On Tue, 2009-07-28 at 09:01 -0700, John Hardin wrote:
> On Tue, 28 Jul 2009, Martin Gregorie wrote:
>
> > Finally a personal point: PLEASE don't implement smilies/emoticons as
> > part of the forum. The WINE mailing list often contains messages from
> > the li
> I have now registered http://www.spamassassin-forum.com
> spamassassin-forum.com and I will make sure that the first sticky thread
> on the forum to be, contains a link to your list, so that our users are free
> to choose. I'm not doing this to compete but to complement. I hope you
> understan
On Thu, 2009-07-23 at 12:25 -0400, Dan Schaefer wrote:
> > Are you quite sure that an upstream copy of SA, e.g. in your ISP or at a
> > sender site that scans for outgoing spam, hasn't already added X-*
> > headers to the message?
> >
> >
> > Martin
> >
> >
> No. Is that even possible to track d
Dan Schaefer wrote:
>
> If this is the case, then why does my email have the X-* headers in
> it? I have nothing in my postfix header_checks to discard the BL
> rules. Does anyone have a detailed flow chart of SA/postfix setup and
> describes blacklisting? Or even a webpage describing the proces
On Thu, 2009-07-23 at 10:48 -0400, Dan Schaefer wrote:
> > I have a postfix/SA setup and I was wondering if anyone knew how to
> > COPY an email marked as spam instead of redirecting.
> > Not this:
> > /^X-Spam-Flag: YES/ REDIRECT spam...@example.com
> >
> This should work, right?
> http://onetf
On Thu, 2009-07-23 at 04:14 +0300, Jari Fredriksson wrote:
> If you postfix calls SpamAssasin directly as configured
> in /etc/postfix/master.cf I have no ideas.
>
I think you can run a script that calls spamc rather than spamc itself.
The script could use grep or (better) awk[1] to search for sp
> Thanks Matus for the advice. I wasn't aware of that but am trying to learn
> as quickly as I can. Is there a command that I can run to tell me what the
> OS/distro package manager is? I'm using CentOS 5 with DirectAdmin as my
> hosting manager.
>
CentOS is heavily dependent of RedHat, so it prob
> I've learned a lot over the past year, and I now think some of these
> patterns may be catching valid mail, so I'd like to figure out how
> best to prune at least the ones that are no longer triggered or are
> triggered but don't cause the email to become spam. IOW, the message
> would be spam re
> put any custom rules in the database, and modify the spamd? start
> scripts to write the custom rules to flat files. modify your update
> program to signal a spamd reload every time you modify the rules, or,
> use unison. we use unison (not for our VPS spam clusters) but for
> syncing flat file
On Mon, 2009-07-13 at 12:03 +0200, Matus UHLAR - fantomas wrote:
> On 10.07.09 10:28, Admin wrote:
> > I do not see spamassassin processing information in the SMTP header of
> > incoming messages. So I am fairly sure that the processing is not
> > working. I am hoping to get the postfix->proc
On Fri, 2009-07-10 at 06:12 -0700, MrGibbage wrote:
> Just a little off topic here, but relevant. When I test SA, I log into a
> bash shell. I set my environment variables in .bash_profile (loading
> changes with the 'source' command).
>
I use spamc/spamd and the answer is simple. I use a script
On Thu, 2009-07-09 at 08:50 -0400, Steve Bertrand wrote:
> My question is, given that the messages have already been processed by
> the 'cuda's (with their header stamps in place), am I damaging, or at
> risk of confusing the learning process of SA when I classify these
> messages as SPAM?
>
Not r
On Tue, 2009-07-07 at 14:33 +0200, Peter Daum wrote:
> Just for clarification:
>
> - I guess, your answer implies that the only way to write a rule where each
>of several tests must match is via such a "meta" rule? (i.e. there is no
>way to write a "regular" rule with multiple tests that m
On Tue, 2009-07-07 at 09:43 +0200, Peter Daum wrote:
> Is there a simpler and better way to specify that all tests in a rule
> have to match? (or, just for symmetry, to say that a test should
> not match)?
