Disable reporting to Razor while still reporting to Pyzor

Hi, I use spamc -C report to report spam mails. I only want to report them to Pyzor. How do I disable reporting the mails to Razor (which fails anyways as I'm not registered)? Also as I see it using spamc -C report also marks the mail as spam in the bayes database, is this correct? There is no

Re: Spamassassin with Galera as SQL-Backend?

On 2022-05-06 6:56 am, Henrik K wrote: > On Fri, May 06, 2022 at 12:31:47PM +0200, giovanni@paclan.itwrote: > On 5/6/22 11:08, Niels Kobschätzki wrote: Hi, I have a setup where the > spamassassin-servers have actually no access to the data of the mail-servers. > Now I

Re: KAMONLY encapsulated rules

is from 25_uribl.cf <http://25_uribl.cf> Regards, KAM -- Kevin A. McGrail Member, Apache Software Foundation Chair Emeritus Apache SpamAssassin Project https://www.linkedin.com/in/kmcgrail <https://www.linkedin.com/in/kmcgrail> - 703.798.0171 On Thu, Apr 29, 2021 at 10:43 PM <m

Re: KAMONLY encapsulated rules

Software Foundation Chair Emeritus Apache SpamAssassin Project https://www.linkedin.com/in/kmcgrail <https://www.linkedin.com/in/kmcgrail> - 703.798.0171 On Thu, Apr 29, 2021 at 9:31 PM <mailto:spamassas...@bluestreak.net>> wrote: Greetings, I'm using the KAM ruleset a

KAMONLY encapsulated rules

Greetings, I'm using the KAM ruleset and have noticed that, even though I don't have the KAMOnly plugin installed, the KAMONLY encapsulated rules are still getting fired. In particular the rescored rules. How can I disable this feature? Thanks in advance! Nedry

Re: Problem installing sa on my pi 3b+

spamassassin Without any further params. How am I supposed to know where that command does get its package from??? Christian

Re: Problem installing sa on my pi 3b+

Ok so it seems I cant do anything to get it running on my side. Funny enough that I use the official raspian which I kept up to date with 'sudo apt-get update' and now the 'sudo apt-get install that claims to use the newest version (3.4.2-1+deb10u3) keeps running into such an error. How to

Problem installing sa on my pi 3b+

Hi there, when running a 'sudo apt-get install spamassassin' on my raspian pi 3b+ i keep running into a problem with sa-compile: sa-compile (3.4.2-1+deb10u3) wird eingerichtet ... Running sa-compile (may take a long time) In file included from /usr/lib/arm-linux-gnueabihf/perl/5.28/CORE

Re: SA's bayes with the Redis backend?

a: last expire atime delta 0.000 0 0 0 non-token data: last expire reduction count I've had good luck with using mariadb and galera to share the spamassassin database across systems. I run a small 3-node setup for email, 2x servers running dovecot replicating to each other, and a 3rd galera quoru

Re: per-user bayes

allocate per user! That would be pretty hard to predict as it would vary a lot based on the users and the mail. I don't think Bayes is really that big (a few MB max?) It's not big. Here's my personal spamassassin database (just a few users, but SA has been running for years and years ... About 48M

Re: frequent T_SPF_PERMERROR

). I am having good success using Mail::SPF::Query with spamassassin The spfquery tool also appears to work. This bug report from 2014 reflects my experience. Bug #99890 for Mail-SPF: Mail-SPF-v2.9.0 fails Build test https://rt.cpan.org/Public/Bug/Display.html?id=99890 My guess for the cause

Re: frequent T_SPF_PERMERROR

Mail::SPF version 2.009 is package "Mail-SPF-v2.9.0" which is what I indicated I was using (and had to force install) in my first post. spfquery works, but whatever perl interface SA is using is not producing correct results. Not just on my own domains, but on many others as well. My dns spf

Re: frequent T_SPF_PERMERROR

Thanks for the tip! I didn't know how to debug that stuff. Here's what happens with a spammer faking one of my own domains: >spamd[21654]: spf: query for >isabelle.2...@nro.ca/41.203.191.125/!41.203.191.125!: result: permerror, >comment: , text: Included domain 'srs.bis.na.blackberry.com' has

frequent T_SPF_PERMERROR

Hi. I'm getting T_SPF_PERMERROR extremely often. Not exclusively, but especially when spammers are faking my own domain names. Here's an example from the good old xerox copier spam: From cop...@nro.ca Fri May 26 08:26:18 2017 Return-Path: <cop...@nro.ca> X-Spam-Checker-Version: SpamAs

