Giampaolo Tomassoni wrote:
From: Miles Fidelman [mailto:[EMAIL PROTECTED]
Dan wrote:
I've developed a new approach to scoring that I want to 1) share with
everyone and 2) make into a working system thats as accurate as what
I've already built, but easier to use. First, the theory:
NEW
On Saturday 10 February 2007, Dan wrote:
On Feb 10, 2007, at 14:38, Mathieu Bouchard wrote:
How do you ever find FPs if you have so many TP to sort through
that it's not even worth sorting through FP+TP to find the FP ?
IMHO, that'd be why we assume that mails are ham rather than assume
Long-time SpamAssassin users with a good memory might recall back in
SpamAssassin 2.4x, we included quite a few ham-targeting rules, such as
was this sent using User-Agent: Mozilla?, is this formatted like a
reply to a previous message?, does it include headers from a mailing
list? and is it
could you help me in switch to per-user filtering.
On Sun, 11 Feb 2007, Theo Van Dinter wrote:
On Sun, Feb 11, 2007 at 11:36:56AM +, sushma wrote:
Spam mail originated to list of user, if one user in whitelist_to
then score will be neagtive so all other user also get that spam
On Sun, 11 Feb 2007, sushma wrote:
I can't shift to per-user filtering, could you please explain more about
this statement don't filter based on the scan results.
could you help me in switch to per-user filtering.
On Sun, 11 Feb 2007, Theo Van Dinter wrote:
On Sun, Feb 11, 2007 at
No doubt that spammers watching this list.
They update their tactics right after a solution is posted here
I got this today im several mail address, and most of them got 4-5 score:
Original Message
From: - Sun Feb 11 22:15:22 2007
X-Account-Key: account29
X-UIDL:
Can anybody tell me why the argument is passed for raw tests and then
subsequently ignored later?
# generic test version
sub check_for_mime {
my ($self, undef, $test) = @_;
$self-_check_attachments unless exists $self-{$test};
return $self-{$test};
}
for instance the body array goes
Rich Winkel wrote:
For a particular user, I'm finding no correlation between his whitelist_from's
in user_prefs and the whitelist status as reported in incoming messages.
I see messages with no USER_IN_WHITELIST when both the From and From:
addresses
match a whitelist_from line in the
There are some cases, that it is desired to match part a value from a
header, to another value somewhere else.
Is there a way for SA to retain the value matched in a RE like $1/$2
matching parentheses, so that it might be used later (or at least in the
next rule)?
-Raul Dias
Can anybody tell me if this looks at meta tag content types as in?
meta http-equiv=3DContent-Type content=3Dtext/html; charset=3Deuc-
kr
likewise is this considered excessive quoted printable chars?
Illegal chars gets this one but if they weren't used none of the
charset/illegal rules
On Feb 10, 2007, at 3:19 PM, Giampaolo Tomassoni wrote:
From: Tom Allison [mailto:[EMAIL PROTECTED]
Personally, I think HTML email should be outright discarded from
the start.
If you look at this arguement presented by the OP then it
reinforces the idea
that most ascii is ham and most html is
From: tom [mailto:[EMAIL PROTECTED]
On Feb 10, 2007, at 3:19 PM, Giampaolo Tomassoni wrote:
From: Tom Allison [mailto:[EMAIL PROTECTED]
Personally, I think HTML email should be outright discarded from
the start.
If you look at this arguement presented by the OP then it
reinforces
On Sun, Feb 11, 2007 at 06:32:06PM +, sushma wrote:
I can't shift to per-user filtering, could you please explain more about
this statement don't filter based on the scan results.
It essentially means that if you want some users to receive mails that other
users shouldn't, and you want
On Sat, Feb 10, 2007 at 08:22:41PM +, Nigel Frankcom wrote:
What do Theo, Matt Co have to say? They've been doing this a lot
longer than us.
Unless I'm missing something, this approach is the standard block
everything except for what we explicitly want to receive. Which is
great, if you
Raul Dias wrote:
There are some cases, that it is desired to match part a value from a
header, to another value somewhere else.
Is there a way for SA to retain the value matched in a RE like $1/$2
matching parentheses, so that it might be used later (or at least in the
next rule)?
No,
I enabled the DK/DKIM plugins in my SA 3.1.7 setup and I see that the
default scores for their tests are negligible, presumably because
they're still a bit experimental.