>
describe RULE Combined tests
header__R1 From=~/something/
header__R2 User-Age
My logwatch add-in has now been modified to work entirely from spamd log
messages, installed, tested and is now running as part of my standard
logwatch setup. It is available for download from:
http://www.gregorie.org/computing/spamscan/spamscan.tgz
On Mon, 2009-07-06 at 03:04 -0700, chauhananshul wrote:
> I'm new to linux world can some one please help in understanding .cf &.pm
> files.
> I've used .cf files from http://www.rulesemporium.com i used to copy in
> /usr/share/spamassassin/ & it works but at some sites both .pm & .cf fiels
> are a
On Fri, 2009-07-03 at 12:45 -0400, Daniel Schaefer wrote:
> Cool. Having it as part of the Logwatch report would be just fine with
> me. I have created a short logwatch script to count and show me a
> running total of each spam score number, but your script I'm sure is a
> lot better than mine.
On Fri, 2009-07-03 at 12:03 -0400, Daniel Schaefer wrote:
> If you have found something similar to this, good. If you have created
> your own script to do this, better. If Spamassassin has this script
> created already and I missed it, even better.
>
I wrote my own but it is somewhat specialized
On Thu, 2009-07-02 at 14:15 -0400, Rosenbaum, Larry M. wrote:
> > And, please tell me of problems.
>
> > pdftohtml is imho not found in gentoo, but pdf2html is maybe the same ?
>
> It appears that "pdftohtml" is only available as a Windows executable
> (on Sourceforge). I need something that wi
> So you want obfuscated urls to be recognised as urls but not treated as
> urls?
>
Of course. Its spam.
> If this is just for a few own pcre body rules, I'd suggest you to
> handle those de-obfuscations in your rules.
>
Guess what I'm doing.
> You can also publish your own plugin, if you think t
On Tue, 2009-06-30 at 13:14 +0200, Jan P. Kessler wrote:
> Martin Gregorie schrieb:
> >> ... go to WWW EVIL ORG for new meds ...
> >>
> >> and
> >>
> >> ... digging through the WWW HE SAW this link ...
> >>
> > Both IMO should be ca
> ... go to WWW EVIL ORG for new meds ...
>
> and
>
> ... digging through the WWW HE SAW this link ...
>
Both IMO should be caught and given a positive score. I've never seen
legitimate mail containing URLs written this way.
> And what about URLs that don't start with WWW, like
>
>
On Mon, 2009-06-29 at 02:45 +0100, Lee wrote:
> I've yet to grasp the purpose of SpamC and/or SpamD on Windows in my
> kind of scenario. I've seen mention of them a lot in my web searches,
> but all I think I have yet grasped is that SpamC makes the mail
> filtering faster due to a multi threade
On Sun, 2009-06-28 at 09:01 +0100, rich...@buzzhost.co.uk wrote:
> On Sun, 2009-06-28 at 11:23 +0930, Cory Hawkless wrote:
> > Ahh, I have played with regexbuddy but when copy and pasting the SA
> rules in it does strange things that are inconsistent with the result
> i get from SA, These recent sh
On Wed, 2009-06-17 at 18:02 +0300, Ibrahim Harrani wrote:
> http://pastebin.com/m6a027715
> http://pastebin.com/d2c94dba0
> http://pastebin.com/m21c9df0
> http://pastebin.com/m775253b7
These all have three things in common:
- the MIME type of the image attachment doesn't match the attached image
On Wed, 2009-06-17 at 14:50 +0200, Paweł Tęcza wrote:
> Sorry, but it's not academic, because we are not talking only about spam
> messages received by Ibrahim. It's discussion about "BAD GOOD PENIS"
> spam at all. I agree that Subject header for that spams often includes
> sex-related words, but i
Many thanks. That's exactly what I wanted to know.