Re: DNS Terminology

> On Sep 23, 2016, at 17.34, Lindsay Haisley wrote: > > On Fri, 2016-09-23 at 17:10 -0400, btb wrote: >> On 2016.09.23 16.16, Lindsay Haisley wrote: >>> >>> On Fri, 2016-09-23 at 18:43 +0100, RW wrote: Right, but the question here is why isn't a forwarding server

New Mail::SpamAssassin::Plugin::HeadersEqual plugin

: headers: loadplugin Mail::SpamAssassin::Plugin::HeadersEqual [/path/to/HeadersEqual.pm] header SENDER_MISMATCH eval:headers_equal("ne", "From:addr", "Return-Path:addr") score SENDER_MISMATCH 0.5 As you can see, SA will increase the score by 0.5 when the F

Re: T_DKIM_INVALID even if debugging reveals that everything is working?

Found what the problem was. Turns out spamd was running by default with the -L (Use local tests only (no DNS)) parameter. Removed this and restarted de daemon and voila: Jun 24 21:21:21 higis-s3 spamd[22778]: spamd: connection from localhost [::1]:36303 to port 783, fd 5 Jun 24 21:21:21 higis-s3

Re: T_DKIM_INVALID even if debugging reveals that everything is working?

On 06/24/2016 07:53 PM, RW wrote: > On Fri, 24 Jun 2016 18:20:35 +0200 > G.H. (Spamassassin) wrote: > >> Hello, >> >> Every incoming mail with valid DKIM-signatures is tagged with >> T_DKIM_INVALID. >> But when I run such a mail through spamassassin -t -D d

T_DKIM_INVALID even if debugging reveals that everything is working?

Hello, Every incoming mail with valid DKIM-signatures is tagged with T_DKIM_INVALID. But when I run such a mail through spamassassin -t -D dkim < email it finds no errors? I already googled this but it always comes down to missing packages that are being reported with the debug, but in my c

Re: Penalizing code not working

Bill, thanks for your input. As far as I know those apps are current for my OS, which is essentially Ubuntu 12.04 (due to be updated soon). My MTA is postfix but I generally reject or discard through that, whereas SA delivers most stuff to the junk bin as a final check by me. I was unaware

Re: Penalizing code not working

Bill, thanks for your input. As far as I am aware the versions are the latest for my OS - Mint Maya 13 is essentially Ubuntu 12.04 - but I will check. In any case I'm due to update the OS in the near future. My MTA is postfix but I find it easier to manage rules in SA than in postfix, which

Re: Penalizing code not working

And a convenient spam purporting to come from google verifies the second part of the test. Thanks again. :) -- Dave Stiles

Penalizing code not working

the scores to 0.01 to avoid false rejections). Is this code known to fail or is it something I'm doing wrong? Spamassassin version: 3.3.2 Perl version: 5.14.2 OS: Linux Mint 13 = The section header for the code runs... "penalize mail claiming to be from PayPal, eBay, Yahoo or

Re: Customized header (add_header) doesn't work

> On Dec 19, 2015, at 04.35, Reindl Harald wrote: > > > > Am 19.12.2015 um 04:08 schrieb listsb-spamassas...@bitrate.net: >> On Dec 17, 2015, at 13.16, Alfredo Saldanha >> wrote: >>> >>> My second SA is a Zimbra server. >>> I use Zimbra SA

Re: Customized header (add_header) doesn't work

were to use amavis rather than a milter, you could just deliver mail directly from amavis to the zimbra mailbox server [bypassing the zimbra mta which you don't need in term of this] via lmtp [typically port 7025], and it would just work. none of the attempting to trick one instance of spamass

AW: howto do re-scoring of rules with a custom channel?

as well as the subfolder containing the actuall rules files. saInternalChannel does not evaluate after updates_spamassassin_org, so the regular SpamAssassin updates overwrite our rescoring. It seems we need to rename our channel to make them being loaded after the regular SpamAssassin update

howto do re-scoring of rules with a custom channel?

