http://wtogami.livejournal.com/33674.html
If you use spamassassin on Fedora or RHEL5, please see my blog post for
RPM packages and distro-specific notes.
quote
* STOP USING SARE or OpenProtect. They died a long time ago. Some of
their rules are dangerous or redundant. Many of the
Spamassassin List wrote on Thu, 28 Jan 2010 16:24:27 +0800:
So how do I stop using sare or openprotect?
remove the rules?
remove the channels?
I suppose you know if you use them or not, do you?
Kai
--
Get your web at Conactive Internet Services: http://www.conactive.com
John Wilcock wrote on Thu, 28 Jan 2010 08:31:07 +0100:
Presumably because you didn't run sa-update while the ruleset was
missing from the update...
Hm, it *is* missing. But maybe not from the compiled rules, well.
Kai
--
Get your web at Conactive Internet Services: http://www.conactive.com
jida...@jidanni.org wrote on Thu, 28 Jan 2010 09:34:46 +0800:
thanks to you guys and no one else.
Boy, *you* have a problem, and this is not with SA, get some help, good
bye. Please stop further spamming this list with your garbage.
Kai
--
Get your web at Conactive Internet Services:
So how do I stop using sare or openprotect?
remove the rules?
remove the channels?
I suppose you know if you use them or not, do you?
Yes I am using it. Since the blog advise to stop using it,
thus I am wondering how do I do so? I had remove the sa-update
from my crontab. Do I need to
On 28/01/2010 01:34, jida...@jidanni.org wrote:
Long ago, I tried mailing directly direct-to-mx style, but that of
course didn't work, e.g., http://www.spamhaus.org/pbl/query/PBL109625
So only 5% of my mail got through.
So then I tried mailing through The ISP Here, Hinet.Net's SMTP server,
but
Spamassassin List wrote on Thu, 28 Jan 2010 18:38:21 +0800:
I had remove the sa-update
from my crontab.
You have to keep using sa-update! Just not these channels!
Do I need to remove all those dostech_net.cf
files?
Of course. You have to remove everything from
From: Mike Cardwell spamassassin-us...@lists.grepular.com
Sent: Thursday, 2010/January/28 03:09
On 28/01/2010 01:34, jida...@jidanni.org wrote:
However I can't shake off the Original Sin of Being in Taiwan. All
people with Taiwan Colored Skin will have points deducted, no matter
what. We use
Of course. You have to remove everything from
/var/lib/spamassassin/3.003000 that you do not want to use. As an example,
that is what remains here:
Thank you
Hello,
I've got a few mails that were tagged with FORGED_MUA_OIMO
Seems those email were sent from Sympatico's Webmail
The rule that is triggering the score is located in 20_ratware.cf
Mails are scanned by two different servers on my setup, 1st is a Qmail+SA
setup, then an MDaemon
Since upgrading to SA 3.3.0, botnet (version 0.8) is showing a false
positive on every email I receive via IPv6.
On Wed, 27 Jan 2010, ram wrote:
On Wed, Jan 27, 2010 at 9:54 AM, John Hardin jhar...@impsec.org wrote:
On Wed, 27 Jan 2010, ram wrote:
it works, but i see most of the mails are tagged as SPAM.
A little more detail, please: Are you complaining about seeing lots of
false positives? Or are
jida...@jidanni.org wrote:
MM == Michael Mansour m...@npgx.com.au writes:
MM Why couldn't the mailing list filters simply whitelist your email address
or
MM whitelist people automatically subscribed to the mailing list?
Yes, but that's beside the point. That is not solving the bad thing
On Thu, Jan 28, 2010 at 7:53 PM, John Hardin jhar...@impsec.org wrote:
On Wed, 27 Jan 2010, ram wrote:
On Wed, Jan 27, 2010 at 9:54 AM, John Hardin jhar...@impsec.org wrote:
On Wed, 27 Jan 2010, ram wrote:
it works, but i see most of the mails are tagged as SPAM.
A little more detail,
ram wrote:
* 3.4 FH_DATE_PAST_20XX The date is grossly in the future.
This rule started causing problems at the beginning of the year and was
fixed. Have you run sa-update to get the latest rules?
