Is there any problem with completewhois.com?
I'm getting a lot of SERVFAIL querying
combined-HIB.dnsiplists.completewhois.com.
Also, a dig ns completewhois.com results in no reply if queried from my
ISP's DNS servers, while it works by directly asking to .COM's dns
servers.
I can't even reach
-
Da: Giampaolo Tomassoni [mailto:[EMAIL PROTECTED]
Inviato: lunedì 27 agosto 2007 20.22
A: 'SpamAssassin Users List'
Oggetto: completewhois.com
Is there any problem with completewhois.com?
I'm getting a lot of SERVFAIL querying
combined-HIB.dnsiplists.completewhois.com.
Also, a dig
-Messaggio originale-
Da: Kelson [mailto:[EMAIL PROTECTED]
Inviato: lunedì 27 agosto 2007 20.46
A: 'SpamAssassin Users List'
Oggetto: Re: R: completewhois.com
Giampaolo Tomassoni wrote:
Wow...
whois completewhois.com
...
Record expires on 21-Sep-2007
-Messaggio originale-
Da: Loren Wilton [mailto:[EMAIL PROTECTED]
It was written by Jennifer several years ago.
http://www.rulesemporium.com/rules/chickenpox.cf
Why it isn't in a regular sare rule? Does it behave well with
non-english
messages?
I'm going on memory here,
-Messaggio originale-
Da: SM [mailto:[EMAIL PROTECTED]
At 13:02 17-08-2007, John Rudd wrote:
Hm. This is the first I've heard of the chickenpox rule. Where
does it come from? Is it part of SARE?
It was written by Jennifer several years ago.
Da: Johnson, S [mailto:[EMAIL PROTECTED]
A few months ago I created a fake user and advertised it
in a hidden mailto on our home page. It took a few weeks
but Im getting good spam messages being dropped into this
box now. I know I can use the learn function to pull the
messages from my
-Messaggio originale-
Da: Matt Kettler [mailto:[EMAIL PROTECTED]
Inviato: martedì 14 agosto 2007 13.38
A: Claude Frantz
Cc: users@spamassassin.apache.org
Oggetto: Re: a small explanation on rule FORGED_RCVD_HELO
Claude Frantz wrote:
Matt Kettler wrote:
It looks for a HELO
Da: Daniel Aquino [mailto:[EMAIL PROTECTED]
I'm writing a perl script to train sa.
And I'm wondering how I can get the statics that sa-learn --dump magic
would give me ?
Thanks!
Which statistics?
sa-learn --dump magic only gives some infos about the bayes db status.
See:
xxx ~ # su
-Messaggio originale-
Da: Luca Bertoncello [mailto:[EMAIL PROTECTED]
Hi, list!
I use SpamAssassin 3.2.2 and I configured it to use a MySQL-DB to
manage the
Bayes and the AWL.
So, I created the table awl after the documentation, and I write all
the data
in local.cf.
All runs
-Messaggio originale-
Da: Luca Bertoncello [mailto:[EMAIL PROTECTED]
Giampaolo Tomassoni [EMAIL PROTECTED] schrieb:
It is the user in behalf of whom SA is parsing the message.
This may mean the user actually receiving the message, but in many
setups
(like, in example
-Messaggio originale-
Da: Luca Bertoncello [mailto:[EMAIL PROTECTED]
Giampaolo Tomassoni [EMAIL PROTECTED] schrieb:
What is your milter? What is your setup? This may influence stuff
like
Back'n'Whitelists as well as autowhitelist.
