Thanks Matt for this long explanation. I agree with the fact that you
should avoid raising rules score or think twice before doing it. A lot
of trouble may appear with a rule with a to high score. I got in trouble
at the beginning with that. I raised some scores very high (more than
20), and I
I want to use size of mail in a custom ruleset.
Can I get this as any parameter. Can someone please give me an example
Thanks
Ram
Hi,
Since upgrading our mail relay to solaris 10 and all the latest gratest
spamassassin / mimedefang / sendmail versions, i'm faced with curious
bayes db corruption happening after approx. 1 day:
i've got these parameters set: in sa-mimedefang.cf:
use_bayes 1
bayes_auto_learn 1
bayes_path
On Mon, 2006-10-09 at 11:43 -0400, Rob McEwen (PowerView Systems) wrote:
The last few weeks I have noted (angry users calling me by phone) that
the server is really slow.
Don't know for sure, but I suspect slower than usual Razor and/or DCC servers?
--Rob McEwen
I second that. Razor
Hello,
We use MDaemon mail server with SA. I wanted to block certain
recepient addresses from being receiving email. So I added this
address as blacklist_to in local.cf file. However this does not
seem to have any effect. Alt-n advised me to use this forum which
should hopefully provide a
I notice that a lot of images spam has a structure where in the source
the fake text is at the top and the image code is at the bottom but it
is made to appear so that the image is at the top and the text is at the
bottom. Seems to me that this should be something we could test for?
Hi list,
i want to bypass mails, so Amavis takes no effect by
receive e-mail from a special domain. In the file amavis.conf, i take the
option
read_hash(\%spam_lovers, /var/lib/amavis/spamlovers);
/var/lib/amavis/spamlovers:
[EMAIL PROTECTED] (one address per line)
But
Apache SpamAssassin 3.1.7 is now available! This is a maintenance
release of the 3.1.x branch.
Downloads will be available from:
http://spamassassin.apache.org/downloads.cgi?update=200610100328
Note that it may take a hour or two for mirrors to update.
The release files will also be
Matt Kettler wrote:
jdow wrote:
From: Derek Catanzaro [EMAIL PROTECTED]
Matt Kettler wrote:
Derek Catanzaro wrote:
I have been having issues with mail backing up on and off over the
past week. I am using MailScanner with SpamAssassin. This morning
for example, I
I am experimenting with mysql replication, and have done some research
on key collisions in the case of a 'load balancing' situation (live sql
servers running on each amavisd server), using either same mx weight, or
VRRP/CARP, heartbeat, virtual ip type setups. 'random' smtp connections
could hit
I am trying to get SpamD running with SpamAssassin 3.1.6 and Active Perl
5.8.8. I have carefully following the guidlines from -
http://wiki.apache.org/spamassassin/SpamdOnWindows
I now get the following error:
D:\IMailspamd
[2260] error: logger: syslog initialization failed
[2260] warn: logger:
Michael Scheidell wrote:
I am experimenting with mysql replication, and have done some research
on key collisions in the case of a 'load balancing' situation (live sql
servers running on each amavisd server), using either same mx weight, or
VRRP/CARP, heartbeat, virtual ip type setups.
[EMAIL PROTECTED] wrote:
Hi,
Since upgrading our mail relay to solaris 10 and all the latest gratest
spamassassin / mimedefang / sendmail versions, i'm faced with curious
bayes db corruption happening after approx. 1 day:
i've got these parameters set: in sa-mimedefang.cf:
use_bayes 1
Greetings, List!
I just upgraded from sa 3.1.3 to sa 3.1.6 and am having some weird
problems with sa-update that I've never seen before. It would seem that
my sys rules/default rules directory (/usr/share/spamassassin) is not
being loaded by sa-update's internal lint test, but that my site
From: Ben Lentz [mailto:[EMAIL PROTECTED]
Greetings, List!
I just upgraded from sa 3.1.3 to sa 3.1.6 and am having some weird
problems with sa-update that I've never seen before. It would seem
that
my sys rules/default rules directory (/usr/share/spamassassin) is not
being loaded by
Ben Lentz [EMAIL PROTECTED] writes:
So, as you might guess, I'm confused. sa-update was, to my knowledge,
working in 3.1.3, but with 3.1.6 it seems that it's having a tough
time finding my sys rules directory.
I apologize if I'm being thick about this, but any pointers and/or
enlightenment
Ben Lentz [EMAIL PROTECTED] writes:
So, as you might guess, I'm confused. sa-update was, to my knowledge,
working in 3.1.3, but with 3.1.6 it seems that it's having a tough
time finding my sys rules directory.
