the 'dev' list. Ultimately, the PMC would be the
final authority on including an entry or not, however our processes for
deciding anything that becomes an issue for the PMC is biased towards
stability, not agility.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
doesn't show up now.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
for mail whose senders have had such problems for affirmatively
wanted mail (as noticed by SA users) while NOT sending any discernible spam.
As far as I can tell, there's never been a case of a sender successfully
advocating for inclusion or even being consulted about inclusion or removal.
We
On 2021-08-11 at 22:03:24 UTC-0400 (Thu, 12 Aug 2021 04:03:24 +0200)
Benny Pedersen
is rumored to have said:
> https://bugs.gentoo.org/807781
>
> is it solved in 3.4.6 ?
That's not a SA bug report. It's a Gentoo bug report.
Fix your rules.
--
Bill Cole
b...@scc
ssassin
deployment would score the message shown on that test page anywhere near
the standard spam threshold (5.0). SpamAssassin is not involved in how
any receiving sites choose to deliver mail, all SpamAssassin does is
provide a score. In this case that score is essentially zero, provided
S
pen by properly modifying
the ownership of the directory or by running the cron job as root.
This was also my answer to the (not-a-)bug report that you opened. There
really isn't another answer.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
and clamd
programs. There are no common circumstances where clamd needs to load
specific per-user configuration or signatures, whereas that is often
done with SA.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
On 2021-09-21 at 12:25:30 UTC-0400 (Tue, 21 Sep 2021 10:25:30 -0600)
Grant Taylor
is rumored to have said:
> But why the penalty for using non-public addresses* in a Message-ID: string?
Empirical evidence. The use of a non-public address in a Message-ID correlates
to a message being spam. In my
I know) is funded specifically to work on it
on an ongoing basis.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
least assures that
you will get a few seconds of delay, which can be enough for the DNSBLs
to catch up with the latest spammer.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
to have munged relevant domain names, it is
impossible to know whether the failed lookup could or should have resulted in
anything.
You can set default timeouts for DNS queries in /etc/resolv.conf.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
you. If you haven't given substantial thought to how you are going to
support per-user settings, you won't have that set up to work at all and you
can skip thinking about user_prefs at all.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
sassin/ next to local.cf. *.cf files in
/etc/mail/spamassassin/ are loaded in lexical order with later directives
overriding earlier ones.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
It would be an interesting addition to have a way to define arbitrary
extractor patterns to pull elements out of a string to check against
hostname blocklists or other specific classes of patterns.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
that debug
output from a bad message to that of a message which doesn't hang SA.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
Unicode support will be better. That also means it may be
easier to make this sort of attack quieter in the future, as non-ASCII
rules won't be definitively wrong as they are now.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
WL or other external
reputation sources, and the addition of ad hoc internal lists (WLBLEval plugin)
in 3.4.x makes it possible to do so in a well-structured manner. Basically, you
can create a list of domains that should NOT get any DNSWL bonus and use a meta
rule to counteract
believe they
should (or should not,) please do so.
The purpose of MIME_BASE64_TEXT is to identify messages where a text
part (or the whole message) with pure US-ASCII content has been
Base64-encoded instead of being sent unencoded (or just QP-encoded to
protect overlong lines.)
--
Bill C
is unusual to base64-encode pure us-ascii AND it is strong (albeit
imperfect) indicator of the message being spam.
Base64 generate with site:
https://www.base64encode.org/
Or /usr/bin/base64 or 'openssl enc' :)
Kind regards
On 11/12/21 10:16 PM, Bill Cole wrote:
On 2021-11-12
5.3 out of 6.3 caused by the inability of mail.as397444.net to
get a verifiable rDNS name for 149.72.221.62 at delivery time.
It's ALWAYS DNS.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
e gets started, you could save the name and start time,
and then burp that during timeout handling, right?
I like that idea. I have no idea how feasible it is.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
; again.
>
> Not trying to teach you to suck eggs, but, incredible as it may sound,
> there are still some people who don't know about the 'locate' command.
Worth noting: locate & updatedb aren't always installed.
