Hello,
I'm having problems using whitelist_from_spf to whitelist a domain.
[23227] dbg: spf: checking to see if the message has a Received-SPF header
that we can use
[23227] dbg: spf: using Mail::SPF for SPF checks
[23227] dbg: spf: checking HELO (helo=out10.wanadoo.es, ip=62.36.20.210)
[23227]
Le 14/05/2009 13:30, Alvaro Marín a écrit :
It seems that there is a problem resolving DNS records of that domain so I
want to whitelist it. If I add:
whitelist_from_spf *...@orange.es
You're misunderstanding the purpose of whitelist_from_spf. It is
intended for whitelisting mail from an
From: Alvaro MarÃn alv...@hostalia.com
Date: Thu, 14 May 2009 13:30:49 +0200
It seems that there is a problem resolving DNS records of that domain so I
want to whitelist it. If I add:
whitelist_from_spf *...@orange.es
It's ignored by SA, as the log says.
Reviewing
Alvaro Marín wrote:
Hello,
I'm having problems using whitelist_from_spf to whitelist a domain.
no, the sender is having problems using spf :-(
orange.es publishes this as their spf records:
host -t txt orange.es
orange.es descriptive text v=spf1 mx a:spf.orange.es
ip4:213.143.52.0/24
my mistake. seems orange.es is using a HUGE a record list.
you might want to check your dns servers. make sure they can pass dns
records in tcp.
(if result is 'huge' ( 255 bytes)) dns will NOT use udp port 53, but
tcp port 53.
do a 'host -t a spf.oriange.es' on the server running
Alvaro Marín wrote:
Hello,
I'm having problems using whitelist_from_spf to whitelist a domain.
So, which is the purpose of this whitelist feature? If the SPF check fails,
it can't do whitelist?
Yep, and that's the purpose. whitelist_from_spf should be read as
Whitelist based on from AND
Michael Scheidell wrote:
my mistake. seems orange.es is using a HUGE a record list.
you might want to check your dns servers. make sure they can pass dns
records in tcp.
(if result is 'huge' ( 255 bytes)) dns will NOT use udp port 53, but
tcp port 53.
do a 'host -t a spf.oriange.es' on
Hello,
the problem is that from that server, using dig, nslookup, host...etc,
the record is resolved without problems (with TCP):
r...@relay09:~
# dig spf.orange.es
;; Warning: Message parser reports malformed message packet.
;; Truncated, retrying in TCP mode.
; DiG 9.5.0-P2 spf.orange.es
;;
Hi,
the problem is that from that server, using dig, nslookup, host...etc,
the record is resolved without problems (with TCP):
No, the real problem is that SPF failed. There are other issues, but
that is the main one. That IP is not in their SPF record.
Yes, the IP is in their SPF record:
Hi,
I've been getting joe-jobbed a LOT recently, to the point where
bouncebacks are more of a problem for me than spam now. I'm getting
hundreds of them. Are there some SpamAssassin rules that actually try
to target bouncebacks, because I really want to treat them as spam too.
It's not
20_vbounce.cf
Jeremy Morton wrote:
Hi,
I've been getting joe-jobbed a LOT recently, to the point where
bouncebacks are more of a problem for me than spam now. I'm getting
hundreds of them. Are there some SpamAssassin rules that actually try
to target bouncebacks, because I really want
I have the whitelist_bounce_relays options set for vbounce and the rules
are hitting on bounce messages, but the whitelists don't seem to be working.
In my local.cf, I have:
whitelist_bounce_relays bnofimage1.buc.com
But, an email with this header comes through:
Received: from
Last time in frostbite falls, our intrepid heroes were faced with a big
question:
why does sa-compile take 5 mins on some boxes and 45mins on other.? same
cpu, same os, same ram, same load.
I think we all came to the conclustion that
sa rules (700 of them)? by themselves might take 5/10 mins
OK, so SA gives you a breakdown in the msg body of why it thought
messages tagged as spam were spam. But what about false negatives?
