Alex wrote on Sun, 28 Mar 2010 13:38:25 -0400:
I have a bayes db that's about 160MB with a 40MB token db on a system
with about 100k messages per day.
Well, what's the missing 120 MB? The journal? Do a complete sync and then
delete it.
I've just raised the max_db_size set
to 1.1M tokens
On Mon, 29 Mar 2010 13:03:59 +0200
Kai Schaetzl mailli...@conactive.com wrote:
Alex wrote on Sun, 28 Mar 2010 13:38:25 -0400:
I have a bayes db that's about 160MB with a 40MB token db on a
system with about 100k messages per day.
Well, what's the missing 120 MB? The journal? Do a
I'm having a problem with the trusted_networks option. Right now I have it set
to:
trusted_networks 10.0.1/24
In postfix, I need to have spamassassin listed under
smtpd_recipient_restrictions so that it will only scan incoming emails
however it would be handy to get this option working if at
On Mon, 2010-03-29 at 11:40 -0400, Kaleb Hosie wrote:
I'm having a problem with the trusted_networks option. Right now I have
it set to:
trusted_networks 10.0.1/24
When I try to use this option; I login through telnet port 25, and send
the test spam string (from the 10.0.1.0 subnet) it
On 29.3.2010 18:40, Kaleb Hosie wrote:
I'm having a problem with the trusted_networks option.
Right now I have it set to:
trusted_networks 10.0.1/24
In postfix, I need to have spamassassin listed under
smtpd_recipient_restrictions so that it will only scan
incoming emails however it
Literally, Mega-Spam. I just got a spam with 1MB of images.
My suggestion has been made before, but I would like to ask that it now
be taken a bit more seriously. SA needs an option to allow efficient
'partial' scanning of large e-mails, so that, for example, we can
peform all the valuable
On 3/29/10 1:09 PM, Charles Gregory wrote:
Literally, Mega-Spam. I just got a spam with 1MB of images.
My suggestion has been made before, but I would like to ask that it
now be taken a bit more seriously. SA needs an option to allow efficient
'partial' scanning of large e-mails, so that,
Aw, is that shouting really necessary? Oh, yes, it is indeed -- you are
trying to get heard over on the dev list, so you need to be quite loud
from here... ;)
The dev list is what you want.
On Mon, 2010-03-29 at 13:09 -0400, Charles Gregory wrote:
Literally, Mega-Spam. I just got a spam with
I recently received a FP report on an e-mail that hit on, among other
things, FREEMAIL_ENVFROM_END_DIGIT. This rule has a score of 1.6, which
seems maybe a little high. Henrik mentioned the same thing in comment
185 [1] of Bug 6155 which is closed as resolved/fixed. The assumption
was that
Hi
why does
spamc[28825]: [ID 702911 mail.error] skipped message, greater than max
message size (512000 bytes)
have to be log level error?
Instead of error would warn not be enough?
thanks,
Philipp
Philipp,
why does
spamc[28825]: [ID 702911 mail.error] skipped message, greater than max
message size (512000 bytes)
have to be log level error?
Instead of error would warn not be enough?
That was fixed in 3.3.0:
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5325
Mark
On 3/29/10 1:52 PM, Jason Bertoch wrote:
I recently received a FP report on an e-mail that hit on, among other
things, FREEMAIL_ENVFROM_END_DIGIT. This rule has a score of 1.6,
which seems maybe a little high. Henrik mentioned the same thing in
comment 185 [1] of Bug 6155 which is closed as
On Mon, 2010-03-29 at 13:52 -0400, Jason Bertoch wrote:
I recently received a FP report on an e-mail that hit on, among other
things, FREEMAIL_ENVFROM_END_DIGIT. This rule has a score of 1.6, which
seems maybe a little high. Henrik mentioned the same thing in comment
185 [1] of Bug 6155
On 2010/02/01 10:30 AM, Mark Martinec wrote:
Update returned sought rules 1/31/2010.
Actually back since Jan 6. :) Re-viewed about 1k fraud spam the
following days, for the Sought Fraud sub-set.
