Hi,
My server runs with static IP and have a legitimate MX record.
Squirrelmail runs on the same mail server.
So I don't think that this is the problem.
Regards,
Leon
-Original Message-
From: Benny Pedersen [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 15, 2006 10:01 AM
To:
On Tue, November 14, 2006 19:00, SM wrote:
See whitelist_from_dk [EMAIL PROTECTED] example.com
for me this is not possible with domainkeys
but only with dkim
--
This message was sent using 100% recycled spam mails.
Last week we migrated our bayes DB from DBM to MySQL.
Now we have upgraded our MySQL server from version 4.0 to 4.1.
Today I found a couple of duplicate index values in the token column
of bayes_token table.
This field is defined as char(5) with default collation (that is
latin1_swedish_ci).
-Original Message-
From: Benny Pedersen [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 15, 2006 3:47 AM
To: users@spamassassin.apache.org
Subject: RE: Microsoft blacklisted?
On Tue, November 14, 2006 12:58, Michael Scheidell wrote:
in spamassassin 3.2.x thease test
Hello,
Is there any automatic way (using a script), to extract the Reverse DNS
hostname for the host that delivered the message to
my network?
Because there may be mail-server serving multiple domains, i.e. somedomain.com
is served by mailserver.someotherdomain.com and the line in local.cf
I am testing auto-whitelist (generic auto-whitelist, no per user) and with
my check_whitelist I have
-2.8(-2.8/1) -- [EMAIL PROTECTED]|ip=none
-2.7(-2.7/4) -- [EMAIL PROTECTED]|ip=none
-1.7(-1.7/3) -- [EMAIL PROTECTED]|ip=none
-2.3
-Original Message-
From: Federico Giannici [mailto:[EMAIL PROTECTED]
Sent: woensdag 15 november 2006 10:31
To: users@spamassassin.apache.org
Subject: Bayes column 'token'
Last week we migrated our bayes DB from DBM to MySQL.
Now we have upgraded our MySQL server from version
This should be fixed if you install SA 3.1:
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=3236
Leon Kolchinsky wrote:
Hi,
My server runs with static IP and have a legitimate MX record.
Squirrelmail runs on the same mail server.
So I don't think that this is the problem.
Regards,
Marc Perkel wrote:
Got a strange problem with spamd that started on it's own. Processes are
backing up - but spamd seems to be stuck not processing them or taking a
very long time. Still have free memory and processor loads are not that
high. It's as if spamd is waiting on something that isn't
So I'm trying to send information about issues to the list but it's
being flagged as spam.
dev@spamassassin.apache.org:
140.211.11.133 failed after I sent the message.
Remote host said: 552 spam score (14.2) exceeded threshold
Robert Nicholson wrote:
So I'm trying to send information about issues to the list but it's
being flagged as spam.
dev@spamassassin.apache.org:
140.211.11.133 failed after I sent the message.
Remote host said: 552 spam score (14.2) exceeded threshold
Generally, that's caused by posting a
It is probably this header generated by SquirrelMail that is causing the
problem.
Received: from 217.132.226.2
(SquirrelMail authenticated user ronits)
by mail.mydomain.ac.il with HTTP;
Tue, 14 Nov 2006 13:11:52 +0200 (IST)
I'm not really sure what the solution is
Greetings,
Ive been
receiving a number of spam lately that are being correctly identified as spam
by SA, however the subject line is not being rewritten. I have noticed that
there are two subject lines and the X-Spam-Prev-Subject header
states non existent. Below is part of one of the
Andrew Hawthorne wrote:
Greetings,
I’ve been receiving a number of spam lately that are being
correctly identified as spam by SA, however the subject line is not
being rewritten. I have noticed that there are two subject lines and
the ‘X-Spam-Prev-Subject’ header states non
Question, since you only quoted some of the headers.. is there a blank
line anywhere in the headers before the subject header?
There are no blank lines... anything else I should check? I attempted to
send all the headers and the email was bounced back to me because it was too
spammy *grin*.
Mark wrote:
-Original Message-
From: Federico Giannici [mailto:[EMAIL PROTECTED]
Sent: woensdag 15 november 2006 10:31
To: users@spamassassin.apache.org
Subject: Bayes column 'token'
Last week we migrated our bayes DB from DBM to MySQL.
Now we have upgraded our MySQL server from
-Original Message-
From: Federico Giannici [mailto:[EMAIL PROTECTED]
Sent: woensdag 15 november 2006 17:42
To: Mark
Cc: users@spamassassin.apache.org
Subject: Re: Bayes column 'token'
Well, bayes_mysql.sql does not specify collation; so, like
you said, the collation will be
Karl Auer wrote:
On Tue, 2006-11-14 at 09:58 -0500, Peter H. Lemieux wrote:
body __HAS_PENETRATION /\bpenetration\b/i
I think a lot of rules would be better for losing the word boundaries.
Very few of the worst four letter words, are ever legitimate
substrings, either.
Hi,
you have to configure your /etc/amavisd.conf file as well for all those
virtual domains!
