From: Wil Decius [EMAIL PROTECTED]
Sent: Sunday, 2008, July 13 18:20
if mail contains Received headers indicating that mail was forwarded by a
trusted hop (a hop is not necessarily a box. it may be a proxy, an MTA
instance, ... etc), then addresses may have been rewritten and are thus
On Fri, 2008-07-11 at 07:06 -0700, Wil Decius wrote:
I'm trying to get Spamassassin local configuration setup to
whitleist-by-SPF. The box, as delivered to me, runs Debian with
spamassassin -V
SpamAssassin version 3.2.5-r609689
running on Perl version 5.8.8
In local.cf I've
From: jdow [EMAIL PROTECTED]
Sent: Monday, 2008, July 14 01:18
From: Wil Decius [EMAIL PROTECTED]
Sent: Sunday, 2008, July 13 18:20
if mail contains Received headers indicating that mail was forwarded by
a
trusted hop (a hop is not necessarily a box. it may be a proxy, an MTA
instance, ...
On 10.07.08 13:49, Kathryn Kleinschafer wrote:
I have some spam coming into the system that seems to be only going to a
couple of domains.
The bayes confidence is 0-1% for the spam so it is getting a -2.6. It is
hitting on the following rules
-2.60 BAYES_00Bayesian spam
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Kathryn Kleinschafer schrieb:
| Am I supposed to reload a service or is there something else I have
missed?
Yes, every change to a *.cf or *.pre file requires a restart of spamd
(as opposed to the standalone spamassassin binary, which will read
Answering my own observation this seems to work with my fetchmail based
system:
always_trust_envelope_sender 1
Adding that line to my local.cf has no apparent effect -- at least on
messages from the sender. They're still Passing SPF, but NOT getting
whitelisted.
Bill Randle wrote:
On Sun, 2008-07-13 at 16:52 -0500, Chris wrote:
Bowie, you wrote this script back in 2006, I've been running it
since back in Aug 0f 2006 and today just noticed something. The
addition doesn't seem to be quite right. For instance:
FreeMail.cf:
Rule Name
On Mon, Jul 14, 2008 at 06:08:30AM -0700, Wil Decius wrote:
Answering my own observation this seems to work with my fetchmail based
system:
always_trust_envelope_sender 1
Adding that line to my local.cf has no apparent effect -- at least on
messages from the sender. They're still
Hi,
for a mail server running email for multiple domains what is the
typical/recommended way to collect emails which arent detected as spam to be
processed by sa-learn? Users are downloading mail via POP3, so once a users
sees a mail and decides that it is in fact spam its already been
May I suggest that the test for reply_to and email addresses in the body
of the email be separate routins and separate rules and separate scores.
Also perhaps there should be a rule to see if the from is freemail but
no freemail in received headers. For example, from is yahoo.com but no
yahoo
Try adding
envelope_sender_header Return-Path
I added that as well -- no difference.
Using the manual debug output from above, I noticed,
[7562] dbg: spf: def_whitelist_from_spf: [EMAIL PROTECTED] is
not in DEF_WHITELIST_FROM_SPF
[7562] dbg: spf: whitelist_from_spf: [EMAIL PROTECTED] is not
On Friday 11 July 2008 17:29, andys wrote:
Hi,
Hello,
for a mail server running email for multiple domains what is the
typical/recommended way to collect emails which arent detected as spam to
be processed by sa-learn? Users are downloading mail via POP3, so once a
users sees a mail and
On Mon, 2008-07-14 at 15:48 +0200, Stefan Jakobs wrote:
On Friday 11 July 2008 17:29, andys wrote:
for a mail server running email for multiple domains what is the
typical/recommended way to collect emails which arent detected as spam to
be processed by sa-learn? Users are downloading
On Mon, 2008-07-14 at 06:49 -0700, Wil Decius wrote:
[7562] dbg: spf: whitelist_from_spf: [EMAIL PROTECTED] is not
in user's WHITELIST_FROM_SPF
^^^
but checking again in local.cf
grep technologyladder.com local.cf
whitelist_from_spf [EMAIL PROTECTED]
Apparently that's
On Monday 14 July 2008 16:27, John Hardin wrote:
On Mon, 2008-07-14 at 15:48 +0200, Stefan Jakobs wrote:
On Friday 11 July 2008 17:29, andys wrote:
for a mail server running email for multiple domains what is the
typical/recommended way to collect emails which arent detected as spam
Are you sure you're checking the correct config file?
