.rp wrote:
One of the users (actually the boss) had the email address harvested and we got clobbered
by backscatter. Looking at the emails of the various 'unable to deliver' type messages, I saw
what these could be filtered on, but don't know how to write up and implement the rule
outside of
Matt Kettler writes:
.rp wrote:
One of the users (actually the boss) had the email address harvested and we
got clobbered
by backscatter. Looking at the emails of the various 'unable to deliver'
type messages, I saw
what these could be filtered on, but don't know how to write up
Henrik Krohns writes:
On Thu, May 08, 2008 at 09:35:31AM +0100, Justin Mason wrote:
the VBounce plugin is intended to catch backscatter -- bounces in response
to mail you didn't send -- so it'll ignore bounces in response to mail you
_did_ send, by parsing the bounced message's Received:
Matt Kettler writes:
Justin Mason wrote:
Matt Kettler writes:
.rp wrote:
One of the users (actually the boss) had the email address harvested and
we got clobbered
by backscatter. Looking at the emails of the various 'unable to deliver'
type messages, I saw
what
Justin Mason wrote:
Matt Kettler writes:
.rp wrote:
One of the users (actually the boss) had the email address harvested and we got clobbered
by backscatter. Looking at the emails of the various 'unable to deliver' type messages, I saw
what these could be filtered on, but don't know
On Thu, May 08, 2008 at 10:03:28AM +0100, Justin Mason wrote:
Henrik Krohns writes:
On Thu, May 08, 2008 at 09:35:31AM +0100, Justin Mason wrote:
the VBounce plugin is intended to catch backscatter -- bounces in response
to mail you didn't send -- so it'll ignore bounces in response
On Thu, May 08, 2008 at 11:35:30AM +0100, Justin Mason wrote:
Not in my experience!
I haven't seen anything that isn't a bounce message, an out-of-office
notification, auto-replies, or other stuff targeted by the VBounce
ruleset. certainly not transactional mail. as far as I can tell,
Henrik K schrieb:
On Thu, May 08, 2008 at 11:35:30AM +0100, Justin Mason wrote:
Not in my experience!
I haven't seen anything that isn't a bounce message, an out-of-office
notification, auto-replies, or other stuff targeted by the VBounce
ruleset. certainly not transactional mail. as
On Thu, 8 May 2008, Justin Mason wrote:
Matt Kettler writes:
.rp wrote:
So, need a rule that would parse the Message-ID: in the body (or attachment)
and not
header, and look for the @FQDN
Is this rule already out in the wild?
You'd likely need a meta of some sort.
Theoretically,
On Thu, May 08, 2008 at 03:11:59PM +0200, Robert Müller wrote:
BTW: Also for me 'null senders' are not common - never had problems with
this, except UBE.
Have you even looked at your traffic archives, if you keep one? How do you
know there isn't any problems if someone doesn't realize to
Henrik K schrieb:
On Thu, May 08, 2008 at 03:11:59PM +0200, Robert Müller wrote:
BTW: Also for me 'null senders' are not common - never had problems with
this, except UBE.
Have you even looked at your traffic archives, if you keep one? How do you
know there isn't any problems if
In case of VBounce, chances of FPs are even less acceptable. You are
supposed to reject or discard backscatter
who says?
It seems perfectly fine to me to tag vbounce-filtered mail. In mail
filtering, there will always be FPs.
--j.
On Thu, May 08, 2008 at 04:20:42PM +0100, Justin Mason wrote:
In case of VBounce, chances of FPs are even less acceptable. You are
supposed to reject or discard backscatter
who says?
It seems perfectly fine to me to tag vbounce-filtered mail. In mail
filtering, there will always be
One of the users (actually the boss) had the email address harvested and we got
clobbered
by backscatter. Looking at the emails of the various 'unable to deliver' type
messages, I saw
what these could be filtered on, but don't know how to write up and implement
the rule
outside of procmail.
On Tuesday 20 November 2007 19:25:27 Karsten Bräckelmann wrote:
Both, the rewritten Subject (see [DEL]) and the X-TUD-*-SpamScore [1]
header should be sufficient on it's own to identify a previously
encapsulated mail. Based on that, just treat the mail differently,
un-wrapping if need be. It
Hi Stefan,
Stefan Walk wrote:
Theo Van Dinter wrote:
On Mon, Nov 19, 2007 at 10:21:12AM +0100, Matus UHLAR - fantomas wrote:
machines. Is there a way to detect (in ways of a script) that a mail has been
processed by report safe, or yet better, a done way to undo it? I've heard
sa-learn
Sent before with the wrong from address ... sorry if this comes through
twice.
