On 14 Mar 2015, at 12:55, David F. Skoll wrote:
[...]
I can't answer for Kevin, but what we do is this: For oversize
messages, we remove non text/* attachments. If they're still
oversize, we truncate the text/plain parts. If they're still
oversize, we truncate the text/html parts. We do this
On 14 Mar 2015, at 15:17, Robert Schetterer wrote:
[...]
Am 14.03.2015 um 17:55 schrieb David F. Skoll:
[...]
I can't answer for Kevin, but what we do is this: For oversize
messages, we remove non text/* attachments. If they're still
oversize, we truncate the text/plain parts. If they're
On 13 Mar 2015, at 17:41, Shane Williams wrote:
I've been reviewing the current landscape of anti-spam tools since I
haven't set up a new system in a while, and one place I'm wondering
what people are using is milters for spamassassin/spamc.
It seems like spamass-milter is the default go-to
On 18 Mar 2015, at 17:24, Axb wrote:
Why is Internal or local mail sent thru SA?
If the MTA handles outbound mail from Windows users, passing their mail
through SA is prudent. There are spamming trojans that figure out how to
use the victim's legitimate submission config including
On 25 Feb 2015, at 17:15, Yves Goergen wrote:
Am 25.02.2015 um 20:42 schrieb Bill Cole:
On 24 Feb 2015, at 17:06, Yves Goergen wrote:
I can't block all archives with executable files in them.
Then in all seriousness: why bother filtering email specifically for
malware?
Email
On 24 Feb 2015, at 17:06, Yves Goergen wrote:
I can't block all archives with executable files in them.
Then in all seriousness: why bother filtering email specifically for
malware?
Email is an inherently untrustworthy transport medium. Any sort of
executable received via email that is
On 21 Apr 2015, at 18:47, Mark Martinec wrote:
There is no benefit to spammers (and a likely disservice to them)
for forging a non-trustworthy external Received header field
and providing some unusual IP address there, and they cannot forge
the boundary Received header field inserted by
On 1 May 2015, at 14:34, Forrest wrote:
Upgrading from a simple 3.4.0 installation, 3.4.1 refuses to start,
with this error:
Starting spamd: child process [3723] exited or timed out without
signaling production of a PID file: exit 255 at
/usr/local/perl/bin/spamd line 2986.
On 6 May 2015, at 20:57, Kevin A. McGrail wrote:
Hello SpamAssassin Users and Developers,
I wanted to take a moment to provide my $0.02 on two in the wild
issues with 3.4.1 that I've heard a lot about in the past few days:
The first in the wild issue has been some failures on sa_compile.t.
On 8 May 2015, at 11:46, Dianne Skoll wrote:
Hi,
We are seeing a trickle of weird empty messages. Here's a sample
Sendmail log:
May 8 11:33:31 colo3 sm-mta[1100]: t48FXPqL001100:
from=ragland_rosell...@cttstone.com, size=18, class=0, nrcpts=1,
msgid=8[10, proto=SMTP, daemon=MTA,
On 13 May 2015, at 20:24, Chris wrote:
So I guess then that the bottom line is that eventually the queries are
getting through to SORBS but I'll still be seeing some errors and just
don't worry about it. Does that sound about right?
Yes.
On 13 May 2015, at 16:58, Chris wrote:
On Wed, 2015-05-13 at 13:49 -0400, Kris Deugau wrote:
Chris wrote:
Not upset about the 'noise', to my untrained eye it looks to me as
if
the lookups are failing:
chris@localhost:/var/log$ grep 'connection refused'
/var/log/syslog|grep
sorbs|awk '{
On 16 Apr 2015, at 7:29, Kevin A. McGrail wrote:
Sorry, it is not our job to provide support for GetResponse.com
And that's a very good thing, since GetResponse/Implix is a chronic
intentional spamming operation. It would be a disturbing conflict of
interest for the SpamAssassin core
On 14 Apr 2015, at 13:59, Quanah Gibson-Mount wrote:
I've noticed that DCC_CHECK is flagging on tons of items that are
clearly not spam. The most recent hit for me today was a release
announcement from the mariadb folks. Overall, it's a trend I'm
routinely seeing where it is flagging a lot
On 31 Mar 2015, at 14:43, Kevin A. McGrail wrote:
But overall, it looks like lunarpages is exceeding some of the RBL
limits which is immediately going to cause issues.