Martin
On Mon, 2009-06-15 at 15:13 +0200, Jonas Eckerman wrote:
> Martin Gregorie wrote:
>
> > Now I'd like to configure the database configuration details from a .cf
> > file, preferably the one containing the ass
I'm developing an SA plugin to whitelist incoming mail from the contents
of a database-based mail archive. The plugin and associated rule are
working, but only because I've hard-coded the database type, name, user
name and password in the plugin's 'new' method.
Now I'd like to configure the databa
On Tue, 2009-06-09 at 14:58 +0200, Karsten Bräckelmann wrote:
> On Tue, 2009-06-09 at 04:46 -0700, Stefan Guenther wrote:
> > Karsten Bräckelmann wrote:
>
> > > > Some sw components to be ruled out:
> > > > - this isn't amavisd-new doing it, at least none of the official
> > > > versions;
> > >
>
On Tue, 2009-06-09 at 00:39 +0200, Benny Pedersen wrote:
> does there exists a perl-cleanup in you distro ?
>
There's not a general one. On the assumption (true for Fedora) that both
Perl and SA are distro supported packages, if I was tackling this I'd do
the following:
- make safety copies of SA
On Mon, 2009-06-08 at 07:17 -0700, ktn wrote:
> I am also starting to get a lot of these ".rtf attachment only with no email
> body text" spams. Unfortunately, we use hostmonster.com for our email so my
> ability to customize SA is greatly limited (i.e. I cannot use custom rules).
>
You can, of c
On Mon, 2009-06-08 at 15:41 +0200, Arvid Picciani wrote:
> Hi,
> i'm getting _massive_ amounts of backscatter and some of the offenders
> are listed in dnswl.org.
> is there anything i can do about that?
> thanks
>
Has your domain got an SPF record? If not, setting one up may well help.
Some time
On Thu, 2009-06-04 at 18:32 -0400, Jeff Mincy wrote:
> From: Martin Gregorie
>
> Wouldn't it be easier to run another spamd on a different machine for
> rule development and testing? Or perhaps just running as a different
> 'test' user, and then ignore log
On Wed, 2009-06-03 at 10:47 -0400, jp wrote:
> It's getting a little off topic, but keeping old hardware because it
> still works can be a bit of a false economy. Yeh, it's nice to have it
> working and useful rather than landfill. But on the other hand, they are
> so inneficient as far as watts
On Wed, 2009-06-03 at 09:41 -0400, Bob Cohen wrote:
> Sorry for the dumb question but I can't seem to find the answer in the
> documentation or by googling. I'm trying to follow the Integrated
> Spamd In Postfix recipe
> (http://wiki.apache.org/spamassassin/IntegratedSpamdInPostfix
> ). How
On Wed, 2009-06-03 at 00:48 -0700, ryefish wrote:
> Hello: I am attempting to configure SA to mark as spam all email from
> Top-Level-Domains other than .com, .net, and .edu.
> I have found three possible ways to do this. Which if any is the preferred
> method:
>
> 3) Create custom rule:
>d
How difficult would it be to let spamc control spamd's logging output on
a per-message basis?
My reason for asking is this: I maintain a body of spam that I use to
develop and regression test local rules and, during rule development,
use spamc to pass the test messages through my only copy of spa
On Tue, 2009-05-26 at 17:49 +0200, Matus UHLAR - fantomas wrote:
> On 26.05.09 11:23, Martin Gregorie wrote:
> > Yes - comparing MIME image type to the file extension is already
> > obsolete.
>
> Are you sure? Have you made any measures that tell such comparision is
> use
On Tue, 2009-05-26 at 10:20 +0200, Matus UHLAR - fantomas wrote:
> Well, first issue was only to compare file extension to provided mime type,
> so it would hit .gif file of type image/jpeg
>
> >> or do we need a FileType plugin?