Theo Van Dinter wrote:
On Mon, Nov 19, 2007 at 10:21:12AM +0100, Matus UHLAR - fantomas wrote:
machines. Is there a way to detect (in ways of a script) that a mail has
been
processed by report safe, or yet
On Tue, Nov 20, 2007 at 05:48:36PM +0100, Stefan Walk wrote:
spamassassin -d
Thanks. But it seems spamassassin -d only removes the markup that my
spamassassin did, not those from others (they mangle the headers too, it's
Well, yes and no. -d only removed 1 level of encapsulation. If
Theo Van Dinter wrote:
Oh, also, if mails are coming in w/ X-Spam-Status: Yes or whatever,
you could always choose to just block those mails via the MTA/etc.
IMO, if someone else is telling you that the mail is spam, why bother
accepting it?
Because i don't trust the other servers (false
Theo Van Dinter wrote:
On Mon, Nov 19, 2007 at 10:21:12AM +0100, Matus UHLAR - fantomas wrote:
machines. Is there a way to detect (in ways of a script) that a mail has
been
processed by report safe, or yet better, a done way to undo it? I've heard
sa-learn does it, so i'd guess it has
On Tuesday 20 November 2007 17:59:39 Theo Van Dinter wrote:
Well, yes and no. -d only removed 1 level of encapsulation. If you have
a multiply-encapsulated message, you need to run the unencapsulator
multiple times. :)
As far as your markup versus their markup ... It generally shouldn't
On Tue, 2007-11-20 at 17:48 +0100, Stefan Walk wrote:
Thanks. But it seems spamassassin -d only removes the markup that my
spamassassin did, not those from others (they mangle the headers too, it's
X-TUD-HRZ-MailScanner: Found to be clean
X-TUD-HRZ-MailScanner-SpamCheck: not spam
On 18.11.07 21:54, Stefan Walk wrote:
I'm kind of annoyed because there are, for a few of my email addresses,
several spamassassins at work, and they all use report_safe. On the final
machine (mine), there's a spamassassin running too. So, to prevent a message
from ending up in my mail
On Mon, Nov 19, 2007 at 10:21:12AM +0100, Matus UHLAR - fantomas wrote:
machines. Is there a way to detect (in ways of a script) that a mail has
been
processed by report safe, or yet better, a done way to undo it? I've heard
sa-learn does it, so i'd guess it has been done ...
On Mon, Nov 19, 2007 at 10:21:12AM +0100, Matus UHLAR - fantomas wrote:
machines. Is there a way to detect (in ways of a script) that a mail has
been
processed by report safe, or yet better, a done way to undo it? I've heard
sa-learn does it, so i'd guess it has been done ...
Oh, also,
Hi,
I'm kind of annoyed because there are, for a few of my email addresses,
several spamassassins at work, and they all use report_safe. On the final
machine (mine), there's a spamassassin running too. So, to prevent a message
from ending up in my mail client encapsulated in 5 spamassassin
On 12.11.07 18:13, Wolfgang Uhr wrote:
I've a small problem. We have installed courier mta on our server and we
start sa using the command
xfilter /usr/bin/spamassassin
resp.
xfilter /usr/bin/spamc
where do you run that from? The procmailrc/mailfilter?
If we do this the folder
Hello
I've a small problem. We have installed courier mta on our server and we
start sa using the command
xfilter /usr/bin/spamassassin
resp.
xfilter /usr/bin/spamc
If we do this the folder /.spamassassin/ will be created in the first
time und will be used in the next calls.
