jason Haar writes:
I'm the author of the Qmail content filter Qmail-Scanner, and currently
it calls spamc as spamc -u [EMAIL PROTECTED] so as to help out the sites
doing per-user SA configs.
I've assumed that anyone wanting to do this would
Peter Matulis wrote:
How can I verify whether my system is really using DNSBLs?
If it's using them, many of your spams will show up with BL tests
hitting in the header.
You can also take a nice juicy spam and feed it to spamassassin with the
-D flag and watch the trace messages.
Best regards,
I'm trying to run sa-stats.pl on my spamd logs and get this on every line it
parses WARNING: line not in syslog format. Spamd is run with these options
spamd -d -i interface -u spamd -s /var/log/spamd.log. sa-stats.pl finds the
logfile automatically and begins parsing it but generates the
On Tue, 2004-12-07 at 17:22 -0600, David B Funk wrote:
On Tue, 7 Dec 2004, Thomas Cameron wrote:
Hrm - that makes a lot of sense. I am using spamass-milter (the latest
from CVS as of about a week ago).
I actually have the following at the bottom of my sendmail.mc:
INPUT_MAIL_FILTER
hi all,
i'm a little confused with spamassassin/spamd/spamc and i hope somebody
can make this clear to me. i have the problem that functions of
spamd/spamc aren't supported by spamassassin.
for example: i use the bayes with mysql that works fine with spamd/spamc and
spamassassin.
if i want to
Matthew Newton wrote:
Hello,
I've recently installed SA 3.0.1, and found some junk was
getting through with scores too low for my liking, especially before the
URLs made it into SURBL. I've put together a few rules to match some
of these that you might find interesting.
They are:
Finally, a string
t/dnsbl.Bareword found in conditional at t/dnsbl.t line
15.
Not found: P_2 =
dns:134.88.73.210.dnsbltest.spamassassin.org [127.0.0.4]
# Failed test 1 in t/SATest.pm at line 530
Not found: P_7 =
dns:134.88.73.210.sb.dnsbltest.spamassassin.org?type=TXT
#
How to configure URIDNSBL on Freebsd? It does not seem to work by default.
-Andrew
On Wed, Dec 08, 2004 at 12:11:53PM +0100, Werner Detter wrote:
if i want to force spamassassin to lookup user_scores in a mysql database
it only works with spamd/spamc, not with spamassassin.
is this a known issue or just a bug?
my userpref table looks like follows
That is how it works,
On Wed, Dec 08, 2004 at 02:22:07PM +0100, Alex Broens wrote:
Matthew Newton wrote:
I've recently installed SA 3.0.1, and found some junk was
getting through with scores too low for my liking, especially before the
URLs made it into SURBL. I've put together a few rules to match some
of these
-Original Message-
From: Peter Matulis [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 07, 2004 6:55 PM
Subject: verifying DNSBLs
And is there any difference in performance between
implementing them via SA or the MTA? Thank you.
As far as I know, most uses of DNSBLs at the MTA
OK, we know that the popular domains like yahoo.com and such are hard coded
into SA to be skipped on DNSRBL lookups. But it would be great to have a
function to add more locally.
Thinking one step bigger, it would be even better to feed this a file. This
way maybe SURBL can create a file for the
At 10:17 AM 12/8/2004 -0500, Chris Santerre wrote:
OK, we know that the popular domains like yahoo.com and such are hard coded
into SA to be skipped on DNSRBL lookups. But it would be great to have a
function to add more locally.
Um. They are?? AFAIK there are absolutely no whitelists to the
By default, the sa-stats.pl uses the log file /var/log/maillog
You need to tell sa-stats to use a different log
Example:
./sa-stats.pl -l /var/log/spamd.log -s midnight -e now
Steve
-Original Message-
From: James [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 07, 2004 10:29 PM
To:
Matthew Newton wrote:
On Wed, Dec 08, 2004 at 02:22:07PM +0100, Alex Broens wrote:
Matthew Newton wrote:
I've recently installed SA 3.0.1, and found some junk was
getting through with scores too low for my liking, especially before the
URLs made it into SURBL. I've put together a few rules to
Chris Santerre wrote:
Was the whitelist you were referring to really the SURBL server-side
whitelist?