It'd be really useful if SA could give me a full breakdown of its
analysis in the e-mail's header, some kind of 'debug mode', so I could
tell why it thought a
Jeremy Morton wrote:
OK, so SA gives you a breakdown in the msg body of why it thought
messages tagged as spam were spam. But what about false negatives?
It'd be really useful if SA could give me a full breakdown of its
analysis in the e-mail's header, some kind of 'debug mode', so I could
I am starting to see more messages than usual get through our spam filters.
Anyone have any tips on what would make these score higher?
http://pastebin.com/m41d3437a
http://pastebin.com/d626a4352
http://pastebin.com/m14c73cab
Thanks in advance,
Tony
On Thu, 14 May 2009, Bowie Bailey wrote:
I have the whitelist_bounce_relays options set for vbounce and the rules are
hitting on bounce messages, but the whitelists don't seem to be working.
In my local.cf, I have:
whitelist_bounce_relays bnofimage1.buc.com
But, an email with this header
Never mind. Looks like cPanel have their own retarded exim code for
deciding what gets put in the headers and ignore the SA config files.
I'll have to modify exim.conf instead.
Best regards,
Jeremy Morton (Jez)
Jeremy Morton wrote:
That's not working. I'm simply not getting a 'Report'
Jeremy Morton wrote:
That's not working. I'm simply not getting a 'Report' header. :-(
It would be called X-Spam-Report in the event that matters.
Some programs used to call SpamAssassin for the incoming mail will
ignore a few configuration options (including add_header) in an
attempt at
At 11:06 AM 5/14/2009, you wrote:
I am starting to see more messages than usual get through our spam filters.
Anyone have any tips on what would make these score higher?
http://pastebin.com/m41d3437a
Scored a 5.4
http://pastebin.com/d626a4352
7.3
http://pastebin.com/m14c73cab
6.9
John Hardin wrote:
On Thu, 14 May 2009, Bowie Bailey wrote:
I have the whitelist_bounce_relays options set for vbounce and the
rules are hitting on bounce messages, but the whitelists don't seem
to be working.
In my local.cf, I have:
whitelist_bounce_relays bnofimage1.buc.com
But, an
Tony Bunce wrote and Evan Platt scored:
Anyone have any tips on what would make these score higher?
http://pastebin.com/m41d3437a
Scored a 5.4
Content analysis details: (7.7 points, 5.0 required)
pts rule name description
---
Here's an example of a spam message that got through my SA installation:
http://rafb.net/p/fcy9wY66.html
As you can see from the report header, this hasn't matched several rules
I think it should have done (like MIME_IMAGE_ONLY) - is my SA
installation screwed up or is there something in
On Thu, 14 May 2009, Jeremy Morton wrote:
I've been getting joe-jobbed a LOT recently, to the point where bouncebacks
are more of a problem for me than spam now.
Depending on how many different addresses are getting joe-jobbed,
there is a simple practical test:
When *you* send mail, the from
At 12:27 PM 5/14/2009, you wrote:
Evan: I'd be interested to see what bumped that last one up for you.
Are you using the botnet plugin perhaps?
I'm pretty sure I disabled botnet... I don't actively run SA on this
server, but keep it installed and (try to) up to date ..My server
that relays
On Thu, 14 May 2009, Jeremy Morton wrote:
Here's an example of a spam message that got through my SA installation:
http://rafb.net/p/fcy9wY66.html
As you can see from the report header, this hasn't matched several rules
I think it should have done (like MIME_IMAGE_ONLY) - is my SA
Hmm, well now it's getting 6.4 from the commandline and seems to be
matching more appropriate rules. Maybe it was because I ran sa-update;
I'll keep you posted if more of them get through.