Now I want
Hi,
I want to add a patch to 20_ratware.cf so I can extend FORGED_MUA_OUTLOOK
to handle the new Outlook Message-ID format. Can I just redefine the
supporting meta rule __FORGED_OE and let SA take care of the rest ?
see patch here:
--On Tuesday, October 16, 2007 12:59 -0400 Paul Griffith
[EMAIL PROTECTED] wrote:
Hi,
I want to add a patch to 20_ratware.cf so I can extend FORGED_MUA_OUTLOOK
to handle the new Outlook Message-ID format. Can I just redefine the
supporting meta rule __FORGED_OE and let SA take care of the
On Tue, 16 Oct 2007 14:57:00 -0400, Joseph Brennan [EMAIL PROTECTED]
wrote:
--On Tuesday, October 16, 2007 12:59 -0400 Paul Griffith
[EMAIL PROTECTED] wrote:
Hi,
I want to add a patch to 20_ratware.cf so I can extend
FORGED_MUA_OUTLOOK
to handle the new Outlook Message-ID format. Can
Paul Griffith wrote:
Hi,
I want to add a patch to 20_ratware.cf so I can extend
FORGED_MUA_OUTLOOK to handle the new Outlook Message-ID format. Can I
just redefine the supporting meta rule __FORGED_OE and let SA take care
of the rest ?
Redefining the rule in your site config (often located
but the
loopback, but the spamc/spamd pair is fundamentally designed with this
kind of use in mind.
--
View this message in context:
http://www.nabble.com/is-it-possible-to-setup-SA-in-a-different-machine--tf4313291.html#a12317119
Sent from the SpamAssassin - Users mailing list archive
On Fri, 24 Aug 2007, Linooks wrote:
But I have another last problem.
I get a spam with an email within my domain? lets say
[EMAIL PROTECTED] --- sends out spam messages to all
Can someone please tell how to solve this one? thanks in advance!!!
You mean it's not blocking spams that have the
.-- John C. Randolph [EMAIL PROTECTED]
---
Tomorrow: The 1928th anniversary of the destruction of Pompeii
--
View this message in context:
http://www.nabble.com/is-it-possible-to-setup-SA
On Fri, 24 Aug 2007, Linooks wrote:
I had no whitelist option in my local.cf so I think that is not
the cause.
Hmm,, I really wonder why.
Please post a sample including all headers, if you can.
On Fri, 24 Aug 2007, Linooks wrote:
But I have another last problem.
I get a spam with
I'm a little late stepping in on this and it seems the original email
was deleted from my mail box by mistake. As everyone has saids, yes you
can use spam assassin on a separate server. I do that right now and it
works pretty well. It's also pretty slick because I have it setup not
only to
]
---
Tomorrow: The 1928th anniversary of the destruction of Pompeii
--
View this message in context:
http://www.nabble.com/is-it-possible-to-setup-SA-in-a-different-machine--tf4313291.html#a12318383
Sent from the SpamAssassin - Users mailing
On Fri, 24 Aug 2007, Linooks wrote:
this is the full header:
Return-Path: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
Received: (qmail 18837 invoked by uid 89); 24 Aug 2007 19:45:01 -
Delivered-To: [EMAIL PROTECTED]
Received: (qmail 18801 invoked by uid 89); 24 Aug 2007 19:45:01
---
Tomorrow: The 1928th anniversary of the destruction of Pompeii
--
View this message in context:
http://www.nabble.com/is-it-possible-to-setup-SA-in-a-different-machine--tf4313291.html#a12319179
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Linooks wrote:
I have it working!
added the email address that sends newsletters in simcontrol
Thanks for the help.
But I have another last problem.
I get a spam with an email within my domain? lets say
[EMAIL PROTECTED] --- sends out spam messages to all
Can someone please tell how to
Linooks wrote:
Hi,
Im using qmail,vpopmail,clamav,and SA 3.0.1 under RHEL4
We send newsletters frequently so I really understand that it will cost a
lot of cpu usage. I was thinking if I can setup the SA into a different
machine, not with the email server. So I can gain more cpu usage. when
to 100 I can send and receive emails! can SA be setup like that?
SA will scan remote email servers?:-(
--
View this message in context:
http://www.nabble.com/is-it-possible-to-setup-SA-in-a-different-machine--tf4313291.html#a12280335
Sent from the SpamAssassin - Users mailing list archive
Hi,
Im using qmail,vpopmail,clamav,and SA 3.0.1 under RHEL4
We send newsletters frequently so I really understand
that it will cost a lot of cpu usage. I was thinking if I
can setup the SA into a different machine, not with the
email server. So I can gain more cpu usage. when it goes
to
servers?:-(
--
View this message in context:
http://www.nabble.com/is-it-possible-to-setup-SA-in-a-different-machine--tf4313291.html#a12280664
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
* Linooks [EMAIL PROTECTED]:
Hi,
Im using qmail,vpopmail,clamav,and SA 3.0.1 under RHEL4
We send newsletters frequently so I really understand that it will cost a
lot of cpu usage.
