amavisd uses the spamassassin libraries internally, it does not use the
spamassassin command, nor spamd. If you update parts of the config,
you'll need to reload/restart amavisd.
Aah... I must have missed that bit of the fabulous manual... ;-(
On Thu, 11 Jun 2015 01:00:45 +0200
Reindl Harald wrote:
> cache-min-ttl: 600
Even a 10-minute cache time buys you very little. My original analysis
assumed a 15-minute TTL.
Regards,
Dianne.
Am 10.06.2015 um 16:18 schrieb Dianne Skoll:
On Wed, 10 Jun 2015 13:56:49 +
David Jones wrote:
[One should run a caching DNS server on a mail server.]
We are giving you solid advice based on real experiences where we
ran into problems and worked around them. Just try to enable RBLs
and
On Wed, Jun 10, 2015 at 9:56 AM, David Jones wrote:
>>> given that install unbound as local resolver takes 2 minutes it's even not
>>> worth to argue on that topic and a spamfilter without RBL's and URIBL's is
>>> just nonsense
>
>>I have installed a caching DNS server before (albeit probably abou
On 6/10/2015 4:42 PM, Michael Grant wrote:
I'm using 0.3.2 which seems to be the latest version available for
Debian. It does appear that 0.4.0 hasn't hit Debian yet.
If I am reading the code correctly, the only change in 0.3.2 to 0.4.0 in
the relevant section is to use strdup, i.e.
On 6/10/2015 4:34 PM, David B Funk wrote:
What version of spamass-milter are you using?
Older versions of spamass-milter used a "system" call to invoke "spamc"
and feed it messages, thus had a glaring security vulnerability.
That was fixed a while ago, you need to update your spamass-milter.
I'm using 0.3.2 which seems to be the latest version available for Debian.
It does appear that 0.4.0 hasn't hit Debian yet.
On Wed, Jun 10, 2015 at 10:34 PM, David B Funk wrote:
> On Wed, 10 Jun 2015, Michael Grant wrote:
>
> I'm running Debian, sendmail, spamass-milter, spamc and spamd.
>>
>>
On Wed, 10 Jun 2015, Michael Grant wrote:
I'm running Debian, sendmail, spamass-milter, spamc and spamd.
I saw this in my log:
Jun 9 20:30:29 debian sm-mta[15942]: t5A0ULAA015942: to=<--u...@example.com>
then I saw this:
Jun 9 20:30:29 strange spamc[15947]: invalid usage
Jun 9 20:30:29 stra
I'm running Debian, sendmail, spamass-milter, spamc and spamd.
I saw this in my log:
Jun 9 20:30:29 debian sm-mta[15942]: t5A0ULAA015942: to=<--u...@example.com
>
then I saw this:
Jun 9 20:30:29 strange spamc[15947]: invalid usage
Jun 9 20:30:29 strange spamass-milter[1770]: Thrown error: po
On Wed, 10 Jun 2015, Shane Williams wrote:
Two examples that I know are legitimate senders, but get caught by DCC
(and pyzor in some cases) and other rules that push them over the
threshold are the SourceForge.net Project of the Month list and
various Netflix emails to customers (New Arrivals or
I know it's not a SpamAssassin specific question, but I suspect there
are more sophisticated DCC users collected here than anywhere else.
Bottom line, can someone explain in not-overly jargony language what
the actual dcc whitelist entries should look like (ideally with
examples), as well as what
On Wed, 10 Jun 2015, John Hardin wrote:
On Wed, 10 Jun 2015, Ben wrote:
Hi,
Does SA have pre-existing tests that look for this sort of thing (so I can
just boost the score a little bit), or does anyone have any ideas how I
might counter such spam ?
Look at this fine specimen as an examp
On Wed, 10 Jun 2015, Ben wrote:
Hi,
Does SA have pre-existing tests that look for this sort of thing (so I can
just boost the score a little bit), or does anyone have any ideas how I might
counter such spam ?
Look at this fine specimen as an example :
http://pastebin.com/raw.php?i=XjV94PMW
On Wed, 10 Jun 2015, David Jones wrote:
[One should run a caching DNS server on a mail server.]
