On Wed, April 16, 2008 00:14, Michael Hutchinson wrote:
domain:
def_whitelist_auth [EMAIL PROTECTED]
user:
whitelist_auth [EMAIL PROTECTED]
Cool, thanks Benny.
np
I can't employ what you've told me as upgrading to 3.2.4 is out of the
question until I rebuild the mail server (Debian
HI Jack,
Any chance of sharing your rules for this?!
Cheers,
Jeremy
Jack Pepper [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]
This info popped up on the emerging-Threats list. I have watched our
mail servers and have confirmed that it works.
The problem is that my attempts to
I use spamassassin3.2.x
I want spamassassin to give a score according to reverse name of a source ip
address.
I think of doing for some dynamic ip addresses.
How can I do that as a rule ?
On Wed, April 16, 2008 11:13, Daniel Zaugg wrote:
Wow ! Aren't you guys proud to be postmasters !
my cat turn off my mailserver when it makes to much noice for his sleep :)
For me being a postmaster clearly is a chore (one of many) to wich I devote
an absolute minimum amount of my precious
John Rudd wrote:
the error is ignored since it has no practical consequence (except
maybe in some unread log file)
Unread/unchecked only by half-assed postmasters who aren't worth their
salt, and should thus be fired.
A decent postmaster at least generates summaries of traffic ...
On 15.04.08 19:24, Yavuz Maslak wrote:
I want spamassassin to give a score according to reverse name of a source ip
address.
I think of doing for some dynamic ip addresses.
How can I do that as a rule ?
there already are such scores, search for DYNAMIC or DYN_. There are also
scores for
ah... resolved. I forgot that these message hadn't been checked by spamd (and
I didn't realize they needed to) after running the whole directory through
spamassassin it works as expected.
Learned tokens from 1741 message(s) (2469 message(s) examined)
:D
--
Caleb Cushing
my blog
Quoting Jeremy Fairbrass [EMAIL PROTECTED]:
HI Jack,
Any chance of sharing your rules for this?!
Cheers,
Jeremy
Sure:
score BOBAX_GEN_SPAM_2 1.800
header BOBAX_GEN_SPAM_2 ALL =~
/^Message-Id:[EMAIL PROTECTED]/m
describe BOBAX_GEN_SPAM_2 Has Bobax Generated Message-Id, type 2
score
Caleb Cushing wrote:
On Tuesday 15 April 2008 11:27:55 pm Matt Kettler wrote:
Really I'd just be wanting to see the start and end of it..
head
[7750] dbg: logger: adding facilities: all
[7750] dbg: logger: logging level is DBG
[7750] dbg: generic: SpamAssassin version 3.2.4
[7750] dbg:
Hi all,
it's actually not that new since it's been happening for a few years
on my personal email but it has invaded work too and I was wondering
what your thoughts were about it. I don't know how to call it but
essentially it comes from spammers using my work or personal email
addresses
for what it's worth, I just pushed Henry's version of Joe's rules into the
3.2.x sa-updates.
--j.
Jack Pepper writes:
Quoting Jeremy Fairbrass [EMAIL PROTECTED]:
HI Jack,
Any chance of sharing your rules for this?!
Cheers,
Jeremy
Sure:
score BOBAX_GEN_SPAM_2 1.800
header
On Wednesday 16 April 2008 15:01:25 Erik Dasque wrote:
Hi all,
it's actually not that new since it's been happening for a few years
on my personal email but it has invaded work too and I was wondering
what your thoughts were about it. I don't know how to call it
joe-jobing (what the spammer
by the way, if there are future good spam rules discussed on Snort lists,
please feel free to forward on the details here. Most (all?) of the
SpamAssassin devs don't follow those lists...
--j.
On Fri, March 21, 2008 20:46, Theo Van Dinter wrote:
Generally speaking, blocking that stuff in the MTA is the right/better way to
go.
if body is 100M then you accept it before you can test for it :(
Benny Pedersen
Need more webspace ? http://www.servage.net/?coupon=cust37098
On Wed, Apr 16, 2008 at 04:11:25PM +0200, Benny Pedersen wrote:
header MG_LINK2 Content-Disposition =~ /filename\=\as\.zip\/
header MG_LINK2 Content-Disposition =~ /^filename\=\[a-z]{2}\.zip\/i
If you're trying to match the filename in an attachment, header isn't going
to get you anywhere.