And to be blunt: that does qualify as shoddy in a commercial provider:
amateurish unethical. It's one thing for a hobbyist
On 1 Apr 2015, at 17:26, Amir Caspi wrote:
On Apr 1, 2015, at 3:03 PM, Kevin Miller kevin.mil...@juneau.org
wrote:
You can reject on RDNS (or lack thereof) in sendmail depending on the
version. Search for require_rdns.
Thanks, I'll look into it. Sadly I don't think I have time to
On 5 Jun 2015, at 16:36, Kevin A. McGrail wrote:
It's caused by the domain =.sa.enemieslist.com having that complete
invisible null label between = and . which is an invalid DNS entry.
I believe that this is covered
in:
On 5 Jun 2015, at 17:53, Larry Rosenman wrote:
I guess my question is why is it being called during sa-learn.
You have yet to demonstrate that to be occurring.
SA has a misfeature of attempting to de-obfuscate obfuscated URIs and
trusting the results of its inherently imperfect
On 5 Jun 2015, at 18:03, Kevin A. McGrail wrote:
On 6/5/2015 5:55 PM, Bill Cole wrote:
I suspect that this is due to the same misguided over-detection of
obfuscated URIs that some time ago did violence to the
postfix-users list when the domain master.cf landed on multiple
URIBLs. Rather than
On 9 Jun 2015, at 14:39, Matus UHLAR - fantomas wrote:
On 09.06.15 11:29, John Hardin wrote:
Two things that I have found very useful at the MTA level are:
(1) Delay sending your SMTP banner a second or two and reject any
sender that starts sending information before that. This is a
On 6 Jun 2015, at 6:16, Kevin A. McGrail wrote:
Well, referencing an rfc is good but please remember rfc 1121 where we
can extrapolate that robustness and contravariance overrides because
your statements are contrary to the behavior of mua's which DO
highlight the urls.
See my screenshot
On 23 Jun 2015, at 0:05, Michael B Allen wrote:
On Mon, Jun 22, 2015 at 10:42 PM, Bill Cole
sausers-20150...@billmail.scconsult.com wrote:
On 22 Jun 2015, at 21:45, Michael B Allen wrote:
On Mon, Jun 22, 2015 at 8:01 PM, Reindl Harald
h.rei...@thelounge.net
wrote:
[root@www .spamassassin
On 23 Jun 2015, at 8:34, Roman Gelfand wrote:
Periodically, I am running the following command on my spam box...
sa-learn --no-sync --spam
/mbx/adomain.com/auser/Maildir/.Junk/{cur,new}
It seems to work. However, I continue to get this message type. Why?
Here is SA message.
On 21 Jun 2015, at 10:33, Jered Floyd wrote:
Richard,
The BRBL may have listed the entire /24 that includes your sending
IPs.
Painful experience has shown that Barracuda won't hear your requests
for
delisting, and the listing may never go away.
