Perhaps just check your old notes? :-P
https://lists.apache.org/thread/6fspd1my9xjdjbz16zp7dk66vn44xccz
On Wed, Apr 10, 2024 at 10:42:35PM -0400, Alex wrote:
> Hi,
>
> I'm noticing DCC is triggering on emails with an empty body. I'd like to
> create a hash that matches messages with
That page had it all wrong from the beginning. Adjusting priority only for
subrules but not the metas (yes metas don't use priorities in 4.0 but
relative priorities are still adjusted for backwards compatibility,
__CLAMAV* end up as priority 0 like everything else).
The logical way to handle
On Sat, Jul 22, 2023 at 10:13:42AM +0200, Benny Pedersen wrote:
> Henrik K via users skrev den 2023-07-22 06:50:
>
> > > | gvk | unwhitelist_from|
> > > grant.kel...@sonic.com | 7421538 |
> > > | gvk | whitelist_from | *@sonic.com |
On Fri, Jul 21, 2023 at 05:06:07PM -0700, Grant Keller wrote:
> >
> > select username, value from userpref
> > where username = _USERNAME_ or username = '@GLOBAL'
> > order by username asc;
> I don't think the query result order masters here, from what I could
> gather in the spamassassin source,
On Thu, Jul 20, 2023 at 04:14:05PM -0700, Grant Keller wrote:
> Could be me doing something wrong, but I can't get Welcome/unwelcome
> lists to work the way I expect them to. We are running Spamassassin
> 4.0.0 on Centos 7.9 and have the user configs stored via mysql. Custom
> scores, Welcomelist,
On Tue, Jun 06, 2023 at 12:12:10AM -0400, Bill Cole wrote:
>
> Escape the @ with a \
> SA uses Perl, so you need to escape %, @, and $ in regular expressions.
Perl regular expressions does not mean it's parsed as Perl code, no need to
quote such things on any remotely modern SA version.
On Sat, Jun 03, 2023 at 08:03:38PM +0200, Benny Pedersen wrote:
> Jun 3 19:51:15.822 [17570] dbg: authres: skipping header, unknown property
> for spf/smtp: mfrom
Fixed this:
https://svn.apache.org/viewvc?view=revision=1910234
On Mon, May 15, 2023 at 08:52:23PM -0500, Robert Nicholson wrote:
> I remember writing in the past about what I saw in the debugger when running
> SA 3.4.6
>
> It seems that 4.0.0 seems even noisier.
>
> Again this is my programmatically calling SpamAssassin in a perlscript.
>
> I’ve checked
On Fri, May 12, 2023 at 08:31:19AM -0400, Greg Troxel wrote:
>
> It might be more common, but it's very surprising to me, because the
> manual page documents that () works
Let's face it, lot of the stuff in SA including documentation is probably
over decade old. And documentation is always the
On Fri, May 12, 2023 at 07:12:35AM -0400, Greg Troxel wrote:
> Henrik K writes:
>
> > From what I've seen, it's very uncommon to use this format. Why rely on
> > some vague previously defined score, which can change at any time? Just set
> > a static score you l
On Thu, May 11, 2023 at 11:21:20AM -0400, Greg Troxel wrote:
>
> But is it good practice for the main distributed rules to rely on this
> default? It feels like a lint/pedantic error to define a rule that is
> not T_ or __ and does not have an assigned score. But maybe this is
> common and
On Sun, Apr 30, 2023 at 01:19:53PM +0300, Henrik K wrote:
>
> Looking at the code, not sure if the is_admin attributes are correct in all
> the plugins or not, maybe someone can check if they actually work properly
> per-user and fix for 4.0.1.
Committed fixes for a bunch of modules,
On Sun, Apr 30, 2023 at 10:36:07AM +0200, i...@servermx.com wrote:
> thanks John Hardin and Henrik K,
> The parameters "use_pyzor" and "use_razor2"think are correct -
> https://spamassassin.apache.org/full/3.0.x/dist/doc/Mail_SpamAssassin_Conf.html
> I think
>
On Sat, Apr 29, 2023 at 12:42:43PM +0200, i...@servermx.com wrote:
> Hello,
>
> we have installed Spamassassin (debian 11.6) vesion 4.0 from source.