Hi, We created our own internal channel to feed our SpamAssassin installations with some custom rules. Recently tried to re-score a SpamAssassin rule using the channel files, but it does not work. When the channel is updated it correctly downloads the saInternalChannel_mydoamin_com.cf

Re: sa-compile seems to not clean up after itself

job which runs sa-compile for now, and that's just fine. https://issues.apache.org/SpamAssassin/show_bug.cgi?id=7138 -ben

Re: sa-compile seems to not clean up after itself

i hope another solicitation for this help request is ok. On Feb 04, 2015, at 09.19, btb listsb-spamassas...@bitrate.net wrote: hi- i happened to notice a bunch of old files in /tmp/, related to spamassassin. after a bit of testing, it looks like sa-compile isn't cleaning up after

Re: dealing with mail not yet listed in network tests

? the newer the domain, the higher the score is pushed up? that's URIBL_RHS_DOB http://wiki.apache.org/spamassassin/Rules/URIBL_RHS_DOB sadly it turned out to be not that relieable for a very high score revisiting this - am i doing this right? dig yournewgrabbagspecials.rocks.dob.sibl.support

spam from creative gtlds

this was discussed a while back, in the context of tlds with names of colors [red, blue, pink, etc]. recently, i'm getting spam from the rocks tld [i can share further detail if it's of interest]. what ultimately happened with the color tlds, in terms of spamassassin? was there a ruleset

Re: possible false positive with FORGED_YAHOO_RCVD?

On Nov 30, 2014, at 15.42, Benny Pedersen m...@junc.eu wrote: On 30. nov. 2014 21.12.06 listsb-spamassas...@bitrate.net wrote: http://dpaste.com/3XTYV0V.txt Is trusted_networks and internal_networks correct both for ipv4 and ipv6 ? Does it match settings in amavisd ? Both sa and

Re: different results when using --debug

: last sync: .$vars[7],'bayes','-1'); + dbg(bayes: DB journal sync: last sync: %s, $vars[7]); The extra parameters shouldn't have been in that dbg call. See: Bug 7065 - Debug Mode breaks Bayes but only if DBM storage is used https://issues.apache.org/SpamAssassin/show_bug.cgi?id=7065

message sent to list yesterday

hi- i sent a message to the list yesterday, but have not yet seen it appear. can someone check? my logs indicate successful delivery to mx1.us.apache.org: Dec 3 17:48:24 mta postfix/smtp[10226]: 3jtFgN6Dfmz9s2b: to=users@spamassassin.apache.org, relay=mx1.us.apache.org[140.211.11.136]:25,

Re: message sent to list yesterday

at 5:47 PM yesterday (UTC-05:00) which includes the output of some commands like sa-learn --dump magic. http://spamassassin.1065346.n5.nabble.com/different-results-when-using-debug-td113494.html Is that the email you were looking for? thanks, that's it. sorry, i should have thought to check

different results when using --debug

. am i doing something wrong? are my expectations misguided? i'm doing these tests as the user named amavis, which the amavis software runs as. spamassassin --test-mode --debug message3.txt Dec 2 23:32:41.224 [27222] dbg: logger: adding facilities: all Dec 2 23:32:41.224 [27222] dbg

possible false positive with FORGED_YAHOO_RCVD?

hi- a message from yahoo seems to have matched FORGED_YAHOO_RCVD, which from my perspective, the message is not forged [see below pastebin - i hope i've not removed anything of importance during anonymization]. i noted that dkim authentication appears to have failed, which, while of interest

Re: dealing with mail not yet listed in network tests

On Nov 14, 2014, at 00.35, John Hardin jhar...@impsec.org wrote: On Thu, 13 Nov 2014, listsb-spamassas...@bitrate.net wrote: all of the emotional postulative opining aside, one possibility i have been considering is having postfix delay relay of messages to the content filter for a few

dealing with mail not yet listed in network tests

-archives.apache.org/mod_mbox/spamassassin-users/201411.mbox/%3C5458FFE3.10404%40bitrate.net%3E understanding now what's going on, i've been thinking a bit about this, while the frequency of this trend seems to be continuing to increase. as a possibly meaningless anecdote, it's almost as though

Re: Valid TLDs (was: Re: Custom rule not hitting suddenly?)

On Sep 8, 2014, at 21.45, Karsten Bräckelmann guent...@rudersport.de wrote: Some discussion of the underlying issue. On Tue, 2014-09-09 at 02:59 +0200, Karsten Bräckelmann wrote: At the time of the 3.3.2 release, the .club TLD simply didn't exist. It has been accepted by IANA just recently.

