Using Sendmail.
I added milter-regex which allows very simple rules eg.
reject "Unsolicited Spam" - make this as rude as you like.
body /I RECORDED YOU/i
Done and dusted.
It's available as an RPM frpm epel for RedHat and variants.
*** REPLY SEPARATOR ***
On 11/11/2023 at
another email in future.
Relief...
*** REPLY SEPARATOR ***
On 17/12/2021 at 1:16 AM Peter wrote:
>I just want the command to work as advertised. It worked for AWL on my
>older system, made life a lot easier.
>
>
>*** REPLY SEPARATOR ***
>
>
to your posts?
Is this post better?
*** REPLY SEPARATOR ***
On 16/12/2021 at 9:28 PM Antony Stone wrote:
>On Thursday 16 December 2021 at 21:21:28, Peter wrote:
>
>> I was thinking that replies would show up here.
>
>> Perhaps I should create an account on a ma
on a mail server without RBL blocking?
*** REPLY SEPARATOR ***
On 16/12/2021 at 10:01 AM Greg Troxel wrote:
>Hey Peter: Your mailserver appears to be a bit aggressive and is
>blocking mail from people on the list who are replying to you:
>
> : host acemail1.ace.net.au[15
I just want the command to work as advertised. It worked for AWL on my
older system, made life a lot easier.
*** REPLY SEPARATOR ***
On 16/12/2021 at 9:36 AM Greg Troxel wrote:
>"Peter" writes:
>
>> New to TXrep, the manual says the add-addr-to-whiteli
Hi,
New to TXrep, the manual says the add-addr-to-whitelist command should add
-100, but for me it doesn't do anything - nor does add-addr-to-blacklist.
It comes back with SpamAssassin TxRep: 1 with either the white or
blacklist.
While the server is new, I want to be able to adjust a senders
They abandaoned the motto in 2018.
*** REPLY SEPARATOR ***
On 12/11/2021 at 3:33 PM Philip Prindeville wrote:
>
>What... you mean "do no evil" is just lip-service? I'm so... so...
>disillusioned!
>
>-Philip
If you have a JVM lying around, you can extract docx text with Apache Tika.
—
Peter West
p...@ehealth.id.au
“I am the vine; you are the branches.”
> On 7 May 2021, at 2:30 pm, John Hardin wrote:
>
> On Thu, 6 May 2021, Alex wrote:
>
>> Hi,
>>
>> I'm trying
Yes. I meant the unsubscribe link from an unknown advertiser.
—
Peter West
p...@ehealth.id.au
“He has risen…”
> On 6 Apr 2021, at 12:50 pm, Grant Taylor wrote:
>
> On 4/5/21 8:41 PM, Peter West wrote:
>> I’d agree it’s address verification, as with the Unsubscribe link at
I’d agree it’s address verification, as with the Unsubscribe link at the bottom.
—
Peter West
p...@ehealth.id.au
“He has risen…”
> On 6 Apr 2021, at 12:30 pm, Grant Taylor wrote:
>
> On 4/5/21 7:30 PM, John Hardin wrote:
>> Can anybody explain to me the reason behind the blind
ombs will hear his voice and come
out…”
> On 15 Mar 2021, at 1:29 am, John Hardin wrote:
>
> On Sun, 14 Mar 2021, jwmi...@gmail.com wrote:
>
>> Peter West writes:
>>
>> And You might want to fix the URIBL_BLOCKED issue. Fixing the
>> URIBL_BLOCKED issue wi
Well, that was simple. Thank you. What’s the default value of a rule? Does it
have one?
—
p...@ehealth.id.au
“Two men went up into the temple to pray, one a Pharisee and the other a tax
collector.”
> On 14 Mar 2021, at 11:41 pm, Alex Woick wrote:
>
> Peter West schrieb am 14.03.2021
the trick?
Is there a finer subdivision of the From header; into name and address, for
example.
peter
—
p...@ehealth.id.au
“Two men went up into the temple to pray, one a Pharisee and the other a tax
collector.”
At 25 October, 2020 Marc Roos wrote:
> From: Marc Roos
> To: mysqlstudent , users
>
> Date: Sun, 25 Oct 2020 18:57:27 +0100
> X-Spam-Status: No, score=-13.2 required=4.0
> tests=HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,
> RCVD_IN_DNSWL_HI,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_PASS,
>
modate these thin skinned social warriors.