--
Bill Cole
b...@scconsult.com or billc...
d in technical theory can override the judgment of RuleQA.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
om the last "network masscheck" accessible there.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
/60_whitelist_dkim.cf
Line 47
http://svn.apache.org/viewvc/spamassassin/trunk/rules/60_whitelist_dkim.cf?revision=1892060&view=markup#l47
HAS TYPO "WHITELSIT"
reuse USER_IN_DKIM_WHITELSIT
Fixed in r1895479. Thanks for noticing!
--
Bill Cole
b...@scconsult.com or billc...@a
ks will
> hide the remote IP if the local IP is trusted/internal.
That's why the *_networks config parameters exist: so that it is possible for
SA to figure out which which recorded transit hop to both trust as accurately
recorded and to interpret as a transfer from a potentially hostil
e may end up with a situation akin to that of the
Python 2->3 switch, made hellish by the Unicode support. Hopefully not,
since we are just following behind and making use of a lot of work done
in recent versions of Perl without major headaches.
--
Bill Cole
b...@scconsult.com or billc...@ap
ory Tower in general. I have no difficulty explaining
my position, but I am rather surprised that I need to in 2021. Am I missing
something special that makes such research spam somehow not spam?
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsul
3.0 to
3.4.0: https://lists.apache.org/thread/p9vx39mlhx1kp39kk5nv4f7r2vrtj6g0
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
e glue script you use
could filter for arbitrary aspects of messages.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
it can be used. You should also
plan a way to regularly feed known spam and ham to those databases,
since you aren't auto-learning.
before they start working?
Before SA will determine a Bayes score on incoming messages, yes.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
ill not fall back to a
global Bayes DB just because an otherwise perfectly good per-user DB
isn't properly seeded.
-Original Message-
From: Bill Cole
Sent: Tuesday, January 18, 2022 12:23 PM
To: users@spamassassin.apache.org
Subject: Re: Question about user specific bayes
On 2
achine is, it
should be using a FQDN instead of a bare hostname. Also, you could (and
probably should) add that machine to your internal_networks setting,
since an RFC1918 address is pretty much the definition of internal.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
u really need, find the cron job and run it
>> again (you may need to run it under user it runs from cron)
>
> Looks like you get this message also when /var/lib/spamassassin is not
> writable.
It is a standard expectation of software on Unix-like systems to be able to
maintain
as SpamAssassin itself doesn't include any
software that could act as a gatekeeper.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
HTML2 m'(?:\s|=0A){0,50}(?:$|--|=)'is # stop on mime
> ending boundary
TANGENTIAL:
I would advise against using such alternative regex syntax in rules. As you
obviously figured out, you CAN (for now...) use any valid Perl syntax for
writing a regex match, but I do not believ
enough to make a rewrite of the config parser justified, but it
could happen, and I don't think we'd design it today as it was done 20 years
ago.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
unge could provide a
platform for a solution. As a bonus, they both support SA as well.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
erver this morning that uses a
very old sender domain. Same messages do not hit on the rule currently.
Likely a problem with the DNSBL.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
/Creator (^@w^@k^@h^@t^@m^@l^@t^@o^@p^@d^@f^@
^@0^@.^@1^@2^@.^@5)
/Producer (^@Q^@t^@ ^@4^@.^@8^@.^@7)
There's the cause. Apparently the use of UTF-16BE encoding with a
leading BOM for metadata was not so common when that plugin was written.
It saw the BOM and assumed the line was bina
ase score -5 and the threshold 0. It's
20 years too late to fix that, but it would have made it easier for people to
avoid wrong mathematical assumptions about the value of the aggregate score of
a message.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
signature.asc
Description: OpenPGP digital signature
On 2022-03-31 at 12:48:06 UTC-0400 (Thu, 31 Mar 2022 12:48:06 -0400)
Don Saklad
is rumored to have said:
> What does this header mean?...
> X-Spam_score_int: -38
No clue.
It is not a standard (or common) SpamAssassin header. Ask your mail admin.