@local_domains_maps = ( [.$mydomain],
qw( virt-dom1, virt-dom2,
virt-dom3, virt-dom4
) );
I am pretty sure that your
Platform: fedora core 4
spamd version: 3.0.6
spamd invoked: runs as a service
Greetings,
Spamasassin is a great product and has been very
useful to us. However I would like to ask what maintenance should/can be done to
have spamd work more effectively (i.e. filter out more spam). Currently
On Tue, Nov 14, 2006 at 08:40:36PM -0500, Matt Kettler wrote:
That's the un-scored parent rule that causes the DNS query. There are
two child rules that don't perform a DNS lookup, they just use the
results fetched by the rule above.
The Two scored rules are *DIRECTLY* below the rule above
Hi everyone,
I'm not sure if this question should go to this list , my apologies if that
is the case.
My setup is as follows;
BSD box gets all incoming SMTP traffic, then forwards to exchange server- no
mailbox per say holds any mail-
My goal is to is have one email address bounces@ , which
Dmitri wrote:
Platform: fedora core 4
spamd version: 3.0.6
spamd invoked: runs as a service
Greetings,
Spamasassin is a great product and has been very useful to us. However I
would like to ask what maintenance should/can be done to have spamd work
more effectively (i.e. filter out more
I am trying to go through and remove some of the DNSBL lookups that are
being performed. I have found previous posts that state just set the
meta rule to a score of 0 to disable. I have also found previous posts
that state only these evals are performing lookups: check_rbl,
check_rbl_txt and
Payal Rathod wrote:
On Tue, Nov 14, 2006 at 08:40:36PM -0500, Matt Kettler wrote:
That's the un-scored parent rule that causes the DNS query. There are
two child rules that don't perform a DNS lookup, they just use the
results fetched by the rule above.
The Two scored rules are *DIRECTLY*
Richard Frovarp writes:
I am trying to go through and remove some of the DNSBL lookups that are
being performed. I have found previous posts that state just set the
meta rule to a score of 0 to disable. I have also found previous posts
that state only these evals are performing lookups:
just tried typing in sa-update and it said it wasn't a valid command, I
downloaded some rules yesterday for the stock spam and that worked great.
will my SpamAssassin database get erased upon upgrade to the new version?
Thanks,
Dmitri
- Original Message -
From: Stuart Johnston [EMAIL
On the FuzzyOCR list (devel-spam) there was a question about OCR of
remote images vs. embedded images.
I ased there but didn't think to ask here:
Does SA check URIBLs on IMG tags with remote sources?
e.g. IMG src=http://known.spammer.com/gibberish.jpg;
--
John Hardin KA7OHZ
Jean-Paul Natola wrote:
Hi everyone,
I'm not sure if this question should go to this list , my apologies if that
is the case.
My setup is as follows;
BSD box gets all incoming SMTP traffic, then forwards to exchange server- no
mailbox per say holds any mail-
My goal is to is have one email
Dmitri wrote:
just tried typing in sa-update and it said it wasn't a valid command, I
downloaded some rules yesterday for the stock spam and that worked great.
sa-update is part of 3.1.
will my SpamAssassin database get erased upon upgrade to the new version?
Do you mean the Bayes
For your amusement. A spam arriving here today from Taiwan reads:
Dear Sir/Madam,
We learnt your e-mail add.from internet.
FIRST OF ALL,PLEASE KINDLY NOTE THIS E-MAIL IS SENT BY
OUR ADVERTISING COMPANY AND THE E-MAIL ADDRESS IS
NOT REAL(VIRTUAL),THEREFORE,PLEASE CONTACT US
VIA FAX OR
-Original Message-
My goal is to is have one email address bounces@ , which can have a
different
score threshold than the system- in other words , anything that now comes
in
and scores higher than 6.0 is considered spam and rejected- I would like
to
have bounces@ set to lets say
If it is a real fax number of teh spammers maybe we should have a DoS on
there fax machine.
This is send from a fax at a post office. Please remove us from your
mailing or we will ask it again with 100 sheets of paper.
This must be send in reverse color so they are using a toner per day for
there
Jean-Paul Natola wrote:
My goal is to is have one email address bounces@ , which can have a different
score threshold than the system- in other words , anything that now comes in
and scores higher than 6.0 is considered spam and rejected- I would like to
have bounces@ set to lets say 12.0
Peter H. Lemieux wrote:
For your amusement. A spam arriving here today from Taiwan reads:
Sorry, I didn't intend to attach the whole message.
Peter
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
John D. Hardin wrote:
On the FuzzyOCR list (devel-spam) there was a question about OCR of
remote images vs. embedded images.
I ased there but didn't think to ask here:
Does SA check URIBLs on IMG tags with remote sources?
e.g. IMG
-Original Message-
From: Peter H. Lemieux [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 15, 2006 2:24 PM
To: Jean-Paul Natola
Cc: users@spamassassin.apache.org
Subject: Re: different threshold for one address
Jean-Paul Natola wrote:
My goal is to is have one email address
http://www.spamhaus.org/zen/
steve linford of spamhaus has recommended that people switch now:
Is there any reason not to change?
None, I advise everyone to change now.
