unsubscribe
remove
I have also noticed a lot of emails coming from valid domain services. I
have also noticed many of the stolen accounts are used to authenticate with
my blog posting engine to post spam to my blogs. It never reaches the blog
because I approve each entry, but it's been happening with increased
You're asking for help, being rude about it will not get you very far.
Little google search foo:
http://www.section6.net/wiki/index.php/Setting_up_Postfix_Spamassassin_Amavi
sd_Clamav
Without avis:
http://www.xtarutaru.com/2009/04/16/spamassassin-clamav-postfix-without-amav
is-debian/
There
Wow, I knew this was coming at some point. I just figured it was too
expensive.
My suggestion would be to use graylisting, force them to send that 1MB
message twice. Course zombie bots don't do that generally, so you would
never even have to deal with it. You could also use the botnet
Graylisting does work. We have been using SQLGrey
(http://sqlgrey.sourceforge.net/) for three years now. The minute I turned
it on, spam to my junk email folder(what SA used to catch) dropped by 90%.
SQLGrey sits at the MTA level, so it hits the sender when they connect and
before they actually
I use ClamAV and SA too. My understanding is that you do not want to
continue processing an email if it is already seen as a virus(saves
processing time by the spam server). Keep in mind that some users also have
their AV on another box. I also use the short circuit plugin and a script
to bump
What about the ShortCircuiting Ruleset? Not sure if it would completely
stop emails from getting chewed on.
The other option would be not sending them to SA. I don't know what MTA
your using, but I know you can setup another postfix instance on the same
server and by configuration you could
I have heard that the sonicwall email security appliance is pretty good. It
gets expensive per user, but they have desktop controls in outlook.
The other one is the service offered by mcaffee enterprise... I don't
remember the name, but its essentially a service they host and your mail
server
If your using postfix, you could create a bash script that reads the email
as its passed back to postfix from SA, matches text and then sends that
matching email to a specific user. You could even set it up to send to
different mailboxes based on matching different text.
If your interested, I
I don't know about updates.. But this lists current and old ones but not
comparisons:
http://spamassassin.apache.org/tests.html
-Original Message-
From: Gigi Albertosi [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 07, 2008 2:37 PM
To: users@spamassassin.apache.org
Subject: rules
: Thursday, August 07, 2008 3:38 PM
To: Brent Kennedy; users@spamassassin.apache.org
Subject: Re: Receiver Based Spam Scoring
So, the more pissed off a user is that his email is getting blocked, the
more you want to block?
I SORTA understand the (mis-understanding) that recipient based reputation
Couple of things:
SA:
Closest thing I have found to this has been a plugin/ruleset called
shortcircuit which causes spamassassin to stop scanning an email if a
particular rule is hit. The rules are configured in the .cf file of short
circuit.
Is there a Linux based equivalent to the abaca system of using spam scores
of people who get the most spam and then judging emails based on that
aggregate number?
Brent Kennedy, MCSE, MCDBA, Linux+
Web Developer/Networking and Systems Engineer
I don't mean to rain on the botnet plugin parade, but when I tried it, my
mail queue slowed to a crawl. Mail became backed up pretty quickly with
processing taking upwards of 10 minutes a message.
Is there something in the config that I missed or it this plugin only meant
for small
Yes, I use a local DNS server.. Which does cache.
It was a little while ago, so I don't know if I still have mail logs that I
can look at.
-Brent
-Original Message-
From: John Rudd [mailto:[EMAIL PROTECTED]
Sent: Monday, August 06, 2007 1:17 PM
To: Brent Kennedy
Cc: users
How did you setup your spamtrap address with postfix.. Do you have them
delivered after they are scanned by spamassassin or do you scan them and
send them on from there? If you bypass SA, how are you doing that?
If you don't mind, what tarpit settings are you using?
I am using the following:
I just upgraded to 3.2.0 from 3.1.7 and now when I send:
killall -HUP spamd
It just says: spamd: no process killed
But, when I do a ps -ef, there is a spamd and two child processes. This
worked fine in 3.1.7, so I don't know what changed in 3.2 to make it more
resistant to killall.
I have a
Does anyone have or know where to get a web report for the bayes db in
mysql?
Thanks
-Brent
Dooh
Did they fix this in 3.2.1?