Looking at a dictionary blog:
https://www.macmillandictionaryblog.com/blacklist
there is no indication the term was racial at all. A list of
"objectionable or suspicious people" is not necessarily with regard to
race.
I wonder when these folks are going to
I've seen the following message and others similar:
spamd[20463]: rules: meta test KAM_VERY_MALWARE has dependency
'KAM_RAPTOR' with a zero score
what is spamassassin trying to tell me?
--
Peter L. Berghold
Professonally: IT Professional (DevOps, Puppet
/spamassassin
(Debian-spamd's home folder) seems to have helped. I will leave it
A few days more to ensure its working ok.
Peter Hutchison MCP
Senior Network Systems SpecialistS
S 01484 473716
Networks Team
University of Huddersfield | Queensgate | Huddersfield | HD1 3DH
> -Original Mess
, but not via a cron job. What else do I need to
configure to ensure it works every time?
Peter Hutchison MCP
Senior Network Systems Specialist
* 01484 473716
Networks Team
University of Huddersfield | Queensgate | Huddersfield | HD1 3DH
[logo_lftcert_sysadmin_small] [MCP_logo_small] [ITIL Foundation
!
So, while I'm glad that we've clarified all this, I don't think that any
of this was actually directly related to my question.
Reminder: My question was not "how to run DNS efficiently" or "how does
SpamAssassin run DNS queries", my question was "how can I influence the
order of
telling me that the classification result is uncertain as long
as the two tests have not been run?
Nevertheless, thank you for your answer. In any case, as far as my
original question is concerned, I'm as informed as before, and I'd
appreciate any additional input ...
Best,
Peter
--
---
that at that time, such configuration was not possible).
Hence: Can I, and if so, how can I configure SpamAssassin to run certain
tests only after other tests have been run, under the condition that the
classification result is not yet certain?
Thanks a lot!
Best,
Peter
Hi Kevin,
I am just trying this and getting the same error. Did you work out how to
fix this?
Cheers,
Peter
*** REPLY SEPARATOR ***
On 25/10/2017 at 6:41 PM Kevin Miller wrote:
Implemented it on one of my tier 2 mx hosts. No hits so far, but Im not
sure if its working
>> 1) After compiling, my compiled ruleset is stored in
>> /var/lib/spamassassin/compiled/5.014/3.004001. Do I now need to
>> remove my rules from /etc/mail/spamassassin/
>
> You don't need to remove anything.
>
> The stock rules aren't stored there anyway, it's just local rules.
Ahh, I think
Hello list,
I'm playing around with sa-compile in an attempt to improve performance,
but I have a couple of questions that I can't find answered in the online
docs.
1) After compiling, my compiled ruleset is stored in
/var/lib/spamassassin/compiled/5.014/3.004001. Do I now need to remove my
execution of some form of
injected code. Or is this really just a case of "general best
practices", "run as little as possible as root"? (Please dont read
anything into my questions, I am truly curious)
Peter
On 06/01/2016 09:11 PM, Reindl Harald wrote:
Am 02.06.2016 um
. The final configuration is scripted
training (note not auto_learn) done on ham and spam folders.
Peter
for the responses, i do appreciate the help.
Peter
On 05/31/2016 04:27 PM, Reindl Harald wrote:
Am 31.05.2016 um 23:58 schrieb Peter Carlson:
May 30 09:04:53 www amavis[16577]: (16577-03) Passed CLEAN
{RelayedInbound}, Tests:
[BAYES_00=-1.9,RCVD_IN_MSPIKE_H2=-0.001,SPF_PASS=-0.001,URIBL_BLOCKED=0.001],
autolearn=ham
(sorry if this is a
repost, I dont see my messages coming through...the irony of
spamassassin.apache.org trapping my request for help as spam. I
have snipped the logfile entries which I think were causing it to
be tagged as spam)
All of my messages
How to you add GEO -IP restrictions to local.cf
t that I use to pull the messages out of a
spam bucket invoking sa-learn runs as root which has permissions to read
from anywhere. The complication is the amavis does not have permissions
to read the Maildir files for trivial users like root does.