Yes. From the debug output,
[7596] dbg: config: using /etc/mail/spamassassin for site rules dir
[7596] dbg: config: read file /etc/mail/spamassassin/local.cf
Which is the file I'm editing.
In any case, other changes to it get picked up
andys escribió:
Hi,
for a mail server running email for multiple domains what is the
typical/recommended way to collect emails which arent detected as spam
to be processed by sa-learn? Users are downloading mail via POP3, so
once a users sees a mail and decides that it is in fact spam its
Hi,
for a mail server running email for multiple domains what is the
typical/recommended way to collect emails which arent detected as spam to
be processed by sa-learn? Users are downloading mail via POP3, so once a
users sees a mail and decides that it is in fact spam its already been
removed
andys wrote:
Hi,
for a mail server running email for multiple domains what is the
typical/recommended way to collect emails which arent detected as spam to
be processed by sa-learn? Users are downloading mail via POP3, so once a
users sees a mail and decides that it is in fact spam its already
On Mon, 2008-07-14 at 08:14 -0700, Wil Decius wrote:
Are you sure you're checking the correct config file?
Yes. From the debug output,
[7596] dbg: config: using /etc/mail/spamassassin for site rules dir
[7596] dbg: config: read file /etc/mail/spamassassin/local.cf
Which is the file
On Mon, 2008-07-14 at 12:16 -0400, DAve wrote:
andys wrote:
Hi,
for a mail server running email for multiple domains what is the
typical/recommended way to collect emails which arent detected as spam to
be processed by sa-learn? Users are downloading mail via POP3, so once a
users
That's the sitewide config file, though, and the debug output explicitly
says [EMAIL PROTECTED] is not in user's
WHITELIST_FROM_SPF.
Ok. I'm not sure what to do about that -- I'm only reporting what I see.
There is only ONE local.cf on this box.
Hello to all...
Due to social engineering attacks, we have a real for simple rule that'll
add score based on number of recipients on our outgoing servers. I tried to
find something like that in standard SA rules, but didn't see anything...
Has anyone on this least done that? Any standard rule
This was probably discussed at some point, but I haven't been getting emails
from the list for some time.
The dates I see on all my sare rule sets are in January when I moved to
3.2.4. My updates_spamassassin_org.cf file is dated June 17.
I debugged saupdate and this appears correct. But
From: John Hardin [EMAIL PROTECTED]
Sent: Monday, 2008, July 14 09:30
On Mon, 2008-07-14 at 08:14 -0700, Wil Decius wrote:
Are you sure you're checking the correct config file?
Yes. From the debug output,
[7596] dbg: config: using /etc/mail/spamassassin for site rules dir
[7596] dbg:
jdow wrote:
From: John Hardin [EMAIL PROTECTED]
Sent: Monday, 2008, July 14 09:30
On Mon, 2008-07-14 at 08:14 -0700, Wil Decius wrote:
Are you sure you're checking the correct config file?
Yes. From the debug output,
[7596] dbg: config: using /etc/mail/spamassassin for site rules dir
It's REALLY shooting in the dark beause it indicates a possibly broken
parser, but, I'm inclined to suggest that as quoted he has a lead blank
in front of his whitelist_from_spf entry.
I'd also retype it to make sre there are no messed up characters line
a 0xa0 space in there. (I also found
John Hardin wrote:
On Mon, 2008-07-14 at 12:16 -0400, DAve wrote:
andys wrote:
Hi,
for a mail server running email for multiple domains what is the
typical/recommended way to collect emails which arent detected as spam to
be processed by sa-learn? Users are downloading mail via POP3, so once
Hi,
I might have hitten a bug in the way SA parses out the original SMTP host.
I send and email from my mail client (to myself) through the SMTP server of
GMX. SA thinks the Mail was sent directly from my computer (i.e. my
dsl-routers IP) without using GMXs SMTP server.
SPF_FAIL, RCVD_IN_PBL
Tom Fernandes wrote:
Hi,
I might have hitten a bug in the way SA parses out the original SMTP host.
I send and email from my mail client (to myself) through the SMTP server of
GMX. SA thinks the Mail was sent directly from my computer (i.e. my
dsl-routers IP) without using GMXs SMTP server.
Has anyone determined if ASN information is useful in determining if a
message is/is not spam?
