On Wed, July 1, 2009 07:44, rich...@buzzhost.co.uk wrote:
In particular
# Enable or disable network checks
skip_rbl_checks 0
0 = off 1 = on
wroung
0 = use rbl
1 = skib rbl test
--
xpoint
On 30-Jun-2009, at 19:38, Karsten Bräckelmann wrote:
Yes, that *might* result in images being loaded off the net auto-
matically, depending on your MUA settings. Hence the safe. But it
really makes reviewing harder, having the user scroll and klick each
single spam.
Erm.. I don't understand
On Wed, 2009-07-01 at 08:26 +0200, Benny Pedersen wrote:
On Wed, July 1, 2009 07:44, rich...@buzzhost.co.uk wrote:
In particular
# Enable or disable network checks
skip_rbl_checks 0
0 = off 1 = on
wroung
0 = use rbl
1 = skib rbl test
Indeed I was WROUNG;
Test show it is
On 7/1/2009 8:50 AM, rich...@buzzhost.co.uk wrote:
Oh, and look: dnsbl.sorbs.net
So it seems that the demise of sorbs will add latency if their servers
stop answering...
See Update: 25th June 2009
http://www.au.sorbs.net/
On Wed, 2009-07-01 at 08:58 +0200, Yet Another Ninja wrote:
On 7/1/2009 8:50 AM, rich...@buzzhost.co.uk wrote:
Oh, and look: dnsbl.sorbs.net
So it seems that the demise of sorbs will add latency if their servers
stop answering...
See Update: 25th June 2009
All,
for whatever reason, Net::DNS::Resolver (as used in SA) doesn't appear
to look at /etc/hosts. I thought it was a Net::DNS::Resolver
peculiarity, maybe something to do with cross-platform support, so in
a plugin module I've been writing, I tried to gethostbyname() instead.
I verified it
Per Jessen wrote:
All,
for whatever reason, Net::DNS::Resolver (as used in SA) doesn't appear
Sorry, wrong list.
/Per Jessen, Zürich
so
is emailbl offline since it is now 7/1/09 or has the term status changed?
updates please?
- rh
On 7/1/2009 9:36 AM, RobertH wrote:
so
is emailbl offline since it is now 7/1/09 or has the term status changed?
updates please?
- rh
as announced, it has been disabled.
Am 2009-06-30 14:08:33, schrieb John Hardin:
If zen worked to catch the message in procmail, how does it not work on
your MTA? Or did we misinterpret your original post?
On Wed, 2009-07-01 at 01:15 +0200, Michelle Konzack wrote:
In Debian, the network related scans are activated and
On 30.06.09 07:06, rich...@buzzhost.co.uk wrote:
Are you saying that ZEN caught it after SA processed it? Why are
you not using ZEN in SA or at the SMTP stage?
On Tue, 30 Jun 2009 09:10:36 +0200
Matus UHLAR - fantomas uh...@fantomas.sk wrote:
She apparently does not have control over
On Wed, 2009-07-01 at 10:27 +0200, Matus UHLAR - fantomas wrote:
Note that rbl checks do not only control the IP you are receiving mail from,
but also an IP others are receiving mail from. That means, rbl checks can
help you catch spam others are (unintentionally) forwarding to you.
I
Hey all,
I stumbled upon an odd issue the other day that I'm having trouble
tracking down. Namely, a certain rule in the sought rule set, when
compiled for use with Rule2XSBody is causing the processing of *some*
emails to, well, never really end. Piping the mail through spamassassin
or into
hey Matt -- what version of re2c is installed?
On Tue, Jun 30, 2009 at 18:43, Matt Elsonmel...@fastmail.net wrote:
Hey all,
I stumbled upon an odd issue the other day that I'm having trouble
tracking down. Namely, a certain rule in the sought rule set, when
compiled for use with Rule2XSBody
Am 2009-07-01 08:26:09, schrieb Benny Pedersen:
On Wed, July 1, 2009 07:44, rich...@buzzhost.co.uk wrote:
In particular
# Enable or disable network checks
skip_rbl_checks 0
0 = off 1 = on
wroung
0 = use rbl
1 = skib rbl test
Both are right...
because the name of then
rich...@buzzhost.co.uk wrote:
On Wed, 2009-07-01 at 10:27 +0200, Matus UHLAR - fantomas wrote:
Note that rbl checks do not only control the IP you are receiving
mail from, but also an IP others are receiving mail from. That means,
rbl checks can help you catch spam others are
rich...@buzzhost.co.uk wrote:
On Wed, 2009-07-01 at 08:58 +0200, Yet Another Ninja wrote:
On 7/1/2009 8:50 AM, rich...@buzzhost.co.uk wrote:
Oh, and look: dnsbl.sorbs.net
So it seems that the demise of sorbs will add latency if their
servers stop answering...
