On Mon, 2013-10-14 at 13:28 +0200, Per-Erik irt Persson wrote:
Is there a way to tell spamassassin to copy/clone a specific email
that is being scanned to a file?
If a certain email matches rule X, a local copy of it should be placed
somewhere on the mailscan server, no matter the score.
On Wed, 2013-10-09 at 13:18 -0400, Kevin A. McGrail wrote:
On 10/7/2013 7:53 PM, Martin Gregorie wrote:
If, on inspection, there is any reliable way to distinguish spam from
ham in the stream coming from cvent, you could drop the RBL score down
a lot (0.01 ?) and write a meta that blocks
On Mon, 2013-10-07 at 19:38 -0400, Alex wrote:
There wasn't really any consensus on the list for this sender either.
I've left them off my blacklist for now, despite seeing messages
pertaining to hair care and gutter cleaning from their customers.
They're also not on any public blocklists.
On Mon, 2013-09-16 at 23:50 +0530, Abhijeet Rastogi wrote:
Hi John,
Did a
$grep -inr __HAS_SENDER ./
in the source. No hits, what-so-ever.
In my installation its in:
/var/lib/spamassassin/3.003002/updates_spamassassin_org/10_hasbase.cf
Martin
On Mon, 2013-09-16 at 15:40 -0700, Ted Mittelstaedt wrote:
On 9/15/2013 11:24 AM, Martin Gregorie wrote:
On Sun, 2013-09-15 at 23:27 +0530, Blason rock wrote:
I agree an wouldnt harm if I disable it as my smtp scanning is definitely
running fine. What I was thinking about is does imap
On Sat, 2013-09-14 at 21:54 -0400, Thomas Harold wrote:
On 9/13/2013 9:01 PM, Harry Putnam wrote:
Kris Deugau kdeu...@vianet.ca writes:
From man Mail::SpamAssassin::Conf:
report_safe 0
Thanks, I see I commented it out for some experiment several mnths
ago, and of course, forgot
On Sun, 2013-09-15 at 06:48 +, haman...@t-online.de wrote:
Hi Guys,
This may sound a basic questions but would like to know under what
circumstances one should use IMAP/POP3 Anti Spam services? I do have AS for
SMTP and is blokcing well but would like to know what consequences it
On Sun, 2013-09-15 at 23:27 +0530, Blason rock wrote:
I agree an wouldnt harm if I disable it as my smtp scanning is definitely
running fine. What I was thinking about is does imap and pop3 AS scanning
only needed for ISP kindaa environment? Since I do run small setup I know
all my users are
The one relevant thing you haven't shown us is:
1) which user you're running the debug test under.
2) which user spamd is running under on your production system when
exim is using it.
As jdow has said, the best way to see (2) is by running
ps -ef | grep spamd
from any user. If the two
On Mon, 2013-09-09 at 14:24 +, Raymond Jette wrote:
Thanks for the reply. I'm not sure why but my spamd is running as
root (I will have to change this).
I run Fedora 18, so it also uses systemd rather than the old SysV init.
By default my systemd configuration runs spamd as root. I don't
: Martin Gregorie [mailto:mar...@gregorie.org]
Sent: Monday, September 09, 2013 7:35 AM
To: users@spamassassin.apache.org
Subject: Re: Rules not working
The one relevant thing you haven't shown us is:
1) which user you're running the debug test under.