> With backend MariaDB 10.5.18-MariaDB-0+deb11u1 - Debian 11.
>
> Spamassassin is raising these messages
>
> info: config: not parsing,
On Thu, Apr 27, 2023 at 01:45:58AM +0200, Matija Nalis wrote:
>
> - complex but emulating browser behaviour better:
> Add full handling of relative URIs. i.e. have push_uri() detect all
> relative URIs and convert them to absolute URIs before adding them
> to the list of URIs.
If you would
On Fri, Mar 17, 2023 at 12:24:39PM -0400, Michael Grant via users wrote:
> On Fri, Mar 17, 2023 at 04:03:03PM +0100, Benny Pedersen wrote:
> > Michael Grant via users skrev den 2023-03-17 09:52:
> >
> > > What do people do to keep things up to date easily?
> >
> > i just use gentoo, or freebsd,
On Fri, Mar 17, 2023 at 05:34:37AM -0400, Michael Grant via users wrote:
> On Fri, Mar 17, 2023 at 11:26:21AM +0200, Henrik K wrote:
> > On Fri, Mar 17, 2023 at 04:52:41AM -0400, Michael Grant via users wrote:
> > > Is there a recommended way of installing a spamassassin plug
On Fri, Mar 17, 2023 at 04:52:41AM -0400, Michael Grant via users wrote:
> Is there a recommended way of installing a spamassassin plugin on
> debian (or ubuntu) such that the plugin gets updated via say apt? I'm
> guessing no because I don't see many spamassassin plugins when I do an
> "apt
On Mon, Mar 06, 2023 at 11:04:09PM +0100, Benny Pedersen wrote:
> Henrik K skrev den 2023-03-06 17:12:
>
> > It's clamav-milter doing dumb things. Looking at the source code it
> > just
> > resolves the address at startup and keeps using the IP indefinitely.
> >
On Mon, Mar 06, 2023 at 11:59:03AM +, Marc wrote:
>
>
> I recently had an issue where mail was temporarily rejected because
> clamav-milter/spamass-milter could not connect to clamd/spamd. Clamd/Spamd
> are a tasks that can automatically change hosts and thus their ips. A simple
> restart
On Wed, Mar 01, 2023 at 04:46:27PM +0100, Matus UHLAR - fantomas wrote:
>
> 1. "header.a=rsa-sha256" and "header.s=hege2" options in
> Authentication-Results: for dkim where "a" contains algorithm and "s" the
> used selector.
>
> 2. unknown "arc" Authentication-Results: header
>
> removing
ee AuthRes plugin mention in .pre files nor in SA rules.
>
> On 01.03.23 11:28, Henrik K wrote:
> > Because it's experimental and unfinished.
>
> this is the info I was searching for :-)
Apparently any info was removed from UPGRADE too
https://bz.apache.org/SpamAssassin/show_bug
On Wed, Mar 01, 2023 at 09:56:56AM +0100, Matus UHLAR - fantomas wrote:
>
> I have SA 4.0 installed and Mail::SpamAssassin::Plugin::AuthRes available.
>
> However, I don't see AuthRes plugin mention in .pre files nor in SA rules.
Because it's experimental and unfinished.
> I will try to load it
On Thu, Feb 16, 2023 at 10:18:50AM +0100, hg user wrote:
> I was investigating a bunch of bitcoin spam: different titles,
> different senders (all from gmail), different text, different pdf
> attachment.
>
> Unfortunately in those days my bayes db was polluted and they all got
> a BAYES_50, 0.8.
On Fri, Jan 13, 2023 at 02:42:51PM -0300, entregabili...@donweb.com wrote:
> Hello, I would like to ask about the following error that we have:
>
> plugin: eval failed: Can't locate object method "rule_ready" via package
> "Mail::SpamAssassin::PerMsgStatus" at
>
There's no need for any rules:
whitelist_to us...@example.com
whitelist_to *@domain.com
And adjust USER_IN_WHITELIST_TO for score.
(welcomelist_to / USER_IN_WELCOMELIST_TO in 4.0)
On Wed, Jan 11, 2023 at 04:56:21PM -0800, Loren Wilton wrote:
> ?