I use Exim and I scan the E-Mail
-Messaggio originale-
Da: Luca Bertoncello [mailto:[EMAIL PROTECTED]
Giampaolo Tomassoni [EMAIL PROTECTED] schrieb:
Ok. I can't understand if you are using spamd or amavisd, but you are
probably running SA in a daemon which instantiate SA once and then
switches
Yes
-Messaggio originale-
Da: Luca Bertoncello [mailto:[EMAIL PROTECTED]
Giampaolo Tomassoni [EMAIL PROTECTED] schrieb:
Luca, I'm meaning this behavior should be enforced only by turning
the
user_awl_sql_override_username switch on, and then the SQL 'username'
column
would
Hi everybody,
anyone knows of a SA plugin to score mails based on challenging the sender
e-mail?
I don't mean C/R, but instead just attempt an SMTP session in order to see
if the source mailbox is known to the sending domain's MX. If it isn't, the
plugin applies a score to the e-mail.
I know I
-Messaggio originale-
Da: Michele Neylon :: Blacknight [mailto:[EMAIL PROTECTED]
Giampaolo Tomassoni wrote:
Hi everybody,
anyone knows of a SA plugin to score mails based on challenging the
sender
e-mail?
I don't mean C/R, but instead just attempt an SMTP session in order
-Messaggio originale-
Da: John Rudd [mailto:[EMAIL PROTECTED]
Giampaolo Tomassoni wrote:
Hi everybody,
anyone knows of a SA plugin to score mails based on challenging the
sender
e-mail?
I don't mean C/R, but instead just attempt an SMTP session in order
to see
-Messaggio originale-
Da: Matus UHLAR - fantomas [mailto:[EMAIL PROTECTED]
...omissis...
I am really curious how do they behave when there's forged sender and
both
MTA's use this. Either they will cycle forever (so they will never know
if
either address is OK), or they will
-Messaggio originale-
Da: Per Jessen [mailto:[EMAIL PROTECTED]
http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104STORY=/www/story/07-17-2007/0004626829EDATE=
So sorry I can't deploy a CR technology since I have unix systems.
Due to this, I may, eventually, deploy an LF one.
Do
Hi Dip,
did you see http://oss.linbit.com/csync2/ ?
Most distros do supply csync2.
Ciao,
Giampaolo
-Messaggio originale-
Da: Diptanjan [mailto:[EMAIL PROTECTED]
Inviato: martedì 10 luglio 2007 14.30
A: users@spamassassin.apache.org
Oggetto: Backup SA
Hello all,
I want to
-Messaggio originale-
Da: Marc Perkel [mailto:[EMAIL PROTECTED]
A little play on words spoofing A plan for spam.
I have been testing a new technique for detecting ham that is working
quite well. It's nearly (or possibly at) 100% accurate in that what it
identifies is ham.
-Messaggio originale-
Da: Vincent Li [mailto:[EMAIL PROTECTED]
On Wed, 13 Jun 2007, Jerry Durand wrote:
Sometime later this summer I'm going to be replacing our server.
It's
currently a Mac (1.42GHz G4) running OS X Server. Since the mail
server part
of OS X needs work,
-Messaggio originale-
Da: Vincent Li [mailto:[EMAIL PROTECTED]
On Wed, 13 Jun 2007, Giampaolo Tomassoni wrote:
-Messaggio originale-
Da: Vincent Li [mailto:[EMAIL PROTECTED]
On Wed, 13 Jun 2007, Jerry Durand wrote:
Sometime later this summer I'm going
Does anybody know how they do work?
Are they just YABL (Yet Another Blocking List) or are they somehow
different?
Thanks,
-
Giampaolo Tomassoni - I.T. Consultant
Piazza VIII Aprile 1948, 4
I-53043 Chiusi (SI) - Italy
Tel/Ph: +39-0578-21100
MAI mandare un
-Messaggio originale-
Da: jdow [mailto:[EMAIL PROTECTED]
From: John D. Hardin [EMAIL PROTECTED]
On Wed, 30 May 2007, John D. Hardin wrote:
Take a look at the spamassassin procmail ruleset at
http://www.impsec/org/~jhardin/antispam/ for a starting point.