2) which user spamd is running under
On Thu, 2013-08-29 at 05:42 -0700, Neil Schwartzman wrote:
On Aug 29, 2013, at 4:40 AM, RW rwmailli...@googlemail.com wrote:
On Thu, 29 Aug 2013 00:55:29 +0200
Michael Schaap wrote:
On 29-Aug-2013 00:30, John Hardin wrote:
On Wed, 28 Aug 2013, Michael Schaap wrote:
Hi,
I'm
On Fri, 2013-08-30 at 14:25 +0100, RW wrote:
On Fri, 30 Aug 2013 10:45:23 +0100
Martin Gregorie wrote:
On Thu, 2013-08-29 at 05:42 -0700, Neil Schwartzman wrote:
On Aug 29, 2013, at 4:40 AM, RW rwmailli...@googlemail.com wrote:
On Thu, 29 Aug 2013 00:55:29 +0200
Michael Schaap
On Fri, 2013-08-16 at 09:27 -0700, Gregg Stock wrote:
I'm getting some ALL_TRUSTED on spam and wasn't sure what to list in as
trusted networks. My mail server has incoming messages port forwarded by
iptables. So everything looks like it comes from an internal network.
Right now, I have our LAN
On Sun, 2013-07-21 at 16:33 +0200, Andrea wrote:
On 7/20/13 9:20 AM, Christian Recktenwald satalk-d...@citecs.de wrote:
On Sat, Jul 20, 2013 at 07:35:23AM +0200, Andrea wrote:
Hi all.
Since a few days ago I'm being buried under spam messages that slip
through
my amavis/SA setup.
On Mon, 2013-07-15 at 22:14 +0300, Jari Fredriksson wrote:
15.07.2013 19:51, Benny Pedersen kirjoitti:
Christian Dysthe skrev den 2013-07-15 15:16:
Spamassassin runs fine but I have one remaining error message in the
logs:
spamd: still running as root: user not specified with -u
On Sun, 2013-07-14 at 10:00 +0200, Timothy Murphy wrote:
On Friday, July 12, 2013 04:42:58 PM dar...@chaosreigns.com wrote:
Sounds like you didn't load the plugin (in the right place). There's some
related stuff on http://wiki.apache.org/spamassassin/ImproveAccuracy
I did look there but
On Fri, 2013-07-12 at 10:49 +0200, Dejan Doder wrote:
If service spamassassin is* off* , and I do updates
10 4 * * * root /usr/share/spamassassin/sa-update.cron 21 | tee -a
/var/log/sa-update.log
sa-update.cron says
/usr/bin/sa-update /etc/init.d/spamassassin *condrestart* dev/null
On Fri, 2013-07-12 at 15:09 +0200, Timothy Murphy wrote:
I have Postfix/Dovecot running on my CentOS-6.4 server,
and I'm trying to add SpamAssassin through Amavisd.
I have followed meticulously the instructions in
http://wiki.centos.org/HowTos/Amavisd.
As far as I can tell, amavisd and clamav
On Sat, 2013-07-13 at 00:35 +0200, Timothy Murphy wrote:
On Friday, July 12, 2013 04:42:58 PM dar...@chaosreigns.com wrote:
Sounds like you didn't load the plugin (in the right place). There's some
related stuff on http://wiki.apache.org/spamassassin/ImproveAccuracy
I'm beginning to
On Sat, 2013-07-13 at 00:45 +0200, Timothy Murphy wrote:
I assume that in CentOS-6 this means
/etc/mail/spamassassin/local.cf
which is exactly where I have the ok_languages line.
Why then does does spamassassin --lint complain
-
[tim@alfred ~]$ sudo
On Wed, 2013-07-10 at 22:37 -0700, Celene wrote:
On 7/6/2013 2:07 PM, Martin Gregorie wrote:
On Sat, 2013-07-06 at 12:24 -0700, Celene wrote:
To be honest, I have never gotten any emails from people with only a
URL, unless they are spam, so this shouldn't be a problem. I just want
On Sat, 2013-07-06 at 12:24 -0700, Celene wrote:
To be honest, I have never gotten any emails from people with only a
URL, unless they are spam, so this shouldn't be a problem. I just want
to match all emails that have a single link in the body
I'm getting reasonable results from this:
On Sun, 2013-06-30 at 20:44 +0100, RW wrote:
On Sun, 30 Jun 2013 12:42:53 -0600
Amir 'CG' Caspi wrote:
Hi all,
Just got this spam:
http://pastebin.com/KM5paaZ9
(And yes, I know it only hit BAYES_50... I really think these
gibberish strings are confusing Bayes.
