On 2019-02-15 16:07, Claudio Kuenzler wrote:
> The man page calls it "will be returned unprocessed"
> What does that mean for Postfix, what kind of response does it get from
> spamc?
It depends on how spamc is invoked. Please read the whole manpage.
If you invoke it just for the exit status,
On 2018-12-23 17:02, Rick Macdougall wrote:
> I'm just going to jump in here and mention that I train my bayes in SA
> and in Thunderbird email client.
>
> Thunderbird catches 99%+ and SA catches under 60% with the same
> training data.
Have you also compared the rates of False Positives?
--
On 2018-12-16 08:30, Kevin A. McGrail wrote:
> > add_header all Report _REPORT_
> This can cause issues though. That feature is not header safe to my
> knowledge.
_TESTSCORES_
--
Please don't Cc: me privately on mailing lists and Usenet,
if you also post the followup to the list or
Can anyone think of a quick way to flag identical emails posted to
multiple mailing lists under different message-ids? I guess I'd need
something like a local instance of DCC, do you agree? Anything simpler
than just taking the real DCC and configuring it for this special
purpose?
--
Please
On 2018-11-16 09:52, Matus UHLAR - fantomas wrote:
> such spam should be filtered at mailing list level before this happens.
And it almost always is. Not in this case.
> what can help you
> - BAYES
understood, I am trying to do without Bayes for now, because I want to
avoid the maintenance
This little pearl got through upstream filter on a mailing list.
https://pastebin.com/JhDGvAAA
I show the body only, but the MIME headers were:
Content-Transfer-Encoding: base64
Content-Type: text/plain; charset="utf-8"; Format="flowed"
Also:
From: yourfrugalstore
Message-ID:
This is probably of interest to readers of this list.
http://www.openwall.com/lists/oss-security/2018/06/19/3
--
Please don't Cc: me privately on mailing lists and Usenet,
if you also post the followup to the list or newsgroup.
To reply privately _only_ on Usenet and on broken lists
which
On 2018-05-31 12:25, Antony Stone wrote:
> Anyone is free to set a Reply-To header in the emails they send. This
> will be preserved by the list server.
>
> I believe both Ian and Bill are doing this, yes.
Correct. But Reply-To doesn't mean "follow up with list posts to this
address"; it
On 2018-05-30 15:49, Palvelin Postmaster wrote:
> Why does this list apparently use the original From header of the
> poster’s message and doesn't set a Reply-To header at all?
Because that is the only right way.
A list manager has no business modifying the contents of posted
messages. It
On 2018-05-09 13:08, Eggert Ehmke wrote:
> > Wild stab - maybe they're entering the system already with
> > ***SPAM*** in the subject?
> The mail also originated from the same server.
All the more reason to suspect the "wild stab" is correct.
In my experience this is quite common on some
On 2018-05-02 14:03, John Hardin wrote:
> Or maybe "He's still moving towards the keyboard! LART him again!"
I thought the funniest part was the last line.
--
Please don't Cc: me privately on mailing lists and Usenet,
if you also post the followup to the list or newsgroup.
To reply privately
On 2018-03-09 09:26, David Jones wrote:
> RAZOR like DCC and PYZOR shouldn't be used as a sole source of
> determining spam. These are indicators that combine with other rule
> hits and scores to be one of many factors. If the score was 10 or
> more then you would worry about reporting FPs.
On 2018-02-23 22:32, Amir Caspi wrote:
> So, I've been trying to tweak my setup and noticed that VERY few of my
> emails are being autolearned as spam, even when their spam threshold
> is far above the autolearn threshold. The threshold is set to 12; I
> just saw a spam with score >25 not being
On 2018-02-20 22:20, Alex wrote:
> Hi,
>
> Does anyone know what could be causing this? This is on fedora with
> pyzor-1.1.0-1.20170904gitd14e980
>
> Feb 20 22:08:07.475 [28639] dbg: pyzor: network tests on, attempting Pyzor
> Feb 20 22:08:13.098 [28639] dbg: pyzor: pyzor is available:
What is this ***UNCHECKED*** goo in the subjects? Has someone played
with the list manager configuration?
--
Please don't Cc: me privately on mailing lists and Usenet,
if you also post the followup to the list or newsgroup.
To reply privately _only_ on Usenet, fetch the TXT record for the
On 2018-01-24 18:10, Bill Cole wrote:
> 1. Mail with an envelope sender domain that has no SPF record is more
> likely to be spam than the overall mail stream.
>
> 2. Mail whose envelope sender domain has a published SPF record which
> repudiates the sending IP is more likely to be spam than the
On 2018-01-14 19:30, Alex Lasoriti wrote:
> > things falling apart at spamhaus?
>
> Not that I am aware of :) The infrastructure keeps consolidating
> and things are getting stronger and stronger! What other news are you
> referring to ?
I probably had lodged in my memory (what remains of it)
On 2018-01-14 17:07, Per Jessen wrote:
> AFAIK, bind does not accept NS records with CNAMEs, only A or
> records. It looks like spamhaus updated their nameserver config and
> added cloudflare by way of CNAME.