Re: sanitizing/normalizing messages for feeding sa-learn

On Aug 27, 2014, at 18.13, Quanah Gibson-Mount qua...@zimbra.com wrote: --On Wednesday, August 27, 2014 6:06 PM -0400 btb listsb-spamassas...@bitrate.net wrote: hi- we have a system [zimbra] where users can select a message in the mua interface and click a spam or not spam button.

Re: Dealing with a bad network device affecting DNS lookups

-spamassassin wrote: I'm really not certain that using time and nslookup (which is a somewhat depreciated tool at this point) gives you results that show where the problem might be. I would suggest that for debugging/proof of issue purposes you use dig (which includes the query time by default

Re: Dealing with a bad network device affecting DNS lookups

Original Message Date: Tuesday, July 15, 2014 15:04:22 -0700 From: Quanah Gibson-Mount qua...@zimbra.com To: Dave Warren da...@hireahit.com, users@spamassassin.apache.org Subject: Re: Dealing with a bad network device affecting DNS lookups --On Tuesday, July 15,

Re: Add an IP to the DNSBL checks

On 13.06.2014 19:47, Kevin A. McGrail wrote: On 6/13/2014 6:15 PM, spamassas...@lcwsoft.com wrote: On 12.06.2014 22:14, spamassas...@lcwsoft.com wrote: Hi guys, I am working on a plugin to check X-PHP-Script and am wondering if there is a way to add the IP to the DNSBL check list? Regards,

Re: Add an IP to the DNSBL checks

On 12.06.2014 22:14, spamassas...@lcwsoft.com wrote: Hi guys, I am working on a plugin to check X-PHP-Script and am wondering if there is a way to add the IP to the DNSBL check list? Regards, Lawrence I'm guessing nobody knows the answer

Add an IP to the DNSBL checks

Hi guys, I am working on a plugin to check X-PHP-Script and am wondering if there is a way to add the IP to the DNSBL check list? Regards, Lawrence

Re: URIBL blocked

On 23/01/12 12:22, Tom Kinghorn wrote: Resolving the block might be as simple as using your own caching nameserver to avoid being lumped together with other users queries; setting up your own mirror of the DNS-blocklist; or paying to use the blocklist. The choice is up to the DNS-Blocklist

Re: Bayes and MySQL - does it actually work?

On 23/12/11 11:29, Henrik K wrote: Performance with the database on physical disks simply wasn't keeping up with more than about double the average message rate (if that...), so I fell back to the good enough setup of putting the SA database on a RAMdisk, I guess it still boils down to

Re: Bayes and MySQL - does it actually work?

to cache. Any write to the table will invalidate caches anyway. And those writes happen every time a token is read (atime is updated). To stop the query cache being invalidated, it would probably be better if the writes were queued and then done in batches. Can SpamAssassin handle this sort of queue

Re: Bayes and MySQL - does it actually work?

On 23/12/11 14:25, David F. Skoll wrote: The only downside to CDB is that incremental updates are not possible. To train, you need to rebuild the entire CDB file. For us, that's an acceptable tradeoff, but YMMV. Another major downside to this approach compared to using MySQL, is that it

RE: A SpamAssassin Crash Course for Admins

Hi there, There isn't really much documentation for any Windows related topics since Michael Bell's tutorial site is offline as well as SpamAssassin for Win32 project being discontinued. However, while compiling an own version of native (so not Cygwin based) Windows SpamAssassin, I've written

Re: A SpamAssassin Crash Course for Admins

On 30/11/11 07:17, Ted Mittelstaedt wrote: I've attached version 2.0 with this email (it's the clean version without all the comments :) ). I've pretty much finished up the definitions and some cleaning up. Again, I would really enjoy feedback! Everywhere you say SpamAssassin you should

Re: new paradigm

On 24/11/11 13:18, Lucio Chiappetti wrote: If a message comes in to my MTA with one of those Message-Id's in the In-Reply-To header, it bypasses the spam filtering because it is a response to a message that I sent what about if your message was stored in a folder of your correspondent,

Re: new paradigm

On 23/11/11 17:55, Christian Grunfeld wrote: What do I mean? you never never answer (or it is really strange) a spam message. On my personal email system, my MSA records Message-Id's of outgoing mail into a database. If a message comes in to my MTA with one of those Message-Id's in the

trusted_networks setup not working

For some reason, spamassassin thinks that 0/0 is trusted, even after my most strenuous attempts to dissuade it: $ grep _networks /etc/spamassassin/* /etc/spamassassin/local.cf:# trusted_networks 212.17.35. /etc/spamassassin/local.cf:clear_trusted_networks /etc/spamassassin

Re: trusted_networks setup not working

Probably hit by a bug in NetAddr::IP, see: https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6681 Upgrade it to NetAddr-IP-4.055 or downgrade to 4.048. Bingo! I upgraded to 4.056 and no more problem! Apparently there'a a workaround, too, mentioned in comment 20 above: 4.053

Re: Spam not stopped???