>
Yes - comparing MIME image type to the file extension is already
o
On Tue, 2009-05-19 at 15:05 +0200, Michael Monnerie wrote:
> Nope. It needs to modify the body as well. We have a lengthy "this is
> SPAM" text in the beginning of recognized Spam, with the original mail
> attached. this way, it cannot "happen" that users "accidentally" click
> on stupid Viagra lin
On Tue, 2009-05-19 at 03:03 +0200, Michael Monnerie wrote:
> Yes, I want to use spamc. But what parameters does it need to remove
> existing spam markup, just like "spamassassin -d" does?
>
I don't think it does that, but it should be easy enough to add the
option and submit the result as a pat
On Sun, 2009-05-17 at 19:11 -0600, LuKreme wrote:
> On 17-May-2009, at 01:42, Michael Monnerie wrote:
> > fetchmail -asnp IMAP --folder autolearn --user $username -m "formail
> > -s
> > |spamassassin -d >>/tmp/x" $mailserver
>
Switch to using spamc/spamd and this way of using SA is OK.
Start t
On Fri, 2009-05-08 at 09:27 -0400, Randy wrote:
> Also they changed the name
> and image ( slightly ) . Now the image is "Gibas.png" or at least, they
> are using this too.
>
They're using a variety of names these days, but all following the fprm
you quote: PersonalName.png. I've decoupled my ima
On Wed, 2009-05-06 at 02:08 +0100, Ned Slider wrote:
> I had one sneak through today which didn't hit any rules at all (it hits
> a few DNSBLs now but not when I received it). It contained an inline png:
>
> Content-Type: image/png
> Content-Transfer-Encoding: base64
> Content-Disposition: inline
On Tue, 2009-05-05 at 14:16 +0200, "Adam Cécile (Le_Vert)" wrote:
> Both my personnal and pro. emails get this stupid spam.
> Here is the image: http://dedibox.le-vert.net/divers/DSC.png
>
> Is there any rules that can block it ? It seems the picture is always
> the same.
>
Most stop these mes
On Fri, 2009-05-01 at 14:04 -0400, Adam Katz wrote:
> mimeheader __DSCL4_PNG Content-Type =~ /name\=\"DS[CL]\d{4,5}\.png\"/
> body __PNG_240_400 eval:image_size_exact('png',240,400)
> meta DSCL4DIG_PNG __DSCL4_PNG && __PNG_240_400
> describe DSCL4DIG_PNG Supposed digital camera photo is
On Fri, 2009-04-10 at 14:05 -0400, martes wrote:
> Thanks for the tips guys.
>
> In response to the simpler of the two inquiries, after using the
> syslog switch, I am only able to get the logs sent directly to
> spamd.log, so the frequent archiving that syslogd does is not going to
> be done for
On Fri, 2009-04-10 at 12:13 -0400, martes wrote:
> Where should I start in troubleshooting this type of issue?
>
Are you getting rules updates? If not, that could have a bearing.
Running sa_update as a daily or weekly cron job is pretty much a fire
and forget solution.
> I have not had the time
Has anybody else noticed spam coming from dmulk.com?
It seems to be associated with Yahoo: its in their IP space, has MX
addresses pointing to Yahoo mailservers, is a cname for one of Yahoo's
servers. www.dmulk.com is a Californian biker's blog so its probably
within the Yahoo blogosphere.
Marti
As promised, today I've put my local rule monitoring script on my
website along with my spam killer. They are downloadable from:
http://www.gregorie.org/computing/index.html
The downloads you want are all referenced under 'Topics':
spamscan - the rule monitoring Perl script
spamkiller - delet
On Mon, 2009-03-30 at 19:26 +0200, Benny Pedersen wrote:
> On Wed, March 25, 2009 17:59, Arvid Ephraim Picciani wrote:
> > http://codepad.org/W53onqK9
>
> > and changing to fast to make custom rules.
