> Ben Lentz wrote:
>>
>> Thanks, I'll definitely have to give that KAM ruleset a spin
>> on our
>> system. Any chance you could tell me where that TVD tag is
>> coming from?
>> Is that another SARE rule?
>
> That's from sa-update. (TVD = Theo Van Dinter)
>
> If you are worried about sa-update brea
Ben Lentz wrote:
Thanks, I'll definitely have to give that KAM ruleset a spin on our
system. Any chance you could tell me where that TVD tag is coming from?
Is that another SARE rule?
That's from sa-update. (TVD = Theo Van Dinter)
If you are worried about sa-update breaking your system, yo
- Original Message -
*From:* David Goldsmith <[EMAIL PROTECTED]>
*Sent:* 06/07/2006 04:56:37 PM
*To:* users@spamassassin.apache.org
*Subject:* Stock Spams; aka Pump and Dump part 2
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ben Lentz wrote:
Greetings list,
I've bee
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ben Lentz wrote:
> Greetings list,
> I've been reading a pretty active and recent thread from one of the
> sa-users mailing list archives that talks about a high rate of these
> stock spams that are getting through. I, too, am currently suffering
> fro
Greetings list,
I've been reading a pretty active and recent thread from one of the
sa-users mailing list archives that talks about a high rate of these
stock spams that are getting through. I, too, am currently suffering
from this problem and am wondering if anyone has any recommendations. I
You're absolutely right of course - but those of us relying on Debian
stable have only got 3.0.3-2sarge1 to go on.
Is it safe to pin spamassassin to the version in testing (currently
3.1.1-1) when everything else i use (sendmail/mimedefang/clamav) is out of
stable - or should i pin those 'u
On 03/06/2006, at 8:13 AM, Kenneth Porter wrote:
For most software, I'd strongly agree with you. But anti-spam
software is like anti-virus software. The battle evolves rapidly,
and you need to evolve with it if you're going to be effective in
fighting it.
With SA 3.1.2 just released, 3.
DAve wrote:
> Kenneth Porter wrote:
> > With SA 3.1.2 just released, 3.0.4 is archaic. It's like fighting
> > the Gulf War with WWII weapons. (And anyone using SA 2.xx is using
> > stuff from the 19th century.)
>
> I would, without a moments hesitation, trade a M-16 for a M1 Garrand
> or an M-14.
Kenneth Porter wrote:
--On Thursday, June 01, 2006 1:41 PM -0400 DAve
<[EMAIL PROTECTED]> wrote:
Currently 3.0.4 on the toasters, 3.0.2 on the MailScanner boxes. These
may or may not get updates this month. I've never been fond of "update"
as a solution to a problem unless I know the change in
David Goldsmith wrote:
We are running SA 3.1.0. Reading this thread today, I just found the
SARE_STOCKS ruleset. I updated the rules_du_jour script and pulled down
the ruleset. Have received some messages already that are being caught.
Some others are making it through with scores of 6.7 -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Kenneth Porter wrote:
> --On Thursday, June 01, 2006 1:41 PM -0400 DAve
> <[EMAIL PROTECTED]> wrote:
>
>> Currently 3.0.4 on the toasters, 3.0.2 on the MailScanner boxes. These
>> may or may not get updates this month. I've never been fond of "update"
--On Thursday, June 01, 2006 1:41 PM -0400 DAve <[EMAIL PROTECTED]>
wrote:
Currently 3.0.4 on the toasters, 3.0.2 on the MailScanner boxes. These
may or may not get updates this month. I've never been fond of "update"
as a solution to a problem unless I know the change in version will
directly
> Bayes, arrgg!! More than once I've been given examples of bayes being
> the solution I need. I really really really want bayes to
> work. But each
> time I set it up, the db gets huge, scan times go through the
> roof, and
> I end up disappointed. The one time it worked for me I ended
> up traini
> time to try them again. SpamCop, I won't go there, we have issues with
> the people at SpamCop. I neither use them nor trust them.
