Hi,
Here's an example:
http://pastebin.com/h9JwTQ9T
The score is very low. Does someone have an idea of other
characteristics that I can flag on?
Hits for me on this:
Sanesecurity.Junk.22048.UNOFFICIAL FOUND
Ah, very good. I think that might be what I'm missing. How are you
implementing
Hi,
Does anyone know where the best reference for doing this with amavisd
and postfix would be, btw? I'd like to include it in some docs I'm
putting together.
I think my doc might be helpful:
http://www200.pair.com/mecham/spam/bypassing.html
Yes, definitely. Thanks for the great work. It's
On Tue, 2010-04-27 at 02:16 -0400, Alex wrote:
Hi,
Here's an example:
http://pastebin.com/h9JwTQ9T
The score is very low. Does someone have an idea of other
characteristics that I can flag on?
Hits for me on this:
Sanesecurity.Junk.22048.UNOFFICIAL FOUND
Ah, very good. I
On Mon, 26 Apr 2010, Alex wrote:
Hi,
I'm seeing an increase in zip attachment spam, and hoped someone could
help me figure out why it isn't being properly tagged. Are others
seeing this? Is BAYES_99 being triggered or is it lower?
Here's an example:
http://pastebin.com/h9JwTQ9T
The
Sorry for the confusion.
I am talking about connecting from an untrusted IP. We do have
authentication enabled on our SMTP server to disable relaying for unknown
users but as far as I can tell there's nothing in the headers that seems to
show this.
ie: pc - smtp1 - inbox (just shows the PCs IP
On 27.04.10 02:26, Martin Caine wrote:
Sorry for the confusion.
I am talking about connecting from an untrusted IP. We do have
authentication enabled on our SMTP server to disable relaying for unknown
users but as far as I can tell there's nothing in the headers that seems to
show this.
We're using qmail with qmail-scanner (personally I'd prefer switching to
postfix but it's not practical to do that at the moment. I'll see if I can
find out how to add the auth information into the headers.
Thanks
--
View this message in context:
On Mon, 26 Apr 2010, Joseph Brennan wrote:
empty and there was a single attachment transcript.zip.
Very old-school, using pif and scr file extensions and the name with
a lot of spaces in it (actually more spaces than I show here).
After posting, I found that a few other passed through, and
Hi Jernej,
- Jernej Porenta jernej.pore...@arnes.si wrote:
Heya,
I am searching for commercial IP reputation DB access which I could
use with SpamAssassin.
I know that there is DCC with IP reputation, but there aren't many
others that I could use with SA (or frontend postfix
Hi everybody.
Recently I updated my Gentoo installations to spamassassin-3.3.1-r1 (the
'r1' thing means a 'stock' SA-3.3.1 with some -often few - patches applied).
Everything worked fine after upgrading, but now I see that some rules I have
in my local.cf doesn't seem to work anymore.
Since
On Tue, 2010-04-27 at 14:21 +0200, Giampaolo Tomassoni wrote:
Everything worked fine after upgrading, but now I see that some rules I have
in my local.cf doesn't seem to work anymore.
The second problem is that the FRT_SOMA and FRT_SOMA2 score override don't
work too: I see they respectively
Both the effects are quite weird to me. Maybe I didn't pay attention
to some
post in this list announcing a different behaviour of the body rules
and a
new score override mechanism?
No change in this logic and behavior.
Did you --lint check? Does it complain perhaps? To see which cf
On Tue, 27 Apr 2010, Lucio Chiappetti wrote:
On Mon, 26 Apr 2010, Joseph Brennan wrote:
empty and there was a single attachment transcript.zip.
Very old-school, using pif and scr file extensions and the name with
a lot of spaces in it (actually more spaces than I show here).
After
On Tue, 27 Apr 2010, John Hardin wrote:
On Tue, 27 Apr 2010, Lucio Chiappetti wrote:
On Mon, 26 Apr 2010, Joseph Brennan wrote:
empty and there was a single attachment transcript.zip.
Very old-school, using pif and scr file extensions and the name with
a lot of spaces in it
On Tue, 27 Apr 2010, Giampaolo Tomassoni wrote:
Also, why
body __SOMMA m'\Wsomma\W'i
doesn't fire? I have the Rule2XSBody plugin active. Maybe somehow it wasn't
compiled? But why, then?
Do ANY of the rules in your local.cf fire? Try putting a test rule that
will 'always' fire
Do ANY of the rules in your local.cf fire?
Yes, they do. The __IN_ITALIAN rule referred by SOMMA and SOMMA2, in
example.
However,
Try putting a test rule that
will 'always' fire (like 'header From =~ /\@/') at the end of local.cf,
then if it doesn't fire, start moving it up, to see if you
It turn out I put this and other stuff in a if(0) endif block, such that it
of course didn't fire...
Thanks everybody!
Giampaolo
On Tue, 27 Apr 2010, Giampaolo Tomassoni wrote:
Do ANY of the rules in your local.cf fire?
Yes, they do. The __IN_ITALIAN rule referred by SOMMA and SOMMA2, in
example.
Just a side thought, but are we checking for SOMMA or SOMA? One 'm' or
two? FRT_SOMA2
Try 'retyping' the __SOMMA rule
On Tue, 27 Apr 2010, Giampaolo Tomassoni wrote:
Do ANY of the rules in your local.cf fire?
Yes, they do. The __IN_ITALIAN rule referred by SOMMA and SOMMA2, in
example.