>
> use rules that catch on non fqdn would be a pointer
>
I have a rule I wrote a few months ago
On Sat, 2009-03-28 at 17:28 -0600, LuKreme wrote:
> On 28-Mar-2009, at 15:32, RobertH wrote:
> > i have problems with the cabletv.org email list.
>
> Why re you running SA over known list messages?
>
I'm a member of four lists that are not moderated and do not restrict
access to paid-up members o
On Sat, 2009-03-28 at 14:32 -0700, RobertH wrote:
> hello
>
> i have problems with the cabletv.org email list.
>
> it is hosted on a charter static and has wierd reverse dns etc etc blah.
>
> so, almost always scores as spam
>
> here is what it is tripping on...
>
> 0.7 FH_HOST_EQ_D_D_D_
On Sat, 2009-03-28 at 10:36 -0400, Gene Heskett wrote:
> On Saturday 28 March 2009, Martin Gregorie wrote:
[snippage]
> >Total mail 2968 messages
> >Spam 198 messages
> >MG_LIVESP91 hits
> >MG_LIVESF22 hits
>
> How did you generate this
On Sat, 2009-03-28 at 07:48 -0400, Steven W. Orr wrote:
> I was wondering if anyone had an incantation for this one.
>
I see that the message is there to punt a spaces.live.com website.
I'm using a meta rule to recognise messages containing a spaces.live.com
URI but that are not sent from that do
On Mon, 2009-03-23 at 10:46 -0400, klowther wrote:
> I started suddenly getting lots of bounces. I'm using the latest
> Mandriva. I have traced it down to EVERY email getting points from
> uribil and surbil. I checked one list on surbil and it isn't listed. I
> guess I need to know how to fi
On Mon, 2009-03-23 at 15:44 +0100, Ivan Savcic wrote:
> The goal is to put the regexes, which are being searched for in the
> body of the mail, out of the configuration file, to avoid clutter and
> to allow easy addition of new regexes.
>
But have you got a plot for compiling the regexes when they'
On Wed, 2009-03-11 at 15:16 -0400, spamassas...@corwyn.net wrote:
> v=spf1 a mx ptr
Interesting: I just pointed thre SPF testing tools at
http://www.kitterman.com/spf/validate.html at sinister.net. That
retrieved:
spf1 ip4:75.180.132.0/24 mx include:aspmx.googlemail.com
include:mail.zoneedit.com
On Thu, 2009-03-05 at 21:31 +0800, Adi Nugroho wrote:
> I found that a lot of spam is using recipient email address as the sender.
> (from a...@internux.co.id to a...@internux.co.id, or from i...@apache.org to
> i...@apache.org).
>
The only disadvantage is that you'll label test messages as spam.
On Wed, 2009-03-04 at 16:31 +0100, Kai Schaetzl wrote:
> John Hardin wrote on Wed, 4 Mar 2009 06:17:16 -0800 (PST):
>
> > ("Oops! Disk failure! Well, that was trash, you can afford to lose
> > that.")
>
> thanks for the laugh :-)
>
How many of you have seen the BOFH (Bastard Operator From Hell)
On Sun, 2009-03-01 at 12:51 -0500, Albert E. Whale wrote:
> Now we are getting the following:
>
> Date: Sun, 1 Mar 2009 07:24:14 -0800 (PST)
> From: Matty Hermann
> Reply-To: obey1939stet...@yahoo.com
> Subject: Hey! This is Rachelle from Mount Olive, Alabama. Wanna date?
>
> Meet a gal, take he
On Sat, 2009-02-28 at 21:02 +, Ray wrote:
> Karsten Bräckelmann rudersport.de> writes:
>
> > On Thu, 2009-02-26 at 16:12 +, Ray wrote:
> > > Is there a feature like PostFix's `postconf` to display the currently
> > > parsed
> > > and calculated config?
> >
> > That pretty much equals yo
On Fri, 2009-02-27 at 11:56 +0100, Michelle Konzack wrote:
> Hello,
>
> since 2009-02-25 I become bombed by arround 430.000 spams like the one
> below and I had to decrease my spamscore, since I was not able to
> disable this crappy test of RCVD_IN_DNSWL_LOW which persists.