Yes! But local SURBL whitelists are needed to reduce traffic and time.
I'd much rather see SURBL respond with 127.0.0.0 with a really large TTL
for white listed domains. Any sensible setup
We have been using SA for over a year now. It has been great to us. I
just upgraded both of our filters to SA 3.0.1 last night. I just have
one question. When using the auto learn command, how do you get spam
messages to the spam filter, in order to run auto learn? For example,
our spam
On Wed, Dec 08, 2004 at 10:26:15AM -0500, Matt Kettler wrote:
At 10:17 AM 12/8/2004 -0500, Chris Santerre wrote:
OK, we know that the popular domains like yahoo.com and such are hard coded
into SA to be skipped on DNSRBL lookups. But it would be great to have a
function to add more locally.
- Original Message -
From: Daryl C. W. O'Shea [EMAIL PROTECTED]
Was the whitelist you were referring to really the SURBL server-side
whitelist?
Yes! But local SURBL whitelists are needed to reduce traffic and time.
I'd much rather see SURBL respond with 127.0.0.0 with a
-Original Message-
From: Bill Landry [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 08, 2004 11:04 AM
To: users@spamassassin.apache.org; [EMAIL PROTECTED]
Subject: Re: Feature Request: Whitelist_DNSRBL
- Original Message -
From: Daryl C. W. O'Shea [EMAIL PROTECTED]
On Wed, Dec 08, 2004 at 10:57:44AM -0500, shane mullins wrote:
We have been using SA for over a year now. It has been great to us.
I just upgraded both of our filters to SA 3.0.1 last night. I just
have one question. When using the auto learn command, how do you get
spam messages to the
Getting off topic here, but the all caps is probably a holdover from
the old SABRE airline reservation system which used a 6-bit codeset
to reduce the transmission time on their (at the time) slow data links.
Actually it was because the SABRE machines also used a 5-bit code set (and
still
On Mon, Dec 06, 2004 at 10:27:29AM -0600, Jon Dossey wrote:
Wow! 0.1 seconds, now that's fast!
Then I saw this: tests=none
I guess it would be fast if it doesn't have to really *do* anything!
tests=none just mean that it didn't hit any rules, not that it didn't
run
any
rules.
On Wed, 8 Dec 2004 08:03:35 -0800, Bill Landry [EMAIL PROTECTED] wrote:
I agree, and have suggested a whitelist SURBL several times on the SURBL
discussion list, but it has always fallen on deaf ears - nary a response.
It would be nice if someone would at least respond as to why this is not a
Hi!
I have three Sun Fire servers running Solaris 9 and SpamAssassin 3.0.1.
SpamAssassin memory usage seems grow a lot. The machines have 2Gb RAM
each, and I have an hourly cron job that restarts SpamAssassin if more
than 1.5Gb memory is used (if the machine starts swapping, performance
goes
FYI (and for future list-searchers), the problem with URIDNSBL
appearing to work but not actually scoring was because the host's
resolv.conf included 127.0.0.1, which apparently something doesn't
like.
Peter Matulis just sent an unrelated email to the list mentioning
this, and after checking it
FYI (and for future list-searchers), the problem with URIDNSBL
appearing to work but not actually scoring was because the host's
resolv.conf included 127.0.0.1, which apparently something doesn't
like.
I find it pretty hard to believe it couldn't resolve off itself. Have
you checked your
- Original Message -
From: Chris Santerre [EMAIL PROTECTED]
-Original Message-
From: Bill Landry [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 08, 2004 11:04 AM
To: users@spamassassin.apache.org; [EMAIL PROTECTED]
Subject: Re: Feature Request: Whitelist_DNSRBL
On Mon, Dec 06, 2004 at 10:27:29AM -0600, Jon Dossey wrote:
Wow! 0.1 seconds, now that's fast!
