I have just found out why most of my emails have been getting tagged
as spam this year. It's because of a bug in a rule which causes this
hit to happen when it shouldn't: FH_DATE_PAST_20XXThe date is
grossly in the future. The actual file at fault is 72_active.cf which
is a spamassassin rule
I've just found that line on the spamc man page:
-K Perform a keep-alive check of spamd, instead of a full message check.
Someone knows what it means, and what it actually does?
On Wednesday, 31 of March 2010, David wrote:
I've just found that line on the spamc man page:
-K Perform a keep-alive check of spamd, instead of a full message check.
Someone knows what it means, and what it actually does?
It does what it says. Keep-alive means check means just connecting
I installed with yum lhe following pakages:
postfix, amavisd-new and spamassassin.
I have *.cf in /usr/share/spamassassin/ directory and now I would like
update them.
Is it possible? with sa-update?
If yes which is the complete command to use to update *.cf in
/usr/share/spamassassin/
On Wed, 2010-03-31 at 19:15 +1100, Phill Edwards wrote:
I have just found out why most of my emails have been getting tagged
as spam this year. It's because of a bug in a rule which causes this
hit to happen when it shouldn't: FH_DATE_PAST_20XXThe date is
grossly in the future. The actual
Phill Edwards wrote on Wed, 31 Mar 2010 19:15:18 +1100:
So, you have finally found sa-update? Wow.
So how exactly do you get the new rule files
into /usr/share/spamassassin so they start working?
Run a debug lint and you will see that the /var/lib directory gets used
when it contains rules.
On 31.3.2010 14:02, Andrea Bencini wrote:
I installed with yum lhe following pakages:
postfix, amavisd-new and spamassassin.
I have *.cf in /usr/share/spamassassin/ directory and now I would like
update them.
Is it possible? with sa-update?
If yes which is the complete command to use to
On 3/31/2010 7:02 AM, Andrea Bencini wrote:
I installed with yum lhe following pakages:
postfix, amavisd-new and spamassassin.
I have *.cf in /usr/share/spamassassin/ directory and now I would like
update them.
Is it possible? with sa-update?
If yes which is the complete command to use to
Hi Guys,
My current sysadmin has now left the company and I'm new to SA and Exim.
Needless to say I have been assigned the task to
look after the server . I'm hoping I've come to the right place for my
questions to be answered.
The system I have is running on:
Gentoo Base System release 1.12.10
Hi
On Wed, Mar 31, 2010 at 2:24 PM, Keith De Souza
kbdeso...@googlemail.com wrote:
Hi Guys,
[snip]
I've read somewhere that the default setting for SA to scan a message is
500k.
Can I reduce this, so that SA scans messages 100k and below?
Have you tried google first ?
On Wed, 2010-03-31 at 13:24 +0100, Keith De Souza wrote:
My current sysadmin has now left the company and I'm new to SA and
Exim. [...]
I've read somewhere that the default setting for SA to scan a message
is 500k.
That's actually the default for spamc. Messages exceeding the threshold
just
Hi,
Remember to respond to the mailing list ... so other users can follow
this also ...
On Wed, Mar 31, 2010 at 2:54 PM, Keith De Souza
kbdeso...@googlemail.com wrote:
Hi,
But are there are reason for dropping it?
I'm having a few errors in my Exim logs from legitamate senders not coming
Hi
* You need to change whatever glue you are using to pass messages to SA,
and skip the scanning for messages larger than your desired threshold.
*Sorry as I'm new to SA can you elaborated what you mean by glue?
*
That said, IMHO 100k is rather low. Why do you want that particular
threshold?*
Hi
Oops only realized after I had sent you the message - but will do.
* Are you running sa-update ?*
I might not be, how can I check?
* Are there lots of mails in the queue?
*No mails in the queue. I should also say that, mail is coming in fine
and we are receving it but certain legitamate
From: Keith De Souza kbdeso...@googlemail.com
Date: Wed, 31 Mar 2010 14:10:50 +0100
Hi
* You need to change whatever glue you are using to pass messages to SA,
and skip the scanning for messages larger than your desired threshold.
*Sorry as I'm new to SA can you
Keith De Souza wrote:
I'm trying to understand why is it taking 300.0 seconds to scan a
message only 24Kb in size??
I'm begeining to think that because SA is taking so long to scan the
message, it is timing out
and hence Exim returning a temporarily reject after DATA.
My thoughs so far is
On Wed, 31 Mar 2010, Keith De Souza wrote:
Sorry as I'm new to SA can you elaborated what you mean by glue?