Bah. That URL
-Messaggio originale-
Da: Fletcher Mattox [mailto:[EMAIL PROTECTED]
Dan,
Just to be clear, I took that dump before I learned the 500 hams.
Here is a dump after I learned the hams. It looks normal to me.
0.000 0 3 0 non-token data: bayes db
version
-
Giampaolo Tomassoni - I.T. Consultant
Piazza VIII Aprile 1948, 4
I-53043 Chiusi (SI) - Italy
Tel/Ph: +39-0578-21100
MAI mandare un messaggio a:
NEVER send an e-mail to:
[EMAIL PROTECTED]
Da: Chris Santerre [mailto:[EMAIL PROTECTED]
-Original
Dears,
the __AOL_FROM rule in the 20_ratware.cf file from the spamassassin ruleset
looks for forged AOL From: addresses.
I'm getting some messages from @aol.co.uk which score pretty high while
looking legit.
I see the rule is a:
From:addr =~ /\@(?:aol|cs)\.com$/i
which, whenever I
-Messaggio originale-
Da: Matt Kettler [mailto:[EMAIL PROTECTED]
Giampaolo Tomassoni wrote:
Dears,
what's wrong with automatically SA-report messages scoring above a
given
threshold (say, 10-12)?
Would it be regarded as *BAD* by DCC, Pyzor, Razor, and/or SC?
Razor
-Messaggio originale-
Da: Matt Kettler [mailto:[EMAIL PROTECTED]
Giampaolo Tomassoni wrote:
Oh, really?
So why I get a DCC_CHECK only after manually reporting (with
spamassassin
-r) a spam?
I have no idea.
Are you running a check *immediately* before calling
Dears,
what's wrong with automatically SA-report messages scoring above a given
threshold (say, 10-12)?
Would it be regarded as *BAD* by DCC, Pyzor, Razor, and/or SC?
I often see that high-scoring messages are reported as spam by some of the
above-mentioned engine, but seldom by all of them.
-Messaggio originale-
Da: Duncan Hill [mailto:[EMAIL PROTECTED]
On Fri, May 18, 2007 14:50, Giampaolo Tomassoni wrote:
what's wrong with automatically SA-report messages scoring above a
given
threshold (say, 10-12)?
Would it be regarded as *BAD* by DCC, Pyzor, Razor
-Messaggio originale-
Da: Duncan Hill [mailto:[EMAIL PROTECTED]
Inviato: venerdì 18 maggio 2007 16.34
A: users@spamassassin.apache.org
Oggetto: Re: R: Question about reporting
On Fri, May 18, 2007 15:29, Giampaolo Tomassoni wrote:
1) Your server can be used in a DoS against
-Messaggio originale-
Da: Kelson [mailto:[EMAIL PROTECTED]
Inviato: venerdì 18 maggio 2007 18.19
A: 'Spamassassin'
Oggetto: Re: Question about reporting
Giampaolo Tomassoni wrote:
what's wrong with automatically SA-report messages scoring above a
given
threshold (say, 10-12
With respect to the previous Monday.
Just wondering why. Are they close to vacation and need to rise some money
to bring their children in vacation?
Anybody knows which is the pattern behind this things?
Regards,
Giampaolo
-Messaggio originale-
Da: Gregory P. Ennis [mailto:[EMAIL PROTECTED]
Everyone,
I have used spamassassin on our mail servers now for over 4 years and
have nothing but high praise for what it has done for us. However,
recently we have been hit by bounced e-mail that is related to
-Messaggio originale-
Da: Gregory P. Ennis [mailto:[EMAIL PROTECTED]
On Sun, 2007-05-13 at 15:16 +0200, Giampaolo Tomassoni wrote:
-Messaggio originale-
Da: Gregory P. Ennis [mailto:[EMAIL PROTECTED]
Everyone,
I have used spamassassin on our mail servers now
-Messaggio originale-
Da: Bart Schaefer [mailto:[EMAIL PROTECTED]
On 5/13/07, Gregory P. Ennis [EMAIL PROTECTED] wrote:
SPF seems very interesting. Does spamAssassin automatically use an
SPF
record if it exists?