Btw, the three rules JM_SOUGHT_FRAUD_{1,2,3} have a score of zero
as per Justin's request (Bug
Wow, I knew this was coming at some point. I just figured it was too
expensive.
My suggestion would be to use graylisting, force them to send that 1MB
message twice. Course zombie bots don't do that generally, so you would
never even have to deal with it. You could also use the botnet
On Mon, 2010-03-29 at 16:23 -0400, Brent Kennedy wrote:
Wow, I knew this was coming at some point. I just figured it was too
expensive.
You did read the entire thread, right? :) There's nothing new about
this. Moreover, this still is a rare occurrence. Note even Charles, who
started this
On Mon, 2010-03-29 at 16:05 -0400, Jason Bertoch wrote:
Btw, the three rules JM_SOUGHT_FRAUD_{1,2,3} have a score of zero
as per Justin's request (Bug 6155 c 38, c72, c89, c124).
Not sure if people using the channel realize that scores
need to be bumped up. Btw, I prefer to avoid them
On Mon, 29 Mar 2010, Karsten Bräckelmann wrote:
You did read the entire thread, right? :) There's nothing new about
this. Moreover, this still is a rare occurrence. Note even Charles, who
started this thread, claims to have received *one* such spam. And it
appears to be his first. ;)
Last
Am Montag 29 März 2010 schrieb Karsten Bräckelmann:
On Mon, 2010-03-29 at 16:23 -0400, Brent Kennedy wrote:
Wow, I knew this was coming at some point. I just figured it was
too expensive.
You did read the entire thread, right? :) There's nothing new
about this. Moreover, this still is a
On Mon, 2010-03-29 at 16:57 -0400, Charles Gregory wrote:
The spams I've seen so far look more 'amateur' than 'pro'. Easily tracable
IP's. Blacklistable domains. I'm just throwing my idea into the queue now
so that it can be smoothly integrated with a future release. We've got
plenty of
On Mon, 2010-03-29 at 23:01 +0200, Mathias Homann wrote:
I think it has, I get about 2-5 mega spams per day by now.
and I can't do greylisting because I have to fetchmail from a central
mail server at my hoster that is not under my direct control.
And no, moving from a vhost to a root server
On Mon, 29 Mar 2010, Brent Kennedy wrote:
My suggestion would be to use graylisting, force them to send that 1MB
message twice.
While greylisting will help, it won't spank the offender in that manner.
It will postpone the message very early in the SMTP exchange, not after
the body has been
We've got plenty of time, but I suggest not waiting until it becomes a
big problem before desperately rushing to fix it :)
Depends on how one defines where a problem starts to become 'big'.
For me the problem of large messages was big enough early last year so
that I had to implement a
On 2010-03-30 00:12, John Hardin wrote:
While greylisting will help, it won't spank the offender in that manner.
It will postpone the message very early in the SMTP exchange, not after
the body has been received.
Unless the greylisting is done *after* receiving the body. Of course,
this will
Graylisting does work. We have been using SQLGrey
(http://sqlgrey.sourceforge.net/) for three years now. The minute I turned
it on, spam to my junk email folder(what SA used to catch) dropped by 90%.
SQLGrey sits at the MTA level, so it hits the sender when they connect and
before they actually
On 3/29/2010 11:40 AM, Kaleb Hosie wrote:
I'm having a problem with the trusted_networks option. Right now I have it
set to:
trusted_networks 10.0.1/24
In postfix, I need to have spamassassin listed under
smtpd_recipient_restrictions so that it will only scan incoming emails
however it
On Mon, 29 Mar 2010, Brent Kennedy wrote:
Ya know, this got me thinking. Wonder if I could create a VM with all the
settings and a script to customize the setup. Then organizations could just
deploy the VM. Sort of an all in one deployment. Just update the VM
template every now and then.
Hi,
Well, what's the missing 120 MB? The journal? Do a complete sync and
then delete it.
Probably the signatures in bayes_seen - there's no mechanism for ageing
them out.
And I assume that isn't a problem then?
too big is not an absolute figure. If you store 1-occurence tokens
you will
28 matches
Mail list logo