Just a side thought, but are we checking for SOMMA or SOMA? One 'm' or
two? FRT_SOMA2
Try 'retyping' the __SOMMA
Hi,
Might as well just block all of \.fr at smtp time for that matter :-)
Poor France :(
I mostly do... au revoir Le France
Somewhat off-topic, but in the interest of increasing awareness, India
reportedly ranks first:
Hi,
Using SA v3.3.1 spamc command-line client : the message analyzed being either
spam or ham, can I have the message left untouched except for the X-Spam
headers ? For example, in case of a spam message, I'd like to have:
From: Test t...@example.com
To: t...@example.com
Subject: Test
Date:
On Tue, 2010-04-27 at 11:08 -0400, Alex wrote:
Hi,
Might as well just block all of \.fr at smtp time for that matter :-)
Poor France :(
I mostly do... au revoir Le France
Somewhat off-topic, but in the interest of increasing awareness, India
reportedly ranks first:
On Tue, 2010-04-27 at 16:35 +, Christian Gregoire wrote:
Using SA v3.3.1 spamc command-line client : the message analyzed being
either spam or ham, can I have the message left untouched except for
the X-Spam headers ?
When a spam, since the message is rewritten, my X-Custom headers are
Christian Gregoire wrote:
Hi,
Using SA v3.3.1 spamc command-line client : the message analyzed being either
spam or ham, can I have the message left untouched except for the X-Spam
headers ? For example, in case of a spam message, I'd like to have:
From: Test t...@example.com
To:
On Tue, 27 Apr 2010, Giampaolo Tomassoni wrote:
Also, why
body __SOMMA m'\Wsomma\W'i
doesn't fire?
This is more a sylistic comment, but: you don't need to alter the
delimiters on that RE. Does this behave any better?
body __SOMMA /\Wsomma\W/i
That also won't
On Tue, 27 Apr 2010, Giampaolo Tomassoni wrote:
Also, why
body __SOMMA m'\Wsomma\W'i
doesn't fire?
This is more a sylistic comment, but: you don't need to alter the
delimiters on that RE. Does this behave any better?
body __SOMMA /\Wsomma\W/i
John,
On Tue, 27 Apr 2010, Giampaolo Tomassoni wrote:
On Tue, 27 Apr 2010, Giampaolo Tomassoni wrote:
Also, why
body __SOMMA m'\Wsomma\W'i
doesn't fire?
This is more a sylistic comment, but: you don't need to alter the
delimiters on that RE. Does this behave any better?
body
Great, that's it. Thanks you both Bowie and Karsten.
- Message d'origine
De : Bowie Bailey bowie_bai...@buc.com
À : users@spamassassin.apache.org
Envoyé le : Mar 27 avril 2010, 18 h 59 min 07 s
Objet : Re: spamc output
Christian Gregoire wrote:
Hi,
Using SA v3.3.1 spamc
Hello,
We are experiencing a sporadic error running SA 3.3.1 on an Ubuntu distro,
with the following behavior: a message is being processed and a spamd child
dies allowing the spam message to go through to the qmail queue. The spam
goes through, unfortunately, but then processing continues
On Tue, 2010-04-27 at 13:43 -0700, PaulYo wrote:
We are experiencing a sporadic error running SA 3.3.1 on an Ubuntu distro,
with the following behavior: a message is being processed and a spamd child
dies allowing the spam message to go through to the qmail queue. [...]
required_hits 2
This
On 4/26/10, Christian Gonzalez ch...@chf.info.tm wrote:
Hence I had to disable Amavis-new/Clamav in order to keep receiving my
emails but this also disabled SpamAssassin. I would like to keep at
least
SpamAssassin working, I found some howtos and guides [1][2] about it but
none of them
From David B Funk
Suggestions; completely kill and restart Amavis-new, see if it loads and
uses the new LibClamAV library. If that doesn't fix it, find -all-
instances of LibClamAV on your system, remove them, re-do the 0.96
install and restart. If it still isn't working, ask your question on
Dear Sir,
Please REMOVE my email address from your list, everyday have too many email
forward to me.
Thanks Best Regards,
Billy Lau
Direct Line:(852) 3969 0684 / Cell Phone:(852) 9220 1286
Email: sal...@fashionable.com.hk
Nicer Fashion Ltd.
Tel:(852) 3969 0688
FAX:(852) 2361 9964
URL:
On ons 28 apr 2010 03:25:26 CEST, BILLY/NICER wrote
Please REMOVE my email address from your list, everyday have too
many email forward to me.
List-Help: users-h...@spamassassin.apache.org
List-Unsubscribe: users-unsubscr...@spamassassin.apache.org
List-Post:
On Tue, 27 Apr 2010, Sitapati wrote:
My spamassassin installation suddenly (since March) starting rewriting the
headers of messages that are not spam.
Here's an example:
X-Spam-Status: No, score=3.9 required=5.0 tests=AWL,BAYES_50,
DNS_FROM_OPENWHOIS,FH_DATE_PAST_20XX,HTML_MESSAGE,URG_BIZ
Hi,
My spamassassin installation suddenly (since March) starting rewriting the
headers of messages that are not spam.
March isn't so suddenly. Why is it a problem now and not last month?
Are you sure it is your system that is rewriting the headers? Is it
happening on every email?
Hi
i have recently update from 3.2.X to 3.3.X
when i restart i get this message
spamd[18549]: config: failed to parse line, skipping, in
/etc/mail/spamassassin/local.cf: use_auto_whitelist 1
any suggestions
Ram
37 matches
Mail list logo