I am getting these, too. With other news in the last few weeks, are
things
On 2018-01-03 14:36, Bill Cole wrote:
> I have run an environment where each MTA node in the external gateway
> layer would add a MID with its own FQDN to any message passing through
> missing a MID. Those names could not be resolved in the world at
> large, but they were absolutely valid and
I know that in some cases at least spamassassin relies on perl modules
that are independent of the spamassassin project. Is there such a
module for extracting URLs from a message body?
OTOH, if that code is specific to spamassassin where in the source tree
can I find it?
Sorry for this slightly
On 2017-11-18 15:46, Mark London wrote:
> FWIW: It seems to me that HK_RANDOM_FROM should trigger on an email
> address like this:
>
> mqsjkeqgy...@sina.com
>
> But it doesn't. Yet it does trigger on this:
>
> dxn...@sina.com
The first one contains vowels in the local part.
--
Please
~$ rblcheck 81.17.24.158
81.17.24.158 not listed by sbl.spamhaus.org
81.17.24.158 listed by xbl.spamhaus.org
81.17.24.158 not listed by pbl.spamhaus.org
81.17.24.158 not listed by bl.spamcop.net
81.17.24.158 not listed by psbl.surriel.com
81.17.24.158 not listed by dul.dnsbl.sorbs.net
[I wanted
On 2017-10-12 09:25, AJ Weber wrote:
> So I'm sure they have some "secret sauce" and I'm not asking for that
> to be revealed, but since pyzor is supposedly using their database,
> I'm just trying to figure out if there's a way to get my SA filter to
> improve even further and close the gap?
I
On 2017-10-04 10:52, David Jones wrote:
> I bet this user signed up for this email somehow, possibly a while ago and has
> forgotten about doing so. So many times, when you register for accounts on
> websites, the check box to opt-in to a mailing list is already checked and
> most
> users don't
I started running an open pyzord instance on the host whose domain is my
email domain, on the "normal" port (the one in the example config file).
My main goal is to get familiar with the operation of the server so I
can contribute to the development, but maybe we can do some useful
filtering too!
On 2017-09-20 17:02, Chris wrote:
> So, IIUC it would be a good idea to remove the resolv.conf symlink in
> /run/resolvconf ?
Definitely _not_ a good idea while the resolvconf package is installed.
What I meant was remove the package first, then clean up.
--
Please don't Cc: me privately on
On 2017-09-20 11:15, Martin Gregorie wrote:
> I don't know why you'd want to do that since you should be running
> named instead of dnsmasq.
>
> Delete the version you just installed via the apt package manager and
> do a search and destroy mission to get rid of both the other copy of
> it and
On 2017-09-19 19:53, David B Funk wrote:
> So now you have -two- dnsmasq kits, one installed by "apt" and managed
> thru the "systemctl" tools, and another one that somebody put there
> which is outside the realm of "apt" & "systemctl" (thus they don't
> know how to manange it).
>
> You should
On 2017-09-15 13:32, RW wrote:
> The default is 500kB for spamc, 256kB is a default for sa-learn.
I have asked this before:
Does this mean 500 * 1000 bytes or 512 * 1024 bytes, or something else
still?
(this is relevant when configuring other stuff which only understands
straight byte counts
On 2017-09-12 12:33, RW wrote:
> It is a bit confusing, but it's not that the .pyzor directory is use
> inconsistently, it's that pyzor defines
>
> --homedir=HOMEDIR configuration directory
The confusing part is the spelling of the option. The mistake is clear
from the last line quoted
On 2017-09-08 10:56, Steven Conrad Bayer wrote:
> is the Pyzor network down again?
Works for me now:
ahiker!2 itz$ pyzor check <
Mail/mail.net.spamassassin.users/new/1504861340.17441_1.ahiker
public.pyzor.org:24441 (200, 'OK') 0 0
but it was down earlier this week, as discussed in
On 2017-09-04 20:11, Alex wrote:
> I'm curious about the options people use for configuring pyzor with
> SA? I've always just had it with --homedir /etc/mail/spamassassin but
> I wanted to make sure I wasn't missing something.
pyzor works fine without any configuration, or with an empty
On 2017-08-14 20:08, Scott wrote:
> I would like to turn around and put those individual messages back
> into mbox format, again, without changing their original headers.
The first question is: why? sa-learn works on just about any format:
individual messages, multiple messages in a flat
On 2017-08-08 15:20, Scott wrote:
> Another new one big score, auto-learn disabled. This one is fairly small.
>
> X-Spam-Status: Yes, score=29.428 tag=- tag2=5 kill=6.4
> tests=[DATE_IN_PAST_03_06=1.076, DCC_CHECK=3.2,
> DIGEST_MULTIPLE=0.001,
> FILL_THIS_FORM=0.001,
On 2017-08-06 10:37, Scott wrote:
> Centos7
> Posftfix 3.2.2
> Amavisd 2.11.0
> spamassassin-3.4.0
> To: r...@mail2.myserver.com
> From: logwa...@mail2.myserver.com
Since these are locally submitted messages (i.e. not SMTP), IMO the best
and cleanest way to deal with it is to tell the MTA not
On 2017-08-03 10:38, sha...@shanew.net wrote:
> The most common ones that I make use of are "multiple" and "maxhits"
> in order to allow a rule to be scored for each time it hits, but to
> stop counting after some threshold. I also use the "net" tflag so
> that RBL checks only run when a
On 2017-07-27 13:08, Rupert Gallagher wrote:
> The rfc prescribes (MUST) the use of your public domain in the domain
> part of your mid.