There's a plugin.
Do I set up an SPF record with whoever
it is
not really mean as a production feature. I believe it would help rule
debugging a lot, however...
giampaolo
Luix
2007/5/6, Giampaolo Tomassoni [EMAIL PROTECTED]:
Dears,
I'm something in need to write custom rules in order to penalize some
kind
of messages running through my SA
, Giampaolo Tomassoni [EMAIL PROTECTED]:
-Messaggio originale-
Da: Luis Hernán Otegui [mailto:[EMAIL PROTECTED]
Well, it all depends on how do you run SA (as a content filter,
through AMAVIS, via procmail, etc). Via AMAVIS you could use the
log
parser which MrC wrote, which works
SA to put a copy of the message in some folder
when a specific rule gets triggered? That would help rule debugging on
running systems a lot...
Thanks,
-
Giampaolo Tomassoni - I.T. Consultant
Piazza VIII Aprile 1948, 4
I-53043 Chiusi (SI) - Italy
Tel/Ph: +39
-Messaggio originale-
Da: Marc Perkel [mailto:[EMAIL PROTECTED]
Been getting a few strange false positives lately. Here's something
unusual.
X-Spam-Report:
* 0.0 HTML_MESSAGE BODY: HTML included in message
* -2.0 BAYES_05 BODY: Bayesian spam probability is 1 to 5%
*
-Messaggio originale-
Da: Andrzej Adam Filip [mailto:[EMAIL PROTECTED]
...omissis...
P.S.
Sending LARTs can be automated using spamcop-ack or spamcup
http://anfi.homeunix.net/perl/spamcop-ack.pl
No need to: you can ask for a SpamCop quick account to SpamCop's admins.
Every
-Messaggio originale-
Da: Anton Melser [mailto:[EMAIL PROTECTED]
Hi,
I am writing a programme which needs to parse the summary (_SUMMARY_)
returned by SA, and after combing the docs couldn't find relevant
specs. It appears that the lines are a fixed length, but I couldn't be
-Messaggio originale-
Da: Duncan Findlay [mailto:[EMAIL PROTECTED]
...omissis...
(Then again, it might just be boring.)
It didn't seem this to me. It smells like a good work and I'm interested
in seeing the true results against the 1M messages corpus.
I'm just a SA user, but let
-Messaggio originale-
Da: Scott Lockwood [mailto:[EMAIL PROTECTED]
On Mon, 2007-04-09 at 20:09 +0200, night duke wrote:
Quisiera dar las gracias a toda la gente de la lista.
Efectivamente puedo hablar en Ingles o en castellano pero hay ciertas
cosas que quizas se entienden mejor
-Messaggio originale-
Da: Scott Lockwood [mailto:[EMAIL PROTECTED]
On Mon, 2007-04-09 at 20:46 +0200, Giampaolo Tomassoni wrote:
Nobody has an edition with the problem. The only edition is, he is
harder to help him in Spanish who English. If his English is as bad
as
my Spanish
it).
Giampaolo
-
Giampaolo Tomassoni - I.T. Consultant
Piazza VIII Aprile 1948, 4
I-53043 Chiusi (SI) - Italy
Tel/Ph: +39-0578-21100
MAI mandare un messaggio a:
NEVER send an e-mail to:
[EMAIL PROTECTED]
-Messaggio originale-
Da: Chris St. Pierre [mailto:[EMAIL PROTECTED]
On Mon, 26 Mar 2007, Giampaolo Tomassoni wrote:
By black-listing URI's host IPs, one could easily score high this
kind of
e-mails. Maybe there is also some RBL regarding web hosts, by the
way. Is
it?