See Update: 25th
I stumbled upon an odd issue the other day that I'm having trouble
tracking down. Namely, a certain rule in the sought rule set, when
compiled for use with Rule2XSBody is causing the processing of *some*
emails to, well, never really end. Piping the mail through
spamassassin or into
On Wed, 2009-07-01 at 10:27 +0200, Matus UHLAR - fantomas wrote:
Note that rbl checks do not only control the IP you are receiving mail from,
but also an IP others are receiving mail from. That means, rbl checks can
help you catch spam others are (unintentionally) forwarding to you.
On Wed, 2009-07-01 at 11:11 +0200, Per Jessen wrote:
rich...@buzzhost.co.uk wrote:
On Wed, 2009-07-01 at 08:58 +0200, Yet Another Ninja wrote:
On 7/1/2009 8:50 AM, rich...@buzzhost.co.uk wrote:
Oh, and look: dnsbl.sorbs.net
So it seems that the demise of sorbs will add latency
rich...@buzzhost.co.uk wrote:
On Wed, 2009-07-01 at 11:11 +0200, Per Jessen wrote:
rich...@buzzhost.co.uk wrote:
I'm guessing there is some way to modify the network checks to it
does not use specific RBL's. I've not studied closely, but I think
today I need to become acquainted with
On Wed, 2009-07-01 at 12:00 +0200, Matus UHLAR - fantomas wrote:
On Wed, 2009-07-01 at 10:27 +0200, Matus UHLAR - fantomas wrote:
Note that rbl checks do not only control the IP you are receiving mail
from,
but also an IP others are receiving mail from. That means, rbl checks can
On 01.07.09 11:26, rich...@buzzhost.co.uk wrote:
And there is the argument that anything other than the final IP can
easily be forged or inserted into the headers rendering a great many
costly DNS checks. Swings and roundabouts.
if a spammer forges Received: line so the checked ip is in
On Wed, 2009-07-01 at 01:14 +0200, Karsten Bräckelmann wrote:
On Tue, 2009-06-30 at 21:57 +0100, John Horne wrote:
However, as far as I can tell, the X-Spam-Report header gets added to
ham mail as well as spam. For example:
X-spam-report: Score=-6.9
Justin Mason wrote:
hey Matt -- what version of re2c is installed?
Knew I forgot something :P.
re2c 0.13.2 was what was on all of the machines that had the issue -
when I ran into the issue, the first thing I did was upgrade it to
0.13.5 on one of them; the problem still occurred. The
Matthew Elson wrote:
Justin Mason wrote:
hey Matt -- what version of re2c is installed?
Knew I forgot something :P.
re2c 0.13.2 was what was on all of the machines that had the issue -
when I ran into the issue, the first thing I did was upgrade it to
0.13.5 on one of them; the problem
I've been seeing exactly the same behaviour off and on since Friday
last week. I'd not yet managed to narrow it down to a specific rule or
email, but your example triggers it every time on my i386 boxes.
Here's a copy of an email that I've modified with the extra section which I'm
able to
On Wed, 1 Jul 2009, Karsten Bräckelmann wrote:
header FROM_EQ_XM ALL =~
/^From: [...@]+\@(?:[^.]+\.)?([^.]+\.[^.]+)?\$.{0,400}^X-Mailer: \1\$/msi
Firstly, my thanks. This syntax provides the functionality I was asking
for in another thread where I wanted to capture things like the appearance
On Wed, 1 Jul 2009, rich...@buzzhost.co.uk wrote:
Jul 1 07:38:46 munged #14781: query: 1.2.3.4.dnsbl.sorbs.net IN A +
Oh, and look: dnsbl.sorbs.net
So it seems that the demise of sorbs will add latency if their servers
stop answering...
