Given the level of the traffic, you might look at implementing
something like Deny Spammers at he /24 level (rather than the host
level).
https://sourceforge.net/projects/deny-spammers/
-faisal
On May 13, 2007, at 12:15 AM, Jason Frisvold wrote:
On 5/12/07, Jason Frisvold [EMAIL
On May 11, 2007, at 10:54 PM, Jason Frisvold wrote:
It appears that each mail is sent by a unique IP, so it doesn't look
like a simple firewall rule will stop this.
Is every single message coming from a unique IP, or is it just that
they're widely distributed?
-faisal
On Apr 25, 2007, at 5:49 AM, Arik Raffael Funke wrote:
I was wondering if it has any negative effects on my Bayes database
if I regularly learn all spam/ham messages via a cron job.
Sa-learn skips already learned messages. Am I thus right to assume
that apart from the relatively high CPU
On Apr 25, 2007, at 4:30 PM, Arik Raffael Funke wrote:
I am now probably venturing off-topic on my own thread but the
point you make is interesting: You train only misfiled messages.
What about new but correctly filed messages? You _never_ train on
them?
Given that bayes is a statistical
Out of curiosity, is there a reason to do this in SA vs. at the MTA,
firewall, etc?
-faisal
-used to work with a Hatfield and is friends with a McCoy
On Apr 24, 2007, at 12:33 AM, John Schmerold wrote:
SA is protecting 20 domains from evil, I want to keep 2 domains from
communicating with
On Apr 21, 2007, at 11:49 PM, Matt Kettler wrote:
Try adding a -D to sa-learn.. if it's lock contention, you should
see a bunch of messages about it waiting for the lock.
i did this earlier (after some mucking about with file tracing tools)
and found that most of the wait seems to be in two
On Apr 22, 2007, at 9:05 AM, Matt Kettler wrote:
You don't have sa-blacklist, do you?
no, but i had a whitelist with almost 5,000 entries
-faisal
On Apr 21, 2007, at 1:30 AM, Matt Kettler wrote:
2. which way do i learn it.
Erm, if it's spam, learn it as spam.. if it's nonspam, learn it as
nonspam. What's the problem here?
i have a program looking through for untrained messages and deciding
what to train them as. alternatively, i
On Apr 21, 2007, at 11:23 AM, Matt Kettler wrote:
Ok, but how does knowing what SA learned it as help? It doesn't.
Figure out what to train as, and train.
it helps in that i can automatically iterate over some or all of my
mail folders on a regular basis, selectively retraining *if*:
a)
On Apr 21, 2007, at 1:34 PM, Matt Kettler wrote:
time sa-learn on it, and feed it the WHOLE DIRECTORY at once. Do not
iterate messages, do not specify filenames, just give sa-learn the
name
of the directory.
Doing this on a directory with 6 messages takes about a second more
than doing it
On Apr 21, 2007, at 2:11 PM, Matt Kettler wrote:
Ok, I just did some testing. Something is *VERY* wrong with your
system.. Are you running out of ram and swapping?
Hrm. top currently reports 123mb free (out of 2g physical, with some
swapping. sa-learn has a 62M RSS. This is a shared
On Apr 18, 2007, at 4:26 PM, Robert Fitzpatrick wrote:
Thanks, we are rebuilding bayes and now have in SQL with auto learn
on, is that good? Now has over 25K spam, but just 180 ham.
You *really* want to train with more ham than spam.
-faisal
Is there an easy way to tell if sa-learn has learned a given message
before?
-faisal
On Apr 16, 2007, at 9:34 PM, Matt Kettler wrote:
Try to learn it, if it comes back with something to the affect of:
learned from 0 messages, processed 1.. then it's already been
learned.
this seems to be the common suggestion.
it has a couple drawbacks, as i see it:
1. it's relatively
this is really promising, but i think it sort of points out some
deficiencies in the current state of handling sa things from the
client side.
i'm wondering if it would make sense to create a separate learner
server that deals with this stuff, with this server calling the
training
On Aug 28, 2006, at 3:52 AM, Loren Wilton wrote:
img src=3Dhttp://alaska.aif1.com/pr.asp?src=3D1155591075;
width=3D1 height=3D1 border=3D0/
img src=3Dhttp://images.ed4.net/images/htdocs/alaska/
head_left.gif width=3D436 height=3D78
a href=3Dhttp://alaska.aif1.com/pr.asp?src=3D1155591075;img
[reordering mail slightly]
On Aug 26, 2006, at 3:07 PM, [EMAIL PROTECTED] wrote:
I have suggested something like this a few times. and used to hear
concerns about valid links not necessarily the same.
These can be put into two groups: one would have links to a
related server, like
two bits of sa related code i've written, neither of them are what
i'd particularly call polished, but if you feel like firing them
up, i'd love to hear your feedback:
Phisher:
http://www.faisal.com/software/phisher/
This is a plugin that does nothing more complicated than check for
the
On Jul 16, 2006, at 1:00 AM, John Andersen wrote:
And yet, in spite of your statistics, there is more spam than ever.
Some estimates are that in excess of 95% of all email is spam.
I'm unconvinced of this -- my spam load has leveled off at 200 per
day. On the order of 1 per week makes it
TSA wants people to turn off their spam filters:
http://www.schneier.com/blog/archives/2005/08/tsa_and_spam.html
i'd suggest some sort of tsa whitelist rule, but i'm guessing if that
happens i'll soon start seeing mail from the tsa's department of
herbal viagra.
-faisal
I think changing the config options from release to release makes it
very hard for sites larger than a couple users to upgrade, because you
have to rely on every user updating their config when you upgrade. The
UPGRADE file helps with this somewhat, but it's more geared for
admins than users.
Looks like somebody didn't read the UPGRADE doc...
Due to the database format change, you will want to do something like
this when upgrading:
I read it and followed the directions and didn't see any problem for a
couple days and then suddenly the spam level jumped substantially.
Upon further
22 matches
Mail list logo