Best regards,
Jeremy Morton (Jez)
John Hardin wrote:
On Thu, 14 May 2009, Jeremy Morton wrote:
Evan Platt wrote:
0.0 MISSING_MIDMissing Message-Id: header
0.0 MISSING_DATE Missing Date: header
0.2 URIBL_GREY Contains an URL listed in the URIBL greylist
[URIs: magnetmail1.net]
-0.0 NO_RELAYS Informational:
Adam Katz wrote:
Evan Platt wrote:
0.0 MISSING_MIDMissing Message-Id: header
0.0 MISSING_DATE Missing Date: header
0.2 URIBL_GREY Contains an URL listed in the URIBL greylist
[URIs: magnetmail1.net]
-0.0 NO_RELAYS
At 01:53 PM 5/14/2009, you wrote:
That looks a lot like a botched paste. You're missing *every* header.
Ecch.
You're right.
I'm going back to sleep - err once I leave work.
I did a wget of the pastebin URL, then parsed that to SA. Didn't even
look at the wget results :-D
At 02:05 PM 5/14/2009, you wrote:
Maybe on your part. I see all those headers there at the URL. :-)
http://rafb.net/p/fcy9wY66.html
No Adam's saying when I grabbed the OP's pastebin's, I ... err
pooched it. So I fed messages with no headers to SpamAssassin. :)
On May 14, 2009, at 9:32, Alvaro Marín alv...@hostalia.com wrote:
Hi,
the problem is that from that server, using dig, nslookup,
host...etc,
the record is resolved without problems (with TCP):
No, the real problem is that SPF failed. There are other issues, but
that is the main one. That
On May 14, 2009, at 12:16, Jeremy Morton ad...@game-point.net wrote:
Never mind. Looks like cPanel have their own retarded exim code for
deciding what gets put in the headers and ignore the SA config
files. I'll have to modify exim.conf instead.
Exim's philosophy seems to be
On Thu, 14 May 2009 15:33:36 -0600
LuKreme krem...@kreme.com wrote:
On May 14, 2009, at 9:32, Alvaro Marín alv...@hostalia.com wrote:
Hi,
the problem is that from that server, using dig, nslookup,
host...etc,
the record is resolved without problems (with TCP):
No, the real
I am having the same problem. I have not figured it out yet but I have a
question for you on this subject, are you using KAM.cf? If so does your
sa-compile run any faster if you remove KAM.cf? Mine goes from 45
minutes with KAM.cf down to 15 minutes which is still a long time
-Original
Andrews Carl 448 wrote:
I am having the same problem. I have not figured it out yet but I have a
question for you on this subject, are you using KAM.cf? If so does your
sa-compile run any faster if you remove KAM.cf? Mine goes from 45
minutes with KAM.cf down to 15 minutes which is still a long
Hi,
I'm trying to run sudo -u postfix spamassassin -D -p
/etc/MailScanner/spam.assassin.prefs.conf -t MESSAGE.MAI
and I would like the full output to be saved to a text file when I do:
sudo -u postfix spamassassin -p
/etc/MailScanner/spam.assassin.prefs.conf -t MESSAGE.MAI text.txt
it
On Thu, 14 May 2009, Michael Scheidell wrote:
Id LOVE to get back to 15 min compiles.
I'm not familiar with the details of RE compilation - would it be possible
for Justing to have his bot compile the sought rulesets after generating
them and include that in the update? Or do all of the
and on different processors and on different platforms, and with
different optimizations.
rec2 creates c object libraries.
needs to be platform, os, os version, processor dependent.
so, no, he can't.
John Hardin wrote:
On Thu, 14 May 2009, Michael Scheidell wrote:
Id LOVE to get back to
On Thu, 14 May 2009, John Hardin wrote:
On Thu, 14 May 2009, Michael Scheidell wrote:
Id LOVE to get back to 15 min compiles.