--
Bowie
On 28/01/2010 9:52 AM, Bowie Bailey wrote:
ram wrote:
* 3.4 FH_DATE_PAST_20XX The date is grossly in the future.
This rule started causing problems at the beginning of the year and was
fixed. Have you run sa-update to get the latest rules?
And don't forget to restart spamd and, if
What spam is being sent through hinet's smtp servers? I have yet to
see any connections from their mail servers. Every connection so far
has always been from subscribers' boxes trying to get me to relay mail
or trying invalid addys. What does that have to do with hinet's mail
servers?
It seems to
-Original Message-
From: Spamassassin List [mailto:spamassassinl...@gmail.com]
Sent: Thursday, January 28, 2010 12:24 AM
To: 'Warren Togami'; 'SpamAssassin Dev'; 'SpamAssassin Users List'
Subject: RE: spamassassin-3.3.0 for Fedora/RHEL
http://wtogami.livejournal.com/33674.html
On Thu, 28 Jan 2010, jida...@jidanni.org wrote:
You guys are doing something wrong.
Firstly, let's all acknowledge that the OP cross-posted to/from the SARE
mailing list, and continues to do so. Yes, there is no one on the main SA
list that is responsible for the rule, but that being said,
raq550 server
OS: strongbolt2
spamassassin.i386 0:3.2.5-1.el4
I'm trying to run:
sa-learn --spam --showdots --dir /path/to...mbox
but it fails with:
'Learned tokens from 0 message(s) (0 messages examined)'
my spam mail is in a file called mbox but when I run the above command to
the directory
On Thursday 28 January 2010 17:16:04 tonjg wrote:
spamassassin.i386 0:3.2.5-1.el4
I'm trying to run:
sa-learn --spam --showdots --dir /path/to...mbox
but it fails with:
'Learned tokens from 0 message(s) (0 messages examined)'
my spam mail is in a file called mbox but when I run the above
jida...@jidanni.org wrote:
You guys are doing something wrong. Maybe you think that every
country is like the USA or something. You blew it. Your rules are
wrong.
MM It may not be your fault you're using an ISP which is known to
MM generate spam [...] you need to complain to the ISP.
at
Michael Scheidell wrote:
which in itself has a bunged up RDNS .
Received: from [208.97.132.207] (HELO homiemail-a7.g.dreamhost.com)
(208.97.132.207)
host 208.97.132.207
207.132.97.208.in-addr.arpa domain name pointer caiajhbdccah.dreamhost.com.
if you don't follow the RFC's, you have
Adam Katz wrote:
This rule is poorly written as it does not limit its examination to
the last external relay. Were SARE accepting revisions (and assuming
I've read the intent right), it should be reworked so as to be defined
as (be wary of mail agent rewrapping):
header
ram wrote:
On Thu, Jan 28, 2010 at 8:22 PM, Bowie Bailey bowie_bai...@buc.com
mailto:bowie_bai...@buc.com wrote:
ram wrote:
* 3.4 FH_DATE_PAST_20XX The date is grossly in the future.
This rule started causing problems at the beginning of the year
and was
http://www.returnpath.net/blog/2010/01/spamassasin-rarely-misses.php
Yeah, it's partly self-serving, but that's what corporate blogs are for. The
people who read this blog are mostly marketers with very little exposure to the
open source community, so this should help them understand a bit
On 1/28/2010 5:23 PM, Adam Katz wrote:
However, as you noted earlier:
It's all because
http://www.rulesemporium.com/rules/70_sare_header1.cf
header SARE_RECV_SPAM_DOMN0b Received =~
/\bdynamic.hinet\.(?:com|net|org|info)/
describe SARE_RECV_SPAM_DOMN0b Email passed through apparent spammer
Charles Gregory wrote on Thu, 28 Jan 2010 11:08:24 -0500 (EST):
Firstly, let's all acknowledge that the OP cross-posted to/from the SARE
mailing list, and continues to do so.
He should not have done this and most of us probably didn't notice it. He
should just stop doing so and stay on the
R-Elists wrote on Thu, 28 Jan 2010 07:41:23 -0800:
by this website are you saying that we should only stop using SARE and
OpenProtect on 3.3.0 and later...
or are you saying that some of the SARE rules were put into 3.2.5 ???
