Hi
can anyone help me with this?
I think its the archive::tar which makes problems,
so i installed a newer version, but the error remains...
[23086] dbg: channel: populating temp content file
[23086] dbg: channel: file verification passed, testing update
[23086] dbg: channel: extracting archive
John Rudd schrieb:
In the past, turning off a rule was supposed to be as simple as setting
its score to zero. Is that no longer the case? I set a rule to zero,
and it's still showing up in my logs (but it looks like the value is
correctly being recorded as zero, so it's not affecting my
John Rudd writes:
In the past, turning off a rule was supposed to be as simple as setting
its score to zero. Is that no longer the case? I set a rule to zero,
and it's still showing up in my logs (but it looks like the value is
correctly being recorded as zero, so it's not affecting
Hi all!
What you suggest would be best method to whitelist logcheck mails?:
A sniplet of a quarantined message:
Return-Path: [EMAIL PROTECTED]
Delivered-To: spam-quarantine
X-Envelope-From: [EMAIL PROTECTED]
X-Envelope-To: [EMAIL PROTECTED]
X-Quarantine-ID: 1JtIvtWCm2i6
X-Spam-Flag: YES
Matthias Haegele wrote:
Hi all!
What you suggest would be best method to whitelist logcheck mails?:
[snip]
I considered putting [EMAIL PROTECTED] in whitelist but i am not sure if it
is the only possible (and really good) solution?
How about:
whitelist_from_rcvd [EMAIL PROTECTED]
Jonathan Armitage wrote:
Provided it is possible with your MTA, you could consider rejecting
such email at that level, thus relieving SA of the burden of having to
scan it at all.
This is easy in Exim, but I don't know if other mailers can do the
same thing.
In postfix, a header or a body
Hi
can anyone help me with this?
I think its the archive::tar which makes problems,
so i installed a newer version, but the error remains...
[23086] dbg: channel: populating temp content file
[23086] dbg: channel: file verification passed, testing update
[23086] dbg: channel: extracting
It won't install:
Test Summary Report
---
t/02_methods.t(Wstat: 65280 Tests: 252 Failed: 65)
Failed test number(s): 18-25, 71-72, 74-75, 77-80, 82-83, 92-97
105, 110-117, 123-125, 151-154, 162, 167-168
186-189, 195-197, 214-217, 225,
-BEGIN PGP SIGNED MESSAGE-
I have an odd problem. I have a user receiving spam from something like
[EMAIL PROTECTED] Since he does business with verybigcompany.com,
he had them in his white list, and as expected, the spam slipped through.
Based on the advice I got in this newsgroup, I
On Wed, 05 Dec 2007 20:36:22 -0500, John D. Hardin [EMAIL PROTECTED]
wrote:
On Wed, 5 Dec 2007, Paul Griffith wrote:
I guess I could write rules that verify a valid .tex and .bib
document and then assign a minus score, it would be better if
e-mail clients actually send attachments as true
It works now. Qmail-scanner uses fast-spamassassin as default configuration
and this does not rewrite the subject header. I regenerate the
qmail-scanner.pl file with the --scanners verbose-spamassassin and it starts
to tag messages immediately.
Douglas Marcel dos
On Wed, 05 Dec 2007 21:33:49 -0500, Olivier Nicole [EMAIL PROTECTED] wrote:
Hi
I guess I could write rules that verify a valid .tex and .bib document
and
then assign a minus score,
Except trying to run the document through LaTeX, I cannot see how you
can realy verify the validity.
Let
On Thu, Dec 06, 2007 at 09:30:34AM +, Justin Mason wrote:
if that doesn't work, it's a bug; please report it at the Bugzilla.
... assuming that the local.cf file is actually being read and doesn't have an
error causing the parsing of the file to fail. :)
--
Randomly Selected Tagline:
Now
Theo Van Dinter wrote:
On Thu, Dec 06, 2007 at 09:30:34AM +, Justin Mason wrote:
if that doesn't work, it's a bug; please report it at the Bugzilla.