> Why not do a simple rule rather than
On Thu, Jan 12, 2023 at 04:01:02AM +0100, Benny Pedersen wrote:
>
> my changes does nothing to datafeed users, but it
> makes big diffrenses to free usage
Makes zero difference how the rules are called, SA never sends duplicate
physical queries, they are cached and reused.
On Mon, Jan 09, 2023 at 07:16:00PM +0100, Benny Pedersen wrote:
>
> > If you need _ASNCIDR_ tag you have to switch to dns queries.
>
> is this still not possible with GeoIPLite2-ASN ?
Broken record?
There is no GeoIP API to query IP and get CIDR. The database is mapping of
IP to AS string,
On Sun, Jan 08, 2023 at 04:23:11PM -0500, Charles Sprickman wrote:
> What did you end up with?
>
> I have a bunch of zero rules for these yet still keep getting the
> "administrative notice" from sbl/zen.
>
> The fact that those guys don't just send out a "yes, this is on by default in
>
On Wed, Dec 28, 2022 at 09:30:30AM -0500, Michael Orlitzky wrote:
> On Wed, 2022-12-28 at 16:20 +0200, Henrik K wrote:
> >
> > Common sense would ask that how is SPF harmful for the user? One would
> > think it would be actually desirable like any other network lookups, tha
And it is even mentioned in the UPGRADE notes:
- The HashBL plugin in 342.pre is now enabled by default.
(sad typo in the filename)
On Wed, Dec 28, 2022 at 04:21:45PM +0200, Henrik K wrote:
>
> This was discussed and approved in some of the 4.0.0 bugs. There should be
> no need t
ply it was enabled in 3.4.2.
> We should not have changed a past pre file for the 4.0.0 release IMO but
> added it to the 4.0.0.pre file. Such is life. Should we fix it for 4.0.1?
>
> On 12/28/2022 9:07 AM, Henrik K wrote:
> > Just keep in mind that HashBL is only enabled for
On Wed, Dec 28, 2022 at 09:10:13AM -0500, Michael Orlitzky wrote:
>
> Without disabling the plugin, how would that work? If the user happens
> to install Mail::SPF as a dependency of something else and if the
> plugin is *not* disabled, spamassassin will (surprise!) start using SPF
> against the
On Wed, Dec 28, 2022 at 04:06:01PM +0200, Henrik K wrote:
> On Wed, Dec 28, 2022 at 01:58:55PM +, Riccardo Alfieri wrote:
> > On 28/12/22 14:44, Henrik K wrote:
> >
> > > It is enabled by default for new installs in v342.pre (old users must
> > > enable
>
On Wed, Dec 28, 2022 at 09:04:09AM -0500, Kevin A. McGrail wrote:
>
> However, both URIDNSBL and HashBL are enabled by default from checking the
> source code.
Just keep in mind that HashBL is only enabled for fresh 4.0.0 installs, it
wasn't default previously.
On Wed, Dec 28, 2022 at 01:58:55PM +, Riccardo Alfieri wrote:
> On 28/12/22 14:44, Henrik K wrote:
>
> > It is enabled by default for new installs in v342.pre (old users must enable
> > it manually). But like with any other loadable plugin, one MUST check use
>
On Wed, Dec 28, 2022 at 01:35:22PM +, Riccardo Alfieri wrote:
> On 28/12/22 14:20, Kevin A. McGrail wrote:
>
> > Do you have hashbl plugin enabled?
> >
> >
> Ah, I thought it was enabled by default in SA 4.0.
It is enabled by default for new installs in v342.pre (old users must enable
it
On Wed, Dec 28, 2022 at 02:29:03PM +0100, Benny Pedersen wrote:
>
> i will like to see default all plugins disabled, and a install howto enabled
> needed plugin as needed, there is not anypoint on enabled all, and all it
> gets is dns refused .
>
> or some *_BLCOKED like apache infra cant
On Wed, Dec 28, 2022 at 08:20:04AM -0500, Philippe Chaintreuil via users wrote:
>
> So there's desire that if a user doesn't want Mail::SPF installed, and
> SpamAssassin doesn't REQUIRE it (which it doesn't), it shouldn't be force
> installed. But for SpamAssassin to work as installed, that
tribution
> package
> maintainers. This is definitely one that is not the right decision.