-Original Message-
From: Marc Perkel [mailto:[EMAIL PROTECTED]
Sent: Monday, July 14, 2008 3:55 PM
To: users@spamassassin.apache.org
Subject: Is ASN information useful?
Has anyone determined if ASN information is useful in determining if a
message is/is not spam?
Apparently
On Mon, 14 Jul 2008, Wil Decius wrote:
Try adding
envelope_sender_header Return-Path
I added that as well -- no difference.
Using the manual debug output from above, I noticed,
[7562] dbg: spf: def_whitelist_from_spf: [EMAIL PROTECTED] is
not in DEF_WHITELIST_FROM_SPF
[7562] dbg:
On Jul 14, 2008, at 13:01, Skip Brott [EMAIL PROTECTED] wrote:
This was probably discussed at some point, but I haven't been
getting emails from the list for some time.
The dates I see on all my sare rule sets are in January when I moved
to 3.2.4. My updates_spamassassin_org.cf file is
Just for SGs, try changing that whitelist_from_spf [EMAIL PROTECTED]
to a def_whitelist_from_spf [EMAIL PROTECTED]
That made some sense to me to try! But, unfortunately, still no change.
One other possibility, it may be due to issues parsing the
Received: header that your MTA adds. It
Hi,
On Monday, 14. July 2008, mouss wrote:
Tom Fernandes wrote:
Hi,
I might have hitten a bug in the way SA parses out the original SMTP
host. I send and email from my mail client (to myself) through the SMTP
server of GMX. SA thinks the Mail was sent directly from my computer
(i.e.
Marc Perkel schrieb:
Has anyone determined if ASN information is useful in determining if a
message is/is not spam?
Unfortunately, it does not seem to be *that* useful:
http://matthias.leisi.net/archives/176-Where-does-your-spam-come-from.html
-- Matthias
I just enabled DKIM. It sort of works.
I get this error when I run a scan but not for lint:
[5340] warn: Use of uninitialized value in string eq at
/usr/lib/perl5/site_perl/5.8.8/Mail/DomainKeys/Key/Public.pm line 67.
init.pre now contains
# DKIM pligin
#
loadplugin
Tom Fernandes wrote:
[snip]
Not sure if I get your right. The way of the mail is the following:
MUA (kmail) - GMXs SMTP Server - GMX forwards it from [EMAIL PROTECTED] to
[EMAIL PROTECTED] (I have set it like this in my account preferences at
GMX) - fdm (which is a similar to fetchmail)
jdow wrote:
I just enabled DKIM. It sort of works.
I get this error when I run a scan but not for lint:
[5340] warn: Use of uninitialized value in string eq at
/usr/lib/perl5/site_perl/5.8.8/Mail/DomainKeys/Key/Public.pm line 67.
This is DomainKeys, not DKIM. The DKIM module supports both
At 15:14 14-07-2008, Matthias Leisi wrote:
Unfortunately, it does not seem to be *that* useful:
I've seen some ASNs sending spam only but I don't use that as a rule
as it will catch some good mail over time. As you mentioned, the
volume also depends on the size of the ASN. BTW, you won't
From: mouss [EMAIL PROTECTED]
Sent: Monday, 2008, July 14 15:39
jdow wrote:
I just enabled DKIM. It sort of works.
I get this error when I run a scan but not for lint:
[5340] warn: Use of uninitialized value in string eq at
/usr/lib/perl5/site_perl/5.8.8/Mail/DomainKeys/Key/Public.pm line
Hi,
On Tuesday, 15. July 2008, mouss wrote:
Tom Fernandes wrote:
[snip]
Not sure if I get your right. The way of the mail is the following:
MUA (kmail) - GMXs SMTP Server - GMX forwards it from
[EMAIL PROTECTED] to [EMAIL PROTECTED] (I have set it like this in my
account preferences
On Monday 14 July 2008 2:55 pm, Marc Perkel wrote:
Has anyone determined if ASN information is useful in determining if a
message is/is not spam?
Don't know about useful this is, but I can get a report any time of guilty
ASN's from the SpamTools scripts I run. Below is the top 10 spamming ASN's
On Mon, 2008-07-14 at 14:11 -0400, DAve wrote:
John Hardin wrote:
On Mon, 2008-07-14 at 12:16 -0400, DAve wrote:
andys wrote:
for a mail server running email for multiple domains what is the
typical/recommended way to collect emails which arent detected as spam to
be processed by
45 matches
Mail list logo