You
Da: Chris Santerre [mailto:[EMAIL PROTECTED]
I think that a SA plugin which resolves URIs would be enough:
I received
some of these spams, everyone containing a URI pointing to
the very same web
No direct plugin, but URIBL will catch most of these fairly quickly.
Its not a new
-Messaggio originale-
Da: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Inviato: lunedì 26 marzo 2007 16.48
A: Giampaolo Tomassoni
Cc: 'Chris St. Pierre'; 'Larry Ludwig'; users@spamassassin.apache.org
Oggetto: Re: R: R: New method of spamming
Giampaolo Tomassoni writes
-Messaggio originale-
Da: John Rudd [mailto:[EMAIL PROTECTED]
Oggetto: Re: R: R: New method of spamming
Giampaolo Tomassoni wrote:
-Messaggio originale-
Da: Chris St. Pierre [mailto:[EMAIL PROTECTED]
On Mon, 26 Mar 2007, Giampaolo Tomassoni wrote:
By black-listing
-Messaggio originale-
Da: --[ UxBoD ]-- [mailto:[EMAIL PROTECTED]
Using a combination of numerous SA rules, bayes, FuzzyOCR and BotNet on
a new server Ive just built we are trashing the SPAM. Attached graph
is for today :-
What does received mean in the graph?
Giampaolo
-Messaggio originale-
Da: Chris St. Pierre [mailto:[EMAIL PROTECTED]
Inviato: venerdì 9 marzo 2007 15.30
A: Giampaolo Tomassoni
Cc: users@spamassassin.apache.org
Oggetto: Re: R: Make Bayes more efficient?
On Fri, 9 Mar 2007, Giampaolo Tomassoni wrote:
Sorry, my English
-Messaggio originale-
Da: Chris St. Pierre [mailto:[EMAIL PROTECTED]
Inviato: giovedì 8 marzo 2007 23.33
A: users@spamassassin.apache.org
Oggetto: Make Bayes more efficient?
We're sharing our Bayesian database (MySQL) between two MX nodes and
the database server has hit a wall.
From: David Goldsmith [mailto:[EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Setup:SA 3.1.8, Pyzor, Razor, DCC, iXhash
Botnet, FuzzyOCR 3.5.1, SARE rules, some misc rules
This message got 0 points. Does it score over 5 for anyone?
From: Jim Maul [mailto:[EMAIL PROTECTED]
Jim Maul wrote:
David Goldsmith wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Setup:SA 3.1.8, Pyzor, Razor, DCC, iXhash
Botnet, FuzzyOCR 3.5.1, SARE rules, some misc rules
This message got 0 points. Does it score over 5
From: Raul Dias [mailto:[EMAIL PROTECTED]
You need a lot more of bandwidth/memory/cpu power and disk IO to do it.
Maybe I need more bw. Why memory and cpu? I may spool spam detected this way
and my spamtrap script may despool and report it. There will be only one
running spamtrap script.
?
Thanks,
---
Giampaolo Tomassoni - IT Consultant
Piazza VIII Aprile 1948, 4
I-53044 Chiusi (SI) - Italy
Ph: +39-0578-21100
MAI inviare una e-mail a:
NEVER send an e-mail to:
[EMAIL PROTECTED]
trigger on ham.
Thank you!
---
Giampaolo Tomassoni - IT Consultant
Piazza VIII Aprile 1948, 4
I-53044 Chiusi (SI) - Italy
Ph: +39-0578-21100
MAI inviare una e-mail a:
NEVER send an e-mail to:
[EMAIL PROTECTED]
trigger on ham.
Thank you!
---
Giampaolo Tomassoni - IT Consultant
Piazza VIII Aprile 1948, 4
I-53044 Chiusi (SI) - Italy
Ph: +39-0578-21100
MAI inviare una e-mail a:
NEVER send an e-mail to:
[EMAIL PROTECTED]
-detecting messages (see partially masked code), bayes
poisoners (last text line often changes), a spammer exploding in a supernova,
or every of the above?
