Gene Heskett wrote on Wed, 14 Dec 2005 23:56:33 -0500:
c:\spamassassin -D --lint
[15643] dbg: config: using /root/.spamassassin for user state dir
Bingo! So I'm not the only one with this ^%$#@@* problem.
You are
Matt Kettler [EMAIL PROTECTED] writes:
The last mass-checks for 3.1.0 gave it a S/O of about 0.980, but I'm
seeing more like 0.900 out of DCC at my site. Could just be the nature
of my site, but about a dozen common subscriber newsletters at my site
consistently hit it.
Which is why it is a
Dear all,
I have been trying to find a script which would allow me to copy data
from spamd logfile to MySQL database. It would be usefull, since then I
could provide datailed statistics to my users.
Does anybody know a way to do it or I will just have to write a small
script myself? Has anyone
At 11:56 PM 12/14/2005, Gene Heskett wrote:
Bingo! So I'm not the only one with this ^%$#@@* problem.
Now the question is, what the heck can we do about it?
That's NOT a problem. It's normal. SA *has* to start up in set 0, because
it hasn't parsed your config files yet!
Hello People,
when acl_check_data calls SA - at ACL section in exim-config - the
message is not modified by SA in fact, isn't it? I mean, none header
(like X-Spam-Status) or subject (***SPAM***) is added if the message is
a real spam.
Am I correct?!
Hi,
we get quite a few messages that have no Received: headers. These seem
to cause ALL_TRUSTED to fire (with a negative score of course), which
isn't exactly what I want. Any idea on how I should deal with this
correctly?
--
Jon Kvebaek [EMAIL PROTECTED]
Mobil: +47 992 19 829
Unanimiter et
-Original Message-
From: Jon Kvebaek [mailto:[EMAIL PROTECTED]
Sent: Thursday, December 15, 2005 9:04 AM
To: spamassassin-users@incubator.apache.org
Subject: Messages without received headers and ALL_TRUSTED
Hi,
we get quite a few messages that have no Received: headers.
These
On Thursday 15 December 2005 15:03, Jon Kvebaek wrote:
Hi,
we get quite a few messages that have no Received: headers. These seem
to cause ALL_TRUSTED to fire (with a negative score of course), which
isn't exactly what I want. Any idea on how I should deal with this
correctly?
How on earth
Jon Kvebaek wrote:
Hi,
we get quite a few messages that have no Received: headers. These seem
to cause ALL_TRUSTED to fire (with a negative score of course), which
isn't exactly what I want. Any idea on how I should deal with this
correctly?
What version of SpamAssassin? I know this was a
Dallas L. Engelken wrote:
score ALL_TRUSTED 0
Is what I do in local.cf...
I'd not recommend that practice. ALL_TRUSTED misfires are at least a good
warning flare that there's problems.
If the problem is a trust path issue, then that's your warning to fix it.
If the problem is
On Thu, Dec 15, 2005 at 03:16:22PM +, Duncan Hill wrote:
On Thursday 15 December 2005 15:03, Jon Kvebaek wrote:
Hi,
we get quite a few messages that have no Received: headers. These seem
to cause ALL_TRUSTED to fire (with a negative score of course), which
isn't exactly what I want.
Gene Heskett wrote:
[EMAIL PROTECTED] .spamassassin]# su spamd
[EMAIL PROTECTED] .spamassassin]$ ls
ls: .: Permission denied
[EMAIL PROTECTED] .spamassassin]$ pwd
/home/spamd/.spamassassin
Fortunately unix is protecting you from yourself here. Your effort
to give spamd rights to
Hello All,
I'm running SpamAssassin v3.1.0 on a Win2K server through a plugin
for our MTA. It is working and has been working just fine. I decided
to make an attempt at getting the bayes stored in a MySQL database
because of the increased CPU load with using DB_File. I have
-Original Message-
From: Matt Kettler [mailto:[EMAIL PROTECTED]
Sent: Thursday, December 15, 2005 9:32 AM
To: Dallas L. Engelken
Cc: spamassassin-users@incubator.apache.org
Subject: Re: Messages without received headers and ALL_TRUSTED
Dallas L. Engelken wrote:
score
Dallas L. Engelken wrote:
-Original Message-
From: Matt Kettler [mailto:[EMAIL PROTECTED]
Sent: Thursday, December 15, 2005 9:32 AM
To: Dallas L. Engelken
Cc: spamassassin-users@incubator.apache.org
Subject: Re: Messages without received headers and ALL_TRUSTED
Dallas L. Engelken wrote:
Posted this on the MailScanner Forum. I was told to post this also on
the SpamAssassin Forum. Hope this is the right forum
Brief History on OS I'm using.
