> This was sent to me off-list. It's an interesting look at the
> implications of doing callbacks:
This is I think the same as the address verification of postfix.
At the postfix site there are big warnings about this, don't use it with
high traffic mailservers and you can be blacklisted by using
At 02:57 PM 1/19/2005, [EMAIL PROTECTED] wrote:
I am looking at adding some rulesets from SARE and we are planning on
putting them in the /usr/share/spamassassin directory (I know they get
overwritten when upgrading...). I don't see anywhere that spamassassin is
calling the sets in that directory,
Put your rules in /etc/mail/spamassassin
they wont get written over
> From: [EMAIL PROTECTED]
> Date: Wed, 19 Jan 2005 13:57:30 -0600
> To: users@spamassassin.apache.org
> Subject: newbie question about adding rules
>
> I am looking at adding some rulesets from SARE and we
Roger WJ Alterskjær wrote:
FYI, to anyone who runs into the same problem, there is a patched
version of qmail-scanner.pl that allow you to include SA-created
headers (plus other cool options not in the original):
http://xoomer.virgilio.it/j.toribio/qmail-scanner/READMEpatched.html
...or you could
I am looking at adding some rulesets from SARE and we are planning on
putting them in the /usr/share/spamassassin directory (I know they get
overwritten when upgrading...). I don't see anywhere that spamassassin is
calling the sets in that directory, which I believe is default? If I add
these new
Can’t see what I’m doing wrong.
I ran spamd like:
spamd -x -d -r /var/run/spamassassin.pid
--socketpath=/var/run/spamassassin.sock --sql-config
OR
spamd -d -r /var/run/spamassassin.pid
--socketpath=/var/run/spamassassin.sock --sql-config
spamc -x -c -U /var/run/spamassassin.sock
> There are a lot of RBLs queried by a default SA setup, check in the .cf
> files for details.
which cf file is this?
Frank M. Cook
Association Computer Services, Inc.
http://www.acsplus.com
Frank M. Cook wrote:
>> SA shouldn't have this problem. However, the larger issue of
>> whether or not any sort of SPAM filtering solution is considered
>> legal is my concern.
>
> this is an argument for simply rewriting the subject so that the user
> can decide whether to block the mail with l
> SA shouldn't have this problem. However, the larger issue of whether or
not
> any sort of SPAM filtering solution is considered legal is my concern.
this is an argument for simply rewriting the subject so that the user can
decide whether to block the mail with local rules, or not.
Frank M. Coo
At 01:31 PM 1/19/2005, [EMAIL PROTECTED] wrote:
Consequently I started to refuse mail from non authenticated senders using
local mail addresses.
It turned out soon that ebay sends valid mail, FROM a local address, TO
the same local address,
with an ebay HELO address - I had to create an exemption
Hi,
in an ISP setting there seem to be two cases where machines other than the
official
mail server send mails FROM a local address
- valid clients who send mails from their local system to the mailserver (and
authenticate in
one way or another to do so)
- spammers who believe that a forged loc
Joe K. wrote:
> Anyone know enough German (or is German) who can translate the
> ruling that's linked in the above article?
As I am lacking the time for a full translation: the core of the
ruling is that the university had, under German law, no right to
block all mail originating from or sent to
Leonard
know issue with sa 3.0x and spamc/spamd. Will ne Fixed with 3.10
work around is lower number of children allowed or apply following patches..
http://bugzilla.spamassassin.org/show_bug.cgi?id=3983
--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300
[EMAIL P
This is my first post here, and liable to be a doozie!
Running SA 3.0.2 with Sendmail 8.12.11,
hooked in with spamass-milter 0.2.0, all under Solaris 9. I also
have SPF-Milter installed from spf.pobox.com. SPF is the first milter,
SA is the second
in the sendmail.cf file.
Sendmail running onl
I had the same thought when initially setting up our system. Our
university has pretty strict rules regarding content-filtering. I got
around it by having SA tag spam (using X-Spam-Status, no subject
re-write), then a procmail in each users folder autmagically puts these
into a Spam-folder. All
>-Original Message-
>From: MIKE YRABEDRA [mailto:[EMAIL PROTECTED]
>Sent: Tuesday, January 18, 2005 8:22 PM
>To: SATalk
>Subject: Re: A good stats script?
