of plain text.
Regards,
-sm
.
Regards,
-sm
to the
Subject: header.
Regards,
-sm
At 14:13 05-11-2007, Qnet .. wrote:
I used /usr/bin/sa-update D allways. then
restart. but I have the load problem still. Do
you know other way to solve it? thanks.
http://wiki.apache.org/spamassassin/FasterPerformance
Regards,
-sm
At 04:52 26-10-2007, Justin Mason wrote:
What else can we do?
Add a warning at startup if a sample message takes more than X
seconds to be scanned. Whether people will actually read that
warning is another question.
Regards,
-sm
to fix that, but I don't know where).
Adding footers to the message or tagging the subject line invalidates
the DKIM signature. You can turn off these features in
mailman. There is a configuration option to retain the original DKIM
signature.
Regards,
-sm
At 08:56 26-09-2007, Robert - elists wrote:
Become a registrar and bam! More data to help you cause
Access to Whois data is not limited to registrars only.
I suggest reading the Whois terms of service before enabling this plugin.
Regards,
-sm
, it affects the accessibility of the service for normal
users. The rate limit set by the operator would kick in to prevent
abusive use.
Regards,
-sm
deem appropriate.
Regards,
-sm
against that.
As mentioned we been running this services for over 5 years and no all of a
sudden we get classified as spam. I don't get it.
That rule only scores 1.8 points. Your message must be hitting other
rules as well for it to be classified as spam.
Regards,
-sm
the header inserted by DKfilter. I
suggest asking the question about configuring the master.cf on a
Postfix mailing list.
Regards,
-sm
all messages with attachments. You
suggested blacklisting charter.net. That's not a solution given that
the system only affects charter.net users.
Regards,
-sm
:
Name: server.nch.com.au
Address: 69.94.122.247
And one for server.nch.com.au as well.
Regards,
-sm
. But I digress as we are
talking about antispam here.
Regards,
-sm
At 14:08 21-08-2007, John Rudd wrote:
Technically, there is a problem with it: it violates best practices
asserted by RFC 1912, section 2.1, which warns that not having
matching PTR and A records can cause a loss/denial of internet services.
You're right.
Regards,
-sm
At 06:48 20-08-2007, FaberK wrote:
Into my http://sendmail.cfsendmail.cf I got this:
This has nothing to do with sendmail. The Return-Path: address is
what gets passed through the SMTP envelope. Don't whitelist your domain.
Regards,
-sm
Hi Michael,
At 03:23 19-08-2007, Michael Scheidell wrote:
is their mail web site www.iecc.com offline?
That website is reachable.
Regards,
-sm
domain?
Regards,
-sm
they might be called in a Qmail setup.
Regards,
-sm
At 13:02 17-08-2007, John Rudd wrote:
Hm. This is the first I've heard of the chickenpox rule. Where
does it come from? Is it part of SARE?
It was written by Jennifer several years ago.
http://www.rulesemporium.com/rules/chickenpox.cf
Regards,
-sm
scoring when the client hits reply to
answer your message. That would also let some spam through though as
some use the real name.
Regards,
-sm
-letters.
Regards,
-sm
solution was to disable Bayes.
MySQL can be optimized to handle such a load. If you aren't using
InnoDB for Bayesian storage, switch to it.
Regards,
-sm
of the remote
client connecting to it?
Jeff is talking about checking the URI in the message body against
RBL/URBL lists. SpamAssassin can find a match as some of these
messages are not sent from hosts in RBLs.
Regards,
-sm
running on Perl version 5.8.4 (I
use it thru Amavis)
Latest version of rules are used, and I have erased rules regarding
Razor and Pyzor
Is there a nameserver running on the same machine where SpamAssassin
is installed? Are you using it as the resolver?
Regards,
-sm
if there is a
problem doing updates.
I assumed that the threaded discussion conveyed the fact that I was
referring to a rule available from the updates.spamassassin.org channel.
Regards,
-sm
.
Regards,
-sm
the rules.
Regards,
-sm
You can do a test on the Return-Path and reject. That won't reject
postings from the mailing list.
Regards,
-sm
with all these hits.