Also this is my /etc/default/spamass-milter OPTIONS=-u nobody -i 127.0.0.1,209.102.124.20 -r 9 -M What strikes me odd is that the message that was stopped the milter had its id set to spamass-milter Jun 15 06:27:31 mail spamd[981]: spamd: connection from localhost [127.0.0.1] at port 42127

Re: Spam not stopped???

, 15 Jun 2011, User for SpamAssassin Mail List wrote: Also this is my /etc/default/spamass-milter OPTIONS=-u nobody -i 127.0.0.1,209.102.124.20 -r 9 -M What strikes me odd is that the message that was stopped the milter had its id set to spamass-milter Jun 15 06:27:31 mail spamd[981]: spamd

Spam not stopped???

Hello, I have something I cannot explain. We blacklisted an email address for a client but Spam assassin still let it through. Here are the logs: Jun 15 08:08:10 mail spamd[20901]: spamd: identified spam (104.0/6.0) for client:2130 in 0.2 seconds, 1729 bytes. Jun 15 08:08:10 mail

Re: Spam not stopped???

Lawrence, Thanks for the responce. I know Spam Assassin doesn't stop it we use a spamassassin milter for sendmail to reject it. (We been doing this for years). Anyway here is a log on a email that was rejected: Jun 15 06:27:33 mail spamd[981]: spamd: identified spam (22.2/6.0

Re: Spam not stopped???

On Thu, 16 Jun 2011, Lawrence @ Rogers wrote: On 15/06/2011 11:13 PM, User for SpamAssassin Mail List wrote: Lawrence, Thanks for the responce. I know Spam Assassin doesn't stop it we use a spamassassin milter for sendmail to reject it. (We been doing this for years). Anyway here

Pyzor Server

Hello, I don't keep constant eye on the mail server logs but did notice that pyzor was not working. I've ping the server that I've been using for years: # pyzor ping 82.94.255.100:24441 TimeoutError: And see it is not working. I did a pyzor discover and found a public server and did a

RE: [SpamAssassin] Re: First run score: 25.7 Second: 2.6

From: Emin Akbulut [mailto:eminakbu...@gmail.com] Sent: Tuesday, July 20, 2010 1:54 PM To: users@spamassassin.apache.org P.S: In my case all tests done in same input, but outputs have different scores. Does not spamd 3.3.1 (JAM) support logging? I want to log some info...

RE: [SpamAssassin] Re: First run score: 25.7 Second: 2.6

- From: Support SpamAssassin [mailto:spamassas...@jam-software.com] Sent: Friday, July 16, 2010 4:39 PM To: users@spamassassin.apache.org Subject: [SpamAssassin] Re: First run score: 25.7 Second: 2.6 -Original Message- From: Charles Gregory Now if I have to GUESS

Re: First run score: 25.7 Second: 2.6

-Original Message- From: Charles Gregory Now if I have to GUESS on insufficient data, I would suspect that the 'port' of spamd to Windows(?) does not properly tidy up its children when finished. The fact that it crashes certainly points in this direction. May I presume that you

RE: spamassassin-3.3.0 for Fedora/RHEL

http://wtogami.livejournal.com/33674.html If you use spamassassin on Fedora or RHEL5, please see my blog post for RPM packages and distro-specific notes. quote * STOP USING SARE or OpenProtect. They died a long time ago. Some of their rules are dangerous or redundant. Many

RE: spamassassin-3.3.0 for Fedora/RHEL

So how do I stop using sare or openprotect? remove the rules? remove the channels? I suppose you know if you use them or not, do you? Yes I am using it. Since the blog advise to stop using it, thus I am wondering how do I do so? I had remove the sa-update from my crontab. Do I need to

RE: spamassassin-3.3.0 for Fedora/RHEL

Of course. You have to remove everything from /var/lib/spamassassin/3.003000 that you do not want to use. As an example, that is what remains here: Thank you