>
>
>on 1/18/05 6:12 PM, MIKE YRABEDRA at [EMAIL PROTECTED] wrote:
>
>> What is a good script that folks are using to generate
This was sent to me off-list. It's an interesting look at the
implications of doing callbacks:
Rich Kulawiec wrote:
> If you wouldn't mind forwarding this back to the list (your message
> was forwarded to me off-list)...
>
> On Tue, Jan 18, 2005 at 09:25:18AM -0800, Kelson wrote:
>
>>Actually, I
>>From [EMAIL PROTECTED] Wed Jan 19 06:57:31 2005
>Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm
>..
>Subject: Re: (was Re: DIGEX) dnsreports.com/dnsstuff.com
>
>
>>A message (from <[EMAIL PROTECTED]>) was received at 19 Jan 2005
>>14:21:48 +.
>>
>>The following addresses had delivery
>>From [EMAIL PROTECTED] Wed Jan 19 06:22:05 2005
>Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm
>...
>List-Id:
>Delivered-To: mailing list users@spamassassin.apache.org
>...
>
>At 10:44 PM 1/18/2005, List Mail User wrote:
>> I don't know about digex, but dnsstuff.com is listed in
LOL FWIW, the site mentioned in my original post is still UP!!
After reading what verizon wireless did with the bluetooth cell phones(1),
I've pretty much given up hope that ANYONE in upper managment of any verizon
company has a clue!
--Chris
(1) http://www.nuclearelephant.com/papers/v710.html
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, January 19, 2005 9:06 AM
> To: Kang, Joseph S.
> Cc: users@spamassassin.apache.org
> Subject: Re: German court rules e-mail blocking 'illegal'.
>
>
> As far as i understood this is that mails must
Hi,
there is a pretty good summary linked within the article :
http://www.heise.de/english/newsticker/news/55210
This decision deals with filtering the email of a person who had left the
university and tried to stay in contact with his former co-workers. The
universitiy did not want thjis, and th
At 09:20 AM 1.19.2005 -0500, [EMAIL PROTECTED] wrote:
>Hey, on redhat/sendmail
>
>How do i split out the spamd log like you did?
>
I run FBSD Unix, but imagine Linux setup is similar. Here's how I did it:
1) modify /etc/syslog.conf to add a facility, like so:
# local2.* /var/log/spam
As far as i understood this is that mails must
get forwarded even if they are spam or not, there is only
one exception: virus mails, they are permitted to drop without
forwarding.
Spamassassin shouldnt have this problem unless you drop
the mails on a MTA level.
go
> Not sure how this w
A message (from <[EMAIL PROTECTED]>) was received at 19 Jan 2005
14:21:48 +.
The following addresses had delivery problems:
<[EMAIL PROTECTED]>
Permanent Failure:
554_Service_unavailable;[EMAIL PROTECTED];[EMAIL PROTECTED]
This explains much... about Plectere.com's intolerance of
Not sure how this will work itself out (or how old this story is) but it's
probably worth noting and keeping an eye on...
"The Higher Regional Court now has ruled that blocking email by content is
unlawful as it is considered confidential in German law. Blocking is only
allowed when, say, a viral
At 10:44 PM 1/18/2005, List Mail User wrote:
I don't know about digex, but dnsstuff.com is listed in SPEWS level 1
and level 2, completewhois.org and whois.rfc-ignnorant.org. BTW. I personally
don't trust anyone with a disconnected telephone number, and they seem to
probe my own address sp
At 07:11 AM 1/19/2005, [EMAIL PROTECTED] wrote:
hi all,
i guess i have a very odd but hopfeully easy question.. i searched the web
and the newsgroups as good as i could.. but may i use the wrong
searchwords then i beleive the answer is already somewhere.
i'm using sa 3.0 by injecting the mails via
At 05:55 AM 1.19.2005 -0500, Mike Yrabedra wrote:
>
>
>Jack,
>
>Thanks for the info. Where would I get this version of the script? Will it
>work on a regular spamd log?