Geek terminology for the program, script or other mechanism that
'connects' your MTA and your SA. Ie. The calling MTA or its script must do
the size check, then decide *whether* to
Alex wrote:
What settings do people typically have these days for the maximum
scanned message size? Surprisingly, at least to me, I'm seeing spam in
the 650k and 700k range, at least a few per hour, and are not scanned.
Does anyone have any suggestions for optimizing the process for spam
On Wed, Mar 31, 2010 at 11:05:57AM -0400, Adam Katz wrote:
Wasn't some earlier version of SA capable of scanning just the /first/
[size] of an email? Probably harder to implement within MIME, but
some control to internally truncate remaining pieces (for scanning
only, like the
On Wed, 2010-03-31 at 15:06 +0200, Mikael Syska wrote:
I'm trying to understand why is it taking 300.0 seconds to scan a message
only 24Kb in size??
Use the sysstat tool-set to find out what's going on in your system and
fix that.
I agree with those who say that -m 25 is too large a value.
On Wed, 31 Mar 2010, Henrik K wrote:
SA 3.3 has special handling for truncated messages
Excuse me for not *thinking* earlier, but it occurs to me that there is a
very big drawback to *truncating* a message before passing it to SA, as
opposed to my original request/suggestion to *flag*
I'm wondering if anyone else has an issue with SPAM that comes from a real
yahoo or gmail account?
I've noticed a few emails get let into our organization everyday that is sent
from a free email account such as yahoo and gmail. When I do a rDNS lookup, of
the IP, it points back to a real
Greetings!
I upgraded SA from version 3.2.5 to 3.3.1 this morning.
Since that time all of the emails that are marked as spam are being converted
to attachments.
One other oddity. If you look close at the rewrite_header Subject line, you
will count three %'s after the word SPAM. This is a
One likely scenario may be that the spammer managed to hack into an existing
account, then use it to send out their garbage. One way to fix that is to
ensure all humans with computer access always employ best practices for
choosing and protecting secure passwords.
Another possible scenario is
Spamhaus has uncovered a fake spam filter company which was pirating and
selling DNSBL data stolen from major anti-spam systems including Spamhaus,
CBL and SURBL, republishing the stolen data under the name nszones.com.
more: http://www.spamhaus.org/organization/statement.lasso?ref=8
--
Neil
Hi,
Does anyone have any suggestions for optimizing the process for spam
containing just a large image that would therefore bypass the typical
scanning? Should I be scanning messages that large, then?
Depends on your available CPU resources. If you always have a low
load average, you can
Hi,
I've noticed a few emails get let into our organization everyday that is sent
from a free email account such as yahoo and gmail. When I do a rDNS lookup,
of the IP, it points back to a real server (not a spam server).
Here's an example of one that just got let in:
Mar 31 12:05:34
On Wednesday March 31 2010 18:05:52 Charles Gregory wrote:
Excuse me for not *thinking* earlier, but it occurs to me that there is a
very big drawback to *truncating* a message before passing it to SA, as
opposed to my original request/suggestion to *flag* (or set a config
param?) to tell SA
On Wed, 31 Mar 2010, Mark Martinec wrote:
and let it handle arbitrary size messages by avoiding its current
paradigm of keeping the entire message in memory.
Is there really a problem with the in-memory size? I would have thought
the major concern was the processing time for evaluating
On Wednesday March 31 2010 23:43:25 Charles Gregory wrote:
Is there really a problem with the in-memory size? I would have thought
the major concern was the processing time for evaluating 'full' (and
rawbody?) rules on a large message
Yes, sure, the main issue is with evaluating regexp
On 3/31/2010 12:34 PM, Michael Weber wrote:
Greetings!
I upgraded SA from version 3.2.5 to 3.3.1 this morning.
Since that time all of the emails that are marked as spam are being converted
to attachments.
One other oddity. If you look close at the rewrite_header Subject line, you
will
But I don't understand how to use sa-update. I've run it and I can see
all the new rule files in /var/lib/spamassassin/3.002005. However, I
think my rules run off the files in /usr/share/spamassassin/. The wiki
at http://wiki.apache.org/spamassassin/RuleUpdates#Using_sa-update
says NOT to use
On 3/31/2010 9:10 PM, Phill Edwards wrote:
But I don't understand how to use sa-update. I've run it and I can see
all the new rule files in /var/lib/spamassassin/3.002005. However, I
think my rules run off the files in /usr/share/spamassassin/. The wiki
at
The list is definitely active. Now, is it 100 messages a minute? No..
but your original post did get two replies providing the answer, both
slightly over 2 hours after your question.
Yeah, I've subsequently found them on a Nabble list. For some reason
I'm not getting any email from this list
34 matches
Mail list logo