That said, I have some thoughts as how to solve th
other
fetch from my server.
How do I figure out where the issue is or if the learning is even
working?
Thanks in advance,
Peter L. Berghold
22:25:46 +0100
> Peter Kelly wrote:
>
>
> > I can actually see the 0.0 scores directly in the logs
>
>
> I tested one and it was out, but only by 0.04. I thought it was
> probably due to your cron job running a bit too early for this morning's
> update.
>
>
> &
DNS nameserver for the RELAY and TRUSTED problem.
On 11 September 2015 at 21:58, Bill Cole <
sausers-20150...@billmail.scconsult.com> wrote:
> On 11 Sep 2015, at 6:12, Peter Kelly wrote:
>
> Hi,
>>
>> Starting on 3rd Sept, I have seen a huge number of 0.0 sc
.st...@spamassassin.open.source.it> wrote:
> > On 09/11/2015 01:17 PM, Peter Kelly wrote:
>
> > > - Are you using a local, non forwarding, DNS resolver/caching server ?
> > >
> > > No
>
> > > - Are you handling mail for a company, personal email, ISP, one doma
http://pastebin.com/8eM88hX2
On 11 September 2015 at 13:08, Axb <axb.li...@gmail.com> wrote:
> On 09/11/2015 01:17 PM, Peter Kelly wrote:
>
>> - How are you using SA?
>> (pls specify: amavis, MIMEDefang, a milter, Mailscanner, procmail,
>> Fuglu, etc, etc)
>>
>
Hi Benny,
This has nothing to do with URIBL. It has always been blocked for me. I am
in the process of paying for their service. It has always been like that,
yet the 0.0 scores only started last week. Been running for months before
that.
Peter
On 11 September 2015 at 13:38, Benny Pedersen &l
Hi All I am completely new to writing rules in Spamassassin and would love
some help. I have a Domain called say domain.com and of course if anyone
sends mail from outside the domain addressed as coming from u...@domain.com
it should be spam. I want to block all these as spam except if it is
=...' to confirm that the files aren't corrupt.
In the spamasssin config files I have:
bayes_path = /var/lib/amavis/.spamassassin/bayes
All seems ok, yes? I
Thanks,
Peter Smith
I will check next Monday morning, but my feeling is that the @local_domains_acl
is not set.
But according to what is in the NOTE, it is implied that the headers are added
to incoming emails only.
This it not what I want...
P.
Setup is:
Stock Postfix of CentOS 6, Amavisd-new, SpamAssassin 3.3.1
Network Flow is:
(Incoming)
Internet--Antispam/Relay Server--Antivirus Server--Mailbox
Outgoing:
Webmail--Antivirus--Antispam--Internet
Actually, the problem is more intense I believe.
The issue is that not even the
check local_domain in amavisd.conf
What do you mean to check at the local_domain? Should it have a specific value?
Απο: Tom Kinghorn thomas.kingh...@gmail.com
Προς: users@spamassassin.apache.org
Στάλθηκε: 10:55 π.μ. Πέμπτη, 8 Μαρτίου 2012
Θεμα: Re: Mark message as spam from Postfix Queue
On 08/03/2012 10:52, Peter Tselios wrote:
Hallo,
Is it possible to somehow instruct spamassassin to mark messages
No! Erik you are my God!
That ***excactly*** what I want to do!
Tell me how you did the 1st step...
Peter
Απο: Per-Erik Persson pe...@irt.kth.se
Προς: users@spamassassin.apache.org
Στάλθηκε: 9:31 μ.μ. Πέμπτη, 8 Μαρτίου 2012
Θεμα: Re: Mark message as spam
Good morning,
I noticed that for users originating from my networks, the X-Spam headers are
not added to the messages. Is that due to the trusted_networks settings? If
so, does that mean that spamassassin does not check them?
P.
Greylisting would just mean the first one would be delayed - the rest would
go through as they are identical emails.
I would be looking to use Fail2ban as a solution depending on what your
logs show.
*** REPLY SEPARATOR ***
On 2/09/2011 at 12:14 PM John Hardin wrote:
On Fri,
it is not. I've read grepped through his
SARE ruleset and we cannot find anything that would seem related to enabling
this feature, which is really puzzling me.