I'm not familiar with the details of RE compilation - would it be possible
for Justing to have his bot compile the sought rulesets after generating them
and
On Fri, 15 May 2009, Lists wrote:
Hi,
I'm trying to run sudo -u postfix spamassassin -D -p
/etc/MailScanner/spam.assassin.prefs.conf -t MESSAGE.MAI
and I would like the full output to be saved to a text file when I do:
sudo -u postfix spamassassin -p
I think you want
Sudo -u postfix spamassassin -D -p
/etc/MailScanner/spam.assassin.prefs.con -t MESSAGE.MAI text.txt
Have a look at Example 3.6 -
http://tldp.org/HOWTO/Bash-Prog-Intro-HOWTO-3.html
-Original Message-
From: Lists [mailto:li...@rheel.co.nz]
Sent: Thursday, May 14, 2009
Andrews Carl 448 wrote:
I think you want
Sudo -u postfix spamassassin -D -p
/etc/MailScanner/spam.assassin.prefs.con -t MESSAGE.MAI text.txt
Have a look at Example 3.6 -
http://tldp.org/HOWTO/Bash-Prog-Intro-HOWTO-3.html
-Original Message-
From: Lists [mailto:li...@rheel.co.nz]
John Hardin wrote:
On Fri, 15 May 2009, Lists wrote:
Hi,
I'm trying to run sudo -u postfix spamassassin -D -p
/etc/MailScanner/spam.assassin.prefs.conf -t MESSAGE.MAI
and I would like the full output to be saved to a text file when I do:
sudo -u postfix spamassassin -p
OK, didn't take long to get such an example. :-)
http://rafb.net/p/rqOjCJ11.html
This made it through. As can be seen from the headers it got a 2.9
score only and didn't match MIME_IMAGE_ONLY which certainly would have
pushed it over the top.
When I tried passing it to SA on the command
Andrews Carl 448 wrote:
I think you want
Sudo -u postfix spamassassin -D -p
/etc/MailScanner/spam.assassin.prefs.con -t MESSAGE.MAI text.txt
Have a look at Example 3.6 -
http://tldp.org/HOWTO/Bash-Prog-Intro-HOWTO-3.html
-Original Message-
From: Lists [mailto:li...@rheel.co.nz]
I just received this (can't use pastebin any more :-(). Looks like
spammers are using createpdf.adobe.com to create their spam for them.
--
Cheers
Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6
Should be postfix.
sudo -s postfix == the -u means run as user __, so you are asking
it to run as postfix.
It looks like you are trying to create the directory .spamassasin under
/root as postfix which you probably do not want.
Maybe this will work better for you:
su - postfix
Andrews Carl 448 wrote:
Should be postfix.
sudo -s postfix == the -u means run as user __, so you are asking
it to run as postfix.
It looks like you are trying to create the directory .spamassasin under
/root as postfix which you probably do not want.
Maybe this will work better for
On Fri, 2009-05-15 at 11:09 +1200, Kate Kleinschafer wrote:
I'm trying to run sudo -u postfix spamassassin -D -p
/etc/MailScanner/spam.assassin.prefs.conf -t MESSAGE.MAI and I would
That does not switch the environment. Try something like this...
sudo -u postfix env | grep ^USER
sudo
On Thu, 2009-05-14 at 18:54 -0400, Tony Bunce wrote:
Here are the scores and hits I am getting:
x-spam-status: No, score=2.4 required=5.0 tests=DCC_CHECK,RCVD_IN_FIVETENSG,
^
Hits on 50% of your HAM, doesn't it?
On Fri, 15 May 2009, Jeremy Morton wrote:
OK, didn't take long to get such an example. :-)
http://rafb.net/p/rqOjCJ11.html
This made it through. As can be seen from the headers it got a 2.9
score only and didn't match MIME_IMAGE_ONLY which certainly would have
pushed it over the top.