FreeBSD 5.4
Perl 5.8.6
Installed MailScanner 4.44.6 and everything else using
Install-Clam-SA.tar.gz from
Gene Heskett wrote:
[snip]
But after yet another spamd restart, htop says it is still
running as root, but the messages log argues with that:
Dec 14 21:03:28 coyote su(pam_unix)[28992]: session opened for user
spamd by root(uid=0)
Dec 14 21:05:50 coyote su(pam_unix)[28992]: session closed
Duane Hill wrote on Thu, 15 Dec 2005 15:40:15 +:
[2068] dbg: bayes: unable to initialize database for unknown user, aborting!
First, make sure that your SA user exists by logging in with mysql command. If
that is successful, I think SA may be using a different user. I don't know how
your
Gene Heskett wrote on Thu, 15 Dec 2005 11:26:18 -0500:
But where then does it get the local.cf data?
From /etc/mail/spamassassin.
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
Duane Hill wrote:
Hello All,
I'm running SpamAssassin v3.1.0 on a Win2K server through a plugin
for our MTA. It is working and has been working just fine. I decided
to make an attempt at getting the bayes stored in a MySQL database
because of the increased CPU load with using
I have been trying to find a script which would allow me to copy data
from spamd logfile to MySQL database. It would be usefull, since then I
could provide datailed statistics to my users.
Does anybody know a way to do it or I will just have to write a small
script myself? Has anyone probably
If you do large volumes of email, expect to have a table with millions upon
millions of records, and slow access times :(
On 12/15/05 12:48 PM, Mike Jackson [EMAIL PROTECTED] wrote:
I have been trying to find a script which would allow me to copy data
from spamd logfile to MySQL database. It
On Wed, 2005-12-14 at 19:01 -0500, Matt Kettler wrote:
Note that phase 2 reflects the time in seconds to scan 2000 messages using
spamc. Mysql and SDBM are nearly 3 times faster at this.
Since sql is well-tested, that might be a better way for you to go. SDBM has
some issues.
I have
If you do large volumes of email, expect to have a table with millions
upon
millions of records, and slow access times :(
The altered script I'm using outputs spam/ham total summaries for each user,
and spam/ham message hits for each rule. In a properly built database, that
shouldn't be too
Ok, I gave it a shot..
This rule *does* work.
uri GEOCITIES /^http:\/\/[a-z0-9-]{1,30}\.geocities\.com\b/i
describe GEOCITIESHigh amounts of spam from Geocities.
score GEOCITIES 6.01
This rule does NOT work.
uri GEOCITIES_YAHOO
Jonathan Nichols wrote:
Ok, I gave it a shot..
This rule *does* work.
uri GEOCITIES /^http:\/\/[a-z0-9-]{1,30}\.geocities\.com\b/i
describe GEOCITIESHigh amounts of spam from Geocities.
score GEOCITIES 6.01
This rule does NOT work.
uri GEOCITIES_YAHOO
Quoting Matt Kettler [EMAIL PROTECTED]:
Jon Kvebaek wrote:
Hi,
we get quite a few messages that have no Received: headers. These
seem
to cause ALL_TRUSTED to fire (with a negative score of course),
which
isn't exactly what I want. Any idea on how I should deal with this
correctly?
Matt Kettler wrote:
Jonathan Nichols wrote:
Ok, I gave it a shot..
This rule *does* work.
uri GEOCITIES /^http:\/\/[a-z0-9-]{1,30}\.geocities\.com\b/i
describe GEOCITIESHigh amounts of spam from Geocities.
score GEOCITIES 6.01
This rule does NOT work.
uri
On Thursday, December 15, 2005 at 5:23:06 PM, [EMAIL PROTECTED] confabulated:
Duane Hill wrote:
Hello All,
I'm running SpamAssassin v3.1.0 on a Win2K server through a plugin
for our MTA. It is working and has been working just fine. I decided
to make an attempt at getting the bayes
Jon Kvebaek wrote:
Quoting Matt Kettler [EMAIL PROTECTED]:
Jon Kvebaek wrote:
Hi,
we get quite a few messages that have no Received: headers. These
seem
to cause ALL_TRUSTED to fire (with a negative score of course),
which
isn't exactly what I want. Any idea on how I should deal with
Jon Kvebaek wrote:
Quoting Matt Kettler [EMAIL PROTECTED]:
Jon Kvebaek wrote:
Hi,
we get quite a few messages that have no Received: headers. These
seem
to cause ALL_TRUSTED to fire (with a negative score of course),
which
isn't exactly what I want. Any idea on how I should deal with this
On 12/15/2005 06:09 pm, Jonathan Nichols wrote:
Ok, I gave it a shot..