-Original Message-
From: Daryl C. W. O'Shea [mailto:[EMAIL PROTECTED]
Sent: Monday, June 11, 2007 5:26 PM
To: Brent Kennedy
Cc: 'SpamAssassin'
Subject: Re: Stop start issue with slackware
Brent Kennedy wrote:
I just upgraded to 3.2.0 from 3.1.7
I just upgraded to 3.1.7 and I just wanted to make sure that clamav is still
run via the pm file and not some how enabled via a .pre file.
Thanks
-Brent
Woops I meant .cf file not pm file.
I just wanted to make sure this is still accurate:
http://wiki.apache.org/spamassassin/ClamAVPlugin
-Original Message-
From: Brent Kennedy [mailto:[EMAIL PROTECTED]
Sent: Tuesday, January 16, 2007 3:18 PM
To: users@spamassassin.apache.org
Subject
Newbie is a derogatory term and to call yourself a newbie is like calling
yourself a moron(no offense).
From Wiki:
A newbie is a newcomer to a particular field, the term being commonly used
on the Internet, where it might refer to new, inexperienced, or ignorant
users of a game, a newsgroup, an
Nice, I like that! Most of our spam also comes in during the wee hours of
the morning.. I think adding a half point or even a point would help even
more. Though, I have trained and continue to train both of my servers and
they are pretty effective.
We get 3500 mails a day of which 70% are
Just a quick question. If I add an entry into the configuration file to
block all emails sent from [EMAIL PROTECTED], that should block
anyone trying to send emails into my mail server using my companies domain
as a spoof. The question is.. Will this end up quarantining all emails sent
to
I like the idea.. But based on its current setup, spammers who probably
read this list, will most likely just feed good feedback about their mail
servers through those servers and corrupt the data. You would need to have
some sort of login and a way to track what was put in the database so if
I took a look at them as a way to possibly go to a gui spam server because
some of the other admins at my company are not linux gurus by any stretch,
but these lacked some of the necessary functionality that would give me
cause to actually pay for one. Course.. If anyone doesn't know.. Use
Title: SPAM: Tangled web of fun
LOL, thats pretty sad. Stupid cons have ruined the
internet flea market.
From: Chris Santerre
[mailto:[EMAIL PROTECTED] Sent: Tuesday, May 09, 2006
1:07 PMTo: Spaml (E-mail); Spamassassin-Talk
(E-mail)Subject: SPAM: Tangled web of fun
Alright, so
I am trying my best to explain to a non-technical person how spamassassin
works. The other issue I have is that I am trying to explain to them why
they need to drag mail to a public folder so the server can learn it as
spam. They say they are doing it but they get the message several times a
]
Sent: Wednesday, May 03, 2006 1:47 PM
To: Brent Kennedy
Cc: users@spamassassin.apache.org
Subject: Re: Silly Question
Brent Kennedy wrote:
Here is my explanation for how spamassassin learns email as
spam(laymans
terms):
1. Users receive the junk email
2. The users who received the junk
cleared.
You did remind me to correct a PTR issue with brighthouse/road runner for
our domain. Anyone else have a problem with getting them to do a reverse
PTR?
-Brent
-Original Message-
From: Greg Allen [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 03, 2006 1:32 PM
To: Brent Kennedy
I could get away with adding points for it (does that already happen?),
but outright blocking is not a good idea unless the criteria is very close
to 100%.
Is there a way? I haven't seen one other than using postfix to block
servers that connect that don't have reverse pointers. My problem
PROTECTED]
Sent: Wednesday, May 03, 2006 4:06 PM
To: Brent Kennedy
Cc: users@spamassassin.apache.org
Subject: Re: Silly Question
Brent Kennedy wrote:
Wow.. You definitely went the opposite direction. Although, I did
appreciate a well written explanation of the bayes system.
Well, I intentionally went
can also say that it does run better with more rules on a nice
solid hardware platform.. I currently use dual 2.8 Pentiums with 2Gigs of
ram with a hardware raid one.
Brent Kennedy
www.scsorlando.com
: Friday, December 09, 2005 11:47 AM
To: users@spamassassin.apache.org
Subject: RE: Stats question...
You can use:
sa-stats.pl -s d-m- -e d-m-
Possibly takes other date/time formats, haven't really tried it.
-Original Message-
From: Brent Kennedy [mailto:[EMAIL PROTECTED]
Sent
Is there a setting in the 3.0.x version that allows you to set the time and
what is the command line for that? I looked thru the script and I see a
reference to $time but I don't see what's needed to set it.
Currently I am using ./sa-stats.pl -n 40 -w stats.html to generate the
results.
36 matches
Mail list logo