>
Have you tr
On Mon, 2009-02-23 at 21:41 -0500, Gene Heskett wrote:
> Sounds neat, but I know squat about java, sorry.
>
OK, I think something like this should match:
header UNDISC_RECIP To ~= /un(disclos|list)ed( |-)recipient[:;]{1,2}/i
Disclaimer: this has not been tested or compiled
As I said before, I
On Mon, 2009-02-23 at 20:00 -0500, Joseph Brennan wrote:
> Martin Gregorie wrote:
>
> > The string "Undisclosed recipients:" is
> > actually a legal group address name.
>
>
> No, it is not. It needs to be closed with ';' to be
On Mon, 2009-02-23 at 17:55 -0500, Gene Heskett wrote:
> Anybody got an idea how the spammers have managed that?
>
Sorry, I can't help with the invisible stuff, but I do know a little
about the other part of your question:
> And better yet, how to defend against it as I'd like to /dev/null any me
On Sat, 2009-02-21 at 10:30 -0500, Gene Heskett wrote:
> Fedora 8. What packages should I install?
>
I use spamc/spamd with Fedora 8. If your system has been kept fully
updated you should see this:
# yum list perl spamassassin
Installed Packages
perl.i386 4:5.8.8-41.fc8 i
On Fri, 2009-02-20 at 17:01 -0600, Lindsay Haisley wrote:
> On Fri, 2009-02-20 at 16:54 -0500, Chris Hoogendyk wrote:
> > Perhaps just because someone has the Chutzpah to try to patent it and
> > the patent office hasn't a clue. Technology of all sorts has moved too
> > quickly for the patent off
> Feel free to mangle it, I'd appreciate a copy of any wider ranging
> working versions though.
>
Here's what I've been using for quite a while. It was written when there
was a spate of spam punting LiveSpace websites:
header __MG_LSP1 From =~ /spaces\.live\.com/i
uri __MG_LSP2 /^http:.{1,
On Thu, 2009-02-19 at 14:50 +, Nigel Frankcom wrote:
> Hi All,
>
> I've written the following rule to deal with spam a particular set of
> users are getting hit by that very few of my rules are hitting.
>
> Using --lint the rule come back clean but on testing it appears to be
> ignored. It's
On Sun, 2009-02-15 at 02:05 +0100, Karsten Bräckelmann wrote:
> Lindsay, if you end up doing some benchmarking, please let us know. I
> wouldn't be surprised if you're actually the first one to do this across
> the Internet. :)
>
Just a thought. Since getting message sizes and counts on traffic
be
On Fri, 2009-02-13 at 18:01 +0100, Benny Pedersen wrote:
> On Thu, February 12, 2009 19:29, John Hardin wrote:
> > Ultimately that's what you have to do. The only way to automatically
> > filter 100% of spam is to unplug your MTA from the 'net.
>
> unless one implement policyd to whitelist known s
On Thu, 2009-02-12 at 16:04 -0600, McDonald, Dan wrote:
> On Thu, 2009-02-12 at 19:10 +0000, Martin Gregorie wrote:
> > On Thu, 2009-02-12 at 12:50 -0500, Kris Deugau wrote:
> > Is there any way that greylisting can be implemented that would allow
> > users to opt in/out o
On Thu, 2009-02-12 at 12:50 -0500, Kris Deugau wrote:
> John Hardin wrote:
> > Do you greylist?
>
> Not currently. I'm not sure it's a useful option for a core ISP mail
> system, either; a LOT of the more vocal customers are the ones who
> expect email email to approximate instant messaging...
On Wed, 2009-02-11 at 19:29 +, Ned Slider wrote:
> Martin Gregorie wrote:
>
> > This backscatter is precisely what SPF records are meant to alleviate.