I apologize if I'm being thick about this, but any pointers and/or
Komandur N Kannan wrote:
Hello,
We use MDaemon mail server with SA. I wanted to block certain
recepient addresses from being receiving email. So I added this
address as blacklist_to in local.cf file. However this does not seem
to have any effect. Alt-n advised me to use this forum which
On Tue, October 10, 2006 12:38 am, Steve Lake said:
Ok, I've got several pesky problems that won't go away and I need some
help. On some emails it automatically flags some as ham and says
autolearn=ham and others that say autolearn=no. I'm guessing that
the autolearn feature isn't always
I'm sure someone will find this useful:
http://sb.google.com/safebrowsing/update?version=goog-white-domain:1:-1
found via http://blog.outer-court.com/forum/67024.html ,
--j.
On Tue, Oct 10, 2006 at 12:39:16PM +0530, Ramprasad wrote:
I want to use size of mail in a custom ruleset.
Can I get this as any parameter. Can someone please give me an example
You'd have to define size of a mail (the whole mail? headers? body?
decoded body? rendered body? text/non-text?)
Not until secnap.com and jmason.org are in there :-)
Greetings
I was looking for specifics in subscribing to this list...
So I looked at the webpages and nothing tells me specifically how, that I
might share it on another list where people are asking questions that should
possibly be asked here.
Can someone fix the looping webpages between
Hi,
Email Lists wrote:
Greetings
I was looking for specifics in subscribing to this list...
So I looked at the webpages and nothing tells me specifically how, that I
might share it on another list where people are asking questions that should
possibly be asked here.
Can someone fix the
If anyone's curious, I did some followup research on the ideas below
and found them to be, generally, totally unfeasable.
I downloaded the TREC corpus and generated a list of words that
commonly appeared in spam. I used the top 1000 most common words of
greater than four letters in the TREC spam
Hi
I have upgraded my spamassassin to version 3.1.7 and after the restart
of the process I have saw an increment of the use of the ram.
I use the default rules of the spamassassin and the following rules:
53K Apr 20 11:00 70_sare_adult.cf
3.8K Jun 2 2005 70_sare_bayes_poison_nxm.cf
24K
Help,
I recently moved my hosting from Dreamhost.com to
Hostmonster.com. When I was at Dreamhost, I was able to load a local
copy of SpamAssassin and configure it to use Bayesian and DNS
filtering which worked wonderfully well. Now at Hostmonster, they
have version 3.1.4 installed but I do
4.7M Oct 10 03:00 blacklist-uri.cf
Remove this and use URI blacklists instead. Notice how this rule's size is
orders of magnitude greater than any of the others you listed? Same goes for
its RAM footprint.
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
...Life is not a journey to the
hi Chris --
Sorry to hear it didn't work out -- but thanks for the great analysis!
--j.
Chris St. Pierre writes:
If anyone's curious, I did some followup research on the ideas below
and found them to be, generally, totally unfeasable.
I downloaded the TREC corpus and generated a list of
Hello list,
I use a mailrelay with postfix, amavis-new 2.3.3 and spamassassin.
Is it possible that amavis add a X-Spam-Flag for every time that the mail
goes through it? Usally amavis will overwrite the X-Spam-Flag if the mail
passes amavis a second time. But I need a second X-Spam-Flag.
Know
I've try it, but now I've the follow use:
Tasks: 83 total, 2 running, 81 sleeping, 0 stopped, 0 zombie
Cpu0 : 0.0% user, 1.3% system, 1.7% nice, 97.0% idle
Cpu1 : 0.0% user, 1.3% system, 0.0% nice, 98.7% idle
Cpu2 : 0.0% user, 0.0% system, 1.3% nice, 98.7% idle
-
- What is wrong with the following instructions taken from :
-
- http://wiki.apache.org/spamassassin/MailingLists
-
- Subscription: send mail to users-subscribe -at- spamassassin.apache.org
- Unsubscribe: send mail to users-unsubscribe -at- spamassassin.apache.org
-
-
- --
- Anthony Peacock
Evan Platt wrote:
At 12:58 PM 10/9/2006, you wrote:
Network tests are definitely missing. There are two ways to turn
off network tests. The first is with the '-L' option to spamd. The
second is with config options in local.cf. Using the config options
should affect both spamd and
Marc Perkel wrote:
I notice that a lot of images spam has a structure where in the source
the fake text is at the top and the image code is at the bottom but it
is made to appear so that the image is at the top and the text is at
the bottom. Seems to me that this should be something we could
Just out of curiosity, is there a reason why the updates on the
rulesmporium rules have dropped so drastically lately? I understand
that the authors all have other things to do, and I am EXTREMELY
GRATEFUL for all their hard work. I was just wondering if there were
any other reasons.