I
On Fri, 2013-06-21 at 10:27 +0200, Fabio Sangiovanni wrote:
Hi everybody,
I've configured my MSA (Postfix) so that a copy of submitted mail is
sent (BCC'd) to a postfix/amavisd-new/spamassassin system for
out-of-band antispam analysis.
The MSA is set to write envelope from/rcpt addresses
On Fri, 2013-06-21 at 15:21 +0200, Fabio Sangiovanni wrote:
I normally already scan the BCCed message *only*. The main submission
channel doesn't have an antispam system on its own; instead, an
out-of-band antispam stack (postfix + amavisd-new + spamassassin) is in
place; it receives BCCed
On Tue, 2013-06-18 at 11:18 -0600, Amir 'CG' Caspi wrote:
At 8:58 AM -0400 06/18/2013, Ben Johnson wrote:
a.) You are copying/pasting the body of the email, but not the headers.
No, I am copying the headers... however, I am using Eudora (ancient,
I know) as a mail client, and it's possible
On Tue, 2013-06-18 at 20:01 +0100, Martin Gregorie wrote:
BTW, I just ran through 848 messages on this fairly average host (Lenovo
R61i [Intel Core Duo at 1.6GHz, 3GB RAM) running Fedora 18. The first
run averaged 1095 mS/message and the second averaged 96 mS/message, so I
don't think John's
On Mon, 2013-06-17 at 18:51 +1200, Jason Haar wrote:
On 17/06/13 16:14, Benny Pedersen wrote:
Jason Haar skrev den 2013-06-17 00:48:
That's it - I'm removing SPF...
hardfail is for mta, softfails is for spamassassin, if your mta accept
hardfail spf, then you self ask for it
?? SA
On Fri, 2013-06-14 at 16:37 -0400, Alex wrote:
The rules definitely exist on my system. I wonder if there's some
difference between running spamassassin manually on the message versus
running spamd. The message I pasted was run through spamc/spamd. Is there
something that I've
On Fri, 2013-06-14 at 15:47 -0600, Amir 'CG' Caspi wrote:
The only thing I can _possibly_ think of is that sa-update is run
nightly, but spamd doesn't get rebooted nightly...
Are you sure? Take a look at how sa_update is getting run to make sure
that it is doing what you expect.
sa_update
On Wed, 2013-06-12 at 21:30 +0200, Juerg Reimann wrote:
Is there a filter to block PayPal phishing mails, i.e. everything that
claims to come from PayPal but is not?
I was going to suggest that you could treat anything whose Message-ID
doesn't end with 'paypal.com' as spam, but its a bit more
On Fri, 2013-06-07 at 12:04 -0400, Alex wrote:
Hi,
I'm receiving what I think is spam but looks like it's from a
subscription-based list, yet the domain isn't blacklisted even after
receiving messages similar to these for at least a week:
http://pastebin.com/N7Dw03sG
The domain is
On Fri, 2013-06-07 at 13:20 -0400, Alex wrote:
I'm also receiving a ton of single-link spam that none of my
single-link spam rules seem to be triggering on sufficiently to block.
They are all routed through yahoo.com and typically have a very small
body. I've created one meta with a small body
On Thu, 2013-06-06 at 16:54 -0500, Daniel McDonald wrote:
On 6/6/13 4:23 PM, Rejaine Monteiro reja...@bhz.jamef.com.br wrote:
Hi list,
How can I make a rule to do something like this: block messages
For the pedantic, SpamAssassin doesn't block mail. It marks it. Whether
you
On Thu, 2013-05-30 at 23:11 -0400, Alex wrote:
It would be great if there was an automated script that included
checking surbl.org and others right from a shell script, given a
domain name.