This rule *does* work.
uri GEOCITIES /^http:\/\/[a-z0-9-]{1,30}\.geocities\.com\b/i
describe GEOCITIESHigh amounts of spam from Geocities.
score GEOCITIES 6.01
Have you tried the
I'm still not able to figure this out. I can find no reason why
SpamAssassin should be trying to create files in anybody's home
directory, but I'm still seeing this error logged every time spamd
processes a message:
spamd: mkdir /dev/null: File exists at ///Library/Perl/5.8.1/Mail/
I checked the headers, but there's no noted list-admin address for filing of
complaints at
There's a subscriber on this list who has a broken filter that auto-responds
with a potential junk warning notice sent to back the From: address for any
email containing the word geocities. It doesn't have
Have you tried the 70_sare_specific.cf filter? I am not sure it will catch
that specific problem but it catches spam with geocities and tripod url's for
me.
Yeah, I'm using that list. It's been great, but the *.br one kept
getting through.
I DID see THIS in there, though..
header
But that's not the format, there's nothing between the / and the geocities.
Try this regex instead:
/^http:\/\/geocities\.yahoo\.com\.br\b/i
Cool, I shall try that. Thanks! For some reason, I thought one had
www.geocities.yahoo.com.br in it, but I could be mistaken.
Since installing DomainKeys, I have been getting this error in my logs:
Can't locate Crypt/OpenSSL/Bignum.pm in @INC (@INC
contains: ../lib /usr/share/perl5 /etc/perl /usr/local/lib/perl/5.8.4
/usr/local/share/perl/5.8.4 /usr/lib/perl5 /usr/lib/perl/5.8
/usr/share/perl/5.8
Jonathan Nichols wrote:
But that's not the format, there's nothing between the / and the
geocities.
Try this regex instead:
/^http:\/\/geocities\.yahoo\.com\.br\b/i
Cool, I shall try that. Thanks! For some reason, I thought one had
www.geocities.yahoo.com.br in it, but I could be
Has this moved? Looks like a move error, but my config was update and
still and seems to download the recipes...getting a 302 'Found' message
from the web server and link works, but target says moved?
-- RANDOMVAL --
RULESET_NAME=RANDOMVAL
INDEX=11
Pollywog wrote:
Since installing DomainKeys, I have been getting this error in my logs:
Can't locate Crypt/OpenSSL/Bignum.pm in @INC (@INC
contains: ../lib /usr/share/perl5 /etc/perl /usr/local/lib/perl/5.8.4
/usr/local/share/perl/5.8.4 /usr/lib/perl5 /usr/lib/perl/5.8
Jonathan Nichols wrote:
But that's not the format, there's nothing between the / and the
geocities.
Try this regex instead:
/^http:\/\/geocities\.yahoo\.com\.br\b/i
Cool, I shall try that. Thanks! For some reason, I thought one had
www.geocities.yahoo.com.br in it, but I could be
Jonathan Nichols wrote:
Have you tried the 70_sare_specific.cf filter? I am not sure it will
catch that specific problem but it catches spam with geocities and
tripod url's for me.
Yeah, I'm using that list. It's been great, but the *.br one kept
getting through.
I DID see THIS in
Try this regex instead:
/^http:\/\/geocities\.yahoo\.com\.br\b/i
hahaha, this worked - and it tagged that broken autoresponder we've been
seeing.
boundary=--=ce94da72-0632-49d0-99bb-3f8c8149300b
X-Virus-Scanned: by amavisd-new at mailgate.pbp.net
X-Spam-Status: Yes, score=9.704
I have been having a few problems with DomainKeys esp in Postfix but
apparently its days are numbered and a successor is coming in the form of
DomainKeys Identified Mail. I will probably move Postfix back to its
previous configuration and have use of the DISCARD setting since DomainKeys
will
On Thu, Dec 15, 2005 at 11:22:49AM -0800, Michael Parker wrote:
Pollywog wrote:
Since installing DomainKeys, I have been getting this error in my logs:
Can't locate Crypt/OpenSSL/Bignum.pm in @INC (@INC
contains: ../lib /usr/share/perl5 /etc/perl /usr/local/lib/perl/5.8.4
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Pollywog writes:
I have been having a few problems with DomainKeys esp in Postfix but
apparently its days are numbered and a successor is coming in the form of
DomainKeys Identified Mail. I will probably move Postfix back to its
previous
On Dec 15, 2005, at 2:04 PM, Brian Kendig wrote:
I'm running spamd as spamd -d -x -u nobody, I've commented out
AWL from v310.pre, and I set bayes_auto_learn 0 so that it
shouldn't try to create a Bayes database. I have no idea why it
keeps complaining about not being able to create a
On Dec 15, 2005, at 2:08 PM, Matt Kettler wrote:
So who's the list-admin?
