On 10/2/06, Olivier Nicole [EMAIL PROTECTED] wrote:
Are you using smapc/spamd or plain spamassassin?
it is spamc/spamd..
OK, so it should be fast enough.
And I think there is a way to tell spamassassin to report what tests
actually take some time to execute, so you can see where you are
On Mon, 2 Oct 2006 01:16:00 +0200 [EMAIL PROTECTED] wrote:
On Mon, October 2, 2006 00:10, [EMAIL PROTECTED] wrote:
I will be out of the office starting 29/09/2006 and will not return until
08/10/2006.
this is usefull to know on maillists :-)
...
Better than his last vacation where the
On 10/2/06, John Andersen [EMAIL PROTECTED] wrote:
On Sunday 01 October 2006 06:39, Mike Kenny wrote:
Success in the sense that
spam is no longer entering our system. However it is still being
passed through.
Well stop being an open relay and problem solved.
I would have thought THAT would
Hi,
is there any plan or idea in trapping this too? Or even just trying to better
identify it?
Regards,
---
Giampaolo Tomassoni - IT Consultant
Piazza VIII Aprile 1948, 4
I-53044 Chiusi (SI) - Italy
Ph: +39-0578-21100
Giampaolo Tomassoni schrieb:
Hi,
is there any plan or idea in trapping this too? Or even just trying to better
identify it?
look for fuzzyocr, use the sare-rules from http://www.rulesemporium.com/
search the archives this has been discussed here recently ...
Regards,
Giampaolo Tomassoni schrieb:
Hi,
is there any plan or idea in trapping this too? Or even just
trying to better identify it?
look for fuzzyocr, use the sare-rules from http://www.rulesemporium.com/
search the archives this has been discussed here recently ...
Nah! Already discussed
David Ulevitch writes:
On Sep 30, 2006, at 3:30 AM, Justin Mason wrote:
David Ulevitch writes:
Donald,
We handle DNSBLs but not URIBLs, at the moment. Passing along to
Noah to see what he can do. Sorry you had this happen to your
SpamAssassin scoring. (Time to check mine... :-) )
You
I've got plugins that are running and if they are positive I really
don't need to run any more plugins.
Q. Do all plugins run against a message or can you configure things
so that one plugin aborts the running of others?
in my init.pre I have
# URIDNSBL - look up URLs found in the message
I'm a newbie to the list and have been scanning recent posts to see if
what I'm about to ask about has been covered but I haven't seen anything
yet.
Lately I have been getting more and more of the stock alert spam but now
all the good info is in an image and typically following the image is
Have been answered few threads ago and more... May be you didn't scan enough ^^
You can use FuzzyOCR module (But dont ask me how to use, I've never tried ^^)
-Message d'origine-
De : Dylan Bouterse [mailto:[EMAIL PROTECTED]
Envoyé : lundi 2 octobre 2006 15:38
À :
Dylan Bouterse wrote:
I'm a newbie to the list and have been scanning recent posts to see if
what I'm about to ask about has been covered but I haven't seen
anything yet.
Lately I have been getting more and more of the stock alert spam but
now all the good info is in an image and typically
I'm a newbie to the list and have been scanning recent posts to see if
what I'm about to ask about has been covered but I haven't seen anything
yet.
Lately I have been getting more and more of the stock alert spam but now
all the good info is in an image and typically following the image is
Robert Nicholson writes:
I've got plugins that are running and if they are positive I really
don't need to run any more plugins.
Q. Do all plugins run against a message or can you configure things
so that one plugin aborts the running of others?
in my init.pre I have
# URIDNSBL - look up
On Sun, 1 Oct 2006 23:28:29 -0700 (PDT), List Mail User
[EMAIL PROTECTED] opined:
On Mon, 2 Oct 2006 01:16:00 +0200 [EMAIL PROTECTED] wrote:
On Mon, October 2, 2006 00:10, [EMAIL PROTECTED] wrote:
I will be out of the office starting 29/09/2006 and will not
return until 08/10/2006.
this
-Original Message-
From: Bowie Bailey [mailto:[EMAIL PROTECTED]
Sent: Monday, October 02, 2006 9:46 AM
To: users@spamassassin.apache.org
Subject: RE: Stock spam in images
Dylan Bouterse wrote:
I'm a newbie to the list and have been scanning recent posts to see if
what I'm about to ask
...omissis...
How about the FuzzyOCR plugin? That has been discussed quite a bit
here recently.
http://wiki.apache.org/spamassassin/FuzzyOcrPlugin
--
Bowie
And, by the way, it seems to work!
Actually, the only limit I see is the own-made FuzzyOcr.words (and, maybe, the
fact that
Fabien GARZIANO wrote:
I've tried each but I got 'not listed in multi.surbl.org and
multi.surbl.com.
Here's the score and detail from spamassassin :
X-caliseo-MailScanner-SpamCheck: polluriel, SpamAssassin
(score=6.133,
requis 5.8, BAYES_00 -2.60, NO_REAL_NAME 0.01,
This has been covered so many times on this list.