What exactly are you trying to do? By that I mean, do you want to:
1) test an individual domain name
On Fri, 2013-05-31 at 03:52 -0700, tony wrote:
I've been running spamassassin for about 4 years on a centos 5 server,
currently running spamassassin-3.3.1-2.el5. I've always been impressed and
very pleased with the way SA works and I regularly run sa-update and I
update the bayes databases. I
On Fri, 2013-05-31 at 11:51 -0400, Andrew Talbot wrote:
I'm trying to set up a custom rule that scores HTML attachments.
..snippage..
I found this :
header HTML_ATTACH_RULE_2 Content-Disposition =~
/^filename\=\[a-z]{2}\.html\/i
Don't anchor it to the start of the line, i.e. try this:
On Fri, 2013-05-31 at 14:10 -0400, Andrew Talbot wrote:
That didn't work :(
Can you post one or two examples of actual MIME attachment headers that
you're trying to get the rule to fire on?
Obvious question, but have you enabled the MIME header module?
I'm using MimeMagic and enabling it
On Fri, 2013-05-31 at 14:45 -0400, Andrew Talbot wrote:
I need it to fire on any HTML attachment. The modules are enabled. I
can get it to pick up text/html, remember, but the problem is that it
detects messages sent as HTML when it's set up like that. It doesn't
detect plain-text messages,
On Fri, 2013-05-31 at 12:15 -0700, tony wrote:
now I've given it some more thought it's a certain type of spam that gets
through. I never get scams or marital aid spam, never. The spam mails that
get through are consistently to do with hospitality, increased sales and
business courses. Are
with the rule its impossible to know why the
rule doesn't match the MIME header and very difficult to reliably
diagnose your problem.
Martin
-Original Message-
From: Martin Gregorie [mailto:mar...@gregorie.org]
Sent: Friday, May 31, 2013 3:38 PM
To: users
On Mon, 2013-05-13 at 17:40 -0500, Bill Polhemus wrote:
If this isn't the correct place for this, please excuse the faux pas.
I've added a couple of network ranges covering known good networks
like places of work, to the -i option for spamass-milter.
The spamass-milter man-page says this
On Tue, 2013-05-07 at 07:41 -0700, John Hardin wrote:
plonk is the notional sound
If I date myself by that, oh well.
I don't think so . It still resounds as loudly as ever in the hallowed
halls of USENET.
Martin
On Thu, 2013-05-02 at 14:08 +0200, Simon Loewenthal wrote:
May be you could try something like this, but change the English text
into Norwegian accordingly.
describe J_MAILBOX_FULL Your mailbox has exceeded spam
body J_MAILBOX_FULL /^Your? ((web|E-?) ?mail|mailbox) .*(is|
has)
On Thu, 2013-05-02 at 14:23 +0200, Axb wrote:
http://rss.uribl.com/hosters/webs_com.html
Thanks. That's what I wanted to know, and the URLs I've seen are not
listed, so I'll be registering.
Martin
On Mon, 2013-04-29 at 07:46 +0530, Blason rock wrote:
Hey fellas,
Recently I observed that users started receiving those newsletters
kinda mail. May be sombody internally subscribing it and that is why
they do receive. However as a general concept would like to know if
such mails can be
On Mon, 2013-04-29 at 13:06 +0200, Matus UHLAR - fantomas wrote:
What if it's a semi-legit newsletter thatuserhas not subscribed into?
I have seen receiving this kind of e-mails from some world saviours
repeatedly to many addressess that did not subscribe...
So have I, though not from 'world
On Mon, 2013-04-29 at 12:46 -0400, Alex wrote:
First, asking the users to look in the headers (or body) to find an
unsubscribe link, and telling them to make sure it's confirmed just
doesn't happen. They just want it blocked.
Did they subscribe to the list? Then tell 'em to get a clue and
On Fri, 2013-04-26 at 16:04 -0400, Andrew Talbot wrote:
Martin -
Interesting. How many mailboxes does your deployment cover?