I believe this list follows convention, so sending mail to the
standard address
[EMAIL PROTECTED] should reach the right people.
Matt Kettler wrote on Thu, 15 Dec 2005 14:08:01 -0500:
There's a subscriber on this list who has a broken filter that auto-responds
And there are those who send out of office notices. I've stopped to complain
and just blacklist their organization at MTA level.
Kai
--
Kai Schätzl, Berlin,
On Dec 15, 2005, at 4:11 PM, Vivek Khera wrote:
On Dec 15, 2005, at 2:04 PM, Brian Kendig wrote:
I'm running spamd as spamd -d -x -u nobody, I've commented out
AWL from v310.pre, and I set bayes_auto_learn 0 so that it
shouldn't try to create a Bayes database. I have no idea why it
Brian Kendig wrote:
On Dec 15, 2005, at 4:11 PM, Vivek Khera wrote:
On Dec 15, 2005, at 2:04 PM, Brian Kendig wrote:
I'm running spamd as spamd -d -x -u nobody, I've commented out AWL
from v310.pre, and I set bayes_auto_learn 0 so that it shouldn't
try to create a Bayes database. I have
On Dec 15, 2005, at 4:39 PM, Brian Kendig wrote:
User nobody's home directory is /dev/null. Why is spamd 3.1.0
is trying to create anything there, and how do I prevent it from
trying to do so?
it is probably trying to create ~/.spamassassin/user_prefs. Not sure
how to make spamd not
On Dec 15, 2005, at 4:50 PM, Matt Kettler wrote:
SpamAssassin tools in general default to creating bayes and AWL
directories
relative to the current user's homedir.
I think this is a bug in SpamAssassin 3.1.0, because it didn't try to
create these directories in 3.0.4, and nothing I do in
I have been digging around and trying a variety of things, but I am
stumped on how to get spamassassin to log what emails it tags. I get
logs of the spamd server starting up and shutting down, btu not of
messgaes it rewrites (I have an email address set to be marked as spam
and I send from it to
Adam L wrote:
I have been digging around and trying a variety of things, but I am
stumped on how to get spamassassin to log what emails it tags. I get
logs of the spamd server starting up and shutting down, btu not of
messgaes it rewrites (I have an email address set to be marked as spam
and I
On Thursday 15 December 2005 16:50, Matt Kettler wrote:
Brian Kendig wrote:
On Dec 15, 2005, at 4:11 PM, Vivek Khera wrote:
On Dec 15, 2005, at 2:04 PM, Brian Kendig wrote:
I'm running spamd as spamd -d -x -u nobody, I've commented out
AWL from v310.pre, and I set bayes_auto_learn 0 so that
On Thursday 15 December 2005 11:59, Kai Schaetzl wrote:
Gene Heskett wrote on Thu, 15 Dec 2005 11:26:18 -0500:
But where then does it get the local.cf data?
From /etc/mail/spamassassin.
Kai
From another thread, I found the magic incantation to put
in /etc/mail/spamassassin/local.cf to fix the
I was planning on giving Yahoo! more time to correct their Geocities
Spam problem before I released my plugin to deal with it, but I've been
noticing a decline in the scores these mails are getting.
I also just found out that I have copies of this sort of spam going back
to at least December
Graham Murray wrote:
Matt Kettler [EMAIL PROTECTED] writes:
The last mass-checks for 3.1.0 gave it a S/O of about 0.980, but I'm
seeing more like 0.900 out of DCC at my site. Could just be the nature
of my site, but about a dozen common subscriber newsletters at my site
consistently hit it.
Hello Jonathan,
Thursday, December 15, 2005, 11:12:23 AM, you wrote:
Have you tried the 70_sare_specific.cf filter? I am not sure it will catch
that specific problem but it catches spam with geocities and tripod url's for
me.
JN Yeah, I'm using that list. It's been great, but the *.br one
I am getting a lot of wrist watch spam with links to web pages which
have
malodorous scripts embedded in them
a typical spam looks like this:
From: [EMAIL PROTECTED]
Subject: FW: Because you deserve something special watch-jewelry
Date: December 12, 2005 7:41:01 AM PST
To: [EMAIL
Hello JP,
Thursday, December 15, 2005, 8:37:10 PM, you wrote:
JK I am getting a lot of wrist watch spam with links to web pages which
JK have
JK malodorous scripts embedded in them
JK a typical spam looks like this:
Tests added to 70_sare_specific.cf in the last month should help catch
It seems SA is not using the SARE rulesets for me?
I see no mention of SARE in any of my tagged spam.
I have been using rules_du_jour and downloading current rulesets.
Any ideas why SA would not be using SARE rulesets?
63 matches
Mail list logo