My point was that running a local caching server is the only way one
can know exactly how the lookups are happening. If you point to a
DNS server that you don't manage, it could be forwarding to an
On 10-06-15 17:25, Ben wrote:
> I have a curious conundrum.
>
> A piece of spam received shows the following in the header when
> processed via amavis and spamd :
> DATE_IN_PAST_03_06,
> HTML_MESSAGE,
> RCVD_IN_BL_SPAMCOP_NET,
> RCVD_IN_MSPIKE_H4,
> RCVD_IN_MSPIKE_WL,
> RDNS_DYNAMIC,
> SHORTENED
On Wed, 10 Jun 2015, Bill Cole wrote:
> (2) Check the HELO the other guy sends and reject if it's not a FQDN
> (i.e. it's not got any periods at all).
or if it's your FQDN, or your IP - they should use their FQDN, not yours.
And if you don't/can't use a greeting pause, these are useful in
On Wed, 10 Jun 2015, Kevin A. McGrail wrote:
On 6/10/2015 12:45 AM, Michael B Allen wrote:
But I just can't
bring myself to install a caching DNS server and run everything
through localhost. This is why software should be librarified.
I strongly advise you to install a caching DNS server a
I have a curious conundrum.
A piece of spam received shows the following in the header when
processed via amavis and spamd :
DATE_IN_PAST_03_06,
HTML_MESSAGE,
RCVD_IN_BL_SPAMCOP_NET,
RCVD_IN_MSPIKE_H4,
RCVD_IN_MSPIKE_WL,
RDNS_DYNAMIC,
SHORTENED_URL_SRC
But when the exact piece of Spam is fed d
On Wed, 10 Jun 2015 14:56:40 +
David Jones wrote:
> My point was that running a local caching server is the only way one
> can know exactly how the lookups are happening.
Ah, true. I missed that point I guess.
Regards,
Dianne.
>[One should run a caching DNS server on a mail server.]
>> We are giving you solid advice based on real experiences where we
>> ran into problems and worked around them. Just try to enable RBLs
>> and see how it works for you.
>I'm not disputing that running a caching DNS server is a good idea,
Hi,
Not everyone is running a dedicated mail server. My server is an
everything-server running on a hosted VPS that only has a few "users"
that get significant amounts of email. I'm not sure I want another
daemon that can break or take up clock cycles and memory on a system
processing 10 spams /
On 9 Jun 2015, at 14:39, Matus UHLAR - fantomas wrote:
On 09.06.15 11:29, John Hardin wrote:
Two things that I have found very useful at the MTA level are:
(1) Delay sending your SMTP banner a second or two and reject any
sender that starts sending information before that. This is a
built-in
On 6/10/2015 10:18 AM, Dianne Skoll wrote:
I'm not disputing that running a caching DNS server is a good idea, but
you may be quite surprised at the low cache hit rate for IP-based DNSBLs.
IMO, the primary goal of a caching-only nameserver is in fact, not the
caching, but rather the unique sourc
On Wed, 10 Jun 2015 13:56:49 +
David Jones wrote:
[One should run a caching DNS server on a mail server.]
> We are giving you solid advice based on real experiences where we
> ran into problems and worked around them. Just try to enable RBLs
> and see how it works for you.
I'm not disputin
>> given that install unbound as local resolver takes 2 minutes it's even not
>> worth to argue on that topic and a spamfilter without RBL's and URIBL's is
>> just nonsense
>I have installed a caching DNS server before (albeit probably about 15
>years ago). But it just shouldn't be necessary.