--
Bill Cole
b...@scconsult.com or
w in the 3.4 branch I would not
veto it, but I would grumble disagreeably.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
On 2022-04-03 at 14:41:51 UTC-0400 (Sun, 03 Apr 2022 20:41:51 +0200)
Benny Pedersen
is rumored to have said:
On 2022-04-03 20:13, Ralph Seichter wrote:
* Bill Cole:
That's a lousy bug report. It's both (1) untrue (or at least grossly
imprecise) and (2) not in Bugzilla.
I have a
On 2022-04-03 at 14:13:37 UTC-0400 (Sun, 03 Apr 2022 20:13:37 +0200)
Ralph Seichter
is rumored to have said:
* Bill Cole:
That's a lousy bug report. It's both (1) untrue (or at least grossly
imprecise) and (2) not in Bugzilla.
I have added Benny Pedersen to my mail killfile a
s, it hits nearly every spam and ham email.
Yes. Like __BODY_TEXT_LINE it will. Unlike __BODY_TEXT_LINE it is
exposed in a scan report.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
On 2022-04-03 at 15:07:28 UTC-0400 (Sun, 03 Apr 2022 21:07:28 +0200)
Benny Pedersen
is rumored to have said:
On 2022-04-03 20:58, Bill Cole wrote:
[...]>>
The "blocklist_to" config directive is not yet implemented in any
branch of the code. I cannot promise that it will ever
From misspaced, has Reply-To
> 1.0 TO_NO_BRKTS_FROM_MSSP Multiple header formatting problems
> 1.0 FROM_MISSPACED From: missing whitespace
> 1.0 TO_NO_BRKTS_MSFT To: lacks brackets and supposed Microsoft tool
> 0.0 T_FILL_THIS_FORM_SHORT Fill in a short form
on. The same is true of the "after 220 server
greeting" tests in postscreen, which are effectively a sloppy sort of
greylisting.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
fault config settings and utility
subrules are defined in the rules channel, so if you run SA with an empty .cf
there, you may have unexpected results.
In addition to -C pointing to a directory with some *.cf (maybe empty!) you can
use '--siteconfigpath=path' to change where spam
is
> spamassassin-3.4.4-4.el8.x86_64.
>
> What am I doing wrong?
Changing the score for a non-existent rule.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
see the rule definitions and `
perldoc Mail::SpamAssassin::Plugin::URIDNSBL`
SBL, including its CSS component, lists IP addresses, NOT domain names. In
these cases, as documented, SA looks up a specific record type (A, NS, or MX)
for a name extracted from an URL to get one or m
must validate AND the domain used in the validation must
match the domain of the author identified by the From header.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
* valid
>
> I'm using a local DNS resolver, not a public server.
Looks like a bug. It should not be possible to hit DKIM_VALID_AU and also
DMARC_REJECT and/or KAM_DMARC_REJECT
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
fixing the names of unstandardized parameters with
the string "X-" or similar constructs. In practice, that convention
causes more problems than it solves. Therefore, this document
deprecates the convention for newly defined parameters with textual
(as opposed to numerical) names in appl
read, this pattern uses
one-time header names AND there is nothing wrong about using random
words as header names without a leading 'X-' so it's likely a low-yield
approach.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
trickle of hits here.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
/svn.apache.org/repos/asf/spamassassin/trunk
Mail-SpamAssassin-4.0.0
This gave me revision 1901294.
Is that not the proper trunk?
That's the correct way to get our trunk.
Right now we are at r1901296, because automated ruleQA/update jobs
generate changes in trunk.
--
Bill Cole
b...@sc
,' which seems less than useful.
(And yes, the plugin just bails out, not returning any match, if
Mail::DMARC::PurePerl is not available.)
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
email message itself)
Switch off debug logging, and the messages will stop.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
you want partial backports of 4.x functions into 3.x you are of
course free to do that yourself under the ASF License, but I would not expect
that to be supported by the project.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
On 2022-05-30 at 06:22:39 UTC-0400 (Mon, 30 May 2022 22:22:39 +1200)
DL Neil
is rumored to have said:
On 30/05/2022 03.06, Bill Cole wrote:
On 2022-05-28 at 19:25:46 UTC-0400 (Sun, 29 May 2022 11:25:46 +1200)
DL Neil
is rumored to have said:
No, he said it.