> > You should have a valid SPF message set up for every registered domain
> > handled by your mail servers.
&g
On Wed, 2009-02-11 at 11:10 -0600, Karl Boyken wrote:
> > Hello,
> >
> > I've got SA with a few features installed and it's working great and
> > has been for a while.
> >
> > However, over the past few weeks I've had a few select users complain
> > about receiving 3-4 thousand bounce message
On Fri, 2009-02-06 at 13:06 -0800, nambi wrote:
> then gets emailed to f...@mydomian.com then the fax server periodically
> checks for queued mail then receives faxes out then emails back the result.
>
Please describe your system in a little more detail on a few points:
1) Describe the path inco
On Fri, 2009-02-06 at 12:52 -0800, Nandini Mocherla wrote:
> I am new to postfix/SpamAssassin and thinking for a way to block the
> email address which does not come from that domain. For example, if
> someone with a @xxx.com email sends to a list it must come from a server
> in the xxx.com doma
On Thu, 2009-02-05 at 14:47 -0800, asimsinan wrote:
> Hi.
> I am currently working on a project. We have thousands of emails and we want
> to scan through these emails.These emails are stored in files.Each file
> contains email headers and content. How can I scan those saved emails with
> spamassas
On Tue, 2009-02-03 at 14:46 -0500, Andre wrote:
> However, we can't find a way to tell exim to connect via SSL (basically
> the equivalent of 'spamc -S').
>
> So, how do we enable SSL here? Is anyone running a similar setup? Are
> we just missing something? Other stories to tell...
>
Would settin
On Fri, 2009-01-30 at 12:56 -0800, Kenneth Porter wrote:
> IE had a nasty habit of ignoring the MIME type in HTTP headers and
> rendering HTML even when one wanted it displayed as text/plain. So it
> wouldn't surprise me if Outlook (Express) had the same annoying
> "helpfulness".
>
I've wasted
On Thu, 2009-01-29 at 22:31 +0100, Kai Schaetzl wrote:
> Jeremy Davila wrote on Thu, 29 Jan 2009 12:18:48 -0500:
>
> > I meant a SA log file with history of how much spam we took in for the day
> > and their scores.
>
> This very much depends on the calling program. AFAIK, SA by itself doesn't
On Mon, 2009-01-26 at 11:46 +0100, R.Smits wrote:
> Hello,
>
> I have searched the archives, but not found a clear answer to this...
> maybe someone can give me a hint.
>
> I have a few strings that i want to use with a meta rule.
>
> example :
> ---
> body __WORD_01 /string1/
> body __W
On Wed, 2009-01-21 at 16:53 -0800, malatio wrote:
> How could I hook spamassassin up to a script that connects to my db (mysql)
> and marks a message as non-spam if it finds that the 'To' address is found
> in a certain table?
>
Write a plugin that does the lookup and returns a reply that can be u
On Fri, 2009-01-16 at 18:51 +, Rik wrote:
> On Fri, 2009-01-16 at 19:25 +0100, Matus UHLAR - fantomas wrote:
> > On 16.01.09 11:26, Helmut Schneider wrote:
> > > can I (and if how) create a filter that catches mails _from_and_to_
> > > specific email addresses? It should only apply if a specif
On Mon, 2009-01-19 at 09:51 -0500, Matt Kettler wrote:
> Rasmus Haslund wrote:
> > Hi,
> >
> > Sorry if this seems like a stupid question but I am just trying to
> > understand the config files better.
> >
> > For example these:
> >
> > header __RCVD_IN_NJABL eval:check_rbl('njabl', 'combine
On Fri, 2009-01-09 at 03:58 -0800, dave_c00 wrote:
> Thanks,
>
> I am now trying to edit my .qmail- file to filter it and send it on
> but am having no luck in getting it working. The original file looked like
> this:
>
Obvious question: did you also install spamd and is it running as a
daemon?