Then I saw this: tests=none
I guess it would be fast if it doesn't have to really *do*
anything!
tests=none just mean that it didn't hit any rules, not that it
didn't
run
any
- Original Message -
From: David Hooton [EMAIL PROTECTED]
On Wed, 8 Dec 2004 08:03:35 -0800, Bill Landry [EMAIL PROTECTED]
wrote:
I agree, and have suggested a whitelist SURBL several times on the SURBL
discussion list, but it has always fallen on deaf ears - nary a
response.
It
I find it pretty hard to believe it couldn't resolve off itself. Have
you checked your firewall rules, and your named.conf to see if you've
allowed-query 127.0.0.1 in your options statement? Have you tried
resolving anything locally, while ssh'ed into the box? What about using
another IP
How about a way to use wildcards with uridnsbl_skip_domain? I'd like to
be able to tell the SURBL code not to look up
*.gov
*.mil
*.edu
and even *.??.us
since these are unlikely to be hosting spammer web pages.
Larry
-Original Message-
From: Rosenbaum, Larry M. [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 08, 2004 11:47 AM
To: users@spamassassin.apache.org
Subject: RE: Feature Request: Whitelist_DNSRBL
How about a way to use wildcards with uridnsbl_skip_domain?
I'd like to
be able to tell
Bill Landry wrote:
From: Chris Santerre [EMAIL PROTECTED]
Well we have talked about it and didn't come up with a solid
answer. The idea would cause more lookups and time for those who
don't cache dns.
It doesn't cause more lookups for anyone. A local white list file would
reduces
I want to run spamassassin on my existing /var/mail/mymailbox and only move
all the spam mail into /var/mail/spam .
Is there a way to do that?
thanks
Andrew
We do have a whitelist that our private research tools do
poll. The
idea is that if it isn't in SURBL then it is white.
This also puts more work to the already overworked contributors. ;)
How so? The lookup code is already compatible as is, it's
just a matter
of adding the records
Like I said before it finds and reads the spam log file fine. It
occurs when parsing the actual log file, it does not have trouble
locating it. Any other ideas?
- James
Steve Dimoff wrote:
By default, the sa-stats.pl uses the log file /var/log/maillog
You need to tell sa-stats to use a
Andrew Xiang wrote:
I want to run spamassassin on my existing /var/mail/mymailbox and only move
all the spam mail into /var/mail/spam .
Is there a way to do that?
thanks
Andrew
you could run spamassassin -e on the message and then make a quick
script to check the return status and move the
Michael Barnes wrote:
What you are asking about is manual learning in the event of an error
by SA.
Unfortunately, once the mail gets to a user (depending on their
computer skills), its pretty much gone.
*Especially* if they're using Outlook. Ugh. :(
What I mean, is that to feed the
Good day, Andrew,
On Wed, 8 Dec 2004, Andrew Xiang wrote:
But I have a whole mbox with 10,000 messages. How can I pipe all the
messages and move them?
- Original Message -
From: Jim Maul [EMAIL PROTECTED]
To: Andrew Xiang [EMAIL PROTECTED]
Andrew Xiang wrote:
I want to run
William Stearns wrote:
Good day, Andrew,
On Wed, 8 Dec 2004, Andrew Xiang wrote:
But I have a whole mbox with 10,000 messages. How can I pipe all the
messages and move them?
- Original Message -
From: Jim Maul [EMAIL PROTECTED]
To: Andrew Xiang [EMAIL PROTECTED]
Andrew Xiang wrote:
I
It seem to copy all the emails into the temp file. It does not remove spam
from the mbox.
The purpose is to remove all the spams inside mailbox.
-Andrew
- Original Message -
From: William Stearns [EMAIL PROTECTED]
To: Andrew Xiang [EMAIL PROTECTED]
Cc: Jim Maul [EMAIL PROTECTED];
Here's the latest info on exit0.us wiki.
Sorry for the inconvenience.