I believe you've got it in one. I heard
On 24 Jun 2015, at 16:21, RW wrote:
On Mon, 22 Jun 2015 22:42:09 -0400
Bill Cole wrote:
On 22 Jun 2015, at 21:45, Michael B Allen wrote:
So with a default install (CentOS 7 in my case and I suspect pretty
much all other systems), bayes will NOT just work by default unless
you explicitly
On 22 Jun 2015, at 21:45, Michael B Allen wrote:
On Mon, Jun 22, 2015 at 8:01 PM, Reindl Harald
h.rei...@thelounge.net wrote:
[root@www .spamassassin]# pwd
/var/log/spamassassin/.spamassassin
[root@www .spamassassin]# ls -la
total 1100
drwx-- 2 spamd spamd4096 Jun 22 19:42 .
drwx--
On 26 Jun 2015, at 12:33, Alex Regan wrote:
Hi,
I have one system with greylisting enabled and another that hasn't yet
been enabled. On the system without it, I'm receiving a ton of random
spam that hits bayes99 but pretty much nothing else.
http://pastebin.com/FzUkEvRp
It all seems to be
On 19 Jun 2015, at 13:46, Axb wrote:
On 19.06.2015 19:42, Philip Prindeville wrote:
No offense to lepers, but is .science to be avoided? I’ve had
email this week from about 17 different .science domain names, and 13
were blocked because of ZenBL and the rest turned out to be SPAM
anyway.
On 23 Jun 2015, at 14:58, Michael B Allen wrote:
On Tue, Jun 23, 2015 at 12:48 PM, Bill Cole
sausers-20150...@billmail.scconsult.com wrote:
Yes, I want a system-wide bayes db. And I am running spamd and spamc
and I assume that is all working (but of course I have no idea if it
really
On 10 Jun 2015, at 10:26, Kevin A. McGrail wrote:
On 6/10/2015 10:18 AM, Dianne Skoll wrote:
I'm not disputing that running a caching DNS server is a good idea,
but
you may be quite surprised at the low cache hit rate for IP-based
DNSBLs.
IMO, the primary goal of a caching-only nameserver is
On 10 Jun 2015, at 10:55, Alex Regan wrote:
Hi,
Not everyone is running a dedicated mail server. My server is an
everything-server running on a hosted VPS that only has a few
users
that get significant amounts of email. I'm not sure I want another
daemon that can break or take up clock
On 27 Jun 2015, at 18:00, Jo Rhett wrote:
In the meantime, is there a mail client for Yosemite which does work?
I can't guarantee you'll be comfortable with it, but MailMate is surely
worth a look if you don't mind paying for a piece of well-supported
software.
On 21 May 2015, at 14:42, Benny Pedersen wrote:
Note that plus addressing, users can only subscribe, is 2 + valid in
mailto: ?
Sure, why not? See RFC's 821, 822, 2821, 2822, 5321, and 5322 :)
There is nothing special about '+' in an email address in SMTP or in the
email data format. It is
On 21 May 2015, at 17:36, Benny Pedersen wrote:
On May 21, 2015 11:08:28 PM Bill Cole
sausers-20150...@billmail.scconsult.com wrote:
On 21 May 2015, at 14:42, Benny Pedersen wrote:
Note that plus addressing, users can only subscribe, is 2 + valid
in
mailto: ?
Sure, why not? See RFC's
On 26 May 2015, at 11:34, Forrest wrote:
On 5/21/15 1:41 PM, Axb wrote:
does this work?
headerLIST_ID_MARKET_EEKList-ID =~ /emarketeerz/
I've tried this, and it doesn't appear to be working. I just received
another message today, here are the headers (sanitized).
It seems quite
On 21 Aug 2015, at 8:14, Martin Gregorie wrote:
On Fri, 2015-08-21 at 00:32 -0400, Bill Cole wrote:
On 20 Aug 2015, at 14:49, Joe Quinn wrote:
That said, header fields are likely never going to be long enough
for
what you currently have to be a performance concern.
(I was about to say
On 21 Aug 2015, at 11:08, Martin Gregorie wrote:
On Fri, 2015-08-21 at 10:47 -0400, Bill Cole wrote:
Your response is a non sequitur.
Why do you say that? You suggested using what look to be hard limits
on
the header's size, though admittedly large ones, which puts my
comments
entirely
On 20 Aug 2015, at 10:10, hospice admin wrote:
Guys,
I've been beating my head against a problem for a couple of days now
... maybe someone can point me in the right direction ...?
