Free SURBL sources + rbldnsd extensive docs + configuring spamassin with new surbl source?
Hi, i wanted to set up my own surbl server, unfortunately, not much information is available around, most of the time am bumping into this http://www.surbl.org/public-dns.html, but well, getting rsync data feed access from surbl.org is way too expensive for a bunch of kids at school. Is there some sort of free list out there that i can rsync from and then if there's any guide/docs that i could follow to get my spamassassin to query my local surbl server. Thanks -- $3|v3n
Re: Free SURBL sources + rbldnsd extensive docs + configuring spamassin with new surbl source?
On 2010-09-28 9:28, selven wrote: Hi, i wanted to set up my own surbl server, unfortunately, not much information is available around, most of the time am bumping into this http://www.surbl.org/public-dns.html, but well, getting rsync data feed access from surbl.org is way too expensive for a bunch of kids at school. Is there some sort of free list out there that i can rsync from and then if there's any guide/docs that i could follow to get my spamassassin to query my local surbl server. What's wrong with querying the public servers? SURBL/URIBL DBL are free if you remain below their heavy traffic usage policies. The Invaluement.com lists are not free for public querying but an interesting alternative as well. If, as you say, you only cater for a bunch of kids at school you shouldn't be hitting the BL's thresholds.
Re: Free SURBL sources + rbldnsd extensive docs + configuring spamassin with new surbl source?
Yet Another Ninja wrote: On 2010-09-28 9:28, selven wrote: Hi, i wanted to set up my own surbl server, unfortunately, not much information is available around, most of the time am bumping into this http://www.surbl.org/public-dns.html, but well, getting rsync data feed access from surbl.org is way too expensive for a bunch of kids at school. Is there some sort of free list out there that i can rsync from and then if there's any guide/docs that i could follow to get my spamassassin to query my local surbl server. What's wrong with querying the public servers? Sounds more like he wants to do this as an exercise - selven, you could always rsync the uceprotect lists, if those are useful to you. /Per Jessen
(no report template found) - no 10_misc.cf but sa-update shows correct paths
Hi, I'm seeing (no report template found) on: SpamAssassin version 3.3.2-r929478 running on Perl version 5.12.2 This is a build of perl installed in /opt/perl5. Took SpamAssassin from the SVN repo to get around the taint issue as this doesn't seem to have made it onto CPAN yet (https://svn.apache.org/repos/asf/spamassassin/branches/3.3/ The docs I've seen from googling all seem to point to: clear_report_template - I don't have this set in any of my configs Failure to access 10_misc.cf - I don't have this on my system, but it also doesn't seem to exist on other systems which are working? To get the no template found error I'm running: spamassassin -C /etc/opt/mail/spamassassin/ -t /path/to/message Not sure if it's OK to paste debug output here (20k) - if so (and it's wanted) please let me know and I'll include it/ Any pointers in the right direction would be much appreciated! Thanks, Edward The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorised. If you are not the intended recipient, any action taken or omitted to be taken in reliance on it, any form of reproduction, dissemination, copying, disclosure, modification, distribution and/or publication of this E-mail message is strictly prohibited and may be unlawful. If you have received this E-mail message in error, please notify us immediately. Please also destroy and delete the message from your computer.
Re: (no report template found) - no 10_misc.cf but sa-update shows correct paths
On Tue, 2010-09-28 at 10:36 +0100, Edward Prendergast wrote: clear_report_template - I don't have this set in any of my configs It's part of 10_default_prefs.cf of the stock rule-set. To get the no template found error I'm running: spamassassin -C /etc/opt/mail/spamassassin/ -t /path/to/message ^^ Why are you using that option? The given path looks like your site config dir, not the default rule-set dir. The latter, which is what -C sets, also is the dir where sa-update puts the rules. See 'man spamassassin-run'. Also see 'man spamassassin' for the dirs used by default on your site, as set during configure. Not sure if it's OK to paste debug output here (20k) - if so (and it's wanted) please let me know and I'll include it/ It is OK -- or use a pastebin, if you prefer. -- char *t=\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4; main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;il;i++){ i%8? c=1: (c=*++x); c128 (s+=h); if (!(h=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
MSGID_RANDY getting old
MSGID_RANDY is hitting messages written by secure mail software used by at least two health care providers, optumhealth.com and uhc.com. Sample: 4d7a08$dgl...@mail16.uhc.com MSGID_RANDY no longer gets much spam, and what it gets scores pretty high even without it. Yesterday, here, 45 total hits on MSGID_RANDY (of 2,748,004 messages) .. 14 were Secure Mail .. The 31 others scored 10.5 to 34.7 Your mileage may vary. In fact I'd like to know how it looks on other systems. But I'm going to zero the score here. If we want to save the rule, the health care messages can be identified by these features: Subject contains /Secure Message from / followed by the same address as the From header. The message body contains a MIME part named securedoc.html coded as application/octet stream. I cannot post a sample secure message. Joseph Brennan Columbia University Information Technology (I just noticed MSGID_RANDY also hits on score reports from ancient software used by the Educational Testing Service, ets.org, and that we whitelisted them a long time ago to work around it. Their mail has two-digit years too, so I considered them a true whitelist case that can't be helped otherwise.)