... assuming that the local.cf file is actually being read and doesn't have an
error causing the parsing of the file to fail. :)
That
Some time ago (and more than once) there have been discussions on this list
about email containing hyperlinks where the link text is a URL that doesn't
match the URL in the link HREF, and the pros and cons of testing for and
scoring these mismatched links. My management has raised this issue.
Rosenbaum, Larry M. wrote:
Some time ago (and more than once) there have been discussions on this
list about email containing hyperlinks where the link text is a URL that
doesn’t match the URL in the link HREF, and the pros and cons of testing
for and scoring these mismatched links. My
On Thu, 6 Dec 2007, DAve wrote:
I would think if you scored based on mismatched URLs you would tag
the same messages incorrectly.
You could mitigate that bby using it in a meta along with rules that
hit on phishing-like text, and leave the score for a single mismatched
URL low, like 0.1 or so.
Randal, Phil wrote:
Unfortunately, people who should know better (e.g. McAfee) do this all
the time.
There'd have to be a huge whitelist of safe URLs to make this workable.
We use MailScanner, which has this sort of phishing detection built
in, flagging suspicious links.
Cheers,
Phil
On 12/3/07 11:14 AM, Justin Mason [EMAIL PROTECTED] wrote:
Have you considered turning off autolearn to reduce the number of writes?
That is where I am at now. Whether with a database or DBM, I have scaling
and concurrency problems. I am also having problems with expire failing in
both -
On Thu, 6 Dec 2007, Wes wrote:
We're going to switch to all-manual learning and hopefully
convince enough users to send in spam and false positives to train
it well. Sufficient participation is a big question, but appears
to be the only viable option at this point.
That could be automated
John Rudd wrote:
The score is
correctly being set to 0, but the rule is still showing up in the list
of triggered rules.
What happens when a zero score rule (not named __.*) is used in a
meta rule?
Regards
/Jonas
--
Jonas Eckerman, FSDB Fruktträdet
http://whatever.frukt.org/
The URL mismatch that seemed like a sure thing to us was showing the
reader https but really linking to http!
Believe it or not major financial institutions send mail with these
fraudulent (I would say) links. Very sad.
OK, well, then say as long as the https and http links go to the
same
Unfortunately, people who should know better (e.g. McAfee) do this all
the time.
There'd have to be a huge whitelist of safe URLs to make this workable.
We use MailScanner, which has this sort of phishing detection built in,
flagging suspicious links.
Cheers,
Phil
--
Phil Randal
Network
FYI-Cloudmark the anti-spam solutions provider that protects over 300 million
mail boxes worldwide has a position open for a Sales Engineer that will be
focused on supporting Apache customers running the Cloudmark Authority
plugin for Spam Assasin. This is a great opportunity to help rid the
On Thu, Dec 06, 2007 at 07:56:30PM +0100, Jonas Eckerman wrote:
What happens when a zero score rule (not named __.*) is used in a
meta rule?
There's no difference between those two things.
--
Randomly Selected Tagline:
Accident, n.:
A condition in which presence of mind is good, but
On Thu, Dec 06, 2007 at 11:52:30AM -0500, Rosenbaum, Larry M. wrote:
Some time ago (and more than once) there have been discussions on this list
about email containing hyperlinks where the link text is a URL that doesn't
match the URL in the link HREF, and the pros and cons of testing for and
On Thu, Dec 06, 2007 at 09:12:44AM -0800, John Rudd wrote:
That wouldn't cause the score to actually be 0 though. The score is
correctly being set to 0, but the rule is still showing up in the list
of triggered rules.
Are you sure it's 0 and not 0.001 or something else small and non-zero?
On Sat, Dec 01, 2007 at 10:30:11PM +0800, [EMAIL PROTECTED] wrote:
Many spam messages with a .zip attachment in them.
How do you stop it in SA rules?
Block mails w/ zip attachments at your MTA.