Just try it out. You will find that the detection rate without
Hi,
Please reply to the list and not directly to me.
Could this be because the standard Reply, at least using gmail,
defaults to the sender not the list?
The rules in /usr/share/spamassassin are the original rules from the
install. If /var/lib/spamassassin/3.002.005 exists, those rules will
What is the output from sa-learn --dump magic ?
0.000 0 3 0 non-token data: bayes db version
0.000 0 0 0 non-token data: nspam
0.000 0 0 0 non-token data: nham
Are you sure you are running sa-learn as the
it's okay - I found the solution at:
http://spamassassin.apache.org/full/3.1.x/doc/sa-learn.html
the command needed --mbox to be included. I added this and the learning
worked.
--
View this message in context:
http://old.nabble.com/bayes-learning-%270-messages-found%27-tp27358517p27358559.html
Hi,
http://www.returnpath.net/blog/2010/01/spamassasin-rarely-misses.php
Yeah, it's partly self-serving, but that's what corporate blogs are for. The
people who read this
blog are mostly marketers with very little exposure to the open source
community, so this
should help them
On 28-Jan-2010, at 09:23, Adam Katz wrote:
This rule is poorly written as it does not limit its examination to
the last external relay. Were SARE accepting revisions (and assuming
I've read the intent right), it should be reworked so as to be defined
as (be wary of mail agent rewrapping):
Alex wrote:
Hi,
http://www.returnpath.net/blog/2010/01/spamassasin-rarely-misses.php
Yeah, it's partly self-serving, but that's what corporate blogs are for.
The people who read this
blog are mostly marketers with very little exposure to the open source
community, so this
should
On 28-Jan-2010, at 10:45, Alex wrote:
Yes, good article. A little difficult to read, though. Is there
something you're doing with the fonts to make them so light?
http://lab.arc90.com/experiments/readability/
Makes the whole Internet a much nicer place to live.
There's also this little
On 28-Jan-2010, at 10:53, Bowie Bailey wrote:
I didn't have a problem. The font is normal-size black on white for me
in both IE and Firefox (WinXP and Linux).
The text color is #333, which is a darkish grey.
--
I WILL NOT TEASE FATTY
Bart chalkboard Ep. 5F05
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
LuKreme wrote:
On 28-Jan-2010, at 10:45, Alex wrote:
Yes, good article. A little difficult to read, though. Is there
something you're doing with the fonts to make them so light?
http://lab.arc90.com/experiments/readability/
OT, but awesome. :)
On 01/28/2010 11:33 AM, J.D. Falk wrote:
http://www.returnpath.net/blog/2010/01/spamassasin-rarely-misses.php
Yeah, it's partly self-serving, but that's what corporate blogs are for. The
people who read this blog are mostly marketers with very little exposure to the
open source community, so
LuKreme wrote:
On 28-Jan-2010, at 09:23, Adam Katz wrote:
This rule is poorly written as it does not limit its examination
to the last external relay.
The rule quite specifically does not look at the top received
header because all the spammers were using US based relays to avoid
checks
Mark Martinec wrote:
If the argument is a single mbox file, precede it with a --mbox option,
not with --dir .
thanks for your response but I've got a further problem now (I think). I'm
trying to do the same thing with the ham command# sa-learn --showdots --mbox
--ham but nothing's
On 1/28/2010 1:52 PM, Warren Togami wrote:
I wasn't planning on responding to this thread, but other positive
responses have annoyed me.
This article is borderline misleading.
+1 I've been biting my tongue trying not to respond.
If what you presented in your message is actually the command you used, then it
might be looking for some input from the keyboard - you don't illustrate having
specified the particular file you want it to use following the '--mbox' option,
you have --ham in that position on the line. I have
Hi,
After upgrading to 3.3.0. I began to get an error
Jan 29 03:12:40.458 [9168] warn: plugin: failed to parse plugin (from @INC):
Can't locate Mail/SpamAssassin/Plugin/DomainKeys.pm in @INC (@INC contains:
lib /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi
Hi,
How do I remove checking with RCVD_IN_DNSWL_LOW and RCVD_IN_RP_SAFE
-0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low
trust
[67.131.25.23 listed in list.dnswl.org]
-2.0 RCVD_IN_RP_SAFERBL:
On 1/28/2010 2:25 PM, Spamassassin List wrote:
Hi,
After upgrading to 3.3.0. I began to get an error
Jan 29 03:12:40.458 [9168] warn: plugin: failed to parse plugin (from @INC):
Can't locate Mail/SpamAssassin/Plugin/DomainKeys.pm in @INC (@INC contains:
Did I missed out anything?