Effectively one.
I said I was a small setup: I run a personal system, organised as a
house server, which accepts all incoming mail and only runs SA against
the
On Fri, 2013-04-26 at 17:44 -0700, John Hardin wrote:
On Sat, 27 Apr 2013, Martin Gregorie wrote:
Question to JH: I can see that portmanteau rules on high volume sites
would benefit from the (?=x) optimisation, but so would a lot of rules
that use regexes containing alternations. So
On Thu, 2013-04-25 at 18:45 -0400, Andrew Talbot wrote:
I like your point about the portmanteau rules (and I award you two
Points for using one of my favorite words in a new - yet appropriate -
manner!).
:-)
I never thought about scoring each rule as a 0.001 or something really
low then
On Wed, 2013-04-24 at 17:12 +0100, hospice admin wrote:
we're having problems with an outfit called 'Bite Sized Seminars' in
the UK, who seem to be sending mail out through another company called
'Communicado'. A quick google suggests we aren't the only ones.
We have developed a number of
On Wed, 2013-04-24 at 12:32 -0400, Andrew Talbot wrote:
I have my customized deployment split up into a bunch of separate CF
files (by category) and I have those further split up into rules based
on score.
I also use very long rules, mainly due to spamiferous mailing lists,
because all the
On Sun, 2013-04-14 at 17:46 -0700, Marc Perkel wrote:
Anyone want to write a rule to catch this? Lots of font and color changes.
How about
uri TWEETSHORTENER /jmb.tw/
score TWEETSHORTENER 6.0
I notice that the registrant is in Boston, not Taiwan, the registrar is
GoDaddy and that the
On Mon, 2013-04-15 at 08:21 +0100, Martin Gregorie wrote:
On Sun, 2013-04-14 at 17:46 -0700, Marc Perkel wrote:
Anyone want to write a rule to catch this? Lots of font and color changes.
How about
uri TWEETSHORTENER /jmb.tw/
score TWEETSHORTENER 6.0
I notice that the registrant
On Thu, 2013-04-11 at 18:25 -0400, Alex wrote:
Hi,
Recently I noticed that this rule was getting FPs from mail on a
SourceForge-related mailing list that I thought should have
nothing to
do with Yahoo, so I added in another (obfuscated) rule. The
combination
On Thu, 2013-04-11 at 18:56 -0400, Alex wrote:
Hi,
I'm now receiving spam that contains little more than a URL that keeps
it from matching my body uri only rules because of a little
additional junk in the body, and apparently is sent from legitimate
compromised yahoo accounts, resulting
On Mon, 2013-04-08 at 19:41 -0400, David F. Skoll wrote:
On Mon, 8 Apr 2013 16:02:27 -0600
Bob Proulx b...@proulx.com wrote:
Karsten Bräckelmann wrote:
Unfortunately, no. While procmail implements some flavor of
extended Regular Expressions, there are still quite some
differences
On Thu, 2013-03-28 at 14:27 -0700, psychobyte wrote:
Hi,
I'm on gentoo using SA-3.3.1. on startup only, the spamd service takes over
3 minutes to startup. I was able to log the startup log which outputs
this(below). It results is some errors but, don't see why it would hang for
3
On Thu, 2013-03-21 at 09:40 +, Sharma, Ashish wrote:
What would be the change in spam rule if the Content-Disposition field
is mime word encoded as per RFC 2047 ?
Please find the sample eml at:
http://pastebin.com/FLjzCsUZ
What's the problem with this message? The portion you've
On Fri, 2013-03-22 at 11:04 -0700, John Hardin wrote:
On Fri, 22 Mar 2013, Martin Gregorie wrote:
On Fri, 2013-03-22 at 09:56 -0400, David F. Skoll wrote:
However, any mail reader should be hardened against accepting arbitrary
filenames... I can't see how this would be a problem
On Fri, 2013-03-15 at 14:39 -0500, David B Funk wrote:
The whole raison-detre for RBLs is that they're lists that can be
implemented via the DNS system (created, updated, distributed, queried, etc).