>
Mike:
Yes, it works on a spamd log. In fact, I re-direct all spamd info to
/var/log/spamd.log and run the script against that p
hi all,
i guess i have a very odd but hopfeully easy question.. i searched the web
and the newsgroups as good as i could.. but may i use the wrong
searchwords then i beleive the answer is already somewhere.
i'm using sa 3.0 by injecting the mails via procmail to spamc.. the
configuration is store
Frank
you got a local cachine name server on the machine? That helps.
I also turn off alot of the pure RBL's and only use the URIRBL's by
adding this to my local.cf
# don't do all the RBL's just spamhause XBL
score __RCVD_IN_NJABL 0.0
score RCVD_IN_NJABL_DUL 0.0
score RCVD_IN_NJABL_MULTI 0.0
scor
Robert
theres a patch (well two actually) that help for 3.01 and 3.02 here
http://bugzilla.spamassassin.org/show_bug.cgi?id=3983
does alot of what the 3.10 will do - limits spawning of new processes.
--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300
[EMAIL PROTE
And now Verison is sending out spam to get people to join verison.com.
They are going into my black list at the procmail level ASAP except for
a VERY few verison addresses.
{`,'}A pissed off Joanne.
- Original Message -
From: "Martin Hepworth" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED
List:
I am not sure if this is the proper place for this question, so let me
apologize in advance and the put on my asbestos underwear
Is there any way to load more than just scores from SQL? Or flush
blacklists/whitelists from the prefs?
I am running SA inside of MimeDefang (MD). I have r
Using debug (spamd -D) i've found it takes a long time on URIDNSBL:
this is during startup:
debug: plugin: loading Mail::SpamAssassin::Plugin::URIDNSBL from @INC
debug: plugin: registered
Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x8a10224)
debug: plugin: loading Mail::SpamAssassin::Plugin::Hashca
--On Tuesday, January 18, 2005 11:38 PM -0500 Theo Van Dinter
<[EMAIL PROTECTED]> wrote:
Not very reliable though. They get most of the 400+ that work is
hosting on 1 IP, 0 of the 80+ on 3 other IPs, and only 2 of the 10+
I have on my personal server.
Check out the latest ntop (http://ntop.org).
At 12:10 AM 1/19/2005, jdow wrote:
I got a spam for an Acura dealer in Houston Tx from them.
They are not going to get ANY mail into my mailbox as a result.
The tone of their mail also indicated that they are arrogant pieces
of dog droppings. If Digex appears in the email they are boosted
to a rath
At 10:48 PM 1/18/2005, Vermyndax wrote:
I've had spam making it through SA 3.02 with the X-Antiabuse headers in
the mail. Anyone have any ideas on how to prevent minus scores on those
rule hits?
Care to be specific about which rule hit's you're talking about? AFAIK SA
does not have any rules th
At 10:52 PM 1/18/2005, Frank M. Cook wrote:
I recently upgraded from version 2 to 3 and my performance has gone to
pot. It may just be that I need a much stronger computer for this version
but I suspect it may be doing a lot of RBL checking. In version 2, I had
all net checking turned off in l
I got a spam for an Acura dealer in Houston Tx from them.
They are not going to get ANY mail into my mailbox as a result.
The tone of their mail also indicated that they are arrogant pieces
of dog droppings. If Digex appears in the email they are boosted
to a rather high number. They are NOT well
On Tue, Jan 18, 2005 at 08:27:50PM -0800, Justin Mason wrote:
> Determines which domains are vhosted at a given IP address.
Not very reliable though. They get most of the 400+ that work is
hosting on 1 IP, 0 of the 80+ on 3 other IPs, and only 2 of the 10+
I have on my personal server.
--
Rando
This tool has been abused is known (and blocked) by many spammers
(unfortunately).
Paul Shupak
P.S. It is still always worth a try though.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Determines which domains are vhosted at a given IP address.
e.g. "xanexMUNGED.com", at 200.139.97.122, gives:
http://whois.webhosting.info/200.139.97.122
200.139.97.122 - IP hosts 27 Total Domains ...
Showing 1 - 27 out of 27
Domain Nam
At 08:22 PM 1.18.2005 -0500, MIKE YRABEDRA wrote:
>on 1/18/05 6:12 PM, MIKE YRABEDRA at [EMAIL PROTECTED] wrote:
>
>> What is a good script that folks are using to generate SA stats off a mail
>> log?