I'm running SA 3.4.1 on Fedora 22. I think this problem started
happening when I upgraded from 3.4.0 on Fedora
On 20 Aug 2015, at 14:49, Joe Quinn wrote:
That said, header fields are likely never going to be long enough for
what you currently have to be a performance concern.
(I was about to say it was impossible, but then I saw there is no
length limit on headers:
On 17 Aug 2015, at 9:26, Axb wrote:
On 17.08.2015 15:19, MailBlacklist.com Management wrote:
MailBlacklist.com is an non-profit RBL RWL Provider based in the UK
who
is providing many ISPs globally with free to use DNS Lookup services.
domain's Creation Date: 2015-08-04
under what
On 29 Jul 2015, at 12:02, Marc Perkel wrote:
Just wondering.
I'm thinking about creating an RBL to block email addresses. But you
can't use an @ in a hostname for lookups. So - is there a standard RBL
format for email addresses or do I need to just make something up?
Are you unaware of the
On 29 Jul 2015, at 18:56, David B Funk wrote:
IE the DNS system is always case-insensitive and most systems are too
WRT
the email ID.
Does this text look at all familiar?
Verbs and argument values (e.g., TO: or to: in the RCPT command
and extension name keywords) are not case
On 29 Jul 2015, at 20:16, John Hardin wrote:
On Wed, 29 Jul 2015, Bill Cole wrote:
On 29 Jul 2015, at 18:56, David B Funk wrote:
IE the DNS system is always case-insensitive
...
The difference between DNS being specified as case-insensitive
...which restores my question about
On 31 Jul 2015, at 13:23, Christian Jaeger wrote:
On July 31, 2015 4:51:02 PM CEST, Bill Cole
sausers-20150...@billmail.scconsult.com wrote:
John Levine wrote a definitive debunking of e-postage schemes
including
hashcash over a decade ago (http://www.taugh.com/epostage.pdf) and
published
On 31 Jul 2015, at 7:36, Christian Jaeger wrote:
On July 30, 2015 2:40:35 AM CEST, RW rwmailli...@googlemail.com
wrote:
The plugin is on by default and use_hashcash defaults to 1, but you
need to set hashcash_accept to an appropriate value
That's disappointing. For me that barely counts
On 13 Aug 2015, at 19:59, Joe Acquisto-j4 wrote:
Last few days, noticed getting two of some messages. Been busy at my
day job and brushed it off. But now it appears to be happening with
some (ir)regularity.
I can see from /var/log/mail that the repeat messages do have
identical
On 21 Jul 2015, at 20:55, Roman Gelfand wrote:
It seems that if DKIM or SPF is verified, the bayesian learning
doesn't
matter.
Not so. Perhaps you need to refresh your understanding of what
SpamAssassin is. It is not a collection of binary switches, but rather a
scoring system consisting
On 22 Jul 2015, at 8:18, RW wrote:
YMMV but personally I've never had a single ham hit BAYES_99. There's
currently no evidence to suggest that the OP would have any problem
with short-circuiting on it.
Experiences with that absolutely do vary, widely. Keep in mind that
Bayesian
On 23 Jul 2015, at 8:15, Matus UHLAR - fantomas wrote:
On 23.07.15 13:47, basti wrote:
all my incomming mails get always 1.3 RDNS_NONE also with a vaild
PTR.
Does your mail server check for reverse DNS?
If not, turn it on.
+1
This is important for more than SpamAssassin. Because DNS can
On 15 Jul 2015, at 15:52, Bowie Bailey wrote:
I am trying to use whitelist_auth to whitelist emails from
staplesbilling.com. This should work, as they have an SPF record:
$ dig staplesbilling.com txt +short
v=spf1 a:hosts.rrdesp.com -all
$ dig hosts.rrdesp.com a +short
162.27.43.121
On 15 Jul 2015, at 16:12, Zinski, Steve wrote:
We're starting to see a lot of spam in the 800KB to 1.2MB size range.