>
> Do we have a contact at Gentoo?
>
> Regards, KAM
>
> On Wed, Dec 28, 2022, 04:38 Henrik K <[1]h...@hege.li> wrote:
>
> On Mon, Dec 26, 2022 at 01:57:20PM -050
On Mon, Dec 26, 2022 at 01:57:20PM -0500, Philippe Chaintreuil via users wrote:
> On 12/25/2022 4:38 PM, Sidney Markowitz wrote:
> > I can get exactly that set of error messages by commenting out the
> > loadplugin for URIDNSBL in rules/init.pre or deleting the file
> > rules/init.pre completely,
On Mon, Dec 26, 2022 at 11:54:12AM +0100, Giovanni Bechis wrote:
>
> dnsbl_subtests.t tests runs even with run_net_tests=n (fixed few minutes
> ago in trunk)
The fix is not needed.
dnsbl_subtests.t starts a _local_ nameserver and never sends queries to
public internet.
The intention of
On Wed, Dec 21, 2022 at 08:43:18AM +0100, Matus UHLAR - fantomas wrote:
> > DKIM_INVALID 0.1 DKIM or DK signature exists, but is not valid
> >
> > DKIM_SIGNED 0.1 Message has a DKIM or DK signature, not
> > necessarily valid
> >
> > HTML_FONT_LOW_CONTRAST 0.001 HTML
On Tue, Dec 06, 2022 at 02:35:44PM +0100, Wolfgang Breyha wrote:
> Hi!
>
> I'm using SA 4 trunk and tried the urinsrhsbl. Not sure if this is a bug or
> abuse on my side.
>
> I already have two RBLs... one
> uribl.example.at
> and one
> uriblfull.example.at
>
> The first does not use "tflags
rule that's very
> high scoring and end up with a mis classification.
>
> From what I understand that is the real world scenario of what it's occurring.
>
> At a minimum we would have to announce this change for people to look at their
> short circuit rules.
>
> What are your t
A. McGrail wrote:
> I have not checked but does the short circuiting actually work? The goal of it
> is to lower the resource usage of the tool. If it continues to run and
> generate
> longer than we have a problem still.
>
> On Sun, Dec 4, 2022, 08:50 Henrik K <[
Fixed simply with some rule changes as described in the bug.
On Tue, Nov 29, 2022 at 05:28:00PM -0500, Kevin A. McGrail wrote:
> https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8078 is now open on this
> issue.
> --
> Kevin A. McGrail
> Member, Apache Software Foundation
> Chair Emeritus
On Tue, Nov 29, 2022 at 09:40:14AM -0500, Greg Troxel wrote:
>
> I am pretty sure the hardware is OK, but I can't really run memtest86 as
> it is a VPS.
Memtester is userland, should be on most distributions: apt install memtester
You can give it parameter of how much memory you have free, and
On Tue, Nov 29, 2022 at 07:34:51AM -0500, Greg Troxel wrote:
>
> Wolfgang Breyha writes:
>
> > It doesn't finish any other rules and doesn't display final results at all.
> >
> > And then I start it simply again and everything is fine.
> >
> > Has anybody else seen this odd behavior?
>
> I see
On Sat, Nov 26, 2022 at 08:31:41AM -0500, Jared Hall wrote:
> SA: 3.4.6
>
> The Header ToCc test doesn't seem to accept :name and :addr modifiers.
>
> Is that how this function operates?
It should accept it just fine. But in 3.4 :addr or :name can only return
results of first email. So it
On Sun, Nov 20, 2022 at 11:58:31AM -0500, Alex wrote:
> Hi,
> I'm using the latest SA from trunk and trying to get pyzor working. It runs
> correctly to check a message from the command-line, but SA apparently fails to
> properly parse the output?
>
> Nov 20 11:55:21.970 [2531521] dbg: pyzor:
On Fri, Oct 14, 2022 at 11:55:35AM +0200, Wolfgang Breyha wrote:
> Hi!
>
> If a scanned E-Mail does not contain any URL (URIHOSTS and URIDOMAINS empty)
> SA4(rc3) does not mark rules using check_uridnsbl as "run" IMO.