As such they can -only- contain IP addresses or hostnames, NOT URLs.
So using something like
On Tue, 2013-03-12 at 11:19 +1300, Jason Haar wrote:
We're seeing a run on our MTAs at the moment. Scores are very low
because the email claims to be base64 encoded HTML, whereas the content
is actually not in base64. So the end user receives this binary blob
email that has no value to anyone
On Sat, 2013-03-09 at 09:23 -0800, John Hardin wrote:
Regarding that analogy, SA is not an antivirus tool, and any attempt to
make it one would be met with resistance. SA is also not an email
*security* tool.
Agreed. If I thought I needed an antivirus tool I's run Clamav.
An email
On Sat, 2013-03-09 at 09:23 -0800, John Hardin wrote:
On Sat, 9 Mar 2013, Martin Gregorie wrote:
Presumably the, ahem, misguided js interpretation is being triggered by
the script/script tags, so wouldn't the regex I've used here
mimeheader JS_TRAP_RULE name =~ /script/
be a more
On Sat, 2013-03-09 at 20:56 +, Martin Gregorie wrote:
Correction:
describe SCRIPTED_NAME Attachment name or filename is a script
mimeheader __SCRIPTN1Content-Type =~ /name.*\=.*script/
mimeheader __SCRIPTN2Content-Disposition =~ /filename.*\=.*script/
meta SCRIPTED_NAME
On Wed, 2013-03-06 at 15:53 +0100, Simon Loewenthal wrote:
Hi KAM and AxB,
The system is a small low cost VM. The provider
(for some reason) only offers to move the server to a new box, instead
of adding an extra half gig, which is pretty poor. I don't have the time
to spare for such a
On Thu, 2013-02-28 at 20:34 -0500, Steve Prior wrote:
I'm really starting to suspect that these spammers are scraping your public
posts on Facebook and grabbing the names of people that commented on those
posts, then using a Yahoo account and setting that name on the account before
sending
On Fri, 2013-03-01 at 15:38 +, Scott Ostrander wrote:
Would someone put some samples of Yahoo single link spam on PasteBin.
I am trying to test my rules and I seem to be missing some of the variations.
Here's an example: it is the message I developed the following rule
against:
On Fri, 2013-03-01 at 12:33 -0500, David F. Skoll wrote:
Somewhat OT... are people still seeing these Yahoo single-link spams?
They seem to have stopped abruptly as far as I can tell.
I haven't seen one for a few days either, but think its still a useful
rule because it can't cost a lot to run
On Sat, 2013-03-02 at 01:11 +, Ned Slider wrote:
That said, I just checked my example, and __MANY_RECIPS failed to fire.
Here's the current rule:
header __MANY_RECIPS ToCc =~ /(?:\@[^@]{5,30}){3}/
Can someone explain the regex and why it fails to fire for 7 recipients?
Is
On Sun, 2013-02-24 at 19:20 +0800, Nicholas C. wrote:
Hi,
There are a few emails which I had already blocked their emails, but I still
getting spammed from them.
Example below. Is there a way to block the sender name, AndyTheCoach
instead?
header NAMEBLOCKER From =~ /AndyTheCoach/
or,
On Fri, 2013-02-22 at 12:20 -0800, Marc Perkel wrote:
We need a rule to catch this. It looks like more data than it is but
it's really little more than a single link. Like to see a rule that
identifies it.
