--On Wednesday, January 21, 2009 1:04 AM + rje...@vzw.blackberry.net
wrote:
I am attempting to create a regular expression to give a negative score
for purchase orders. I need to match the following:
PO
PO:
PO#
P.O.
P.O. #
PO #
I have not been able to get this to work correctly. I have
Everyone has given very helpful feedback! At present it definitely sounds
like I should tweak my rules and train my bayes. I will try taking steps
here and see how it goes.
Thank you all so very much!
--
View this message in context:
http://www.nabble.com/please-help%2C-getting-hammered-wit
Dennis Hardy wrote:
Hi, I'm getting hammered by snowshoe spam :-(
Any thoughts/advice are appreciated :-)
When this started happening to us the only solution I found was manual
CIDR blocks.
Yea I know very last millennium but I didn't find anything else to work
with. Some particular sno
On Fri, 23 Jan 2009, RW wrote:
I'm having a problem whereby Spamassassin is sometimes being killed by
SIGPIPE before it's written-out the email to stdout, and then returns a
zero exit-code.
Ouch.
Open a bug in the bugzilla. While the devs may read this list, they don't
use it for taking bug
Dennis Hardy wrote on Fri, 23 Jan 2009 08:36:59 -0800 (PST):
> see http://www.spamhaus.org/faq/answers.lasso?section=Glossary#233
Ah. I know a lot of spam terms, but this is certainly new to me ;-)
>
> > If the former, put some example up on a pastebin (not ehre!).
>
> Yes already done: http:
I'm having a problem whereby Spamassassin is sometimes being killed by
SIGPIPE before it's written-out the email to stdout, and then
returns a zero exit-code.
Whilst I'd be keen to eliminate the SIGPIPE problem, the more important
problem is the return of the zero exit-code, because it turns del
On Fri, 23 Jan 2009, Dennis Hardy wrote:
Here is what I have been using (from previous help from this mail list!):
uri SSS_URI30 /\bhttp:\/\/[^\.\/]+\.(?i:com|net|info|biz)\/\w{30}\b/
uri SSS_URI30 1.5
this uri rule does work very well. but they change the length
sometimes, so I have a
> your BAYES is misfiring. Ths difference between BAYES_05 and BAYES_99 is
4.6
> so you could have score of 5.7 if you'd have well-trained BAYES.
Yes, that would be great. I will look at trying this. I do get tens of
thousands of e-mails a day through this system though so it is hard to do
manu
> Can you repost that with full headers?
Yes, I have to wait for more to come through though as I have gotten into
the habit of just deleting the FNs.
> No DNSBL hits on the URI domain?
No, the domains change too quickly, so I almost never get DNSBL hits for
these. I have DNSBL greylisting fro
On 22-Jan-2009, at 13:57, Brian J. Murrell wrote:
Now users need to know how to edit SQL records, or I
need to install a web interface for that. The ROI here for that is
just
not high enough.
Really? A webface to edit user configuration options in an SQL
database is trivial. I know its
> > why are those scores low? What gives them negative score?
> > those rules have quite high score...
On 23.01.09 08:26, Dennis Hardy wrote:
> Here is an example (without my rules): http://pastebin.com/m4400a74d
X-Spam-Status: No, score=1.1 required=5.0 tests=BAYES_05,DCC_CHECK,DIET_1,
On Fri, 23 Jan 2009, Dennis Hardy wrote:
why are those scores low? What gives them negative score?
those rules have quite high score...
Here is an example (without my rules): http://pastebin.com/m4400a74d
Can you repost that with full headers?
The ones that get through are relatively sho
> I've been using this rule to knock some of these down:
> [...]
> Highly unusual to have a url like that in ham...
> I'm running a meta to bump up the score...
Yes, I've actually been doing the very same thing (URI detection and metas,
and then string matching in the tail part of the e-mail) !
On Fri, 2009-01-23 at 07:56 -0800, Dennis Hardy wrote:
> Hi, I'm getting hammered by snowshoe spam :-( I've added rules to try to
> catch common formats of included URLs in the spam, but I'm wary of scoring
> these rules too high because of the potential for false positives. It's
> hard to come u
> Is this spam for snowshoes or some "spam term"?
"Like a snowshoe spreads the load of a traveler across a wide area of snow,
some spammers use many frequently-changing IP addresses and domains to
spread out the spam load in order to dilute recipient reputation metrics and
evade filters."
see ht
Dennis Hardy wrote on Fri, 23 Jan 2009 07:56:44 -0800 (PST):
> Hi, I'm getting hammered by snowshoe spam
Is this spam for snowshoes or some "spam term"? If the former, put some
example up on a pastebin (not ehre!).
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Service
> why are those scores low? What gives them negative score?
> those rules have quite high score...
Here is an example (without my rules): http://pastebin.com/m4400a74d
The ones that get through are relatively short and simple, and many are very
"clean". This example is just one that focuses on
On 23.01.09 07:56, Dennis Hardy wrote:
> Hi, I'm getting hammered by snowshoe spam :-( I've added rules to try to
> catch common formats of included URLs in the spam, but I'm wary of scoring
> these rules too high because of the potential for false positives. It's
> hard to come up with other rul
> Ralf Heidenreich wrote:
> > sa-learn coaches spamassassin.
On 23.01.09 10:45, Bowie Bailey wrote:
> Actually, sa-learn coaches the Bayes db if you want to be specific.
I prefer word "train" instead of "coach" :-)
> > Is it better, to coach spamassassin with mails, that are not examined
> > thr
Hi, I'm getting hammered by snowshoe spam :-( I've added rules to try to
catch common formats of included URLs in the spam, but I'm wary of scoring
these rules too high because of the potential for false positives. It's
hard to come up with other rules as the spam e-mail content is so generic.
On 22.01.09 14:54, RobertH wrote:
> would those of you in the know please comment based upon your data re: the
> below rules and their effectiveness in hitting spam vrs ham and/or false
> readings in diverse or fairly diverse large scale isp and/or corporate
> installations please
I think they all
Brian J. Murrell wrote:
I'd also suggest using SQL for user preferences.
The user interface (i.e. editing a file) for user preferences is a
different story. Now users need to know how to edit SQL records, or I
need to install a web interface for that.
Or you use a small script that reads
Ralf Heidenreich wrote:
> Hello,
>
> sa-learn coaches spamassassin.
Actually, sa-learn coaches the Bayes db if you want to be specific.
> Is it better, to coach spamassassin with mails, that are not examined
> through spamassassin. Also original spam-mails.
> If spamassassin examines mails, and
Hello,
sa-learn coaches spamassassin.
Is it better, to coach spamassassin with mails, that are not examined
through spamassassin. Also original spam-mails.
If spamassassin examines mails, and writes a Spam-Status flag into the
header, can these mails used for sa-learn?
greetings Ralf
RobertH wrote on Thu, 22 Jan 2009 14:54:41 -0800:
> would those of you in the know please comment based upon your data re: the
> below rules and their effectiveness in hitting spam vrs ham and/or false
> readings in diverse or fairly diverse large scale isp and/or corporate
> installations please
25 matches
Mail list logo