I’m running MIMEdefang and it’s configured to skip messages larger
than 100KB (and I hesitate to increase the limit due to performance
issues). I read somewhere that there’s a
On 29 Oct 2015, at 11:09, Alex wrote:
Hi,
I've been receiving tons of messages not being tagged by spamassassin
on one host, despite it hitting bayes999, and wanted to see if there
was something that could be done.
http://pastebin.com/vxrUdEvy
As of right now, 23.246.233.6 isn't listed on
On 27 Oct 2015, at 16:02, j...@lexoncom.com wrote:
SO i setup the dns server.
Can i force spam assassin to use localhost for dns or I must
reconfigure
the host?
You can just change SA, but you should change the whole host to use it
if your MTA is running there as well. the MTA is probably
On 21 Oct 2015, at 13:48, btb wrote:
are spf records allowed to be a cname?
I can't see any reason why they shouldn't be...
e.g.:
http://dpaste.com/0MR0R3C.txt
is this explicitly addressed in an rfc?
I don't believe so and there's no reason to. CNAME records trump all DNS
record types
On 5 Nov 2015, at 6:52, David Mehler wrote:
Hello,
I've got a Postfix email server going with a Mysql database backend on
FreeBSD 10.2. I'm now wanting to add Spamassassin to the picture and
am wondering current best practices? It's been a number of years since
I did it and last time
On 6 Nov 2015, at 1:52, Matthias Apitz wrote:
El día Thursday, November 05, 2015 a las 04:24:04PM +0100, John
Wilcock escribió:
Le 05/11/2015 15:54, Matthias Apitz a écrit :
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
c720-r276659
X-Spam-Flag: YES
X-Spam-Level:
On 13 Oct 2015, at 15:46, Dianne Skoll wrote:
CPanel is just a "hosting control panel" used by a bazillion hosting
providers. It's a more sophisticated version of Webmin and the like;
Or *less* depending on your concept of 'sophisticated'... It is slicker,
but it is much more tightly bound
On 13 Oct 2015, at 15:08, Larry Goldman wrote:
My experience to date is that GoDaddy doesn’t really support the
internals of CPanel, and CPanel doesn’t provide end-user customer
support either.
Cheap is indeed cheap. Skilled individualized MTA & anti-spam support is
NOT cheap.
I figured I
On 13 Oct 2015, at 16:04, Larry Goldman wrote:
Point me to the documentation of the SpamAssassin framework.
You mentioned being a Mac user so in addition to the website Dianne
pointed you to or manually installing from the SA source tarball, you
can get a working installation with all of
On 15 Oct 2015, at 13:15, Joseph Brennan wrote:
What is Softlayer up to now?
It had looked like a safe bet to score something for a hostname ending
"static.reverse.softlayer.com", on the assumption that legitimate
senders would get the PTR changed to their own domain.
There's always the
On 19 Oct 2015, at 15:22, Larry Goldman wrote:
I found that much of the SPAM had a BAYES_00 score of -1.9, which was
defeating the contribution of the other tests. A closer inspection of
the raw source revealed invisible gibberish text which, I assume, is
designed to thwart the default
On 19 Oct 2015, at 17:21, Ryan Coleman wrote:
Ok so it was established I don’t have a ham scan (correct). So how
do I do it so that it only scans the read emails in a MAILDIR?
Assuming your delivery and client access mechanisms
(IMAP4/POP3/whatever) follow standard Maildir behavior & naming,
On 12 Oct 2015, at 14:01, Bill Cole wrote:
Your "All" rule will only match a header named "All" which is unlikely
to exist.
Clarifying: it would match a header named with any capitalization
pattern of "All" because individual header names are matched
case-ins
On 12 Oct 2015, at 12:41, emailitis.com wrote:
Can a regex expert help me identify why that did not trigger one of
the
CGK_ZCSEND_x rules?