DomainKeys.pm

Hi, After upgrading to 3.3.0. I began to get an error Jan 29 03:12:40.458 [9168] warn: plugin: failed to parse plugin (from @INC): Can't locate Mail/SpamAssassin/Plugin/DomainKeys.pm in @INC (@INC contains: lib /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi /usr/lib/perl5/vendor_perl

removing check for rulenames

Hi, How do I remove checking with RCVD_IN_DNSWL_LOW and RCVD_IN_RP_SAFE -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low trust [67.131.25.23 listed in list.dnswl.org] -2.0 RCVD_IN_RP_SAFERBL:

RE: removing check for rulenames

How do I remove checking with RCVD_IN_DNSWL_LOW and RCVD_IN_RP_SAFE -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low trust [67.131.25.23 listed in list.dnswl.org] -2.0 RCVD_IN_RP_SAFERBL: Sender is

RE: removing check for rulenames

/spamassassin/ReportingSpam Many thanks again, Jason

RE: exclude domain from server-wide

I am running a qmail + simscan + spamassassin + clamav on a centos 5.3. Regards there are many ways to do it... you could try @example.com in your /var/qmail/control/badmailfrom might work... depending on some factors... you could smtp reject above a certain score and do

exclude domain from server-wide

Hi, How do I exclude a domain from a server-wide envoirment? regards

RE: exclude domain from server-wide

How do I exclude a domain from a server-wide envoirment? with magic words ? *g describe your mail spamassassin server setup ( cause there are thousend ways which it might be implemented at your side ), then you might get an answer I am running a qmail + simscan + spamassassin + clamav

Re: Backscatter.org used as RBL??

If anyone has an example config for sendmail to use the backscatter rbl at smtp time please send it. I take a beating from backscatterers. I would think you could do this with a macro that checks mail from and triggers an rbl check on the ip. Sounds simple but my cf skills are barely above trial

regex anchor for start of line in body

I seem to be having a hard time writing rules which anchor a string to the start of the line in the body of a text message. e.g., suppose I get a lot of phish which contain text (not html) like this: Username:.. Password:.. I try what seemed intuitively easy: body__PHISH1

webmail phishing?

Hi, Before I try to roll my own, does anyone have a set of rules or a plugin designed to detect all these webmail account phishes. You know -- the kind that pretend to be a webmail administrator who informs the user his/her webmail account is being upgraded or has exceeded quota or whatever ..

Filtering / flagging specific email addresses?

Is it possible to get spamassassin to score email addresses with 4 (or more) numeric digits in sequence in the user name? (seems like a lot of our spam comes in for garbage users with user names that are strings of numbers). Thanks! rick Rick Steeves http://www.sinister.net

Re: Filtering / flagging specific email addresses?

At 11:19 AM 3/26/2009, John Hardin wrote: On Thu, 26 Mar 2009, spamassas...@corwyn.net wrote: (seems like a lot of our spam comes in for garbage users with user names that are strings of numbers). ...your MTA should _not_ be accepting invalid recipient addresses for delivery. Fix your MTA

SPF_NEUTRAL scoring?

I have user mail being sent from my domain to my domain flagging as spam. that's ok really. It's what's making it flag as spam that's bugging me - SPF_NEUTRAL X-Spam-Status: Yes, score=4.659 tagged_above=-999 required=4.3 tests=[DYN_RDNS_SHORT_HELO_HTML=0.287, HTML_FONT_SIZE_LARGE=0.001,

Re: SPF_NEUTRAL scoring?

Interesting, but, the domain I'm asking about isn't sinister.net :-) My current guess is that when the mail processes into amavis, when send from local local (all on the same server) the email comes from localhost, triggers SA, localhost isn't in the SPF record, and thus triggers the

Re: Weighting a particular domain?

At 10:07 AM 3/9/2009, Matus UHLAR - fantomas wrote: Are you getting spam from hotmail/yahoo addresses? All the time.