Just the
On 1/28/2010 2:29 PM, Spamassassin List wrote:
Hi,
How do I remove checking with RCVD_IN_DNSWL_LOW and RCVD_IN_RP_SAFE
-0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low
trust
[67.131.25.23 listed in
How do I remove checking with RCVD_IN_DNSWL_LOW and RCVD_IN_RP_SAFE
-0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/,
low
trust
[67.131.25.23 listed in list.dnswl.org]
-2.0 RCVD_IN_RP_SAFERBL: Sender is
On 1/28/2010 2:51 PM, Spamassassin List wrote:
I did reported to list.dnswl.org but there is no reporting tool for
SenderScore
Well, there is, but it has been notoriously difficult to find. Although
the rule names have changed with the release of 3.3.0, you can find
reporting information
I did reported to list.dnswl.org but there is no reporting tool for
SenderScore
Well, there is, but it has been notoriously difficult to find.
Although the rule names have changed with the release of 3.3.0, you
can find reporting information in the SA wiki.
Hi,
I'm having a problem with spamassassin 3.3.0 after doing sa-compile.
The operation didn't return any error and seems to go as usual, but
running 'spamassassin --lint' hangs, and it didn't before using
sa-compile (it doesn't after using the solution below).
I know I'm not giving enough info
On 1/28/2010 3:54 PM, René Berber wrote:
Hi,
I'm having a problem with spamassassin 3.3.0 after doing sa-compile.
The operation didn't return any error and seems to go as usual, but
running 'spamassassin --lint' hangs, and it didn't before using
sa-compile (it doesn't after using the solution
On 28.01.10 07:13, jd wrote:
What spam is being sent through hinet's smtp servers?
hard to say, however the rule in subject doesn't mention their smtp
servers...
I have yet to see any connections from their mail servers. Every
connection so far has always been from subscribers' boxes trying
On Thu, 28 Jan 2010, Alex wrote:
The font is very small (CTRL-+ helped here), but it's so light I
couldn't read it.
Stupid pet trick: Highlight the text with your mouse, and you will get
ugly, but readable white-on-blue. :)
- C
Jason Bertoch wrote:
On 1/28/2010 3:54 PM, René Berber wrote:
Hi,
I'm having a problem with spamassassin 3.3.0 after doing sa-compile.
The operation didn't return any error and seems to go as usual, but
running 'spamassassin --lint' hangs, and it didn't before using
sa-compile (it doesn't
On Thu, 2010-01-28 at 12:53 -0500, Bowie Bailey wrote:
Alex wrote:
Hi,
http://www.returnpath.net/blog/2010/01/spamassasin-rarely-misses.php
Yeah, it's partly self-serving, but that's what corporate blogs are for.
The people who read this
blog are mostly marketers with very
Charles Gregory wrote:
On Thu, 28 Jan 2010, Alex wrote:
The font is very small (CTRL-+ helped here), but it's so light I
couldn't read it.
Stupid pet trick: Highlight the text with your mouse, and you will get
ugly, but readable white-on-blue. :)
I thought I was the only one who ever
Jason Bertoch wrote:
Can you post the output of 'spamassassin -D --lint' to pastebin?
Here's the current working output: http://pastebin.com/m35634489
--
René Berber
On Thu, 2010-01-28 at 13:59 -0500, Adam Katz wrote:
SpamCop sister-site SenderBase seems to indicate at
http://www.senderbase.org/senderbase_queries/detaildomain?search_string=hinet.net
that there isn't much traffic coming from IPs whose rDNS contain
'dynamic.hinet.net' anyway, so it
Noel Butler wrote:
On Thu, 2010-01-28 at 12:53 -0500, Bowie Bailey wrote:
Alex wrote:
Hi,
http://www.returnpath.net/blog/2010/01/spamassasin-rarely-misses.php
Yeah, it's partly self-serving, but that's what corporate blogs are for.