SpamAssassin x86_64 3.4.0
the envelope
sender address, which must match the domain part of the From header
address.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
. The simplest way they might do so in theory, washing bad
addresses out of their lists, would actually be GOOD if they all did it.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
t mean anything unless I start grabbing the message bodies
before sending the reject.
If you conclude something based on some month, there is no going back
on this. I know people in IT that did not learn anything in 15 years.
As for now, I am not really convinced by your arguments.
--
Bill Co
unlikely to be significant at this point.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
tific or analytic approach to your problem and
it appears that you have not utilized your presumably friendly lawyer
brother to advise you on how to solve your problems in this realm as
they may relate to the law.
You should.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
;s
>> none
>> of Subject, From, To, Reply-To entries.
>> IE a really malformed message.
>
> Hum. As I read it, that is "headers misspelled" (not "headers missing") and
> it is checking for any of the listed words at the start of a line, followed
&
ot handling UDP truncation of replies.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
stopped
using that particular domain name?
--Rob McEwen
On 8/2/2022 10:50 AM, Bill Cole wrote:
Bug 8021 reports breakage in SPF checking for dhl.com mail, due to an
inability to resolve the SPF TXT record for dhl.com. That breakage
is essentially due to DHL having far too many TXT records (so
uthority
to do so. If you are not the intended recipient, please notify the
sender then delete all copies of this message including attachments
immediately. Confidentiality, copyright, and legal privilege are not
waived or lost by reason of the mistaken delivery of this message.
--
Bill Cole
b
ink there are some rules that would catch the specific styling, as
both mechanisms there to make the text invisible are exceedingly sketchy
and disreputable in email.
Do you have a spample that gets past SA without hitting rules on that
span tag?
--
Bill Cole
b...@scconsult.com or billc.
d that specific rule is to render problematic sections as
images. I don't advise that, as it is a path towards a complex of rules
that look at image/text ratio which are much riskier than
HTML_FONT_LOW_CONTRAST.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many
04: 0.25% of spam, 0.03% of ham, 91% of matches are spam
EMPTY_MESSAGE: 0.13% of spam, 0.01% of ham, 95% of matches are spam
As of the latest scores update, those together total 4.3. I suspect
MPART_ALT_DIFF is incorrectly hitting no-text messages, but I have not
confirmed.
--
Bill
named[12447]: zone domain.nmail/IN:
reconfiguring zone keys
Sep 28 21:45:49 nmail named[12447]: zone domain.nmail/IN: next key
event: 28-Sep-2022 22:45:49.345
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Avai
60_welcomelist_auth.cf
Authentication realm: <https://svn.apache.org:443> ASF Committers
Password for 'billcole': ***
Sending60_welcomelist_auth.cf
Transmitting file data .done
Committing transaction...
Committed revision 1904337.
I believe that means it will
ld environment on a
machine that is just running SA.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
based and would need some conversion. -- I have added it to my pile of
> things to look at more closely later.
>
>
>
> --
> Grant. . . .
> unix || die
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
signature.asc
Description: OpenPGP digital signature
>>>> forwarded by Microsoft to your server. Was it really a fake? That's a
>>>> lot of headers to fake if so.
>>>>
>>>> If it was really fake and that paypal-supplied DKIM signature doesn't
>>>> validate (I didn't check that), then checking DMARC when you receive
>>>> mail and rejecting on p=reject failures would block it.
>>>>
>>>
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
onversation.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
.
That's ABSOLUTELY CORRECT.
DKIM is known to be fragile in transit. It has ALWAYS been known to be fragile
in transit. If you want a signature for repudiation purposes, you need *at
least* DMARC on top or some other more robust signing mechanism.