---BeginMessage---
Chris Santerre wrote:
LOL, what happened to exit0.us
--Chris
-Original Message-
From: Brylski, Markus [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 08, 2004 11:25 AM
To: [EMAIL PROTECTED]
-Original Message-
From: AltGrendel [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 08, 2004 1:50 PM
To: users@spamassassin.apache.org
Subject: [Fwd: Re: FW: Any idea what happened to exit0.us]
Here's the latest info on exit0.us wiki.
Sorry for the inconvenience.
Gah!
[Originally sent this to dev, realized it's more of a user question,
posting here.]
Hey all,
I've been doing some hacks to Mimedefang to allow per-user configuration
to be read from LDAP (using the SA ldap stuff), and have it working,
except for the fact that preferences do not get cleared
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Matthew Newton writes:
I have three Sun Fire servers running Solaris 9 and SpamAssassin 3.0.1.
SpamAssassin memory usage seems grow a lot. The machines have 2Gb RAM
each, and I have an hourly cron job that restarts SpamAssassin if more
than 1.5Gb
Kevin W. Gagel wrote:
I'm having a bit of trouble getting my subjects rewriten
with sa 3.01. Any suggestions would be appreaciated. I'm
using spamd/spamc.
Here is an example of the headers that I do get added:
Subject: =?Windows-1251?B?4PHy8O7r7uPo/yDiIOHo5+3l8eU=?=
MIME-Version: 1.0
--snip--
My
This sounds like it has something to do with the switching users code. I
don't know how it is done, but I know it is in spamd somewhere, and uses
Storable to store the user configs. There is special stuff (I believe)
somewhere that is supposed to get invoked when switching users in a database
Maybe change the order of report_safe and rewrite_header?
Loren
How i can disable the spamassassin report.
I would like a Subject rewrite only, and not the report with original email
as attachment.
Thanks
On Wed, 8 Dec 2004, Loren Wilton wrote:
This sounds like it has something to do with the switching users code.
I don't know how it is done, but I know it is in spamd somewhere, and
uses Storable to store the user configs. There is special stuff (I
believe) somewhere that is supposed to get
Hello
On Wed, Dec 08, 2004 at 12:42:02PM -0800, Justin Mason wrote:
I have three Sun Fire servers running Solaris 9 and SpamAssassin 3.0.1.
SpamAssassin memory usage seems grow a lot. The machines have 2Gb RAM
each, and I have an hourly cron job that restarts SpamAssassin if more
than
On Wed, Dec 08, 2004 at 10:28:28PM +, Matthew Newton wrote:
The only external stuff I'm using is SURBL. Auto whitelists is
turned on, too. Bayesian is off, as are razor/pyzor/dcc. I want
to turn on some of these extra services sometime (looking at the
possibility of running a DCC server),
Right you are Rick, however its still not coming out
correctly I'm not getting the score in it.
This is what I got:
Subject: ***SPAM ***
With local.cf set to:
rewrite_header Subject ***SPAM _Score_***
- Original Message Follows -
Date: Wed, 08 Dec 2004 16:33:45 -0500
---snip---
My
On Wed, Dec 08, 2004 at 02:45:06PM -0800, Kevin W. Gagel wrote:
With local.cf set to:
rewrite_header Subject ***SPAM _Score_***
The tags are case sensisitve. _SCORE_ ...
--
Randomly Generated Tagline:
You guys are extremely inert today. - Prof. Brown
pgppz9dSK8vAl.pgp
Description:
The template tags webpage has:
---Paste---
_SCORE(PAD)_ message score, if PAD is included and is
either spaces or
zeroes, then pad scores with that many
spaces or zeroes
(default, none) ie: _SCORE(0)_ makes 2.4
become 02.4,
At 05:20 PM 12/8/2004, abusquets wrote:
How i can disable the spamassassin report.
I would like a Subject rewrite only, and not the report with original
email as attachment.
Thanks
read up on the report_safe option in man Mail::SpamAssassin::Conf.
59 matches
Mail list logo