Why would it? Can't you inject the newsletter in such a way that it
circumvents SA clamav?
--
Ralf
von FU- und HU-BerlinFax. +49 (0)30-450
570-962
IT-Zentrum Standort CBFsend no mail to
[EMAIL PROTECTED]
--
View this message in context:
http://www.nabble.com/is-it-possible-to-setup-SA-in-a-different-machine--tf4313291.html#a12281136
Sent from the SpamAssassin
On Wed, 22 Aug 2007, Linooks wrote:
Thats also my problem, I did not set this email server..
How would I do what you recommend?
First question: how is SA being called? Then we can offer advice.
--
John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
[EMAIL PROTECTED]
days until The 1928th anniversary of the destruction of Pompeii
--
View this message in context:
http://www.nabble.com/is-it-possible-to-setup-SA-in-a-different-machine--tf4313291.html#a12281399
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Linooks wrote:
I have no idea, but I think the server uses simscan to call clam and SA. I
hope that helps..
If you are using simscan you can add
[EMAIL PROTECTED]:spam=no,clam=yes
to the /var/qmail/control/simcontrol file and then run
/var/qmail/bin/simscanmk.
[EMAIL PROTECTED] is the
=yes
to the /var/qmail/control/simcontrol file and then run
/var/qmail/bin/simscanmk.
[EMAIL PROTECTED] is the email address of the account used to send out the
newsletters.
Regards,
Rick
--
View this message in context:
http://www.nabble.com/is-it-possible-to-setup-SA
I've noticed that in 99% of cases where the subject line starts with a
first name, the email is spam. The only way I can think to check for
this, though is to keep a large database of common first names and check
against it. Can anyone suggest a way to implement this that wouldn't
slow
Message -
From: Drew Burchett
To: users@spamassassin.apache.org
Sent: Thursday, August 09, 2007 9:36 AM
Subject: Thoughts on a possible rule
I've noticed that in 99% of cases where the subject line starts with a first
name, the email is spam. The only way I can think to check
I think I just noticed a conflict. Not sure if I made the mistake or not,
yet I probably did.
In my init.pre I have
loadplugin Mail::SpamAssassin::Plugin::URIDNSBL
uncommented
and in my
local.cf I have purposely set the config below.
skip_rbl_checks 1
do these settings conflict?
I believe
From: Abba Communications [mailto:[EMAIL PROTECTED]
I think I just noticed a conflict. Not sure if I made the mistake or
not,
yet I probably did.
In my init.pre I have
loadplugin Mail::SpamAssassin::Plugin::URIDNSBL
uncommented
and in my
local.cf I have purposely set the config
skip_rbl_checks 1
do these settings conflict?
I believe they do, correct?
No.
skip_rbl_checks 1 does not turn off the URI DNSBL checks.
See http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5384
Are you still experiencing this issue?
The entire error line reads:
Malformed UTF-8 character (unexpected non-continuation byte 0x00, immediately
after start byte 0xce) in pattern match (m//)
at
/var/lib/spamassassin/3.002000/72_sare_bml_post25x_cf_sare_sa-update_dostech_net/20050602.cf,
rule SARE_OBFUMONEY1, line 1.
I saw
rule SARE_OBFUMONEY1, line 1.
I saw the same thing earlier this weekend but passed it off to possibly
something I didn't have configured right.
No. Its a combination of a perl bug and a change in SA to allow rules in
other than the ascii character set.
Previous versions of SA had 'use
On Monday 07 May 2007 8:51 pm, Loren Wilton wrote:
rule SARE_OBFUMONEY1, line 1.
I saw the same thing earlier this weekend but passed it off to possibly
something I didn't have configured right.
No. Its a combination of a perl bug and a change in SA to allow rules in
other than the
Chris wrote:
Thanks Loren, I doubt then that this accounts for the strange sa-update run I
had this morning which I've posted the cron output here:
http://mediasafe.embarq.com/chris1948/Hosted/saupdate0507.tar.bz2
I don't see anything strange at all in that output.