Hi,
I'm installing the new spamassassin 3.1.7 on an SGI (IRIX 64 version 6.5).
I ran into a problem running 'make' on the distribution. Where make would
not properly create the first file file (Dns.pm, I believe). Using GNU's
make instead of SGI's make alleviated the problem. Don't know if
At 06:14 10-10-2006, Michael Scheidell wrote:
I am experimenting with mysql replication, and have done some research
on key collisions in the case of a 'load balancing' situation (live sql
[snip]
My concern is over use of SERIAL keys in amavisd-new tables, vs
AUTO_INCREMENT keys.
(are
Another issue may be AWL files, (I suppose a spamassassin question
also?). Every 'new' ip/email incoming will create a new PRIMARY KEY
(username,email,ip). If two connections, one on each box, first one
wins, replication stops and you need to manually issue a bunch of
commands to skip
Hi everyone, I am trying to setup a SPAM server to process
incoming email and then send it back to the original sender.
I have setup Spamassassin and Postfix (latest version), and
they are working great. I am trying to figure out how to get Postfix to
automatically send the processed
Hi
everyone, I am trying to setup a SPAM server to process incoming email and
then send it back to the original sender.
You are going to do a spam server yourself: often the
source e-mailis forged or is the somebody else's
account...
Spam messages often ask the user to click
hello list:
I just set up a box who is:
FreeBSD 6.1
Perl 5.8.7
Spamassassin 3.1.6
and when I: spamassassin -D --lint, I get the following:
[67350] dbg: plugin: loading Mail::SpamAssassin::Plugin::URIDNSBL from @INC
[67350] dbg: plugin: registered
I am trying to setup a SPAM server to test
e-mail servers, whether they are setup correctly or not..we do mail server
setups on a pretty large scale and am looking to test the servers once they are
built and installed.
Robert
Peace he would say instead of
Wait...what?
You want to setup
a server that sends spam?
Why not just make
an email address, stick it on the usenet and post to a few sites, have it get
normal spam, and just test that one address?
Thanks,
Chris Santerre SysAdmin and Spamfighter www.rulesemporium.com www.uribl.com
I am trying to setup
a SPAM server to test e-mail servers, whether they are setup correctly or
not..we do mail server setups on a pretty large scale and am looking to test
the servers once they are built and installed.
Robert
Isn't it better to havea
daily excerpt of
Title: RE: Rulesemporium rules
-Original Message-
From: Joe Zitnik [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 10, 2006 1:39 PM
To: users@spamassassin.apache.org
Subject: Rulesemporium rules
Just out of curiosity, is there a reason why the updates on the
OMG, listen.
We setup regular mail server for companies
(mostly exchange servers). Once we setup the mail server I want to send an
e-mail from that new mail server to [EMAIL PROTECTED].
I want that email run through all the Spamassasin tests then sent back to me with
all the rules that
A simple no would have sufficed.
On 10/10/2006 at 4:25 PM, Chris Santerre
[EMAIL PROTECTED]
wrote:
-Original Message-
From: Joe Zitnik [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 10, 2006 1:39 PM
To: users@spamassassin.apache.org
Subject: Rulesemporium rules
Just out
Joe Zitnik wrote:
A simple no would have sufficed.
It wouldn't have been as amusing though :)
--
Mr Michele Neylon
Blacknight Solutions
Quality Business Hosting Colocation
http://www.blacknight.ie/
Tel. 1850 927 280
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Fax. +353 (0) 59
Toll, Eric wrote:
hello list:
I just set up a box who is:
FreeBSD 6.1
Perl 5.8.7
Spamassassin 3.1.6
and when I: spamassassin -D --lint, I get the following:
[67350] dbg: plugin: loading Mail::SpamAssassin::Plugin::URIDNSBL from @INC
[67350] dbg: plugin: registered
So, what is so hard about that? Just setup a
server with SA, then $sa_tag_level_deflt = -100.0;
Then pop out your emails to yourself.