Regards,
-sm
At 08:05 10-08-2007, Michael Worobcuk wrote:
So what is the refuse score in the userprefs tables for ?
There is no refuse score in the userpref table. See
http://wiki.apache.org/spamassassin/BetterDocumentation/SqlReadme
Regards,
-sm
think that my mailserver will have issues if I host it on
comcast netwrk?
That would be a static IP and, hopefully, I can get comcast to reverse
resolve it to a hostname on one of my domains.
It shouldn't be an issue if you have the reverse DNS resolving to
your hostname.
Regards,
-sm
the emails are
spammy or not. It cannot stop them. Your administrator may be able
to configure the filter which interacts with SpamAssassin to reject
the emails instead of tagging the subject line and delivering the email to you.
Regards,
-sm
At 02:18 07-08-2007, John Andersen wrote:
All it contains is 6 digit numbers. What's up with that stuff?
Address verification.
Test for missing message-id and QUALCOMM Windows Eudora Version
7.1.0.9 as the X-Mailer.
Regards,
-sm
or now.
How is SpamAssassin being called?
I'm tearing my hair out with this ... can some one
help with specific instructions/steps of how and where
to look and what to do next.
http://wiki.apache.org/spamassassin/IntegratedInMta
Regards,
-sm
.
Is there a good way to track down these kind of spammers? Is it in
the malilog that I have to look at?
You have to read your mail log.
You didn't provide the email address of the receiver and you
obfuscated some information. As such, it's difficult to tell which
of the headers are forged.
Regards,
-sm
At 13:43 01-08-2007, mouss wrote:
SM wrote:
At 14:25 31-07-2007, mouss wrote:
If they faked the From header, then they are seriously broken.
They are not faking the From header.
what is
From: [EMAIL PROTECTED]
In an NDR from a remote site?
I doubt that the header was written
At 14:25 31-07-2007, mouss wrote:
If they faked the From header, then they are seriously broken.
They are not faking the From header.
Subject: NDN: (Suspected Spam:) soggy mirror
X-Mailer: FirstClass 8.2 (build 8.094)
The non-delivery notification from that mailer is broken.
Regards,
-sm
assume
that they might have been reordered after the message went through
SpamAssassin.
Regards,
-sm
to build up an address list of prospective customers.
Regards,
-sm
-Spam-Status: No
Return-Path: [EMAIL PROTECTED]
The headers should also include the Received headers. SpamAssassin
performs tests on the entire headers and the body of the
message. The above headers alone is not enough to do a determination.
Regards,
-sm
At 13:41 25-07-2007, [EMAIL PROTECTED] wrote:
sm - We have the same configuration on all our MX servers. Here are
all of the headers for an example spam email:
The SpamAssassin scoring should be the same then.
Note, it may be system/config-related - the /dev/shm directory is
used
to
RCPT TO command)
Your email address is not being blocked. The [EMAIL PROTECTED]
email address is not working at the moment, hence the above error.
Regards,
-sm
is marking everything as spam. We use
sa-update and botnet and ixhash plugins, thats all. What do i do so SA
does not mark evrything as spam?
Provide a sample of the messages incorrectly marked as spam.
Regards,
-sm
At 20:17 22-07-2007, Bubuk Gabrok wrote:
On http://wiki.apache.org/spamassassin/OtherTricks (Fake MX Record) ,
where do I insert these values:
Set your DNS records accordingly.
The statement that No good email is lost is subjective.
Regards,
-sm
as appropriate. From a
SMTP perspective, it would be accept or reject all though.
Regards,
-sm
the other's work.
Later milters will see changes made by earlier ones.
Regards,
-sm
to the score
for any of these two rules, the scores of these messages would reach
your threshold.
Are you using Bayes? See
http://wiki.apache.org/spamassassin/BayesInSpamAssassin
Regards,
-sm
At 07:41 18-07-2007, Helmut Schneider wrote:
sorry if I missed something but is there also a digest version of
the mailing list? I searched
http://wiki.apache.org/spamassassin/MailingLists but only found
subscribe and unsubscribe.
Send an email to [EMAIL PROTECTED]
Regards,
-sm
do that. See PBL as well.
I don't see how all this is related to the SpamAssassin project.