...which leads back to my original question,
Will the
Matt Elson wrote:
I dug around a bit and it seems
one specific body rule was causing the issue, namely:
body __SEEK_1R0JFS /\x{ff}\x{fe} \x{00} \x{00} \x{00}
\x{00}\x{00}m\x{00}e\x{00}t\x{00}a\x{00}
On Wed, 1 Jul 2009, rich...@buzzhost.co.uk wrote:
Jul 1 07:38:46 munged #14781: query: 1.2.3.4.dnsbl.sorbs.net IN A +
Oh, and look: dnsbl.sorbs.net
So it seems that the demise of sorbs will add latency if their servers
stop answering...
On 01.07.09 08:08, Charles Gregory wrote:
...which
An re2c bug, presumably? Is anyone having problems without using sa-
compile?
If I removed the compiled rule sets, everything works fine again...
Sean
On Wed, 2009-07-01 at 14:21 +0200, Matus UHLAR - fantomas wrote:
On Wed, 1 Jul 2009, rich...@buzzhost.co.uk wrote:
Jul 1 07:38:46 munged #14781: query: 1.2.3.4.dnsbl.sorbs.net IN A +
Oh, and look: dnsbl.sorbs.net
So it seems that the demise of sorbs will add latency if their servers
as announced, it has been disabled.
i see...
if it is determined to be the right thing to do, what is it going to take to
get it back online and helping the cause?
- rh
On Wed, Jul 01, 2009 at 01:31:25PM +0100, Sean Cardus wrote:
An re2c bug, presumably? Is anyone having problems without using sa-
compile?
If I removed the compiled rule sets, everything works fine again...
I was just about to report a similar problem when I came across this
thread.
I'm
On 7/1/2009 4:41 PM, RobertH wrote:
as announced, it has been disabled.
i see...
if it is determined to be the right thing to do, what is it going to take to
get it back online and helping the cause?
as with all BLs it takes:
- data, lots of it.
- some processing iron
- mirrors
- more
On Wed, July 1, 2009 08:50, rich...@buzzhost.co.uk wrote:
I'm going to need to disable some of these lists as the MTA has already
blocked stuff on them Kind of pointless making repeat lookups for stuff
already tested. Thanks for pointing that out Benny.
pleasde do your home work again !,
On Wed, 2009-07-01 at 18:26 +0200, Benny Pedersen wrote:
On Wed, July 1, 2009 08:50, rich...@buzzhost.co.uk wrote:
I'm going to need to disable some of these lists as the MTA has already
blocked stuff on them Kind of pointless making repeat lookups for stuff
already tested. Thanks for
On Wed, 2009-07-01 at 08:01 -0400, Charles Gregory wrote:
On Wed, 1 Jul 2009, Karsten Bräckelmann wrote:
header FROM_EQ_XM ALL =~
/^From: [...@]+\@(?:[^.]+\.)?([^.]+\.[^.]+)?\$.{0,400}^X-Mailer: \1\$/msi
Firstly, my thanks. This syntax provides the functionality I was asking
for in
On Wed, 2009-07-01 at 13:20 +0100, Adam Stephens wrote:
__SEEK_1R0JFS
I can confirm that removing that test and recompiling eliminates my
segfaults. running re2c 0.12.0
--
Daniel J McDonald, CCIE # 2495, CISSP # 78281, CNX
www.austinenergy.com
signature.asc
Description: This is a digitally
On Wed, 2009-07-01 at 18:26 +0200, Benny Pedersen wrote:
On Wed, July 1, 2009 08:50, rich...@buzzhost.co.uk wrote:
I'm going to need to disable some of these lists as the MTA has
already
blocked stuff on them Kind of pointless making repeat lookups for
stuff
already tested. Thanks for
On Wed, July 1, 2009 19:04, rich...@buzzhost.co.uk wrote:
You may want to fix that backscatter problem you have too :-)
just stop sending cc to me, then its fixed
--
xpoint
On Wed, 2009-07-01 at 19:21 +0200, Benny Pedersen wrote:
On Wed, July 1, 2009 19:04, rich...@buzzhost.co.uk wrote:
You may want to fix that backscatter problem you have too :-)
just stop sending cc to me, then its fixed
My apologies. I figured if I sent it twice you may *READ* it
On Wed, Jul 1, 2009 at 3:23 AM, Per Jessenp...@computer.org wrote:
Back to the subject line - how do I make Net::DNS::Resolver
take /etc/hosts into account?
a) of course it doesn't, /etc/hosts isn't DNS, so why would Net::DNS
look at it? :)
b) my guess is that you can't, but it's a question for
We can use antiword to render text from MSWord files, and unrtf to render text
from RTF files. What is the best tool to render text from PDF files?