Yesterdays update was a
Does this look correct?
sub handle_potential_faraway
{
my $mail = shift(@_);
$spamtest = new Mail::SpamAssassin({
PREFIX = $PREFIX,
DEF_RULES_DIR = $DEF_RULES_DIR,
LOCAL_RULES_DIR = $LOCAL_RULES_DIR,
LOCAL_STATE_DIR = $LOCAL_STATE_DIR,
userprefs_filename =
Noc Phibee wrote:
Hi
Actually, all of my .cf are put into /etc/mail/spamassassin/
I hope you mean all your add-ons. The stock ruleset should be in
/usr/share/spamassassin or the equivalent.
can i said at spamassassin to read too all .cf of on another
directory ?
AFAIK, no. SA will
Looks like the API has changed a little bit?
Can't locate object method check_for_faraway_charset_in_headers via
package Mail::SpamAssassin::PerMsgStatus
sub handle_potential_faraway
{
my $mail = shift(@_);
$spamtest = new Mail::SpamAssassin({
PREFIX = $PREFIX,
DEF_RULES_DIR =
On Sat, May 05, 2007 at 10:06:42PM +0700, Robert Nicholson wrote:
Looks like the API has changed a little bit?
Eval tests aren't necessarily part of an API FWIW.
Can't locate object method check_for_faraway_charset_in_headers via
package Mail::SpamAssassin::PerMsgStatus
It's in a plugin
On Sunday 29 April 2007 10:58 am, Julius VWilliam wrote:
Our Last pick Doubled
We now bring you a new winner
Announcing CRITICAL CARE NEW
I know Justin already noted how this slipped through but thought I'd paste my
mail providers (Embarq/Synacor) markup:
Old-X-Spam-Score: -0.699
tests=[ALL_TRUSTED=-1.8, BAYES_00=-2.599, PYZOR_CHECK=3.7]
Though they did not tag it as spam, they still have a mis-configured
setup,
note the [ALL_TRUSTED].
Also note the Bayes_00. If they have bayes trained to think spam is ham,
they have a problem.
Loren
On Saturday 05 May 2007 10:31 pm, Loren Wilton wrote:
tests=[ALL_TRUSTED=-1.8, BAYES_00=-2.599, PYZOR_CHECK=3.7]
Though they did not tag it as spam, they still have a mis-configured
setup,
note the [ALL_TRUSTED].
Also note the Bayes_00. If they have bayes trained to think spam
Hi
Actually, all of my .cf are put into /etc/mail/spamassassin/
can i said at spamassassin to read too all .cf of on another
directory ?
Sample: /etc/mail/spamassassin/Private/*.cf
Thanks
required=6.6
tests=[ALL_TRUSTED=-1.8, AWL=-0.054, BAYES_00=-2.599,
DNS_FROM_RFC_ABUSE=0.2, DNS_FROM_RFC_POST=1.708]
Yet your reply is marked as [possible spam].
Here is my trust paths in my local.cf:
trusted_networks 127/8 192.168/16 207.217.121/24 209.86.93/24 208.47.184/24
They seem to have a rather confused SA setup on their systems, indicating
perhaps that they don't really have a clue about what they are doing.
Some fairly obvious questions:
1Why are they tagging your mail through their server as DUL? You are
persumably THEIR CUSTOMER and using THEIR
Chris wrote:
My question then is what good would it do me to adjust my trusted_networks
setting, if in fact I have it incorrect. The [possible spam] markups are
being made by Embarq/Synacor not me.
Ahh, I get it.. Well, whoever is tagging that has a broken
trusted_networks. Their winding
) with ESMTP id 3264622B7DA
for [EMAIL PROTECTED]; Sun, 29 Apr 2007 09:09:06 -0400 (EDT)
Received: by cpollock.localdomain (Postfix, from userid 0)
id C6761434095; Sun, 29 Apr 2007 08:09:05 -0500 (CDT)
From: [EMAIL PROTECTED] (Cron Daemon)
To: [EMAIL PROTECTED]
Subject: [Possible SPAM
At 21:11 28-04-2007, Chris wrote:
On April 9th Embarq, my DSL provider, dropped Earthlink as their
mail provider
and switched over to Synacor while giving everyone an address of
@embarqmail.com. Since then every post that is sent from my system to me is
tagged as [Possible Spam] whether its
.