Karsten Bräckelmann wrote:
On Fri, 2009-05-15 at 11:09 +1200, Kate Kleinschafer wrote:
I'm trying to run sudo -u postfix spamassassin -D -p
/etc/MailScanner/spam.assassin.prefs.conf -t MESSAGE.MAI and I would
That does not switch the environment. Try something like this...
On Fri, 2009-05-15 at 00:09 +0100, Jeremy Morton wrote:
OK, didn't take long to get such an example. :-)
http://rafb.net/p/rqOjCJ11.html
The paste(bin)? appears to be broken, every line that should be empty
actually shows a space there. Anyway, easy to fix.
Oh, and your X-Spam-Report header
On Fri, 2009-05-15 at 11:57 +1200, Lists wrote:
Karsten Bräckelmann wrote:
On Fri, 2009-05-15 at 11:09 +1200, Kate Kleinschafer wrote:
I'm trying to run sudo -u postfix spamassassin -D -p
/etc/MailScanner/spam.assassin.prefs.conf -t MESSAGE.MAI and I would
That does not switch the
Karsten Bräckelmann wrote:
On Fri, 2009-05-15 at 11:57 +1200, Lists wrote:
Karsten Bräckelmann wrote:
On Fri, 2009-05-15 at 11:09 +1200, Kate Kleinschafer wrote:
I'm trying to run sudo -u postfix spamassassin -D -p
/etc/MailScanner/spam.assassin.prefs.conf -t MESSAGE.MAI
I would like to offer my help for your project. So far it's working
well. I can offer you any of the following:
Data - I have tons of spam if you need to harvest data.
Computers - I have a lot of processing power if you need a VPS.
Bandwidth - I have some bandwidth to spare
rbldnsd servers - I
This gives USER=postfix and HOME=/root
I know. :) That was meant for your enlightenment...
Thanks
so how do I fix the mkdir /root/.spamassassin failed error?
You don't. Seriously, see above. sudo switches the user, it does not
necessarily mean you get the same environment as a daemon
On 14-May-2009, at 15:44, RW wrote:
On Thu, 14 May 2009 15:33:36 -0600
LuKreme krem...@kreme.com wrote:
You are confused. That is not an SPF record.
It's not, but it's already been established that a:spf.orange.es is
in the spf record.
OK, maybe *I* am confused.
v=spf1 mx a:spf.orange.es
Not sure why everyone else sees MISSING_DATE, MISSING_SUBJECT, etc.
Bad copy-n-paste for their checking. From what I recall from my quick
look earlier, your pastebins are OK.
Yup, one count of that on each of our behalfs. Here's my corrected
first email scan:
Content analysis details:
-Original Message-
From: LuKreme [mailto:krem...@kreme.com]
Sent: vrijdag 15 mei 2009 5:37
To: users@spamassassin.apache.org
Subject: Re: whitelist_from_spf
On 14-May-2009, at 15:44, RW wrote:
On Thu, 14 May 2009 15:33:36 -0600
LuKreme krem...@kreme.com wrote:
You are confused. That
On 14-May-2009, at 16:38, Lists wrote:
I really need to see all the debug output as I am trying to see
which user is running when trying to access FuzzyOCR.
You are directing stdout, you need to redirect stderr as well. How to
do this depends on your shell.
--
Quis custodiet opsos
-Original Message-
From: Lists [mailto:li...@rheel.co.nz]
Sent: vrijdag 15 mei 2009 0:38
To: SpamAssassin
Subject: saving output of test to a text file
Hi,
I'm trying to run sudo -u postfix spamassassin -D -p
/etc/MailScanner/spam.assassin.prefs.conf -t MESSAGE.MAI
and I would like
-Original Message-
From: Lists [mailto:li...@rheel.co.nz]
Sent: vrijdag 15 mei 2009 1:26
To: SpamAssassin
Subject: Re: saving output of test to a text file
Do you know how I can tell which user is running?
i.e. I have a line
[8357] dbg: config: mkdir /root/.spamassassin failed:
64 matches
Mail list logo