Is anyone using these and can suggest appropriate scores for these
plugins, or are these really just too unripe for serious
Apologies if this has been answered before or anything, but where/how
are you generating those stats?
I'm not using SA with SQL so I'm not sure if it will work for me, but
those I like!
Stats in question: http://www.blue-canoe.com/stats/index.php?D1=11
Kind Regards,
Philip Seccombe
Turnstone
Alexis Manning wrote:
I enabled the DK/DKIM plugins in my SA 3.1.7 setup and I see that the
default scores for their tests are negligible, presumably because
they're still a bit experimental.
Is anyone using these and can suggest appropriate scores for these
plugins, or are these really just
On Sun, Feb 11, 2007 at 08:07:28AM -0600, Robert Nicholson wrote:
Can anybody tell me why the argument is passed for raw tests and then
subsequently ignored later?
The argument is passed because it's a standard call for an eval rule, but the
eval code doesn't need the information.
Since
On Sun, 2007-02-11 at 15:49 -0500, Matt Kettler wrote:
Raul Dias wrote:
There are some cases, that it is desired to match part a value from a
header, to another value somewhere else.
Is there a way for SA to retain the value matched in a RE like $1/$2
matching parentheses, so that it
[EMAIL PROTECTED] says...
Alexis Manning wrote:
[DK/DKIM plugins]
Is anyone using these and can suggest appropriate scores for these
plugins, or are these really just too unripe for serious use at the
moment?
Why don't you keep an eye on the activity for those scores and then decide?
On 10 Feb 2007 at 11:43, Dan wrote:
I've developed a new approach to scoring that I want to 1) share with
everyone and 2) make into a working system thats as accurate as what
I've already built, but easier to use. First, the theory:
[...]
NEW SITUATION
Ham is now the tiniest minority of
Alexis,
I enabled the DK/DKIM plugins in my SA 3.1.7 setup and I see that the
default scores for their tests are negligible, presumably because
they're still a bit experimental.
Is anyone using these and can suggest appropriate scores for these
plugins, or are these really just too unripe
Yesterday I described an unorthodox approach to email filtering and
generated both interest and confusion. Hopefully by describing it
further, I can create understanding. Below is my design and at the
bottom a question, but first, a summary of points:
1) I created confusion by starting
On Sun, 11 Feb 2007, Rizal Ferdiyan wrote:
My smtp proxy server serve many mail server client. My client
build many server with their own, so that server contain two mbox
format, mailbox or maildir. But i don't have access for that mail
server client. That for i want my client forward spam
Dear All
I'm having trouble blok a few yahoogroups milist
i want blok this milist
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
but i did'nt want to blok this milist
[EMAIL PROTECTED]
how to set that rule ?
i'v tried setting in badmailfrom but did'nt work cause
Can you blacklist @ returns.groups.yahoo.com and then whitelist
[EMAIL PROTECTED] or something?
I'm not sure how the yahoo groups work, but is the reply address
specific to each group or does it get sent from the person to the group
address like this list?
Kind Regards,
Philip Seccombe
I have seen a lot of buzz around FuzzyOCR lately but by looking at its
web site it shows that the project started only last month. Is this
tool really advisable on a serious system?
PM
You could use e-mail property of yahoogroups mailling such as,
List-Unsubscribe, List-Post or Mailing-List. Set score for each
property
-- Forwarded message --
Subject: RE: How to block yahoogroups?
Date: Mon, 12 Feb 2007 16:15:53 +1300
Message-ID:
[EMAIL PROTECTED]
From:
Hey Dan,
I've read most of the e-mails on this topic and I think the underlying
problem is that this method relies on knowing exactly which profiles
(i.e. combinations of rules) valid ham can hit.
I see a number of problems:
- How do we actually generate the profiles that are to be considered
[EMAIL PROTECTED] says...
[...] some mailing list also corrupt signatures,
and some people use gmail/yahoo sending address even when posting
through some other ISP. Before this practice is rooted out,
one should probably not score invalid signature from these
two domains too harshly.
Thanks
Peter wrote:
I have seen a lot of buzz around FuzzyOCR lately but by looking at its
web site it shows that the project started only last month.
Wrong, if you mean the timeline shown that's because the _ticket_system_ is new,
the project is at least a year old, the current _website_ is about 6
32 matches
Mail list logo