You REALLY need to try URIBL, and probably uriblack, and a few more of the
URI based lists. These get feeds from SpamCop and the like. But they work.
Lore
> > Sure is a stock spam rule set.
> >
> > http://www.rulesemporium.com/rules/70_sare_stocks.cf
> >
>
> Had it running 10 minutes after it was announced. My problem is worse
> than that. Possibly I could create a meta rule in my local.cf that says
> a sare_stock hit plus any other rule, add 5 point
On Thursday June 1 2006 20:53, DAve wrote:
> Bayes, arrgg!! More than once I've been given examples of bayes being
> the solution I need. I really really really want bayes to work. But each
> time I set it up, the db gets huge, scan times go through the roof, and
> I end up disappointed.
> I curre
On Thu, Jun 01, 2006 at 02:53:56PM -0400, DAve wrote:
> Theo, I appreciate the results, that means more to me than "upgrade".
> Results speak louder than anything else. Could you tell me the scores
> for each test? If you are as busy as I am, I understand if you can not
Not off hand, but they'r
Theo Van Dinter wrote:
On Thu, Jun 01, 2006 at 01:41:36PM -0400, DAve wrote:
Currently 3.0.4 on the toasters, 3.0.2 on the MailScanner boxes. These
[...]
http://pixelhammer.com/spam/spam1.txt
http://pixelhammer.com/spam/spam2.txt
http://pixelhammer.com/spam/spam3.txt
http://pixelhammer.com/spa
Bayes is a stalwart here, that and the more recent versions of SA.
Best I can suggest is upgrade to 3.1.1 and run in some rules, I'm
happy to let you know which ones we use.
That being said, bayes is the only realistic way of training in spam -
adding it makes life a lot easier.
HTH
Kind regards
On Thu, Jun 01, 2006 at 01:41:36PM -0400, DAve wrote:
> Currently 3.0.4 on the toasters, 3.0.2 on the MailScanner boxes. These
[...]
> http://pixelhammer.com/spam/spam1.txt
> http://pixelhammer.com/spam/spam2.txt
> http://pixelhammer.com/spam/spam3.txt
> http://pixelhammer.com/spam/spam4.txt
> htt
DAve wrote:
Nigel Frankcom wrote:
This may be a daft question, if so, apologies in advance; but, do you
train these spam into sa?
Nope, been down the Bayes road a few times and the load on the server
never justified the spam it caught. When using bayes we always end up
babysitting it too muc
Nigel Frankcom wrote:
This may be a daft question, if so, apologies in advance; but, do you
train these spam into sa?
Nope, been down the Bayes road a few times and the load on the server
never justified the spam it caught. When using bayes we always end up
babysitting it too much. This could
This may be a daft question, if so, apologies in advance; but, do you
train these spam into sa?
We receive a large number of these daily and, to date, very, very few
get through.
What version of SA are you running?
KR
Nigel
On Thu, 01 Jun 2006 12:48:50 -0400, DAve <[EMAIL PROTECTED]>
wrote:
>
Doc Schneider wrote:
DAve wrote:
Howdy,
My users are just about tired of the stock spams, we are getting many
now that are barely hitting any stock rules at all. The funny thing is
they are pretty much a legit email. No obfuscation, no funky headers,
no URL.
I am nearly ready to just stomp
DAve wrote:
Howdy,
My users are just about tired of the stock spams, we are getting many
now that are barely hitting any stock rules at all. The funny thing is
they are pretty much a legit email. No obfuscation, no funky headers, no
URL.
I am nearly ready to just stomp any and all stock mes
Howdy,
My users are just about tired of the stock spams, we are getting many
now that are barely hitting any stock rules at all. The funny thing is
they are pretty much a legit email. No obfuscation, no funky headers, no
URL.
I am nearly ready to just stomp any and all stock messages and for
26 matches
Mail list logo