Regards,
-sm
assuming that the two configurations are identical? Yours
has Bayes, DKIM verification, Pyzor and DCC enabled. They may not be
be using those plugins.
Regards,
-sm
in the AWL to see if the sender tuple is known
3) if (1==true) (2==false) fire a score
You might also verify the AWL score in step to and fire step 3 if
that score is above an arbitrary value. Note that your rule may
trigger false positive for one-time senders.
Regards,
-sm
header.
and score 2.4 for this. What does x-id, or extended ID mean? What's wrong
with an email with x-id?
It's generally seen in spam.
Besides they triggered TVD_SPACE_RATIO BODY? What does this mean?
It's a ratio of spaces to non-spaces in each paragraph.
Regards,
-sm
At 14:14 12-07-2007, Marc Perkel wrote:
Here's my list so far. These are host name - not from addresses. So
it matches *.hostname.com
I have seen spam and viruses originating from some of the domains you listed.
Regards,
-sm
. Besides, I can still freely
Only if you expect the ISP's resolver to be better which isn't always the case.
Regards,
-sm
, for example with
SpamAssassin, it is better to run a DNS server on the same computer
as SpamAssassin.
Regards,
-sm
on the application/octet-steam and the file
extension being .pdf.
Regards,
-sm
this response come
from ? It's a bit thick to get branded as a spammer when replying to
someone from this list!
The response came from the mail server for cobatco.com. They have a
user subscribed to this mailing list.
Regards,
-sm
a blacklist to block SMTP connections from
Poland. That list has the wrong geographic information for your IP
address block.
Regards,
-sm
problem.
Your netblock is somewhat similar to the one used by Jonathan which
may explain the problem he had.
Regards,
-sm
Hi Jeff,
At 03:58 01-07-2007, Jeff Chan wrote:
http://lookup.uribl.com/?domain=sync.pl
I missed that one. :-) It's not listed though.
Regards,
-sm
in the message. It's not listed in URIBL.
Regards,
-sm
At 03:45 21-06-2007, Suhas Ingale wrote:
Wht score do others get on this?
BAYES_95 and in-house rule to identify questionable hosts.
Regards,
-sm
At 06:37 21-06-2007, arni wrote:
If you forward inline you:
* May have the message marked as spam
* Mis learn other peoples bayes
* May get beaten by AWL's next time you send smth
That won't happen if you whitelist this mailing list.
Regards,
-sm
Hi Rob,
At 10:23 18-06-2007, Rob Wright wrote:
[24761] dbg: bayes: DB journal sync: last sync: 1182182134
[24761] dbg: bayes: not available for scanning, only 0 ham(s) in bayes DB
100
http://wiki.apache.org/spamassassin/BayesNotWorking
Regards,
-sm
verifying how effects they are.
Regards,
-sm
one
week of messages about SARE RBJ failures.
Regards,
-sm
with the non-existent
accounts. Does blocking us on this basis make any sense? And has
anybody else encountered similar issues with netzero? If so, how resolved?
Yes, it does if most of the connections are for non-existent
accounts. It can be resolved by not doing that.
Regards,
-sm
going on.
Regards,
-sm
ignorant too. Unfortunately, it's not just one ISP
in Germany and I'd like to understand if there's anything I can do on my
side.
Isn't it a web hosting provider? If so, maybe they have some web
form for contacting them.
Regards,
-sm
At 10:18 07-06-2007, Kevin W. Gagel wrote:
I'm not able to get to www.rulesemporium.com, what's up there? Any one
know?
It's a denial of service.
The thread starts here
http://mail-archives.apache.org/mod_mbox/spamassassin-users/200706.mbox/browser
Regards,
-sm
: multipart/mixed; boundary=...
spamd is not doing that. It's your milter which is adding that header.
Regards,
-sm
on how
to install the software. The download usually includes
documentation. There may be a README or INSTALL file which explains
how to install the software.
Regards,
-sm
as my MTA.
http://wiki.apache.org/spamassassin/IntegratedInMta
There is a section for sendmail. The Install documentation for the
milter usually explains how to get it to reject spam.