It
Am 10.06.2015 um 15:49 schrieb Michael B Allen:
By "librarified" I mean the DNS "server" is just a code context that
can be constructed with it's own config precisely and only as needed
by the software that will be querying it (possibly temporarily if it's
just client-only activity like a barrag
On Wed, Jun 10, 2015 at 7:25 AM, Reindl Harald wrote:
>
>
> Am 10.06.2015 um 13:21 schrieb Kevin A. McGrail:
>>
>> On 6/10/2015 12:45 AM, Michael B Allen wrote:
>>>
>>> But I just can't
>>> bring myself to install a caching DNS server and run everything
>>> through localhost. This is why software
>> - Enable RBLs and DBLs. zen.spamhaus.org is the best way to block the
>>majority of junk before it reaches SA. Just make sure you are below their
>>free threshold limit. One important way to do this is
>"One important way to do this" in terms of the Spamhaus threshold limit
>is to no
On 6/10/2015 7:46 AM, Ben wrote:
Well I had no idea about the existence of KAM.cf, so I bask in your
infinite glory. ;-)
Why isn't KAM.cf more heavily publised on spamassassin.org as
something worth thinking about ? You do have a page about third-party
rules IIRC, but don't remmeber seeing
>> Some of the best and easiest things you can enable to block spam are
>> outside of SpamAssassin at your MTA (sendmail, postfix, etc.).
>> - Enable RBLs and DBLs. zen.spamhaus.org is the best way to block the
>> majority of junk before it reaches SA. Just make sure you are below their
>> fr
On 10/06/2015 12:32, Kevin A. McGrail wrote:
I'm hitting over spam threshold on the message and have a simple redir
for Google match in KAM.cf.
1.0 KAM_GOOGLE_STRING URI: Use of Google redir appearing in spam
July
2006
0.0 HTML_MESSAGE BODY: HTML
On 6/10/2015 5:27 AM, Ben wrote:
Hi,
Does SA have pre-existing tests that look for this sort of thing (so I
can just boost the score a little bit), or does anyone have any ideas
how I might counter such spam ?
Look at this fine specimen as an example :
http://pastebin.com/raw.php?i=XjV94PMW
Am 10.06.2015 um 13:21 schrieb Kevin A. McGrail:
On 6/10/2015 12:45 AM, Michael B Allen wrote:
But I just can't
bring myself to install a caching DNS server and run everything
through localhost. This is why software should be librarified.
I strongly advise you to install a caching DNS server
On 6/10/2015 12:45 AM, Michael B Allen wrote:
But I just can't
bring myself to install a caching DNS server and run everything
through localhost. This is why software should be librarified.
I strongly advise you to install a caching DNS server and using a few RBLs.
regards,
KAM
Am 10.06.2015 um 13:17 schrieb Kevin A. McGrail:
On 6/10/2015 2:32 AM, Matus UHLAR - fantomas wrote:
I'm not sure whether or not I have enabled requiring valid rDNS... given
how many legitimate mailservers out there don't have proper rDNS,
how many? I'm happy to block them for years...
Fr
On 6/10/2015 2:32 AM, Matus UHLAR - fantomas wrote:
I'm not sure whether or not I have enabled requiring valid rDNS... given
how many legitimate mailservers out there don't have proper rDNS,
how many? I'm happy to block them for years...
From what I've see, the effectivness and false positive
On Jun 10, 2015, at 12:32 AM, Matus UHLAR - fantomas wrote:
> FEATURE(`block_bad_helo')
> define(`confALLOW_BOGUS_HELO', `False')
Argh, unfortunately, that feature is only on sendmail 8.14 and higher, which
means RHEL/CentOS 6 or higher. For those of us running RHEL/CentOS 5, that's
only avai
Am 10.06.2015 um 11:27 schrieb Ben:
Does SA have pre-existing tests that look for this sort of thing (so I
can just boost the score a little bit), or does anyone have any ideas
how I might counter such spam ?
Look at this fine specimen as an example :
http://pastebin.com/raw.php?i=XjV94PMW
Co
- Enable RBLs and DBLs. zen.spamhaus.org is the best way to block the
majority of junk before it reaches SA. Just make sure you are below their
free threshold limit. One important way to do this is
"One important way to do this" in terms of the Spamhaus threshold limit
is to not be
Hi,
Does SA have pre-existing tests that look for this sort of thing (so I
can just boost the score a little bit), or does anyone have any ideas
how I might counter such spam ?
Look at this fine specimen as an example :
http://pastebin.com/raw.php?i=XjV94PMW
See how they cunningly use "http
40 matches
Mail list logo