>
>
>I am mainly looking for one that reports on the rulesets that are catching
>the spam too. I d
I recently upgraded from version 2 to 3 and my
performance has gone to pot. It may just be that I need a much stronger
computer for this version but I suspect it may be doing a lot of RBL
checking. In version 2, I had all net checking turned off in
local.cf. I think something is being che
I've had spam making it through SA 3.02 with the X-Antiabuse headers in
the mail. Anyone have any ideas on how to prevent minus scores on those
rule hits?
--JM
--
[EMAIL PROTECTED]
http://blogs.galaxycow.com/vermyndax
Because this E mail address is transmission exclusive use, message it
does n
>>From [EMAIL PROTECTED] Tue Jan 18 15:55:21 2005
>Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm
>Precedence: bulk
>...
From: Matt Kettler <[EMAIL PROTECTED]>
>...
>No listing in any blacklists:
>http://www.dnsstuff.com/tools/ip4r.ch?ip=164.109.26.27
>
I don't know about digex, but
I'm having a problem getting spamd to work properly as any other user but
root. I have it running as user "spamd" which I have created. I was originally
getting create errors for user_prefs for /root. I set my procmailrc file to
DROPPRIVS=yes and that cleared that as I had created a /home/spamd dur
Thanks for the response. Yes it is:
--max-conn-per-child=number
I set it to 20. Will see how it works. Default is 200. Thanks again for
the help. I will look into the upgrade to 3.0.2.
Thanks again!
Robert
> -m10 is 10 max children. In 3.x each child gets reused more than once
> before it is t
-m10 is 10 max children. In 3.x each child gets reused more than once
before it is thrown away to reduce overhead of startup/shutdown. However,
this has the drawback that if a child sucks up a lot of memory doing one
spam, it has that memory until it goes away. By default that is a pretty
long t
Are you referring to whats in the spamd line? Currently it is m10
Hmm I thought that was max con per child, so where do I edit that value?
Thanks
Robert
> 3.0.2 is better than 3.0.1 in this regard, so the first thing I'd do is
> upgrade.
>
> That may not be a complete solution, so if you are usi
3.0.2 is better than 3.0.1 in this regard, so the first thing I'd do is
upgrade.
That may not be a complete solution, so if you are using spamd, I'd
set ---max_con_per_child to something reasonably low, like 20..50 or so.
There are still a couple of things that can eat memory and already have bug
I seem to remember there was a problem or design feature where something
like Net::DNS was using about 4 file handles per URL that it looked up.
Must have been about 250 URLs in that spam, at a guess.
Personally, I'd be inclined to submit a bug. :-)
Loren
- Original Message -
F
At 08:37 PM 1/18/2005, [EMAIL PROTECTED] wrote:
BTW, it looks like bayes_90 has been deprecated. When I run a lint on my
local.cf, I get:
warning: score set for non-existent rule BAYES_90
Yes, several of the old ranges in 2.64 no longer exist.. For 3.x they
changed the ranging a bit, creating som
At 05:03 PM 1/18/2005, kalin mintchev wrote:
> At 03:50 AM 1/18/2005, kalin mintchev wrote:
>>spamassassin -D --lint test.txt
Ugh.. There's your problem.. I missed it the first time... Your command
line to spamassassin is bogus.
First, the spamassassin script does not accept filenames, it gets in
On Tue, 18 Jan 2005, MIKE YRABEDRA wrote:
> on 1/18/05 6:12 PM, MIKE YRABEDRA at [EMAIL PROTECTED] wrote:
>
> > What is a good script that folks are using to generate SA stats off a mail
> > log?
>
>
> I am mainly looking for one that reports on the rulesets that are catching
> the spam too. I
On Mon, 17 Jan 2005, Thomas Arend wrote:
> With network test enabled bayes scores lower. This is a problem when the
> network test don't fire when the spammer uses a new server. Therefore I have
> raised the bayes scores for bayes_99. I seldom get bayes_90 so I didn't raise
> the scores for bayes_
on 1/18/05 6:12 PM, MIKE YRABEDRA at [EMAIL PROTECTED] wrote:
> What is a good script that folks are using to generate SA stats off a mail
> log?
I am mainly looking for one that reports on the rulesets that are catching
the spam too. I don't think sa-stats.pl does that?
+
58 matches
Mail list logo