It may be better to contact Embarq which is your ISP and complain
about valid mail being tagged as spam. Ask them whether you can use
SMTP authentication to solve the problem. If all your mail is being
tagged as possible spam, then the antispam filtering for
embarqmail.com is misconfigured
At 13:47 29-04-2007, Chris wrote:
From an email I received from a QA guy at Embarq when I was asking
questions
about the switch over:
The smtp server will be smtp.embarqmail.com and it will be
authenticated but the port will be 25 rather than 587.
They said that smtp.embarqmail.com supports
On Sunday 29 April 2007 4:04 pm, SM wrote:
Earthlink may have used smtpauth in the hostname to specify that the
SMTP server only supports authenticated SMTP sessions. SMTP
authentication is not restricted to port 587 only. It can also be
used on port 25 if the mail server supports that.
On April 9th Embarq, my DSL provider, dropped Earthlink as their mail provider
and switched over to Synacor while giving everyone an address of
@embarqmail.com. Since then every post that is sent from my system to me is
tagged as [Possible Spam] whether its the output of a cronjob or just
as their mail
provider
and switched over to Synacor while giving everyone an address of
@embarqmail.com. Since then every post that is sent from my system to me is
tagged as [Possible Spam] whether its the output of a cronjob or just a test
message to myself. Its not my box that is doing
Chris wrote:
Since changing to embarqmail.com last Sunday each post I've
made to this list has been marked-up as possible spam. Is
Embarq that screwed up? Or is Synacor? Here are the markups
on the one I just posted:
X-Virus-Checked: Checked by ClamAV on apache.org
X-Old-Spam-Flag: YES
Chris wrote:
[2474] dbg: metadata: X-Spam-Relays-Trusted: [ ip=127.0.0.1
rdns=localhost.localdomain helo=localhost by=mailrelay.embarq.synacor.com
ident= envfrom= intl=1 id=8B8062336D7 auth= ] [ ip=127.0.0.1 rdns=
helo=mailrelay.embarq.synacor.com by=localhost ident= envfrom= intl=1
On Wednesday 25 April 2007 4:34 pm, Daryl C. W. O'Shea wrote:
Chris wrote:
[2474] dbg: metadata: X-Spam-Relays-Trusted: [ ip=127.0.0.1
rdns=localhost.localdomain helo=localhost by=mailrelay.embarq.synacor.com
ident= envfrom= intl=1 id=8B8062336D7 auth= ] [ ip=127.0.0.1 rdns=
Chris wrote:
What I'm trying to figure out Daryl is what would be added to my
trusted_networks config line to reflect embarq and or synacor. Previously
this is all I had on that line, 127/8 192.168/16 207.217.121/24 209.86.93/24.
Since I'm now 'in between' hosts, meaning that El is forwarding
I'm 'trying' to get things back to normal after the switch from earthlink to
my dsl provider, embarq. I'm reading the wiki page regarding this and ran
spamassassin -D -t on a test message I had sent to myself. I'm confused about
the results below:
[2474] dbg: received-header: parsed as [
Since changing to embarqmail.com last Sunday each post I've made to this list
has been marked-up as possible spam. Is Embarq that screwed up? Or is
Synacor? Here are the markups on the one I just posted:
X-Virus-Checked: Checked by ClamAV on apache.org
X-Old-Spam-Flag: YES
X-Old-Spam-Status
I mean that there is no such a rule like Fw_mail in those files and I also
not using local_pref
If this Fw_mail Rule is not an native rule and I am sure that I didn't add
this, where it is possible to come from?
Thanks
Hasan Aydın ŞAŞMAZ
Genel Müdür Yardımcısı
BTEĞİTİM
Tel : 0212 274
to someone
these email tag as spam. This was not the case before and it's a new for me.
What is the real cause of this and how prevent spamassassin adding this
Fw_mail 100 score any forwarded email
Could it be possible to arise from domainname From: section don't match
with domainname on Message
On Fri, Jan 26, 2007 at 02:32:11AM +0200, Aydin SASMAZ wrote:
adds a test score Fw_mail 100.00 but I got the email because my email
[...]