Regards,
-sm
-users/200705.mbox/[EMAIL
PROTECTED]
Regards,
-sm
HANDELSPLATZ: FRANKFURT
5-TAGE ZIEL: 1 EURO
T2Y.F RALLYE IST GESTARTET. SEIEN SIE DABEI! KAUFEN WAEHREND ES NOCH
BILLIG IST. LASSEN SIE SICH DIESE CHANCE NICHT ENTGEHEN!
Rest assured that we will not charge your credit card until the product
.
If your ISP is not providing an adequate mail service, you can:
1. Keep complaining
2. Switch to a different ISP
3. Find a different mail provider
4. Use other channels to complain about the poor service
Regards,
-sm
a problem with the SARE rules with 3.20. It's not a bug in
3.20. See whether there is an updated version of 70_sare_adult.cf
which fixes that.
Regards,
-sm
be from a computer infected with malware.
Regards,
-sm
addresses.
http://wiki.apache.org/spamassassin/VBounceRuleset
Can anyone direct me to software or an agency that help me fight the
inappropriate use of our e-mail addresses in their spam.
There is no such agency to do that. You can publish SPF records.
Regards,
-sm
272260274052...
spamd[18408]: ^
spamd[18408]: HINT: Use the escape string syntax for backslashes, e.g., E'\\'.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5299
Regards,
-sm
for
embarqmail.com is misconfigured. Forward several examples of
incorrectly tagged messages (without your markups) sent to your email
address to Embarq technical support to show the problem.
Regards,
-sm
sessions. SMTP
authentication is not restricted to port 587 only. It can also be
used on port 25 if the mail server supports that.
Configure your mail client to use SMTP AUTH (PLAIN or LOGIN). You
should also configure the system sending the Cron messages to use SMTP AUTH.
Regards,
-sm
. This points to more problems with the antispam setup
for Embarq mail.
Regards,
-sm
.172800 IN NS ns9-f.bigfish.com.
The TLDs tell you which nameserver(s) to query.
Regards,
-sm
? If
Yes.
so then that is my problem. Sendmail is looking for:
/var/run/spamass.sock
Change that setting in your sendmail configuration file to
/var/run/spamass-milter/spamass-milter.sock
Regards,
-sm
Another transaction may have updated the row. The current UPDATE
cannot get a ShareLock.
I suggest fine-tuning your Postgresql installation.
Regards,
-sm
At 19:08 19-03-2007, Joey Davis wrote:
Don't think it's a permission problem, at least not on this directory.
drwx-- 2 sa-milt sa-milt 1024 Mar 19 17:29 spamass-milter
The milter is not running. Start it.
Regards,
-sm
At 16:40 12-03-2007, Don Ireland wrote:
Ok-I understand blacklist. But what in the world is NANAS?
The news.admin.net-abuse.sightings newsgroup.
Regards,
-sm
,
-sm
(score 1.66) on your server.
Regards,
-sm
discussing about spam.
Regards,
-sm
with that rule added averages
around two points. It shouldn't cause any false positives as the score is low.
Regards,
-sm
say -4.
Write a rule to score the message by -2 if it is received from *.blackberry.com
Regards,
-sm
Emails from ToTheCenter.com have a:
To: mailto:@herse.apache.org
That is invalid.
Regards,
-sm
when there is a match.
Regards,
-sm
/usr/bin/spamc
if (/^X-Spam-Flag: YES/)
{
echo This server thinks this is spam.
echo If this is not spam, call me at +34 630 59 01 62
EXITCODE = 100
exit
}
}
You cannot set a message during the delivery stage.
Regards,
-sm
in the Exim's configuration file.
Regards,
-sm
still have the same problem.
Your problem is caused by Mailscanner. You may find the answer by
posting this question to their mailing list.
Regards,
-sm
At 11:13 28-11-2006, Daryl C. W. O'Shea wrote:
BTW... has anyone ever got the -Q option to have p0f itself listen
on a socket to work, instead of using their own wrapper?
Yes, it works on a unix socket.
Regards,
-sm
see the same message (presumably) being tried by
multiple compromised PCs (same from/to for each one, 3 seconds apart or less).
Some compromised hosts do retry delivery (same from/to/IP address)
within a minute.
Regards,
-sm
201 - 300 of 328 matches
Mail list logo