(We are running Solaris 9)
L
-Original Message-
From: Jonas Eckerman [mailto:jonas_li...@frukt.org]
Sent: Wednesday, June 24, 2009
Arvid Picciani wrote:
Michael Grant wrote:
Unless I've missed a message... this is the 100th reply to this
thread. This has to be one of the longest threads I've seen on this
list in years.
Shows there is much to discuss on this matter. Isn't there a generic
spam related mailing list?
There
We can use antiword to render text from MSWord files, and unrtf to
render text from RTF files. What is the best tool to render text from
PDF files?
(We are running Solaris 9)
FWIK, antiword is the best tradeoff between speed and conversion quality.
The best converter I know of, even for
Rosenbaum, Larry M. wrote:
We can use antiword to render text from MSWord files, and unrtf to render text
from RTF files. What is the best tool to render text from PDF files?
I don't know what the best tool is, but I'm currently using pdftohtml in
XML mode (and then stripping the XML) in
On Wed, July 1, 2009 21:51, Jonas Eckerman wrote:
http://whatever.frukt.org/graphdefang/ExtractText.zip).
i had to use wget --continue to get it downloaded, is this a firewall limit ?
stalls in 8k here, so multiple wget try to get the full zip down :(
--
xpoint
Theo Van Dinter wrote:
On Wed, Jul 1, 2009 at 3:23 AM, Per Jessenp...@computer.org wrote:
Back to the subject line - how do I make Net::DNS::Resolver
take /etc/hosts into account?
b) my guess is that you can't, but it's a question for the Net::DNS
folks, not SA.
Theo, I do appreciate
Per Jessen wrote:
Theo Van Dinter wrote:
On Wed, Jul 1, 2009 at 3:23 AM, Per Jessenp...@computer.org wrote:
Back to the subject line - how do I make Net::DNS::Resolver
take /etc/hosts into account?
b) my guess is that you can't, but it's a question for the Net::DNS
folks, not SA.
Theo,
On 1-Jul-2009, at 06:47, rich...@buzzhost.co.uk wrote:
But for the paranoid will changing 50_scores.cf from;
score RCVD_IN_SORBS_BLOCK 0 # n=1 n=2 n=3
score RCVD_IN_SORBS_DUL 0 1.615 0 0.877 # n=0 n=2
score RCVD_IN_SORBS_HTTP 0 0.001 0 0.001 # n=0 n=2
score RCVD_IN_SORBS_MISC 0 0.001 0 0.353 #
just tested this plugin here, all i can say it rooks viagra out of docs rtf
files :)
well done, only problem i had was that unrtf nedd to have ${file} in the
example cf to work all else works
--
xpoint
Any examples of such active lists? I suspect a few of us would be
interested.
-Original Message-
From: J.D. Falk [mailto:jdfalk-li...@cybernothing.org]
Sent: Thursday, 2 July 2009 4:54 AM
To: users@spamassassin.apache.org
Subject: Re: SORBS bites the dust
Arvid Picciani wrote:
Michael
On Wed, Jul 1, 2009 at 6:37 AM, Sean Cardus scar...@zebrahosts.net wrote:
I've been seeing exactly the same behaviour off and on since Friday
last week. I'd not yet managed to narrow it down to a specific rule or
email, but your example triggers it every time on my i386 boxes.
Here's a
On Wed, 2009-07-01 at 16:13 -0600, LuKreme wrote:
On 1-Jul-2009, at 06:47, rich...@buzzhost.co.uk wrote:
But for the paranoid will changing 50_scores.cf from;
score RCVD_IN_SORBS_BLOCK 0 # n=1 n=2 n=3
score RCVD_IN_SORBS_DUL 0 1.615 0 0.877 # n=0 n=2
score RCVD_IN_SORBS_HTTP 0 0.001 0
56 matches
Mail list logo