Thanks,
---
Giampaolo Tomassoni - IT Consultant
Piazza VIII Aprile 1948, 4
I-53044 Chiusi (SI) - Italy
Ph: +39-0578
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On 02/19/07 15:21, Giampaolo Tomassoni wrote:
([EMAIL PROTECTED])
Are they spamtrap-detecting messages (see partially masked code),
bayes poisoners (last text line often changes), a spammer exploding
in a supernova, or every
From: Jason Heiser [mailto:[EMAIL PROTECTED]
Subject: Re: Spamtrap detectors?
I have a wildcard for my domain ([EMAIL PROTECTED]) and I've received
three of these today. Here's an example of one:
Return-Path: [EMAIL PROTECTED]
Received: from murder ([unix socket])
by
From: Maciej Friedel [mailto:[EMAIL PROTECTED]
On 02/14/07 Jonathan wrote:
http://www.pbp.net/~jnichols/spam2.txt
0.0 BOTNET_NORDNS IP address has no PTR record
0.1 HTML_50_60 BODY: Message is 50% to 60% HTML
0.0 HTML_MESSAGE BODY: HTML included in message
1.0 BAYES_50 BODY:
From: Quinn Comendant [mailto:[EMAIL PROTECTED]
On Thu, 15 Feb 2007 01:18:46 +0100, Giampaolo Tomassoni wrote:
I think SARE and some network tests are even better (scores 11.5 with
my surprising Bayes :)
I agree, mine scored it in a similar way:
Content analysis details: (11.5
From: Sujit Choudhury [mailto:[EMAIL PROTECTED]
Is there an easy way to get everything needed for FuzzyOCR? Has
somebody built a complete install, so that we don't have to go to
various sites to built various bits of FuzzyOCR?
The problem with a complete package is that most component may
From: tom [mailto:[EMAIL PROTECTED]
On Feb 10, 2007, at 3:19 PM, Giampaolo Tomassoni wrote:
From: Tom Allison [mailto:[EMAIL PROTECTED]
Personally, I think HTML email should be outright discarded from
the start.
If you look at this arguement presented by the OP then it
reinforces
From: Dan [mailto:[EMAIL PROTECTED]
I've developed a new approach to scoring that I want to 1) share with
everyone and 2) make into a working system thats as accurate as what
I've already built, but easier to use. First, the theory:
SITUATION
In the beginning, all email was ham.
From: Tom Allison [mailto:[EMAIL PROTECTED]
CHALLENGE
All filtering software is written to score for results that equal
spam - catch the bad
SOLUTION
Make filtering software score for results that equal ham - uncatch
the good.
Your thoughts?
How can this method spend
From: Tom Allison [mailto:[EMAIL PROTECTED]
CHALLENGE
All filtering software is written to score for results that equal
spam - catch the bad
SOLUTION
Make filtering software score for results that equal ham - uncatch
the good.
Your thoughts?
How can this method spend
From: Miles Fidelman [mailto:[EMAIL PROTECTED]
Dan wrote:
I've developed a new approach to scoring that I want to 1) share with
everyone and 2) make into a working system thats as accurate as what
I've already built, but easier to use. First, the theory:
NEW ASSUMPTION
All
From: Raul Dias [mailto:[EMAIL PROTECTED]
Hit Control+Enter before.
I want to write a few plugins to improve SA, so I would like to know
opnions about an AWL implementation for hosts instead of addresses.
The idea is to help flag hosts as spammers.
So, if a host is a zombie/spam
From: Rich Shepard [mailto:[EMAIL PROTECTED]
With your help the amount of spam getting past the various
filters in my
inbox (and that of my fiancee) has dropped dramatically. I appreciate
learning from all of you.
The past couple of days has seen the arrival of a new mutant species
From: Rich Shepard [mailto:[EMAIL PROTECTED]
With your help the amount of spam getting past the various
filters in my
inbox (and that of my fiancee) has dropped dramatically. I appreciate
learning from all of you.