Not without seeing the headers of the message in question *as they are
seen by SA*. However, I can offer a few generic tips:
Header rules match
On 12 Jul 2015, at 11:28, James wrote:
The problem is finding out which directory the running spamassassin
uses, I can't seen to train the one it expects.
I put this in my /etc/spamassassin/local.cf:
bayes_path /var/spamassassin/bayes_db/bayes
bayes_file_mode 0777
It's heartwarming (in a
On 5 Sep 2015, at 13:33, Hoggins! wrote:
Just after un upgrade, I happen to have an issue with Spamassassin
that
would refuse to start, giving a segmentation fault.
You neglected to mention what you upgraded, but that generic problem
description is typical of a situation where something
On 8 Sep 2015, at 17:38, Kevin A. McGrail wrote:
Overall, the default SA is designed for a 5.0 threshold. You have
raised it to 10.0. That's largely the source of the issue.
+1
5.0 is a very safe threshold, and I've found that once the Bayes and AWL
DBs are reasonably trained, 4.5 or even
On 11 Sep 2015, at 6:12, Peter Kelly wrote:
Hi,
Starting on 3rd Sept, I have seen a huge number of 0.0 scores being
returned from spamassassin - see attached screenshot from my logs that
show
I never once received a 0.0 score before 3rd Sept.
The default scores for the rules shown do not
On 11 Sep 2015, at 17:25, Peter Kelly wrote:
Bill,
I checked there first, I always assume it is something I am doing
wrong
first. Yes mailchecker (not that obsolete version) is the http service
we
use and it in turn uses this Golang lib for spamc -
https://github.com/saintienn/go-spamc
I
On 17 Sep 2015, at 15:35, Ken Johnson wrote:
Spamassassin is run by Exim.
Spamassassin version:
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07)
X-SA-Exim-Version: 4.2.1 (built Mon, 26 Dec 2011 16:57:07 +)
from dpkg: spamassassin 3.4.0-2~bpo70+1
Platform:
I noticed today that the hit rate on URIBL* rules had dropped to to zero
since my last round of updates, and after many hours of trying to
determine why which included reviewing BIND configs and packet captures
and dissection, I nailed it down to SA making DNS queries without the
"recursion
On 20 Sep 2015, at 13:11, Benny Pedersen wrote:
Jonathan Nichols skrev den 2015-09-20 18:57:
URIBL scores have dropped to almost nothing.
X-Spam-Status: Yes, score=6.084 tagged_above=-999 required=5.31
tests=[BAYES_50=0.8, BOTNET=2.4, BOTNET_NORDNS=0.3,
PYZOR_CHECK=1.392,
RDNS_NONE=0.793,
On 19 Sep 2015, at 10:51, AK wrote:
Hi all.
I'm getting hit with lots of JUNK mail that has multiple lines with
just a '.' on several lines [0]. Most of the JUNK email has at least
5 and at most 10 lines (so far) with just this '.' character somewhere
in the middle of the message.
I've
On 19 Sep 2015, at 14:12, A. Schulze wrote:
Hello,
today I was notified by ezmlm that my MTA rejected messages to me.
Messages to this list where classified as spam by .. spamassassin.
OK, no surprise some messages look spammy.
As usual: there is one solution that is smart, fast and
On 20 Sep 2015, at 12:57, Jonathan Nichols wrote:
On Sep 18, 2015, at 12:41 AM, Bill Cole
<sausers-20150...@billmail.scconsult.com> wrote:
nd after many hours of trying to determine why which included
reviewing BIND configs and packet captures and dissection, I nailed
it down to SA
On 5 Dec 2015, at 4:42, Torsten Bronger wrote:
> Hallöchen!
>
> In http://wilson.bronger.org/37196
Nope:
* Trying 176.199.175.106...