>
> This makes meta rules depending on them "unrunable" as well.
>
> Dbg
On Tue, Oct 11, 2022 at 09:29:18AM +0300, Henrik K wrote:
>
> KAM channel (https://mcgrail.com/template/kam.cf_channel) users might want
> to check their rules..
>
> KAM_deadweight2_sub.cf contains this:
>
> meta __RCVD_IN_SORBS 0
> meta __RCVD_IN_ZEN 0
> meta
On Tue, Oct 11, 2022 at 12:33:19PM -0400, Kevin A. McGrail wrote:
>
> On 10/11/2022 2:29 AM, Henrik K wrote:
> > Seems it's been disabling many active and useful DNSBL/WL lookups for a long
> > time?
>
> Correct. We found they had overlap or didn't add to the accurac
On Tue, Oct 11, 2022 at 02:54:08PM +0200, Damian wrote:
> > > # __SA4 injected inside amavis via $suppl_attrib->{rule_hits}
> > > meta SA4 __SA4
> > > score SA4 1
> > > describe SA4 dummy
> > yields
> > > SA dbg: rules-all: unrun dependencies prevented meta SA4 from
> > > running: __SA4
>
> The
On Tue, Oct 11, 2022 at 02:36:59PM +0200, Wolfgang Breyha wrote:
> On 11/10/2022 13:29, Henrik K wrote:
> > You can also need to use -D rules,rules-all to see any "unrun" rules.
>
> I tried that using "all,rules,rules-all" and I think I found an other
On Tue, Oct 11, 2022 at 01:09:03PM +0200, Wolfgang Breyha wrote:
>
> And I've still cases were a simple ">" is not evaluated as well...
>
> I have
> meta __META1 (__SUBMETAX + . + __SUBMETAXN)
> with
> dbg: rules: ran meta rule __META1 ==> got hit (5)
>
> I have
> meta __META2
On Tue, Oct 11, 2022 at 01:09:03PM +0200, Wolfgang Breyha wrote:
> On 11/10/2022 12:23, Henrik K wrote:
> > Should be fixed in rc4.
> >
> > https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8060
>
> Well, this indeed fixes this test case. But my initial problem wh
AU.
> > >
> > > can these checks be made the way DNS queries are done only when
> > > DKIM_VALID_AU matches?
> > >
> > > perhaps playing with priority
>
> On 07.10.22 16:41, Henrik K wrote:
> > It's not possible to use priority with askdns.
On Tue, Oct 11, 2022 at 12:21:23PM +0300, Henrik K wrote:
> On Tue, Oct 11, 2022 at 10:48:26AM +0200, Wolfgang Breyha wrote:
> > On 11/10/2022 06:59, Henrik K wrote:
> > > On Tue, Oct 11, 2022 at 12:50:38AM +0200, Wolfgang Breyha wrote:
> > > >
> >
On Tue, Oct 11, 2022 at 10:48:26AM +0200, Wolfgang Breyha wrote:
> On 11/10/2022 06:59, Henrik K wrote:
> > On Tue, Oct 11, 2022 at 12:50:38AM +0200, Wolfgang Breyha wrote:
> > >
> > > And another quite simple ruleset...
> > > meta __SA4TA3_1 6
> >
KAM channel (https://mcgrail.com/template/kam.cf_channel) users might want
to check their rules..
KAM_deadweight2_sub.cf contains this:
meta __RCVD_IN_SORBS 0
meta __RCVD_IN_ZEN 0
meta __RCVD_IN_MSPIKE_B 0
meta __RCVD_IN_MSPIKE_L 0
meta __RCVD_IN_DNSWL 0
Seems it's been disabling many active
On Tue, Oct 11, 2022 at 12:50:38AM +0200, Wolfgang Breyha wrote:
>
> In case of URIBL_SBL I don't know why it gets undefined, since other RBLs
> work in the same place (eg. URIBL_BLACK) as expected and the result is 1.
Thanks for the tip, found the problem. Should be fixed in rc4.
On Tue, Oct 11, 2022 at 12:50:38AM +0200, Wolfgang Breyha wrote:
>
> And another quite simple ruleset...