Otherwise you could write a mimeheader rule to look for those filenames.
pgp39d1lYLKqm.pgp
try this:
perl -MCPAN -e 'notest force install Archive::Tar'
no warranty that this will not cause any problems with Archive::Tar at
some point later. I remember your spamassassin --lint -D saying that it
found Archive::Tar, so I guess there is an install of this module on your
box. However
Anyway, Mail::SpamAssassin::Conf should admit that it doesn't mention
What if I hate a specific language, people, culture. Is there e.g., a
not_ok_locales?
Don't put the answer here, put it on Mail::SpamAssassin::Conf, even if
the answer is that there is no answer. Thank you.
John Rudd wrote:
Theo Van Dinter wrote:
On Thu, Dec 06, 2007 at 09:30:34AM +, Justin Mason wrote:
if that doesn't work, it's a bug; please report it at the Bugzilla.
... assuming that the local.cf file is actually being read and doesn't
have an
error causing the parsing of the file to
Jack Gostl wrote:
I have an odd problem. I have a user receiving spam from something like
[EMAIL PROTECTED] Since he does business with verybigcompany.com,
he had them in his white list, and as expected, the spam slipped through.
Based on the advice I got in this newsgroup, I changed him from
Matt Kettler wrote:
Jack Gostl wrote:
I have an odd problem. I have a user receiving spam from something like
[EMAIL PROTECTED] Since he does business with verybigcompany.com,
he had them in his white list, and as expected, the spam slipped through.
Based on the advice I got in this
The basic user understands whitelist_from and blacklist_from. But when
he encounters the locales, he wonders why cannot there be
whitelist_locales and blacklist_locales. He does not want to learn the
superior logic of why his wish is not smart. He just wants to find the
commands for
[EMAIL PROTECTED] wrote:
MK Let's say you speak English and Chinese, and hate Russian because you
MK get lots of spam in that text format and don't speak it.
That's me, English and Chinese, and hate Russian.
MK In this situation, why would you want not_ok_localles ru instead of
MK
MK I'll be happy to change my assumptions, but can you name any good reason
MK why they would want to do so?
The Matt theme: restrict oneself from getting mail from any but a few
safe people, languages, or whatever. Life goes on in its familiar grey
days. But alas, the software knows best.
The
- Original Message -
From: Matt Kettler [EMAIL PROTECTED]
To: Jack Gostl [EMAIL PROTECTED]
Cc: spam users@spamassassin.apache.org
Sent: Thursday, December 06, 2007 8:19 PM
Subject: Re: whitelist
Matt Kettler wrote:
Jack Gostl wrote:
I have an odd problem. I have a user receiving
[EMAIL PROTECTED] wrote:
Anyway, Mail::SpamAssassin::Conf should admit that it doesn't mention
What if I hate a specific language, people, culture. Is there e.g., a
not_ok_locales?
Don't put the answer here, put it on Mail::SpamAssassin::Conf, even if
the answer is that there is no answer.
Jack Gostl wrote:
- Original Message - From: Matt Kettler
[EMAIL PROTECTED]
To: Jack Gostl [EMAIL PROTECTED]
Cc: spam users@spamassassin.apache.org
Sent: Thursday, December 06, 2007 8:19 PM
Subject: Re: whitelist
Matt Kettler wrote:
Jack Gostl wrote:
I have an odd problem. I
[EMAIL PROTECTED] wrote:
MK I'll be happy to change my assumptions, but can you name any good reason
MK why they would want to do so?
The Matt theme: restrict oneself from getting mail from any but a few
safe people, languages, or whatever. Life goes on in its familiar grey
days. But alas,
Matt Kettler wrote:
Matt Kettler wrote:
Jack Gostl wrote:
I have an odd problem. I have a user receiving spam from something like
[EMAIL PROTECTED] Since he does business with verybigcompany.com,
he had them in his white list, and as expected, the spam slipped through.
Based on the advice
The jidanni theme: open up life to a rainbow of possibilities.
Y'know, at the risk of being rude, does the rainbow of possibilities include
the possibility of READING the expletive-deleted CONF FILE? Just asking.
But the basic user is not in the business of understanding things.
Then he
42 matches
Mail list logo