* Connected to wilson.bronger.org (176.199.175.106) port 80 (#0)
> GET /37196 HTTP/1.1
> Host: wilson.bronger.org
> User-Agent: curl/7.45.0
> Accept: */*
>
<
On 5 Dec 2015, at 14:46, Torsten Bronger wrote:
Hallöchen!
Bill Cole writes:
On 5 Dec 2015, at 4:42, Torsten Bronger wrote:
In http://wilson.bronger.org/37196
Nope:
Sorry, works now.
This:
-5.3 BAYES_00 BODY: Bayes spam probability is 0 to 1
On 3 Dec 2015, at 9:36, Joe Quinn wrote:
On 12/3/2015 9:23 AM, Jari Fredriksson wrote:
On 3.12.2015 16.11, Kevin A. McGrail wrote:
You are using KAM.cf which isn't a project ruleset.
Please report the issue and a spample at
https://raptor.pccc.com/raptor.cgim?template=report_problem
We can
On 10 Dec 2015, at 13:25, Paul Stead wrote:
On 10/12/15 18:23, Paul Stead wrote:
On 10/12/15 17:24, Bill Cole wrote:
On 10 Dec 2015, at 10:48, Paul Stead wrote:
0.004% hit rate on ham
Clarify this please: 4 out of 100k hits are ham (not so bad) OR 4
out
of 100k hams get hit (OUCH
On 16 Dec 2015, at 13:39, John Hardin wrote:
On Wed, 16 Dec 2015, Bill Cole wrote:
ISIS uses any "social media" where the proprietors welcome them. That
is a business decision of for-profit private enterprises based in
lightly-regulated jurisdictions (mostly the US and EU) who mo
On 14 Dec 2015, at 21:42, Alex wrote:
[...]
I also don't think it's a DNS problem here, as it doesn't happen on
every message. There are also no other indications of problems with
DNS.
SPF records tend to push the limits of normal DNS, especially in record
size, and can bring out edge case
On 15 Dec 2015, at 23:19, Wrolf wrote:
Stop me if you've heard this one.
Would it be practical to use the Spamassassin techniques of Bayesian
filtering and RBL lists to block ISIS on social media?
I've definitely heard similarly unfunny and poorly thought-out jokes
before. Bill Gates had
On 10 Dec 2015, at 10:48, Paul Stead wrote:
0.004% hit rate on ham
Clarify this please: 4 out of 100k hits are ham (not so bad) OR 4 out of
100k hams get hit (OUCH)
On 2 Jan 2016, at 9:11, RW wrote:
1. \d{1,2}+ doesn't make any sense, you need either {1,2} or +
It's a bit esoteric, but here's what the perlre man page says:
{n,m}+ Match at least n but not more than m times and give
nothing back
Put another way: possessive but not greedy. In
On 29 Dec 2015, at 20:02, Ian Zimmerman wrote:
On 2015-12-29 19:44 -0500, Bill Cole wrote:
On 29 Dec 2015, at 18:54, Ian Zimmerman wrote:
In fact sa-learn accepts multiple named arguments on the command
line,
so the alternative I use is to go through the spambox N files at a
time
On 29 Dec 2015, at 13:24, RW wrote:
On Mon, 28 Dec 2015 23:42:03 -0500
Bill Cole wrote:
Using these facts, my learning script that runs as root and reads
from multiple real users' Maildirs does this to learn ham:
for AFILE in $HAMS ; do formail < $AFILE ; done| sudo -H -u
$SAUSER sa-le
On 29 Dec 2015, at 18:54, Ian Zimmerman wrote:
In fact sa-learn accepts multiple named arguments on the command line,
so the alternative I use is to go through the spambox N files at a
time
in a shell loop. (I have N=100 but obviously this depends.)
Which successfully ignores the original
On 29 Dec 2015, at 8:28, Jude DaShiell wrote:
With spamassassin, is it possible to have the filter show counts of
number of messages sent to spam, number of messages sent to ham, and
total number of messages processed that a user can check?