> meta __SA4TA3_1 6
> meta __SA4TA3_2 2
> meta __SA4TA3(__SA4TA3_1 > 2) && (__SA4TA3_2 > 1)
> doesn't set __SA4TA3. This was working an SA3.4 as well.
Works fine here.
> Is this wanted
On Fri, Oct 07, 2022 at 04:41:57PM +0300, Henrik K wrote:
> It's not possible to use priority with askdns. The rule is launched then
> the all dependent tags are set, nothing more, nothing less.
... obvious typo but just to clarify, _when_ all tags are set..
On Sat, Oct 01, 2022 at 04:42:09PM +0200, Matus UHLAR - fantomas wrote:
>
> perhaps these all should replace _DKIMDOMAIN_ by _AUTHORDOMAIN_ and AND-ed
> with DKIM_VALID_AU.
>
> can these checks be made the way DNS queries are done only when
> DKIM_VALID_AU matches?
>
> perhaps playing with
On Fri, Oct 07, 2022 at 03:01:17PM +0200, Matus UHLAR - fantomas wrote:
>
> the _DKIMDOMAIN_ can contain multiple domains if mail is signed using
> multiple valid keys.
Not a problem, as AskDNS doc says:
"Tags which produce multiple values will result in multiple queries
launched, each with an
On Fri, Oct 07, 2022 at 10:58:07AM +0200, Matus UHLAR - fantomas wrote:
> Hello,
>
> I have configured my personal user_prefs to process options for extracttext.
>
> so far, spamd complains:
>
> Oct 7 09:29:05 fantomas spamd[26887]: spamd: setuid to uhlar succeeded
> Oct 7 09:29:05 fantomas
On Tue, Oct 04, 2022 at 03:47:02PM +, DEMBLANS Mathieu wrote:
> Not sure about this solution.
> The problem is for all sites listed in surbl.org, not specifically
> square.site and its subdomains.
I gave you a workaround for single domains for 3.4.
I also told you it's already fully solved,
On Tue, Oct 04, 2022 at 03:13:29PM +, DEMBLANS Mathieu wrote:
> Hello,
>
> SpamAssassin version 3.4.6 With postfix 3.4.14 on debian 10.12
>
> SpamAssassin version 3.4.2 With postfix 3.4.2 on debian 10.3
>
> As it is written in the Mail_SpamAssassin_Plugin_URIDNSBL doc and confirmed by
>
On Fri, Sep 09, 2022 at 08:15:04AM -0400, PGNet Dev wrote:
>
> What alternative, non-deprecated support, if any, exists, or is planned,
> for SA RelayCountry plugin usage with MaxMind GeoIP2 *.mmdb data?
As the database format should not ever change, there is no reason to assume
the current code
On Mon, Aug 29, 2022 at 02:43:01AM -0500, Dave Funk wrote:
>
> Where would I find the most recent version of DecodeShortURLs plugin?
It is now maintained by SA project and included in 4.0 release. Best to
wait for that or try the current trunk/4.0.0-rc1.
On Sun, Jun 26, 2022 at 12:57:32PM -0400, Alex wrote:
>
>
> Amavisd-new works fine here. Maybe $enable_dkim_verification or something
> is different.
>
>
> It's good to know you're using amavisd. It's very dependent upon the SA
> version
> you're using, though.
>
> It appears both
to how amavisd-new is calling SA ?
> Giovanni
>
> On 6/26/22 07:55, Henrik K wrote:
> >
> > Have you checked what debugging says?
> >
> > $sa_debug = 'info,dkim,DMARC';
> >
> >
> > On Sat, Jun 25, 2022 at 03:45:48PM -0400, Alex wrote:
>
Have you checked what debugging says?
$sa_debug = 'info,dkim,DMARC';
On Sat, Jun 25, 2022 at 03:45:48PM -0400, Alex wrote:
> Hi,
>
> It's definitely a problem with the current spamassassin from github v4. I went
> back to an old version I built on May 29th and it immediately starts reporting
On Thu, May 26, 2022 at 03:48:57PM +0200, Matus UHLAR - fantomas wrote:
> > > >I also haven't any references to DMARC whatsoever from any SA rules since
> > > >it was uninstalled.