1: if you're not on spamassassin 3.1.5 get it now, and run sa-update
(via a cron job daily, but test first with a manual sa-update -D)
2: pop over to http://www.rulesemporium.com and get an appropriate
selection of their rules, and configure
Giampaolo Tomassoni wrote:
And, by the way, it seems to work!
Actually, the only limit I see is the own-made FuzzyOcr.words
(and, maybe, the fact that script text may probably get
undetected). Wouldn't it be better to inject the detected
text back to SA? There should be enough variants
On Mon, Oct 02, 2006 at 03:18:58PM +0100, Randal, Phil wrote:
undetected). Wouldn't it be better to inject the detected
text back to SA? There should be enough variants of spam
worlds to let SA fuzzily catch the ones from images.
I think so. Some of the words would be perfectly
On Mon, Oct 02, 2006 at 03:18:58PM +0100, Randal, Phil wrote:
undetected). Wouldn't it be better to inject the detected
text back to SA? There should be enough variants of spam
worlds to let SA fuzzily catch the ones from images.
I think so. Some of the words would be perfectly
Too bad, cause I agree with Giampaolo, it would be great. What about making a
plugin including OCR components but instead of using inner dictionnary, passing
it back to spamassassin through the MTA... Yeah, I know, the load will increase
... But that would be nice ?
...
... Ok,I go back to
The reason I brought this up was because I've added timings to show how long my
filtering script takes to run and in come cases when the mail is spam it's 6-10
seconds or longer. Is that normal?
Quoting Justin Mason [EMAIL PROTECTED]:
Robert Nicholson writes:
I've got plugins that are
Theo Van Dinter wrote:
On Mon, Oct 02, 2006 at 03:18:58PM +0100, Randal, Phil wrote:
undetected). Wouldn't it be better to inject the detected
text back to SA? There should be enough variants of spam
worlds to let SA fuzzily catch the ones from images.
I think so. Some of the words would be
Stuart Johnston wrote:
Theo Van Dinter wrote:
On Mon, Oct 02, 2006 at 03:18:58PM +0100, Randal, Phil wrote:
undetected). Wouldn't it be better to inject the detected text back
to SA? There should be enough variants of spam worlds to let SA
fuzzily catch the ones from images.
I think so.
You'd need some clever rules...
As an example, the word stock is perfectly valid in emails, but if you
found it in an attached image you'd be pretty sure it was spam.
So you'd need two sets of rules anyhow.
It looks like SA 3.2 will let us do that in a sane manner.
Phil
--
Phil Randal
Network
Newbie is a derogatory term and to call yourself a newbie is like calling
yourself a moron(no offense).
From Wiki:
A newbie is a newcomer to a particular field, the term being commonly used
on the Internet, where it might refer to new, inexperienced, or ignorant
users of a game, a newsgroup, an
The real problem is the potentially fuzzy output from the ocr engine: shure all
the copies of the very same spam would be detected the same, but what about
slightly different copies? Would the use the sa force approach be feasible?
The use of String::Approx in fuzzyocr has shurely a meaning,
You'd need some clever rules...
As an example, the word stock is perfectly valid in emails, but if you
found it in an attached image you'd be pretty sure it was spam.
It would be perfectly valid in a, say, graph image too. SA is meant to work in
the overall message content. It is not that
I have a legitimate client that I receive e-mail from and
they are listed by Razor (sourceforge.net), among other things. Does any know
how to get someone off of Razors list? Any help would be appreciated.
Content analysis
details: (11.3 points, 4.9 required)
pts rule
name
Robert Swan wrote:
I have a legitimate client that I receive e-mail from and they are
listed by Razor (sourceforge.net), among other things. Does any know
how to get someone off of Razor's list? Any help would be
appreciated.
From the Razor2 FAQ:
Q: Razor has blacklisted my email address.
You could try telling the spammer (sorry, sender), to
fix their spamming (sorry, emailing) software.
Phil
--Phil RandalNetwork
EngineerHerefordshire CouncilHereford, UK
From: Robert Swan [mailto:[EMAIL PROTECTED]
Sent: 02 October 2006 17:57To: SpamAssassin
UsersSubject:
Robert Swan wrote:
I have a legitimate client that I receive e-mail from and they are
listed by Razor (sourceforge.net), among other things. Does any know how
to get someone off of Razor’s list? Any help would be appreciated.
Razor doesn't list senders. It analyzes the message body,
Robert Swan wrote:
I have a legitimate client that I receive e-mail from and they are
listed
by Razor (sourceforge.net), among other things. Does any know how to
get
someone off of Razor's list? Any help would be appreciated.
As has been pointed out, Razor does not have a list that they put
These guys are having lots of trouble sending email to people, they are
using an exchange 2003 server and are not listed on any SPAM database
anywhere, per.. http://www.dnsstuff.com/
Robert
Peace he would say instead of goodbyepeace my brother.
-Original Message-
From:
...omissis...
How about the FuzzyOCR plugin? That has been discussed quite a bit
here recently.
http://wiki.apache.org/spamassassin/FuzzyOcrPlugin
--
Bowie
And, by the way, it seems to work!