Since SpamAssassin is a suite of Perl modules and
On 30 Dec 2015, at 3:00, Nick Edwards wrote:
Hey there,
In my final hours (34) at job X before moving back home to Australia
to start job Y next week, I would love to solve an issue I've been
seeing for a few weeks now, some domains in eval are wrongfully
hitting.
Take postfix.org for
On 30 Dec 2015, at 8:37, RW wrote:
On Tue, 29 Dec 2015 20:41:31 -0500
Bill Cole wrote:
On 29 Dec 2015, at 20:02, Ian Zimmerman wrote:
esired result.
Clearly you can do the su magic if needed.
Um, no.
Neither su nor sudo magically changes the permissions or ownership of
files
On 28 Dec 2015, at 17:54, Peter L. Berghold wrote:
The script that I use to pull the messages out of a
spam bucket invoking sa-learn runs as root which has permissions to
read
from anywhere. The complication is the amavis does not have
permissions
to read the Maildir files for trivial users
On 28 Dec 2015, at 23:16, Marc Perkel wrote:
I'm looking for a script to extract readable text from emails. I want
it demimed, ignore html, images, etc. What I'm looking for is just the
readable text (real words). Mostly just need to extract about the
first 200 characters of real text.
Can
On 24 Nov 2015, at 14:54, David Jones wrote:
From: Bill Cole <sausers-20150...@billmail.scconsult.com>
Sent: Tuesday, November 24, 2015 1:41 PM
To: users@spamassassin.apache.org
Subject: Re: question re/ RDNS_NONE
On 24 Nov 2015, at 13:47, David Jones wrote:
Could this be dep
On 24 Nov 2015, at 17:20, David Jones wrote:
[...]
NOTE: I have just now tested that I can give Postfix (with
reject_unknown_helo_hostname not enabled) a fully-qualified HELO name
that has no A or one with an A resolving to 192.0.2.1 (and therefore:
no
PTR) and in both cases Postfix neither
On 24 Nov 2015, at 14:27, Edda wrote:
Older versions performed rdns lookups for every IP in relay-untrusted
directly in Received.pm, this was deleted:
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=5054
I think Justin's rationale there isn't even the whole case for NOT doing
DNS checks
On 24 Nov 2015, at 13:47, David Jones wrote:
Could this be dependent on the MTA used? I am using Postfix
which puts in Received headers like this:
Received: from econnect.dmsgs.com (unknown [8.224.216.57])
That IP has a PTR record but it doesn't match the SMTP HELO of
econnect.dmsgs.com so
On 19 Nov 2015, at 13:05, Jonathan Hilgeman wrote:
I just recently noticed that I hadn't enabled the SPF plugin, so I did
that and ran a quick test to test an SPF failure.
However, in the resulting email, I get an SPF_HELO_PASS result and no
other SPF_ test results.
Did the plugin only
On 19 Nov 2015, at 5:20, Daniel L. Srebnick wrote:
That means user clamscan cannot read the file eicar. This is
idenepdant of the user that launchs clamdscan. Try to put eicar.txt
in /tmp and make it mode 777.
I did so. Clamdscan still does not see the file and returns an lstat
error. I
On 31 May 2016, at 2:18, Shivram Krishnan wrote:
It is not on production. I am using this to evaluate spamassassin.
That is entirely unnecessary and will break the autolearning subsystem
if you have it enabled.
To get a full report of the rules hit and their scores, use the '-t'
option
On 8 Jun 2016, at 9:42, Carlo Manuali wrote:
It works with no changes by using TCP socket (on localhost).
—Carlo
On 8 Jun 2016, at 6:02, Carlo Manuali wrote:
In particular I’ve adopted the local mode, that uses a local socket
(file) in order to establish the communication between them.
1 - 100 of 906 matches
Mail list logo