The SBL-XBL zone will continue to exist for some time but will not of
course contain the new PBL DNSBL and will not contain
Is there any automatic way (using a script), to extract the
Reverse DNS hostname for the host that delivered the message to
my network?
The top Received header should contain the server you received the
message from. That's the one that needs to go in the whitelist_from_rcvd
line.
Bret
snowcrash+spamassassin writes:
http://www.spamhaus.org/zen/
steve linford of spamhaus has recommended that people switch now:
Is there any reason not to change?
None, I advise everyone to change now.
The SBL-XBL zone will continue to exist for some time but will not of
course
i presume this will have effects on the SBL- XBL- related rules here.
probably nothing too serious though ;)
just some renaming, i'd guess.
Where did he mention this, as a matter of interest?
in the n.a.n.a.e. loony-bin, of course. :-)
snowcrash+spamassassin writes:
i presume this will have effects on the SBL- XBL- related rules here.
probably nothing too serious though ;)
just some renaming, i'd guess.
Where did he mention this, as a matter of interest?
in the n.a.n.a.e. loony-bin, of course. :-)
in the n.a.n.a.e. loony-bin, of course. :-)
eek, I'm not reading _that_ ;)
:-D
i kept kill-filing so much of nanae in my reader that finally it was
just easier to killfile *, and whitelist Linford.
he pops up there with some useful info every once in awhile :-)
On Wed, Nov 15, 2006 at 11:18:07AM -0700, Dmitri wrote:
just tried typing in sa-update and it said it wasn't a valid command, I
downloaded some rules yesterday for the stock spam and that worked great.
What version are you running? You need 3.1.1 or later for updates.
--
Randomly Selected
On Wed, Nov 15, 2006 at 10:27:00AM -0800, John D. Hardin wrote:
Does SA check URIBLs on IMG tags with remote sources?
e.g. IMG src=http://known.spammer.com/gibberish.jpg;
Of course.
--
Randomly Selected Tagline:
Was there a category of insurance for having your boat stolen by an
unded
Jean-Paul Natola wrote:
I currently use the local.cf for whitelisitng located in
/usr/local/etc/mail/spamassassin
Is it ok to create that rule in that file?
SA reads rules from any *.cf files it finds in ../etc/mail/spamassassin.
Since I have dozens of custom rules, I find it easier to
On Wed, 15 Nov 2006, Peter H. Lemieux wrote:
Peter H. Lemieux wrote:
For your amusement. A spam arriving here today from Taiwan reads:
Sorry, I didn't intend to attach the whole message.
Eh, it's not too big a problem. I added it to my spambox for bayes to
chew on... :)
--
John Hardin
Has anyone besides me noticed a huge increase in spam in the past 3 or 4
days? My 80 -100/day has gone to over 400/day since Monday. The top
sources here are:
Report date: Tue Nov 14 21:40:35 CST 2006
Total spams: 455
Total ASNs: 166
Rank Cum % Pct Spams ASN Description
Payal Rathod wrote:
On Tue, Nov 14, 2006 at 08:40:36PM -0500, Matt Kettler wrote:
That's the un-scored parent rule that causes the DNS query. There are
two child rules that don't perform a DNS lookup, they just use the
results fetched by the rule above.
The Two scored rules are
On Fri, 10 Nov 2006, Tony Finch wrote:
They have a forged Received: line which has a by field containing the
domain of the recipient address, a for field which matches the From:
header, and an id field of the form XX-XX-XX (similar to Exim's
queue IDs, though Exim IDs are always
Hello,
Although check_whitelist --clean removes entries from the auto whitelist
database, it does not compact the file, at least on my system (latest
SpamAssassin on debian unstable, perl 5.8.8, DB_File 1.814).
A minor modification of the check script that ties a new Berkley db and
copies the
On Wed, Nov 15, 2006 at 11:14:12PM -0600, David B Funk wrote:
You're trying too hard.
Look at that 'Date:' header, they've got a bogus time-zone value.
It's syntactically RFC-2822 correct but nonsense.
(One of my favorites was -0480 ;)
Simple rule, so far no FPs:
# bogus timzones in
Am Donnerstag, 16. November 2006 02:38 schrieb Chris:
Has anyone besides me noticed a huge increase in spam in the past 3 or 4
days? My 80 -100/day has gone to over 400/day since Monday.
Yes,
I did see the same since Monday. Increase of SA positives of 100% and also a
increase of false
Hi
For add a new personnal rbl list, i can use:
into /etc/mail/spamassassin/
i add a 99_Private_Rbl
and into i put:
uridnsbl PRIVATE_RBL sbl.spamhaus.org. TXT
body PRIVATE_RBL eval:check_uridnsbl('PRIVATE_RBL')
describe PRIVATE_RBL Contains an URL
Noc Phibee a écrit :
Hi
For add a new personnal rbl list, i can use:
into /etc/mail/spamassassin/
i add a 99_Private_Rbl
and into i put:
uridnsbl PRIVATE_RBL sbl.spamhaus.org. TXT
body PRIVATE_RBL eval:check_uridnsbl('PRIVATE_RBL')
describe PRIVATE_RBL
55 matches
Mail list logo