The past couple of days has seen the arrival of a new mutant species
From: Rich Shepard [mailto:[EMAIL PROTECTED]
On Sun, 28 Jan 2007, John D. Hardin wrote:
Please don't ask SA to become an antivirus or attachment file type
security policy enforcement tool. There are already very effective tools
to do perform those tasks.
We run only linux here, so
From: Michael Scheidell [mailto:[EMAIL PROTECTED]
Ok, who installed the swartasam blocker for techworld?
All of a sudden, they say that worldwide spam levels have dropped.
I don't think I see any sudden drop, was the worlds #1 spammer in that
hut in fluga that got bombed last night?
From: Andy Dills [mailto:[EMAIL PROTECTED]
...omissis...
I understand that the order keyword in select is potentially
expensive, but
necessary because matches occur generally towards the most
recent entries,
thus increasing the possibility of a match earlier on. When
your hash
conversation, different universe!
You mean that it is probably a concept to far away from the origin of someone's
comprehensibility space? :)
giampaolo
Dan
-Original Message-
From: Giampaolo Tomassoni [mailto:[EMAIL PROTECTED]
Sent: Monday, January 08, 2007 2:00 PM
To: [EMAIL PROTECTED
From: decoder [mailto:[EMAIL PROTECTED]
Hello all,
since 3.5.0 RC1 was released, we fixed many bugs, thanks to the many
testers and bug reporters :) so big thanks.
Excellent work. Thank you for your efforts in bringing it to us.
Anyway, I'm wondering why the image hashing is made that
From: decoder [mailto:[EMAIL PROTECTED]
...omissis...
What are your thoughts about?
The point is, if you use a digest, then you need an exact match, no
matter if you digest the image directly, or any of the parameters,
because digests are designed to not accept any tolerance. But the
See: http://www.ordb.org/news/?id=38
Does SA uses it somewhere somehow by default?
Regards,
Giampaolo
From: Karl Auer [mailto:[EMAIL PROTECTED]
For some time now, I have been busily accumulating bayes data by running
sa-learn on various collections of emails. As myself, so I now have a
nice big chunk o'data in ~/.spamassassin.
Since I am a newbie to SA, I didn't realise what was happening
From: Ken A [mailto:[EMAIL PROTECTED]
Just add 10 to a test that matches everything, then subtract 10 for
being in the U.S.
Yeah. And keep 10 for canada, mexico and south america...
You're beginning to speak alone, isn't it?
giampaolo
Ken A.
Pacific.Net
Robert Swan wrote:
Let's say I
From: Marc Perkel [mailto:[EMAIL PROTECTED]
OK Daryl,
How do you deal with people forwarding email from another domain when
using SPF?
Right. That's the big reason for using +all (or not using SPF at all).
Using +all means to me: Look, I - the postmaster - I'm aware of SPF, but
From: Ken A [mailto:[EMAIL PROTECTED]
Giampaolo Tomassoni wrote:
From: Ken A [mailto:[EMAIL PROTECTED]
Just add 10 to a test that matches everything, then subtract 10 for
being in the U.S.
Yeah. And keep 10 for canada, mexico and south america...
You're beginning to speak alone
.
---
Giampaolo Tomassoni - IT Consultant
Piazza VIII Aprile 1948, 4
I-53044 Chiusi (SI) - Italy
Ph: +39-0578-21100
MAI inviare una e-mail a:
NEVER send an e-mail to:
[EMAIL PROTECTED]
That doesn't prohibit either of us from running an email server at home.