What is the real cause of this and how prevent spamassassin adding this
Fw_mail 100 score any forwarded email
Fw_mail is not a standard rule included with
BTEĞİTİM
Tel : 0212 274 6998
Fax: 0212 267 4725
-Original Message-
From: Theo Van Dinter [mailto:[EMAIL PROTECTED]
Sent: 26 Ocak 2007 Cuma 03:02
To: users@spamassassin.apache.org
Subject: Re: Possible false positive?
On Fri, Jan 26, 2007 at 02:32:11AM +0200, Aydin SASMAZ wrote:
adds
Hello SA Devs, JM, Theo et al,
body INVESTMENT_ADVICE/\binvestment advice/i
describe INVESTMENT_ADVICEMessage mentions investment advice
score INVESTMENT_ADVICE 2.960 2.960 3.423 3.700
I'd like to ask a friend to give me some sound investment advice BANG!
pls reconsider this
On Thu, Jan 04, 2007 at 05:08:19PM +0100, Yet Another Ninja wrote:
body INVESTMENT_ADVICE/\binvestment advice/i
score INVESTMENT_ADVICE 2.960 2.960 3.423 3.700
pls reconsider this score, no matter what masscheckers say :-)
Well, back in the day it was a good rule:
At 08:08 AM 1/4/2007, you wrote:
Hello SA Devs, JM, Theo et al,
body INVESTMENT_ADVICE/\binvestment advice/i
describe INVESTMENT_ADVICEMessage mentions investment advice
score INVESTMENT_ADVICE 2.960 2.960 3.423 3.700
I'd like to ask a friend to give me some sound investment
Recently there was a thread on BAYES_00 and how folks were considering or
changing the score on this etc
-2.6 BAYES_00 BODY: Bayesian spam probability is 0 to 1%
[score: 0.]
Ive searched and cannot locate it (the thread) somehow.
Can someone help
after launching spamd (31x branch, r486953) with,
spamd --daemonize --nouser-config --allow-tell
--allowed-ips=192.168.1.10,127.0.0.1 --listen-ip=127.0.0.1 --port=783
/dev/null /var/log/spamd.log
i see only,
ps -ax | grep -i spamd
922 ?? S 0:00.18 spamd child
On Wed, Dec 13, 2006 at 08:18:37PM -0800, snowcrash+spamassassin wrote:
ps -ax | grep -i spamd
922 ?? S 0:00.18 spamd child
923 ?? S 0:00.14 spamd child
24006 p1 R+ 0:00.01 grep -i spamd
Hrm. There's no parent in that output.
Try ps -ef | grep
Hrm. There's no parent in that output.
Try ps -ef | grep spamd and see what happens.
not sure what you're looking for here, but,
% ps -ef | grep spamd
ps: illegal option -- f
kills the two child processes, which then immediately restart.
Yeah, you need to deal with the parent, not
On Wed, Dec 13, 2006 at 09:05:39PM -0800, snowcrash+spamassassin wrote:
not sure what you're looking for here, but,
% ps -ef | grep spamd
ps: illegal option -- f
Hrm. What platform are you on? ps -axwg, ps -el ?
Anyway, you could also look at using a pid file. Tell spamd when
% ps -ef | grep spamd
ps: illegal option -- f
Hrm. What platform are you on? ps -axwg, ps -el ?
well, what day/time is it?
at the moment, MacOSXServer. during the day, usually an OpenSuSE or
FreeBSD box.
Anyway, you could also look at using a pid file. Tell spamd when starting -r
On Mon, 2006-10-09 at 11:43 -0400, Rob McEwen (PowerView Systems) wrote:
The last few weeks I have noted (angry users calling me by phone) that
the server is really slow.
Don't know for sure, but I suspect slower than usual Razor and/or DCC servers?
--Rob McEwen
I second that. Razor
Hello!
I was very happy using SpamAssassin at my email server (Xeon 2.8GHz, 1.5
GB memory, Dual Ultra SCSI HD 73.4GB in RAID 1, Linux 2.4.33)
The last few weeks I have noted (angry users calling me by phone) that
the server is really slow. The loadav goes from 1.5 to 12.5; normally is
about
The last few weeks I have noted (angry users calling me by phone) that
the server is really slow.
Don't know for sure, but I suspect slower than usual Razor and/or DCC servers?
--Rob McEwen
301 - 400 of 478 matches
Mail list logo