Actually, the only limit I see is the own-made FuzzyOcr.words
(and, maybe, the fact
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Theo Van Dinter wrote:
On Mon, Oct 02, 2006 at 03:18:58PM +0100, Randal, Phil wrote:
undetected). Wouldn't it be better to inject the detected
text back to SA? There should be enough variants of spam
worlds to let SA fuzzily catch the ones from
You can also do a razor-revoke on the message. It doesn't necessarily lower
the cf rating, but it's a vote none-the-less. :)
On Mon, Oct 02, 2006 at 06:22:27PM +0100, Randal, Phil wrote:
You could try telling the spammer (sorry, sender), to fix their spamming
(sorry, emailing) software.
Robert Swan wrote:
These guys are having lots of trouble sending email to people, they are
using an exchange 2003 server and are not listed on any SPAM database
anywhere, per.. http://www.dnsstuff.com/
Robert
They may be using an Exchange Server for actually forwarding emails out,
but it
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Randal, Phil wrote:
This has been covered so many times on this list.
1: if you're not on spamassassin 3.1.5 get it now, and run
sa-update (via a cron job daily, but test first with a manual
sa-update -D)
2: pop over to
On Mon, Oct 02, 2006 at 11:05:38AM -0500, Stuart Johnston wrote:
Would it also be possible to create a rule that matches on text rendered
specifically from a non-text part and not the whole body? That way you
You'd have to do that in a plugin, but otherwise, sure. There's currently no
Anyone else seen this one?
http://postmaster.info.aol.com/errors/554hvuip.html
Seems rather harsh, but probably quite effective.
Ken A.
Pacific.Net
On Mon, 2006-10-02 at 12:36 -0700, Ken A wrote:
Anyone else seen this one?
http://postmaster.info.aol.com/errors/554hvuip.html
Seems rather harsh, but probably quite effective.
As reported on the SPAM-L mailing list, this was an error on AOL's part.
According to AOL, they've removed the rule
Adam Lanier wrote:
On Mon, 2006-10-02 at 12:36 -0700, Ken A wrote:
Anyone else seen this one?
http://postmaster.info.aol.com/errors/554hvuip.html
Seems rather harsh, but probably quite effective.
As reported on the SPAM-L mailing list, this was an error on AOL's part.
According to AOL,
On Mon, 2006-10-02 at 12:52 -0700, Ken A wrote:
The web page says that it's a policy, not an error. Perhaps the rule
misfired and they backed it out, but it looks like they have every
intention of blocking URLs in email that consist of IPs rather than
hostnames.
Perhaps we're speaking
On Oct 2, 2006, at 3:52 PM, Ken A wrote:
The web page says that it's a policy, not an error. Perhaps the
rule misfired and they backed it out, but it looks like they have
every intention of blocking URLs in email that consist of IPs
rather than hostnames.
They most certainly do and have
Hello,
since the owner of that list does not reply to any mails looking for
help ( I have been registred here for several years under
Volker/[EMAIL PROTECTED], but my postings do not appear here anymore) I
had to set up a new account.
Following problem:
I am running SpamAssassin-3.1.5 under
I am a new user to
both pfSense and to SpamAssassin, but no stranger to networking,
etc.
I am running an
SMTP server behind a non-standard port, and just switched to using pfSense for
my firewall. It works fine with NAT forwarding.
pfSense supports
SpamAssassin as a plugin, but after
-Original Message-
From: Randal, Phil [mailto:[EMAIL PROTECTED]
Sent: Monday, October 02, 2006 3:58 AM
To: Dylan Bouterse; users@spamassassin.apache.org
Subject: RE: Stock spam in images
This has been covered so many times on this list.
1: if you're not on spamassassin 3.1.5
On Fri, September 29, 2006 19:59, Andreas Pettersson wrote:
It looks like you are listed in spamcop and apparently Comcast is
either using spamcop or they have their own list that is blocking you.
Comcast themselves are using a spam filter?
(Let me taste that line one more time...)
Comcast
On Tue, October 3, 2006 00:01, Gary V wrote:
For installing the ImageInfo plugin where do you put the ImageInfo.pm
without defining a path? Im running CentOS4.4 Fedora Core 5 as test
machines.
This should find your Plugin directory (which is where you place it):
find /usr -type d -name
On Mon, 2 Oct 2006 23:31:57 +0200 (CEST), you wrote:
On Fri, September 29, 2006 19:59, Andreas Pettersson wrote:
It looks like you are listed in spamcop and apparently Comcast is
either using spamcop or they have their own list that is blocking you.
Comcast themselves are using a spam
Keith S. Wiedemann wrote:
I am a new user to both pfSense and to SpamAssassin, but no stranger
to networking, etc.
I am running an SMTP server behind a non-standard port, and just
switched to using pfSense for my firewall. It works fine with NAT
forwarding.
pfSense supports
On Mon, October 2, 2006 18:57, Robert Swan wrote:
I have a legitimate client that I receive e-mail from and they are
listed by Razor (sourceforge.net), among other things. Does any know how
to get someone off of Razor's list? Any help would be appreciated.
54 matches
Mail list logo