From: news [mailto:[EMAIL PROTECTED] Behalf Of Mark Nienberg
I think the false positives are coming almost entirely from small
businesses running
an in-house exchange server. I also think that a lot of them use
a filtering service
like postini in front of their exchange machine,
From: Philip Prindeville [mailto:[EMAIL PROTECTED]
Any takers? ;-)
http://seeker.dice.com/seeker.epl?rel_code=1102op=5type=14docke
y=xml/7/a/[EMAIL PROTECTED]bb=0source=15
Aaaah! I need a telecommuter and I don't even know what's it...
g
-Original Message-
From: Jean-Paul Natola [mailto:[EMAIL PROTECTED]
Sent: Friday, December 08, 2006 9:09 PM
To: Giampaolo Tomassoni; users@spamassassin.apache.org
Subject: RE: This seen on Dice
From: Philip Prindeville [mailto:[EMAIL PROTECTED]
Any takers? ;-)
http
From: Rob Myroon [mailto:[EMAIL PROTECTED]
Hi,
I get a lot of e-mail where the username contains only numbers.
ex.
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
These users don't exist so postfix simply throws the e-mail away but I
am curious if anyone knows why spammers
Please note I'm not using that way, nor I'm using spamd.
That said.
From: Jeff [mailto:[EMAIL PROTECTED]
I've seen an installation where postfix handed off mail directly to
spamd, treating it as a policy server in smtpd_recipient_restrictions.
I was thinking about doing this for a server
From: san [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 29, 2006 11:33 PM
To: users@spamassassin.apache.org
Subject: Stock Spam
Hi All,
I am recieving lot of stock related spam mails which spam assassin is not
able catch as spam. I have added Sare_stcok.cf file. I cant use
0.0 HTML_MESSAGE BODY: HTML included in message
0.5 HTML_TITLE_EMPTY BODY: HTML title contains no text
It's time to switch to 3.1.7, San. Isn't it? :)
giampaolo
Giampaolo Tomassoni wrote:
From: san [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 29, 2006 11:33 PM
Ahahah!
I saw something like this in the control room of a thermic generator, just
labels was something different! :)
giampaolo
-Original Message-
From: Loren Wilton [mailto:[EMAIL PROTECTED]
Sent: Sunday, November 26, 2006 4:18 AM
To: users@spamassassin.apache.org
Subject: Re:
No answer to this?
Is this the wrong list to ask code details?
Thanks,
giampaolo
From: Giampaolo Tomassoni [mailto:[EMAIL PROTECTED]
What is $self-_userid in seen_put() and the like?
The uid of the process running SpamAssassing (i.e.: amavis) or
the message destinating user
From: Leon Kolchinsky [mailto:[EMAIL PROTECTED]
1. AFAIK it is not necessary to restart amavisd-new, after a
change in local.cf it is enough to restart spamd.
Most installations runs SA as an amavisd-new module. Spamd is not required in
that cases and a change in local.cf do needs amavisd
From: Michael Parker [mailto:[EMAIL PROTECTED]
Giampaolo Tomassoni wrote:
No answer to this?
Is this the wrong list to ask code details?
I thought I saw an answer to this alreadymaybe I was mistaken.
Mmmh, no. I guess yours is the first one.
Thanks,
giampaolo
From: Michael W Cocke [mailto:[EMAIL PROTECTED]
For what it's worth, on the system here I have a special directory on
the server set up, and when the users get a spam message they do a
'save as ascii text file' to that directory. sa-learn runs thru that
directory every half hour. Just a
From: Nix [mailto:[EMAIL PROTECTED]
On 26 Nov 2006, [EMAIL PROTECTED] told this:
From: Nix [EMAIL PROTECTED]
On 20 Nov 2006, Giampaolo Tomassoni spake thusly:
That's not even mentioning the metaprogramming and higher-order
programming techniques that we use extensively
From: Kelly Jones [mailto:[EMAIL PROTECTED]
Thanks to everyone who is replying here. Additional replies/comments
always appreciated.
What started me thinking about this is this non-intuitive but
mathematically valid paradox that Bookworm and others have noticed:
If 95% of all email is
201 - 300 of 413 matches
Mail list logo