---262101065-1882747875-1361559395=:62570
Content-Type: text/plain;
On Thu, 2013-02-14 at 13:18 +0100, Benny Pedersen wrote:
Martin Gregorie skrev den 2013-02-11 16:41:
Maybe there's a case for classifying mail as ham/spam by reading the
raw
mail instead of looking at it with an MUA and being shown the HTML
part?
why is it needed ?, if mua clients
On Tue, 2013-02-12 at 14:15 -0500, David F. Skoll wrote:
header RELAY_NOT_US X-Relay-Countries =~ /\b(?:[A-TV-Z][A-Z]|[A-Z][A-RT-Z])\b/
Shouldn't that be:
header RELAY_NOT_US X-Relay-Countries=~ /\b(?:[A-TV-Z][A-RT-Z])\b/
of course. Sorry!
BTW, its no wonder so much spam cones from the
On Mon, 2013-02-11 at 16:00 +0100, Benny Pedersen wrote:
Den 07-02-2013 17:13, Marc Perkel skrev:
Because when a message uses invisible text to poison bayes then I
don't want to learn that because it will make bayes less effective.
that still does not make sense, if you say an hidded word
On Fri, 2013-02-08 at 13:26 -0600, Mike Grau wrote:
Hello folks.
In 20_body_tests.cf (SA 3.3.2) there is this rule:
body TRACKER_ID /^[a-z0-9]{6,24}[-_a-z0-9]{12,36}[a-z0-9{6,24}\s*\z/is
What is the \z in the regex?
According to the O'Reilly Camel Book, Programming Perl, \z matches
On Fri, 2013-02-08 at 14:04 -0600, Mike Grau wrote:
Martin Gregorie wrote:
On Fri, 2013-02-08 at 13:26 -0600, Mike Grau wrote:
Hello folks.
In 20_body_tests.cf (SA 3.3.2) there is this rule:
body TRACKER_ID /^[a-z0-9]{6,24}[-_a-z0-9]{12,36}[a-z0-9{6,24}\s*\z/is
What is the \z
On Wed, 2013-02-06 at 17:45 +0200, Eliezer Croitoru wrote:
Sorry but I didn't had much time to understand all of the rules syntax.
When developing a meta rule that combines subrules there';s littlew
point in writing descriptions for the subrules. In addition I find its
helpful to do the
Is anybody else seeing the forwarded message shown below?
Is it just a temporary glitch?
I didn't realise that yerp is part of the standard rule set: I've never
added it to my configuration.
Martin
Forwarded Message
From: Cron Daemon r...@gregorie.org
To: r...@gregorie.org
On Sat, 2013-02-02 at 19:26 +0200, Eliezer Croitoru wrote:
I have specific mail address which I get messages couple times with a
basic pattern which I want to block.
I started reading:
http://wiki.apache.org/spamassassin/WritingRules
And I would be very happy to get some notes and help
On Sat, 2013-02-02 at 20:23 +0200, Eliezer Croitoru wrote:
On 2/2/2013 7:39 PM, Martin Gregorie wrote:
In that case something like this would work:
describe EC_BANNED_ADDRESS Mail from a spamming address
header EC_BANNED_ADDRESS From =~ sender@spamming_address
score
On Thu, 2013-01-24 at 01:41 -0800, tony wrote:
centos 5.8 server running spamassassin-3.3.1-2.el5
I've been using spamassassin for three years and during that period it's
been doing a great job of keeping spam down to almost zero but in the last
couple of weeks I've seen and increase in junk
Last night [Fri, 18 Jan 2013 04:30:01 + (GMT)] I got:
channel: SHA1 verification failed, channel failed
Spamassassin rules update failed: error=4
when a cron job attempted to run sa_update. Has anybody else seen this?
Martin
On Fri, 2013-01-18 at 07:02 -0500, Kevin A. McGrail wrote:
On 1/18/2013 6:24 AM, Martin Gregorie wrote:
On Fri, 2013-01-18 at 05:28 -0500, Kevin A. McGrail wrote:
What channels do you update and what version of SpamAssassin?
SA 3.3.2
sa-update version svn917659
running on Perl
On Fri, 2013-01-18 at 13:04 -0500, Kevin A. McGrail wrote:
If you can keep -D on for a few days or weeks and send in
any errors you get, that would be great.