The people who read this
blog are mostly
An organization that should be at the forefront of fighting spam has
become, through its own astonishing ineptness, a major part of the
problem.
ACM sent an email out to a mailing list of lapsed members. It turns out
the list is mal-configured. ANYBODY can reply to the list and the email
goes
From: Adam Katz antis...@khopis.com
Sent: Thursday, 2010/January/28 10:59
LuKreme wrote:
On 28-Jan-2010, at 09:23, Adam Katz wrote:
This rule is poorly written as it does not limit its examination
to the last external relay.
The rule quite specifically does not look at the top received
From: Charles Gregory cgreg...@hwcn.org
Sent: Thursday, 2010/January/28 08:08
Personally, I find racist analogies childish, and in fact, a little
offensive. But, that aside, I don't suppose it has occurred to you that
the bulk of spam coming from Taiwan may be originating with businesses in
René,
What version of re2c are you using? Can you post the output of
'spamassassin -D --lint' to pastebin?
re2c is version 0.12.1. The script sa-compile checks the version so I
don't think there's a problem there.
It hasn't been determined exactly which is the minimal working version,
I thought I was the only one who ever did that... When I get to a page I
can't read, I reach for ctrl-a. Highlights the whole page, wa la, readable.
That makes three of us, then :-)
I don't know. I just have the standard MS fonts. Now that I look more
closely, the font is gray rather than
Mark Martinec wrote:
It hasn't been determined exactly which is the minimal working version,
the 0.12 was chosen just as a version whose predecessors are known to fail.
Actually SpamAssassin 3.3.0 was tested with 0.13.5, which worked fine.
I'll try that version tonight.
Not sure which is
On 28-Jan-2010, at 11:59, Adam Katz wrote:
SpamCop sister-site SenderBase seems to indicate at
http://www.senderbase.org/senderbase_queries/detaildomain?search_string=hinet.net
that there isn't much traffic coming from IPs whose rDNS contain
'dynamic.hinet.net' anyway, so it appears they've
What whitelists are enabled in SA 3.3.0 and what's the easiest way to disable
them all?
--
YOU [humans] NEED TO BELIEVE IN THINGS THAT AREN'T TRUE. HOW ELSE CAN THEY
BECOME? --Hogfather
Hi
I normal do reply with other mailing list, when i do reply it go to the
mailing list ID as a sender
here i have not observed it is going to user. sorry for that.
On Thu, Jan 28, 2010 at 10:03 PM, Bowie Bailey bowie_bai...@buc.com wrote:
ram wrote:
On Thu, Jan 28, 2010 at 8:22 PM,
On Thu, Jan 28, 2010 at 11:11 PM, Alex mysqlstud...@gmail.com wrote:
What is the output from sa-learn --dump magic ?
0.000 0 3 0 non-token data: bayes db version
0.000 0 0 0 non-token data: nspam
0.000 0 0
Jason Bertoch wrote:
What version of re2c are you using? Can you post the output of
'spamassassin -D --lint' to pastebin?
Now using re2c 1.3.5 same problem, to be precise it doesn't hang, it
loops (the CPU usage goes up and down, RSS the same, up and down) at the
same point.
Here's the
René Berber wrote:
Jason Bertoch wrote:
What version of re2c are you using? Can you post the output of
'spamassassin -D --lint' to pastebin?
Now using re2c 1.3.5 same problem, to be precise it doesn't hang, it
Oops!0.13.5
loops (the CPU usage goes up and down, RSS the
Please excuse the top-post. This truly brain-damaged mua does not allow me to
edit the body.
Easiest way to disable whitelists is:
grep -E score\ RCVD.+-
/var/lib/spamassassin/updates_spamassassin_org/50_scores.cf | cut -d\ -f1-3
/etc/mail/spamassassin/no-whitelists.cf
Sent with Good
LuKreme wrote:
Alex wrote:
Yes, good article. A little difficult to read, though. Is there
something you're doing with the fonts to make them so light?
In Firefox for hard to read pages I always select the menu [View],
[Page Style], [No Style]. That turns off CSS and renders the page in
74 matches
Mail list logo