Any help would be appreciated :)
Thanks,
Peter
--
View this message in context:
http://old.nabble.com/originating_ip_headers-question
sifting
# without risking lost emails.
report_safe 0
required_hits 7.5
thank you,
peter t.
positives, I now use:
rawbody __MORE_THAN_FIVE_CHARS /.{6}/s
meta L_VERY_SHORT !__MORE_THAN_FIVE_CHARS
I can't guarantee that there are no cases where this also will
mysteriously match without any apparent reason, but so this seems to
work ...
Regards,
Peter
How are RCVD_IN_* rules implemented Karsten?
I have similar spam being sent from such addresses as
bidwars.uy...@trgide.soldiersupplywell.net and I dont see that rule in the
matching rules
Running mailwatch for mailscanner with spamassassin
Thanks
peter
-Original Message-
From
I confirm that on revisiting, RCVD_IN_* rules are implemented - thanks for your
help
Peter
-Original Message-
From: Karsten Bräckelmann [mailto:guent...@rudersport.de]
Sent: Wednesday, 13 October 2010 11:41 a.m.
To: users@spamassassin.apache.org
Subject: Re: Constant .info domain spam
I am wondering if someone has a rule to deal with the current spam being
sent with just a small png attachment the name of which changes
There is no text in the email, just the attachment - the subject line is
always different
Thanks
Peter
Thanks so much - worked excellently
Thanks to all who answered
Cheers
Peter
-Original Message-
From: Kenneth Porter [mailto:sh...@sewingwitch.com]
Sent: Wednesday, 19 May 2010 7:00 a.m.
To: users@spamassassin.apache.org
Subject: Re: percentage off spam
--On Tuesday, May 18, 2010 10
Glad I don't live in Virginia!! I hate to see my tax dollars wasted
because people don't understand OpenSource.. Especially in these troubled
times.
From: Thomas Mullins [mailto:tsmull...@wise.k12.va.us]
Sent: Monday, October 05, 2009 15:42
To: users@spamassassin.apache.org
Subject: OT bad
23 12 1223400311 672bc0c09a
t 20 92 1222528949 ef7de3e221
Is this encoded in some way? Is my Bayes' classifier mis-configured /
mis-tuned?
Oh, this is with SpamAssassin version 3.2.5
TIA,
peter.
--
http://sabaini.at
::PerMsgStatus) I dont get the information I'm looking for.
Thnx,
peter
that a test should
not match)?
Regards,
Peter
if there is some other score explicitly assigned)
Is this correct?
Regards,
Peter
-Original Message-
From: hateSpam [mailto:khwaja_a...@yahoo.co.uk]
Sent: Thursday, May 28, 2009 09:48
To: users@spamassassin.apache.org
Subject: Re: Email from myself to myself
What is white_list and how can I check it. sorry about all these question I
am new in Linux specially on
-Original Message-
From: hateSpam [mailto:khwaja_a...@yahoo.co.uk]
Sent: Thursday, May 28, 2009 10:11
To: users@spamassassin.apache.org
Subject: RE: Email from myself to myself
I got it thanks.
Yes i am not whitelisted but in spamassassin I put the domain of all spams
to be marked as
to the final CLOSE and in between there is the whole spam-check (and
some other internal checks). So timeout is not a problem here.
damn. I really wonder whats going on here. I'll keep on investigating ...
thnx
peter
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges
-checks) and my spamassassin
doesnt.
thats why I started wondering ..
best,
peter
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu
of 100 mails that are checked via Mail::SpamAssassin-Module is not
checked against the network-tests that I configured
thnx,
peter
network digest check
any idea how this could happen? or how can I debug this problem?
thnx for any hints, tips, solutions ...
peter
/var/log/maillog output:
May 13 10:53:46 cerberus MailScanner[3309]: Message n4DFrTip004779 from
63.93.193.30 (a...@easymatch.com) to saintjoe.edu http://saintjoe.edu/ is
spam, SpamAssassin (not cached, score=68.739, required 4, AWL -33.17,
BAYES_50 0.00, FORGED_RCVD_HELO 0.14, HTML_30_40
-Original Message-
From: Randy [mailto:rramsd...@livedatagroup.com]
Sent: Friday, May 08, 2009 11:13
To: SpamAssassin Users List
Subject: Re: mcafee sees drop in spam?