OK
Martin
On Thu, 2013-01-10 at 19:49 -0500, Kevin A. McGrail wrote:
Do the scenarios you have identified cover all current usage of spamd?
The only use scenario I mentioned is entirely my own: I make no claims
that anybody else uses spamc in the same way.
Specifically things like MTAs that integrate
On Thu, 2013-01-10 at 15:59 +0100, Tom Hendrikx wrote:
Since EX_TOOBIG is not really a temporary condition, I'm not sure if
that condition and the semantics of -X from the patch actually helps.
I'm thinking that it might be better to have a switch with the semantics
'Change all temporary
On Thu, 2013-01-10 at 11:51 -0500, Kevin A. McGrail wrote:
Overall, what we almost need is Usage scenarios and appropriate
parameters. Then we can identify scenarios with missing parameters to
support.
Its been a while since I had to go near my spamc configuration, so I've
just had a look
On Thu, 2013-01-10 at 23:16 +0100, Tom Hendrikx wrote:
Yes, that is why I was discussing the different options available.
Adding another 17 switches for different scenarios is ugly, the existing
6(!) already look disappointingly overcomplicated to me. So I'd be happy
to contribute a patch that
On Fri, 2013-01-11 at 00:20 +0100, Tom Hendrikx wrote:
Reviewing my previous suggestion, I mostly agree with the above, and
meant this too (but with wrong words). I meant to provide the user with
consistent behaviour for:
1) always exit with EX_OK, disregarding actual processing outcome or
On Sun, 2012-12-30 at 19:13 +0200, Jari Fredriksson wrote:
Seems to be a brain dead idea from JBoss/Red Hat to create such a system
in internet
- web gui for discussions
This alone is bad enough if you don't do proper validation of would-be
members. The WINE project, which also did user
On Fri, 2012-12-28 at 21:48 -0800, Sean Tout wrote:
I have practically given up on the original
perl code since I'm unable to find out the issue. With spamc, I can get a
decent performance.
IMO, unless you need the extra facilities of amavis-new or one of the
other smart wrappers for SA and
On Fri, 2012-12-28 at 16:51 -0800, Sean Tout wrote:
Hi John,
Thank you much for the help. I have been trying to avoid executing
spamassassin shell commands from perl since it takes a significant amount of
time~=12 seconds for each email. I have tried the below script, which works
but of
On Tue, 2012-12-04 at 07:02 -0500, David F. Skoll wrote:
On Tue, 04 Dec 2012 11:12:54 +0100
Andrzej A. Filip andrzej.fi...@gmail.com wrote:
Have you tried/considered scoring based on headers only?
Does anybody have statistics on the type and number of components in
messages that exceed the
On Mon, 2012-12-03 at 07:23 -0800, Gary Funck wrote:
Since this is a Spam Assassin list: Is there a way of disabling
grey listing, but still receiving some benefit from the principle
that mail received from a first time or infrequent sender should
be looked upon with some suspicion?
Yes. If
On Mon, 2012-12-03 at 07:27 -0800, Gary Funck wrote:
On 11/29/12 10:44:54, John Hardin wrote:
You will probably want to put a little effort into maintaining lists
of regular correspondents who can bypass greylisting. There may be
tools to automate that, e.g. to whitelist someone a local
On Fri, 2012-11-23 at 02:25 +, Chih-Cherng wrote:
Martin Gregorie martin at gregorie.org writes:
On Tue, 2012-11-20 at 01:26 +, Chih-Cherng wrote:
Notification help raise victims' security
awareness, and motivate them to fix vulnerabilites within their computers.
I
On Tue, 2012-11-20 at 01:26 +, Chih-Cherng wrote:
Notification help raise victims' security
awareness, and motivate them to fix vulnerabilites within their computers.
I have my doubts about this. I have friends who help at retiree's
computer clubs and with disinfecting their friend's
401 - 500 of 1056 matches
Mail list logo