Re: 60_whitelist.cf

def_whitelist_auth [EMAIL PROTECTED] whitelist_auth [EMAIL PROTECTED] dont use both since its 2 diff scores, and only use the one that are needed here is the spf http://old.openspf.org/wizard.html?mydomain=wii.comsubmit=Go%21 perldoc Mail::SpamAssassin::Conf perldoc Mail::SpamAssassin::Plugin::SPF i use

60_whitelist.cf

I am running spamassassin with postfix via amavisd on a FreeBSD Intel box. Email from Nintendo's Wii service is getting flagged as spam, despite me entering it into the whitelist. This seems to be the case with other unrelated entries that I have whitelisted as well. I have entered

how to count lines in the body

Hi Can someone suggest a rule (or rules) which will count the number of lines in the body of a mail message? Or alternatively, a rule which will tell me if a message contains less than N lines in its body? Suppose, for example, I am looking to penalize messages which contain a specific url and

flooded with undetected spam

Hi, My inbox is flooded by some new spams. Any idea how do I block it? http://202.42.86.77/1.eml http://202.42.86.77/2.eml Best regards

Re: trustedopinion.com

Eloise Carlton writes: Thank you for taking the time to report and share this information. We have initiated an investigative process on this report and during the investigative period we have downgraded the sender's accreditation level. Thank you, Eloise. I greatly appreciate Habeas'

spamd and sendmail mailertable

a spamassassin check. Our sendmail.mc looks like: (skipped the first part) # dnl # greylist settings INPUT_MAIL_FILTER(`greylist', `S=local:/var/run/milter-greylist/greylist.sock')dnl define(`confMILTER_MACROS_HELO', `{verify}, {cert_subject}')dnl dnl

Re: spamd and sendmail mailertable

Checking into this more I notice this happens on any forwarded email to another system. Spamassassin refuses to check it. Any Ideas? Thanks, Ken On Fri, 14 Mar 2008, User for SpamAssassin Mail List wrote: Hello, Were using sendmail and their feature mailertable for forwarding certain

Re: Is http://www.rulesemporium.com?

I have the same problem here: traceroute to www.rulesemporium.com (72.52.4.74), 30 hops max, 38 byte packets 1 roxanne.pcez.com (209.102.124.1) 0.179 ms 0.146 ms 0.143 ms 2 52.ATM5-0.GW9.POR3.ALTER.NET (157.130.180.65) 3.016 ms 3.190 ms 2.917 ms 3 0.so-4-3-0.XT2.POR3.ALTER.NET

Particular subject blacklist seems not to work

I am running SpamAssassin version 3.1.7 with Postfix via amavisd on a FreeBSD machine. In the last few weeks, all of a sudden messages with the same 4 or 5 subject lines started coming through undetected for some reason. So I decided to add patterns matching those to /usr/local/share

Re: Particular subject blacklist seems not to work

/local/share/spamassassin/60_whitelist_subject.cf Silly question: are you sure that your WhiteListSubject plugin is even working in the first place? -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ [EMAIL PROTECTED]FALaholic #11174 pgpk -a [EMAIL PROTECTED] key

Re: ispell

Hallo Payne, Op zondag 07 oktober 2007 schreef cpayne aan SpamAssassin: cp Sorry, just had my morning soda, ok what I wanted to say, I want cp the miss-spelled to add x number of points. Maybe .2 or .5 or 1. cp Then that way it will help with a lot these new spam emails that cp been coming

Re: Combine whitelist_to and whitelist_from

and spamassassin will considere it as spam ! the from address can be as easily faked as the to address. I have seen on this mailing list many reports from users whitelisting their own address somehow and thus getting false positives. What you are searching for, is whitelist_from_rcvd which

Combine whitelist_to and whitelist_from

and spamassassin will considere it as spam ! Thank you for your help ... Yves

picture spams

Hi, Will ImageInfo be able to detect and catch this picture spam soon? http://dreams.741.com/spam.gif Thanks

Public.pm

Hi List, Does anyone encounter this error and how do you fix it? Use of uninitialized value in string eq at /usr/lib/perl5/vendor_perl/5.8.8/Mail/DomainKeys/Key/Public.pm line 67, GEN934 line 319. Thanks

[EMAIL PROTECTED] strikes again

; Tue, 14 Aug 2007 08:46:54 -0700 (PDT) Received: from dw ( [220.255.72.245]) by mx.google.com with ESMTPS id m10sm10662529waf.2007.08.14.08.46.51 (version=SSLv3 cipher=RC4-MD5); Tue, 14 Aug 2007 08:46:53 -0700 (PDT) Message-ID: [EMAIL PROTECTED] From: Spamassassin List [EMAIL

Re: A rule for empty body and pdf attachment??

Hello, We are running a Debian Sarge system here with spamassassin version Version: 3.0.3-2sarge1. I tried to put these plugins (ImageInfo and loadplugin) into my system and got the following errors when I restarted: Aug 2 12

  1   2   3   >