> > >
> > > >I otherwise have no way of telling if there should have been any hits,
> > > >but
> > > >I'd imagine
On Mon, May 23, 2022 at 10:48:51PM -0600, Philip Prindeville wrote:
>
>
> > On May 11, 2022, at 1:53 AM, Henrik K wrote:
> >
> > On Wed, May 11, 2022 at 10:49:32AM +0300, Henrik K wrote:
> >> On Wed, May 11, 2022 at 10:44:05AM +0300, Henrik K wrote:
> &g
On Wed, May 18, 2022 at 08:16:15AM +0300, Henrik K wrote:
> On Fri, May 13, 2022 at 05:42:04PM -0400, Jeff Koch wrote:
> >
> > Hi:
> >
> > We're getting numerous false positives on 'RCVD_IN_DNSWL_HI RBL'. When I
> > check
> > these IP's (193.106.175.39, f
On Fri, May 13, 2022 at 05:42:04PM -0400, Jeff Koch wrote:
>
> Hi:
>
> We're getting numerous false positives on 'RCVD_IN_DNSWL_HI RBL'. When I check
> these IP's (193.106.175.39, for example) at [1]https://www.dnswl.org they are
> NOT listed.
>
> * -5.0 RCVD_IN_DNSWL_HI RBL:
On Fri, May 13, 2022 at 12:22:48PM -0600, Philip Prindeville wrote:
>
> How do you look at what a rule is matching? I've never figured that out...
Debug output:
spamassassin -t -D rules < message.eml 2>&1 | grep 'got hit'
On Wed, May 11, 2022 at 10:49:32AM +0300, Henrik K wrote:
> On Wed, May 11, 2022 at 10:44:05AM +0300, Henrik K wrote:
> > On Tue, May 10, 2022 at 06:19:38PM -0600, Philip Prindeville wrote:
> > > See my original message.
> > >
> > > I can't think
On Wed, May 11, 2022 at 10:44:05AM +0300, Henrik K wrote:
> On Tue, May 10, 2022 at 06:19:38PM -0600, Philip Prindeville wrote:
> > See my original message.
> >
> > I can't think of a single way to match each header, and then test for any
> > of them not matching the
On Tue, May 10, 2022 at 06:19:38PM -0600, Philip Prindeville wrote:
> See my original message.
>
> I can't think of a single way to match each header, and then test for any of
> them not matching the pattern...
Simply use regex negative lookahead.
ALL =~ /^(?!Foo|Bar):/m
It will hit any line
On Fri, May 06, 2022 at 12:31:47PM +0200, giova...@paclan.it wrote:
> On 5/6/22 11:08, Niels Kobschätzki wrote:
> > Hi,
> >
> > I have a setup where the spamassassin-servers have actually no access to
> > the data of the mail-servers. Now I was looking into having per user
> > bayes-databases
On Fri, May 06, 2022 at 11:08:21AM +0200, Niels Kobschätzki wrote:
> Hi,
>
> I have a setup where the spamassassin-servers have actually no access to the
> data of the mail-servers. Now I was looking into having per user
> bayes-databases and saw that I can do that with a SQL-database. I have
On Sun, May 01, 2022 at 09:45:38PM -0400, Alex wrote:
> Hi,
>
> Four points for a .online TLD with KAM rules
>
> * 2.0 PDS_OTHER_BAD_TLD Untrustworthy TLDs
> * [URI: www.lci-mtc.online (online)]
>
> * 2.0 KAM_SOMETLD_ARE_BAD_TLD .bar, .buzz, .cam, .casa, .cfd, .club,
> * .date,
On Fri, Apr 29, 2022 at 10:12:24AM -0600, asparks wrote:
>
> Is there anything I can do to fix these on SA 3.3.1? Thanks in advance.
> -Alan
Already committed a fix to replace has() with can() in rules, will be live
in a few days..