From: Robert Swan [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 10, 2006 4:32 PMTo: SpamAssassin
UsersSubject: RE: Ideas
OMG,
Title: RE: Rulesemporium rules
Joe Zitnik wrote:
A simple no would have sufficed.
It wouldn't have been as amusing though :)
LOL, Joe don't get upset. You obviously haven't seen enough of my posts to know what I'm like. :)
We have been testing new stuff all the time. There just
Robert Swan wrote:
Once we setup the mail server I want to send an e-mail from that
new mail server to [EMAIL PROTECTED] I want that email
run through all the Spamassasin tests then sent back to me with all
the rules that were triggered etc in the body..
Then mail sent to [EMAIL PROTECTED]
10) Making top ten lists.
Hilarious. Can I subscribe to those top ten lists with RDJ?
CONFIDENTIALITY NOTICE:
This email message, including any attachments, is for the sole use of the
intended recipient(s) and may contain confidential and privileged information.
Any unauthorized review,
Well
that makes more sense. This really doesn't have anything to do with the servers
you are setting up. Its just a simple SA server that scans and you check the
account (or forward to yourself.).
Just setup a
simple server with SA. Turn reporting on. No biggie.
--Chris
-Original
OMG,
listen.
We setup regular mail
server for companies (mostly exchange servers). Once we setup the mail server
I want to send an e-mail from that new mail server to [EMAIL PROTECTED]. I
want that email run through all the Spamassasin tests then sent back to me
with
Joe Zitnik wrote:
A simple no would have sufficed.
But I so enjoyed the answer. What was the question again?
DAve
On 10/10/2006 at 4:25 PM, Chris Santerre
[EMAIL PROTECTED]
wrote:
-Original Message-
From: Joe Zitnik [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 10, 2006
this domain and SPAM server would be used only for this purpose
If it's on the Internet, you cannot guarantee this. Spammers and other
evildoers are constantly scanning for abusable servers. It will be
found quickly, and as soon as someone finds out how to abuse it, it will
be abused.
Giampaolo Tomassoni wrote:
Yes, right. But the abuser would simply forward an a-mail with sa
scores to the fake originator of the triggering e-mail. I think that
would be mostly useless to spammers.
To spammers, probably not. To mailbombers and other ne'er-do-wells,
it's perfect.
Also, if
On Tue, Oct 10, 2006 at 04:31:54PM -0400, Robert Swan wrote:
OMG, listen.
We setup regular mail server for companies (mostly exchange servers).
Once we setup the mail server I want to send an e-mail from that new
mail server to [EMAIL PROTECTED] I want that email run
through
On Oct 10, 2006, at 4:53 PM, Clifton Royston wrote:On Tue, Oct 10, 2006 at 04:31:54PM -0400, Robert Swan wrote: OMG, listen. We setup regular mail server for companies (mostly exchange servers). Once we setup the mail server I want to send an e-mail from that new mail server to [1][EMAIL
As I was manually going through my spamfolder this evening I ran across a
message from my son that was tagged as spam. I have a manual whitelist .cf
file in /etc/mail/spamassassin and he is in the whitelist:
whitelist_from Brian Pollock [EMAIL PROTECTED]
The from message header shows I've
-Original Message-
From: Giampaolo Tomassoni [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 10, 2006 3:25 PM
To: Michael Scheidell; SpamAssassin Users List
Subject: R: Auto_increment vs SERIAL key types
Of course, the underlying sql engine has to support views
(5.0, but I use
On Tue, Oct 10, 2006 at 09:03:08PM -0500, Chris wrote:
whitelist_fromBrian Pollock [EMAIL PROTECTED]
whitelist_from (which you generally should avoid using) takes email addresses.
SA won't parse the above line to get the email address out.
The from message header shows I've entered the
-Original Message-
From: SM [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 10, 2006 2:08 PM
To: SpamAssassin Users List
Subject: Re: Auto_increment vs SERIAL key types
At 06:14 10-10-2006, Michael Scheidell wrote:
I am experimenting with mysql replication, and have done
Chris wrote:
Was it not checked because of the syntax of the whitelist_from?
Yes, it's invalid to put anything but an email address after
whitelist_from. The Brian Pollock part is unacceptable.
whitelist_fromBrian Pollock [EMAIL PROTECTED]
vs
whitelist_from [EMAIL PROTECTED]
On Tuesday 10 October 2006 9:15 pm, Matt Kettler wrote:
Chris wrote:
Was it not checked because of the syntax of the whitelist_from?