Michael Scheidell wrote:
looks like mcafee sees a 20% drop in spam?
wonder what that is about. I'm not seeing a drop
not possible to train the message as spam on
the mailwatch server.
Peter
On Tue, Nov 25, 2008 at 9:11 PM, Kai Schaetzl [EMAIL PROTECTED]wrote:
Peter Fastré wrote on Tue, 25 Nov 2008 16:04:19 +0100:
2. On my mailbox server I'd like to have a script which goes into the
mailfolders, searches
,
Peter
the one reading it wrong?
Peter
blocked and
their systems are processing messages slower as a result.
Sorry Jeff, but this is much too expensive for us and many others I
suspect.
or processing fewer than 250,000 messages per day
Wouldn't that cover most not for profit organisations?
Peter
.
If this means more people use MTA techniques to reduce the number of
messages being scanned, then it's to their own and your advantage.
Yesterday, I handled 88,500 messages, but only 3,500 were scanned as the
other 85,000 were stopped by the use of RBL's, greylisting etc.
Peter
If I've been following this thread correctly, linux4michelle has
already
stated he/she receives messages from their ISP. Therefore, rejecting
at
the SMTP level will ultimately cause the ISP to be a source of
backscatter (i.e. not receiving messages directly), which he/she can
not
reject.
Spamers are using MY linux4michelle E-Mail spaming
russian servers and now Ihave gotten nearly
200.000 backscatters which make my account unusable
specialy for my customers and peoples which
urgently need my help without passing over mailinglists...
So you do deliver the
Well,
since many guys are recommending what they use (IronPort, Barracuda) I
thought I might bring BarricadeMX from Fort Systems into the game. Have
a look at them. It is _very_ efficient and can be configured to use
SpamAssassin as well. Comes with a very easy install for CentOS 5.2.
Kind
Hi,
I have the same problem. Can't make pyzor work.
Is this a generall issue or just my server not working anymore?
Regards
Peter Sorensen/University of Southern Denmark/mail: [EMAIL PROTECTED]
-Oprindelig meddelelse-
Fra: Jake Maul
#supposing which gpg delivers /usr/bin/gpg
export PATH=$PATH:/usr/bin
/usr/local/bin/sa-update
/usr/local/etc/rc.d/sa-spamd restart
I hope this helps
Regards
Peter
but
I'm not sure if this an error that will persist. Any hints?
Regards
Peter Sorensen/University of Southern Denmark/email: [EMAIL PROTECTED]
a new
channel that provides new rulesets, do I have to add this new rules to
my local.cf or are they used automatically as if they were sa-rules
themselfes?
thnx
peter
--
mag. peter pilsl - goldfisch.at
IT-Consulting
Tel: +43-699-11288470
Tel: +43-1-8900602
Fax: +43-1-8900602-15
skype
Yet Another Ninja wrote:
Is there a place where you posted these spams so potential rule writers
know which you're talking about?
I just uploaded three different examples of recent spamwave to my webpage:
http://www.goldfisch.at/goldfisch/temp/spam1
thnx,
peter
http://www.snertsoft.com/smtp/smtpf/
Okay, this link wasn't available to me. I googled the term you
provided and only found the FLS site. They had no links to this
data.
Possible.
Next time you want to suggest that someone didn't research, you
should be explicit with your links.
2: can be bypassed in greylist on that fact #1
Both of these are addressed by Mailchannels. But what to do when an
unknown mail server contacts you is different in the approach.
greylist effectiveness is down to less than 10% effective at this
point, because the botnets know to retry
And Mailchannels isn't implementing slow replies. That's what I'm
trying to say. It is slowing the TCP session, not slowing the
responses.
FYI: So are other products (at least one). And slowing down TCP sessions
will hit ISPs as well btw. but that's a different stories.
Oh and btw:
It sure can and we are using that feature. It adresses all (!) features
MailChannel claims to address on the webpage and more. Sure it is I who has to
do the researching?