On Wed, April 16, 2008 16:16, Theo Van Dinter wrote:
On Wed, Apr 16, 2008 at 04:11:25PM +0200, Benny Pedersen wrote:
header MG_LINK2 Content-Disposition =~ /filename\=\as\.zip\/
header MG_LINK2 Content-Disposition =~ /^filename\=\[a-z]{2}\.zip\/i
If you're trying to match the filename in an
On Fri, March 21, 2008 18:41, Martin Gregorie wrote:
header MG_LINK2 Content-Disposition =~ /filename\=\as\.zip\/
header MG_LINK2 Content-Disposition =~ /^filename\=\[a-z]{2}\.zip\/i
Benny Pedersen
Need more webspace ? http://www.servage.net/?coupon=cust37098
Erik Dasque [EMAIL PROTECTED] wrote:
As a result of those thousands (millions) of Spam emails sent 'by me', I
get a hefty number of undeliverable email notices in my inbox (from the
thousands of invalid address in the spammer address book). It goes in
waves, sometimes I'll go months without
I am running mailscanner with spamassassin attached. But I think the native
spamassassin is still running. So I did a check
$ spamd -V
SpamAssassin Server version 3.1.9
running on Perl 5.8.5
[20928] error: List::Util object version 1.14 does not match bootstrap
parameter 1.19 at
Graham Murray wrote:
mouss [EMAIL PROTECTED] writes:
ahuh? how would spf fix the problem if spam gets out from an
authorized client (yahoo, google, hotmail, aol, ...). however you
respond, you'll find out that such (ougoing) spam problem isn't fixed
_by_ SPF. In particular, don't tell me
Any thoughts?
Thanks!
ps xafu | grep spamd
or
/etc/init.d/spamassassin status
For fun I ran an SAupdate and got tons of errors but not sure were to start
looking to fix.
this is running on
$ spamd -V
SpamAssassin Server version 3.1.9
Thanks!
$ sa-update
plugin: failed to parse plugin (from @INC): Bareword
Mail::SpamAssassin::Constants::CHARSETS_LIKELY_TO_FP_AS_CAPS
On Wednesday 16 April 2008 11:13:04 Daniel Zaugg wrote:
Wow ! Aren't you guys proud to be postmasters !
no. the real one got fired.
hehe
--
best regards/Mit freundlichen Grüßen
Arvid Ephraim Picciani
Thanks for the reply!
So if i run that i get
$ ps xafu | grep spamd
root 2146 0.0 0.0 4556 552 pts/1S+ 12:17
0:00 \_ grep spamd
root 16388 0.0 1.8 44492 37708 ? Ss 10:30
0:04 /usr/bin/spamd -d -c -m8 -H -r /var/run/spamd.pid
nobody
On Wed, Apr 16, 2008 at 5:13 AM, Daniel Zaugg
[EMAIL PROTECTED] wrote:
John Rudd wrote:
the error is ignored since it has no practical consequence (except
maybe in some unread log file)
Unread/unchecked only by half-assed postmasters who aren't worth their
salt, and should
On Wed, 16 Apr 2008, Erik Dasque wrote:
[snip..]
As a result of those thousands (millions) of Spam emails sent 'by
me', I get a hefty number of undeliverable email notices in my inbox
(from the thousands of invalid address in the spammer address book).
It goes in waves, sometimes I'll go
Hi everyone,
I'm starting to see a noticeable amount of message sneak by spamassassin with
scores mostly the 3-4 range but some as low as 1 point.
I'm running 3.2.4 with SARE, sough, and Botnet. We don't use bayes. Here are
some samples of messages that have got through:
Hi!
I'm running 3.2.4 with SARE, sough, and Botnet. We don't use bayes. Here are
some samples of messages that have got through:
http://pastebin.com/m16055c85
http://pastebin.com/m52635526
http://pastebin.com/m491c4882
http://pastebin.com/m7c1240f2
I get a HTTP/1.1 404 Not Found on all
Tony Bunce wrote:
Hi everyone,
I'm starting to see a noticeable amount of message sneak by spamassassin with
scores mostly the 3-4 range but some as low as 1 point.
I'm running 3.2.4 with SARE, sough, and Botnet. We don't use bayes. Here are
some samples of messages that have got through:
Tony Bunce wrote:
Hi everyone,
I'm starting to see a noticeable amount of message sneak by spamassassin with
scores mostly the 3-4 range but some as low as 1 point.
I'm running 3.2.4 with SARE, sough, and Botnet. We don't use bayes. Here are
some samples of messages that have got through:
David B Funk writes:
On Wed, 16 Apr 2008, Erik Dasque wrote:
[snip..]
As a result of those thousands (millions) of Spam emails sent 'by
me', I get a hefty number of undeliverable email notices in my inbox
(from the thousands of invalid address in the spammer address book).
It goes in
Josie Walls wrote:
Would this group agree that requiring 5 hits in order to classify an email
as spam is too conservative a number?
Nope. I've been running a number of systems - personal and professional
- at 5 with no major runs of missed-spam or mistagged-ham (aside from
the period where
Caleb Cushing wrote:
ah... resolved. I forgot that these message hadn't been checked by spamd (and
I didn't realize they needed to) after running the whole directory through
spamassassin it works as expected.
Learned tokens from 1741 message(s) (2469 message(s) examined)
:D
That shouldn't
33 matches
Mail list logo