--
Bill Cole
b...@scconsult.com or billc...@a
add any headers or 'glue'
that ignores the message modifications and may or may not add similar headers
(e.g. milters that embed SA rather than use a separate spamc.)
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
On 2022-11-14 at 14:09:14 UTC-0500 (Mon, 14 Nov 2022 12:09:14 -0700)
Grant Taylor via users
is rumored to have said:
> On 11/11/22 10:10 AM, Bill Cole wrote:
>> From my bashrc...
>>
>> # type cidrcon
>> cidrcon is a function
>> cidrcon ()
>> {
>>
dd_header" feature. It is on by default, but depending on which
'glue' you use to integrate SA and which distribution package you use you may
not be seeing the modification by add_header.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
)
which basically is a footbullet.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
signature.asc
Description: OpenPGP digital signature
On 2022-11-23 at 15:56:38 UTC-0500 (Wed, 23 Nov 2022 13:56:38 -0700)
Grant Taylor via users
is rumored to have said:
> --
> Grant. . . .
> unix || die
(full message/rfc822 attachment of spam snipped)
Please don't do that. I'm pretty sure we all have all the spam we nee
t might be happening, but it would require
using report_safe=1 and a flow that passes twice through SA...
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
un.
As a temporary work-around, I think it would be wise to give any rule
that gets SHORTCIRCUITed an overwhelming score in whichever direction it
operates.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Ava
t not getting the
resources (cpu and memory) it needs to operate fast. You would likely
notice that sort of overload.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
orked out a complete flowchart or state
diagram that covers the whole realm of possible situations. I wouldn't even bet
on the existing relevant documentation spread around the project being 100%
internally self-consistent.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @gru
ing yes
> and yes.
I believe that many PMC members have, like myself, been running trunk or each
RC as it was released since we went into pre-release mode. We have bug reports
specifically reported against 4.0 issues, all of which are resolved, so we do
have external testers as well wh
to still be lurking in SA undiscovered. I don't
think the basic parsing of REs in rules has changed since v2.
It would help a great deal if you could open a bug at
https://bz.apache.org/SpamAssassin/ with sample messages that are hit or
not by different variants of the rule.
Than
example on how to accomplish this dual criteria
check.
Any assistance is apreciated.
welcomelist_from_rcvd j...@company.com [1.2.3.4]
should work, but -100. It would be nice if welcomelist_* could take
a
score, but it you are sure you want *your* SA to not mark it as spam,
-100 is t
SPF: sender matches SPF record
>
> I understood KAM_DMARC_STATUS as failing SPF alignment.
KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict
Alignment
Note that 'or' is not 'and' in that description. The message in question had a
bad DKIM sign
which
plugins to use and do any required configuration after install.
That should break MANY tests, and reflects an error in judgment by the
packager. With all plugins disabled, SA is not even minimally
functional.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and
_learn_score
- /var/dcc/dccifd socket file dosnt exist
- Why DCC Learning not enabled?
Have you asked the DCC community?
DCC can be used by SpamAssassin but is not part of SpamAssassin
My *guess* is that dccifd needs to be started.
--
Bill Cole
b...@scconsult.com or billc...@apache.or
rsive
resolver that does no forwarding?
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
Authentication
Distinguished Paper Award Winner
In this repo, we summarize all test cases we found and integrate them
into this tool to help administrators and security-practitioners quickly
identify and locate such security issues.
--
Bill Cole
b...@scconsult.com or billc
On 2022-12-28 at 12:55:20 UTC-0500 (Wed, 28 Dec 2022 12:55:20 -0500)
John Stimson via users
is rumored to have said:
[...]
On 2022/12/28 15:07:31 Bill Cole wrote:
Perhaps your DNS resolution is to blame. Are you using a local
recursive
resolver that does no forwarding?
The machine has
diting error for the bare
name of a Perl module to appear on a line by itself in local.cf or any
other SpamAssassin config file. It SHOULD break parsing.
Whenever you change a SpamAssassin config file, you should run
'spamassassin --lint' to make sure it is parsing correctly.
--
Bi
101 - 200 of 936 matches
Mail list logo