It's harmless and fixed in next libwww:
https://github.com/libwww-perl/libwww-perl/issues/410
On Wed, Apr 27, 2022 at 02:04:38PM -0500, Larry Rosenman wrote:
> I'm getting the following error when my update_rules script runs:
>
> "my" variable $uri masks earlier declaration in same scope at
>
On Tue, Apr 26, 2022 at 05:11:47PM +0300, Henrik K wrote:
> On Tue, Apr 26, 2022 at 03:59:36PM +0200, Matus UHLAR - fantomas wrote:
> > On 26.04.22 16:11, Henrik K wrote:
> > > Maybe a bit safer version that doesn't log huge strings and run wild
> > >
> >
On Tue, Apr 26, 2022 at 03:59:36PM +0200, Matus UHLAR - fantomas wrote:
> On 26.04.22 16:11, Henrik K wrote:
> > Maybe a bit safer version that doesn't log huge strings and run wild
> >
> > full FOO /^(?=.*?\nContent-Type:
> > message\/rfc822.{0,1024}?\nReceived:(?:[
On Tue, Apr 26, 2022 at 04:04:13PM +0300, Henrik K wrote:
> On Tue, Apr 26, 2022 at 02:35:25PM +0200, Matus UHLAR - fantomas wrote:
> > Hello,
> >
> > is it possible to match message headers in rfc822 atttachments?
> >
> > from what I know, "he
On Tue, Apr 26, 2022 at 02:35:25PM +0200, Matus UHLAR - fantomas wrote:
> Hello,
>
> is it possible to match message headers in rfc822 atttachments?
>
> from what I know, "header" rules only apply to mail headers and mimeheader
> only apply to mime headers.
>
> body and rawbody afaik only
On Mon, Apr 25, 2022 at 03:48:01PM +0300, Henrik K wrote:
> On Mon, Apr 25, 2022 at 02:21:49PM +0200, Giovanni Bechis wrote:
> > KAM.cf has already all the needed glue, if you update to trunk and enable
> > DMARC plugin, DMARC rules will use new plugin code.
> > Giovannin
&g
On Mon, Apr 25, 2022 at 02:21:49PM +0200, Giovanni Bechis wrote:
> On Mon, Apr 25, 2022 at 12:50:49PM +0300, Henrik K wrote:
> > On Mon, Apr 25, 2022 at 11:48:52AM +0200, Matus UHLAR - fantomas wrote:
> > > > > >> >https://pastebin.com/s032ndrA
> > > &g
On Mon, Apr 25, 2022 at 11:48:52AM +0200, Matus UHLAR - fantomas wrote:
> > > >> >https://pastebin.com/s032ndrA
> > > >> >
> > > >> >It's not only hitting DMARC_REJ_NO_DKIM and DMARC_FAIL_REJECT, but
> > > >>
> > > >> where did you get these from?
> > >
> > > On 22.04.22 10:02, Alex wrote:
> > >
On Sat, Apr 16, 2022 at 12:21:55PM +0100, Martin Gregorie wrote:
>
> - I don't test SA-issued rules updates because they've been verified
> before being issued and I've never found errors in them.
There is no need to manually test sa-updated rules, since it automatically
lints them. And
On Fri, Mar 25, 2022 at 06:01:43AM -0400, Michael Grant wrote:
>
> Unless there's an existing function in some plugin to do this, I'll
> have to write my own. Little surprising that there isn't, this seems
> like an obvious check!
There is already very basic HEADER() template support added in
On Mon, Mar 21, 2022 at 04:16:19AM -0600, @lbutlr wrote:
> On 2022 Mar 21, at 03:54, Henrik K wrote:
> > On Mon, Mar 21, 2022 at 03:48:51AM -0600, @lbutlr wrote:
> >> When running sa-update on an old system (not updated in at least a year) I
> >> am getting:
>
On Mon, Mar 21, 2022 at 03:48:51AM -0600, @lbutlr wrote:
> When running sa-update on an old system (not updated in at least a year) I am
> getting:
>
> # sa-update --gpgkey 24C063D8 --channel kam.sa-channels.mcgrail.com
> gpg: process '/usr/local/bin/gpg' finished: exit 2
> error: GPG validation
On Mon, Mar 14, 2022 at 08:15:49PM -0400, Alex wrote:
>
> How do I generate that signature? I've been unable to find any
> instructions on how to do it.
https://www.dcc-servers.net/dcc/dcc-tree/dcc.html
dccproc -CQ < message
Add to /var/dcc/whiteclnt
"Hex ctype cksum
starts with the string
1 - 100 of 643 matches
Mail list logo