Moreover BMX can do quite a lot of what you describe without having to slow
down the TCP channel too much thereby freeing
I read every document on their website, and saw zero mentions of this
feature. I can't research it further without getting the product here
to test, and I'm not suggesting that everyone do this -- just that
everyone read the information available.
http://www.snertsoft.com/smtp/smtpf/
Hi
In both cases, they don't provide any serious study. they only show
numbers that go with their claims. I don't know for others, but my logs
don't seem to confirm theirs.
Where do they show numbers? Could not find any.
and the slowdown thing is based on the theory that spammers have
Why is everyone willing to skip doing 5 minutes of research?
I did.
Mailchannels idea may not work for you. But it's worth doing a bit of
research.
Oh the idea is nice. But there are others out there that - from my
personal perspective - are doing this stuff much better, at least from
Hi,
is there a simple way of using the same Bayes-DB (mysql based) for
multiple Spamassassin installations concurrently? Can I just point all
machines to the same DB or will this lead to corruption?
Kind regards,
JP
It really doesn't matter to me whether it was on urisbl/surbl when he
sent it. I provided what our server marked this as as an example of
rules that he could look at as to why it was scored low. Other people
that don't use unwanted language may not need it, but in some cases
it
helps,
http://pastebin.com/m16055c85
Content analysis details: (9.6 points, 6.0 required)
pts rule name description
--
--
1.5 URIBL_OB_SURBL Contains an URL listed in the OB SURBL
blocklist
http://igor.chudov.com/tmp/spam003.txt
Could you paste the message itself (queue file)? Would like to see what
my installation has to say about this one. :-)
Hi,
I just noticed BotNet (0.8) causing SA timeouts when used with
MailScanner. This is what the log gives me:
[21308] dbg: spf: query for
[EMAIL PROTECTED]/75.117.130.5/unknown: result: fail,
comment: Please see
http://www.openspf.org/Why?id=esuapmet_1966%40mater.ustb.edu.cnip=75.11
Then it just hangs for quite some time and finally runs into the
timeout. Any idea?
A known problem, it uses a default timeout of Net::DNS,
which is very long for certain unresolvable DNS queries.
Try the following patch:
Looks like this did the trick!
Great. Thanks!
with the
name of the public IP. I guess this is why trusted-networks kicks in
somehow? or is it the the line Received from phoenix.local by
phoenix.local via LMTPA ??
thnx for any advice,
peter
example:
Return-Path: [EMAIL PROTECTED]
Received: from phoenix.local (localhost [127.0.0.1
be ported to other OS's that use Mono
too. Not sure if it would be totally useful in that environment, but as
I strongly believe in open source software, I want to contribute where I
can.
If you're interested, please drop me a line at
[EMAIL PROTECTED]
Best regards,
- Peter
= stop
and so on.
As I found via priority I can set some priority but cannot set order
, so I will stop on rule which is already at the end of scan.
thank you for any ideas
miki
--
Best regards,
Peter mailto:[EMAIL PROTECTED]
sent by an authenticated user. Does this sound like a good way to
proceed? Perhaps I'm missing a simpler way to do things?
Thanks,
Peter Smith
) with ESMTP id IZF38973
for [EMAIL PROTECTED]; Wed, 12 Dec 2007 14:00:52 +0100
Any help appretiated. I need to turn off AWL by now.
thnx a lot for any help, idea, insight, feedback ...
peter
in AWL ??
additionally I didnt find any manpage to check_whitelist or any
information what the clean and -n flags do and why this tool is not
included in version 3.2.2 any more?
thnx for your help,
peter
--
mag. peter pilsl - goldfisch.at
IT-Consulting
Tel: +43-650-3574035
Tel: +43-1-8900602
On Tue, Nov 06, 2007 at 04:53:13PM -, Marcin Praczko wrote:
It is possible add some text to Subject: For example [SPLIST] - to make
easier set up filter for emails?
you can use message headers:
List-Id: users.spamassassin.apache.org
--
5o Peter.Mann at tuke.sk
, because this thing is really
driving me crazy!
I noticed the startup is a little bit weird too:
http://peter.lunatis.be/temp/spamd-startup.txthttp://peter.lunatis.be/temp/spamd.txt
What am I doing wrong?
Regards,
Peter
1 - 100 of 307 matches
Mail list logo