Yes, it's invalid to put anything but an email address after
whitelist_from. The Brian Pollock part is unacceptable.
whitelist_from Brian Pollock
Ok, how funny is this?
Using the SA RFC checks, (specifically 50_scores.cf:score
DNS_FROM_RFC_WHOIS 0 0.879 0 1.447)
Cert themselves are blacklisted.
(well, it looks like ANY .gov is blacklisted) Sorry guys and gals, we
won't be getting that much 'important information for voters' this next
Chris wrote:
On Tuesday 10 October 2006 9:15 pm, Matt Kettler wrote:
Chris wrote:
Was it not checked because of the syntax of the whitelist_from?
Yes, it's invalid to put anything but an email address after
whitelist_from. The Brian Pollock part is unacceptable.
On Tuesday 10 October 2006 9:46 pm, Matt Kettler wrote:
Chris wrote:
On Tuesday 10 October 2006 9:15 pm, Matt Kettler wrote:
Chris wrote:
Was it not checked because of the syntax of the whitelist_from?
Yes, it's invalid to put anything but an email address after
whitelist_from. The
Just out of curiosity, is there a reason why the updates on the
rulesmporium rules have dropped so drastically lately? I understand
that the authors all have other things to do, and I am EXTREMELY
GRATEFUL for all their hard work. I was just wondering if there were
any other reasons.
Nope,
Sooner or later (even by random blasting) some spammer is going to send
mail to the thing, most probably with a forged From address. Then you will
send that as blowback (quite possibly appropriately tagged as spam) back to the
sucker that owns the From address. Not a real good thing to do.
Chris wrote:
On Tuesday 10 October 2006 9:46 pm, Matt Kettler wrote:
Yes, whitelist_from_rcvd is a significantly better command to use. It
takes two parameters, the email address, and part of a RDNS lookup of a
host that delivered the mail.
ie:
whitelist_from_rcvd [EMAIL PROTECTED]
Yes, right. But the abuser would simply forward an a-mail with sa scores
to the fake
originator of the triggering e-mail. I think that would be mostly useless
to spammers.
Also, if the '[EMAIL PROTECTED]' address is not too widely disclosed, there
shouldn't be
chance. Finally, if it becames to
Chris, thanks for your detailed analysis!
Please don't be discouraged, as you're generally on the right track,
you just need to do some fine tuning.
Since last spring, I've been running some word tests that include
something similar to the obfuscation approach you've described, and
have had good
If you do that you will get mugged, I promise. All you have to do is
bounce one to me and I'll crawl through the Ethernet cables, the
fiber optics, and all that crap so I can rip your throat out with
my bare teeth.
I hope that conveys the depths of depravity involved in the setup
you are
From: Giampaolo Tomassoni [EMAIL PROTECTED]
OMG, listen.
We setup regular mail server for companies (mostly exchange servers). Once
we setup the mail server I want to send an e-mail from that new mail server
to [EMAIL PROTECTED] I want that email run through all the
Spamassasin tests then
I've been waiting for anyone else to bring it up - but no-one has.
If Spamhaus lose this lawsuit (which they are ignoring as they are
UK-based and this is some judge in Chicago), they may very well lose
their .ORG domain - which would have a rather large impact on our
Antispam scores for a
Jason Haar wrote:
I've been waiting for anyone else to bring it up - but no-one has.
If Spamhaus lose this lawsuit (which they are ignoring as they are
UK-based and this is some judge in Chicago), they may very well lose
their .ORG domain - which would have a rather large impact on our
Antispam
Give Chris a break - sometimes we ALL just feel silly and have to vent.
{^_-}
- Original Message -
From: Joe Zitnik [EMAIL PROTECTED]
A simple no would have sufficed.
On 10/10/2006 at 4:25 PM, Chris Santerre
[EMAIL PROTECTED]
wrote:
-Original Message-
From: Joe Zitnik
On Tue, Oct 10, 2006 at 04:43:58PM -0400, Dan Horne wrote:
10) Making top ten lists.
Hilarious. Can I subscribe to those top ten lists with RDJ?
Are they going to be licensed with the Apache license?
/me ducks
--
Duncan Findlay
pgpbI5yKn40MO.pgp
Description: PGP signature
Hello,
I have sent before about compile error at AMD(x86_64) based system.
But this problem doesn't solve...
Anyone who succeed to install and execute SA this system?
## below is my system
linux kernel 2.6.x (centos 3.x or 4.x)
CPU : AMD opteron
perl : v5.8.5 or v5.8.0
All required perl
81 matches
Mail list logo