On Thu, 2009-01-08 at 23:12 +0300, JVlad wrote:
> >> sendmail + spamassassin milter (written by Georg C. F. et al)
> >> everything works great so far, except I need to save the spamassassin
> >> results (score+sender) and do this synchronously, right after the score
> >> is calculated.
> >
>
What
> If you are running Linux, there IS a package manager installed. We
> simply need to figure which one. It would help if you know the flavor on
> Linux you are using. I know the hosting company does because they
> probably asked which distro. you want to use.
>
One way to get more details of ex
> Could someone tell me what configuration file i need to change in order
> to
> change the email address this email is being sent to?
>
> ***
>
> I'd check crontab (crontab -l as root, list /var/spool/cron and
> /etc/cron.* and /etc/crontab) for what is running at the time the mail
> is sent
On Sun, 2009-01-04 at 21:51 -0800, Bijayant wrote:
> 2) What should I do to whitelist the senders because, if I will whitelist
> the senders then it will not check for the Spam and the mail will passed
> without the spam TAG.
>
I have a database containing an automatically built list of everybody
On Wed, 2008-12-31 at 22:47 -0600, Chris wrote:
> I've been working on updating to MDV2009 and have SA installed. Fetchmail
> fetches ok, procmail is tossing to the folders, but, SA seems not to be
> scanning. I can scan a message from the cli but whereas before it would
> score mail to my inbox
On Tue, 2008-12-30 at 15:36 +0100, Arvid Ephraim Picciani wrote:
> On Tuesday 30 December 2008 12:44:09 Bijayant wrote:
> > Hi,
> >
> > I am a newbie so please excuse me if its a very silly question. I have been
> > searching the forums and Internet about my query but could not found
> > satisfacto
On Tue, 2008-12-23 at 15:42 -0500, Christopher X. Candreva wrote:
> I have one particular user being hammered by porn spam from freemail
> accounts, mostly Yahoo and live.com . These are getting by existing
> rules, including 70_sare_adult_cf .
>
You may find this following approach. Its aim is
On Wed, 2008-12-17 at 15:49 -0500, Greg Skouby wrote:
> http://pastebin.com/m791c34be
Here's just the SA headers:
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
zoogz.gregorie.org
X-Spam-Level: *
X-Spam-Status: No, score=5.5 required=6.0
tests=FORGED_MUA_EUDORA,MG_SEX1,
U
On Sun, 2008-12-14 at 14:57 +0100, Arvid Ephraim Picciani wrote:
> HI,
> what was the solution again for windows live spam? It hit me finally.
> (does this list have a search facility?)
>
Here's mine. This targets livespace spam:
- not sent from a livespace address
- sent via the Sourceforge lists
I've been getting a bit of spam recently via Sourceforge mailing lists
that punts live.space websites. As this is easy to detect without
running much risk of FPs, I've written a rule.
describe MG_LIVESF Spam via SourceForge but contains spaces.live.com URI
uri __MG_LSF1 /^http:.{1,40}\.sp
On Fri, 2008-12-05 at 10:04 -0500, Ray Jette wrote:
> Sorry if this is off topic. I am using a Microsoft DNS server. I am
> putting a big load on it with Mailscanner / Spamassassin and MTA RBL's.
> Would you recommend that I use a local BIND Cache server? Does anyone
> have any good resources as
On Thu, 2008-12-04 at 15:20 -0600, Matt wrote:
> Is there a way to tell Spamassassin to whitelist a dynamic list of
> IP's in a file? I have have a dynamic list of IP's called ./pop_hosts
> that have checked email by pop3 within last 15 minutes and I would
> like to white list them all if thats po
On Tue, 2008-12-02 at 05:55 -0500, Matt Kettler wrote:
> You need a second parameter to whitelist_from_rcvd. The second parameter
> is the hostname (or fragment thereof) that should be found in the
> Received: headers generated by the last internal host (ie: your mx).
> This part does assume that
901 - 1000 of 1073 matches
Mail list logo