If you mean RFC 5322, this is not true. Section 3.6.4:
The message identifier (msg-id) itself MUST be a globally unique
identifier for a message. The
On 2017-07-26 02:48, Rupert Gallagher wrote:
> When a mail arrives without mid, either the sender did not use a real
> SMTP server or tried to hide it. We have a custom SA rule for it. We
> also reject upfront any mid with a syntax error, or whose domain does
> not have a rdns (eg.
On 2017-07-15 12:19, David B Funk wrote:
> Another way to use that data is to extract the hostnames and feed them
> into a local URI-dnsbl.
> Using "rbldnsd" is an easy to maintain, lightweight (low CPU/RAM
> overhead) way to implement a local DNSbl for multiple purposes (EG an
> IP-addr based
On 2017-07-15 11:59, Antony Stone wrote:
> Maybe other people have further optimisations.
With awk already part of the pipeline, all those seds are screaming for
a vacation.
Also, isn't the following command just a no-op?
sed -n p
A couple of quick tests failed to detect any difference from
On 2017-06-26 16:17, RW wrote:
> > One runs exim and inserts Return-Path: , the other runs sendmail and
> > inserts Return-path: .
>
> That's strange, the Sendmail in the FreeBSD base that handles my local
> mail uses Return-Path.
You're right, I got it backwards. Sorry 8-0
--
Please *no*
I would like to unify my user_prefs file on two different servers.
One runs exim and inserts Return-Path: , the other runs sendmail and
inserts Return-path: .
So, is the setting case-sensitive?
--
Please *no* private Cc: on mailing lists and newsgroups
Personal signed mail: please _encrypt_
On 2017-05-05 16:00, Merijn van den Kroonenberg wrote:
> So the only thing I want with the envelop from is to extract the
> domain and test if the mail was DKIM signed (and valid) by that
> domain.
>
> This tells me the envelope from is not some random spoofed address,
> but actually controlled
On 2017-04-20 17:31, Robert Steinmetz AIA wrote:
> >>> thelma@thelma:~$ echo $PATH
BTW, do you have any connection to the Thelma who's asking a constant
stream of close-to-newbie questions in the Gentoo user mailing list?
It's not that common a name, so forgive me for the short-circuit in my
On 2017-04-18 10:17, Robert Steinmetz wrote:
> tty is in /usr/bin
But it is stty, not tty, which fails to be found. And stty is
(normally) in /bin. So it looks a lot like /bin (and probably /sbin) is
missing from the PATH.
This could be related to the long-advertised switch to a unified
On 2017-02-15 16:30, Tom Hendrikx wrote:
> Note that the period that you describe as 'seen by SA a bit later' is
> typically less than a second.
Not in my case. I have a custom Exim configuration where I
intentionally wait for a period of time (currently 4 minutes) between
SMTP acceptance and
Given a piece of horrible spam, on which RBL is the sending IP address
likely to appear first?
I want to rationally decide which RBL/s to consult at SMTP time. Afraid
to use all of them, not just due to false positives, but also due to
negative caching in DNS, which could affect the result when
On 2017-02-11 18:11, David Jones wrote:
> >pyzor_options --homedir=/usr/local/pyzor
>
> >What am I doing wrong?
>
> You were close. No equals sign:
>
> pyzor_options --homedir /usr/local/pyzor
But the pyzor help text (shown when run without args) tells me there is
an equal sign. Besides,
This may have been part of the reason why I stopped using pyzor. Taking
a second look now, but the configuration still seems somewhat less than
obvious.
I want to set the pyzor "homedir", that is the directory where the
servers file lives. I tried (in local.cf):
pyzor_options
On 2017-02-07 18:33, Ruga wrote:
> I follow the actual RFC standard, not the proposed revisions. The To
> From and Cc fields are defined by a grammar AND a natural language
> description. Such fields MUST hold addresses, were an address is a
> username the "@" symbol and a domain name. The string
On 2017-02-07 09:37, Matus UHLAR - fantomas wrote:
> 11.5 - 3.5 = 8.0
And of course 1.2.3.x is not the true relay address, so
> 1.5 BOTNET Relay might be a spambot or virusbot
> [botnet0.8,ip=1.2.3.12,rdns=disorder.censored.net,maildomain=outlook.fr,baddns]
this goes out of the
On 2017-02-06 20:06, Kevin A. McGrail wrote:
> > Last couple of weeks I saw some messages whose entire contents is in
> > the Subject.
> never seen such a monster. likely killed by some other piece in the
> puzzle. Throw it up on pastebin?
http://pastebin.com/PYaMcZa7
(I was wrong, the
Last couple of weeks I saw some messages whose entire contents is in the
Subject. They have both a text/plain and text/html part but both are
empty (in the case of html, there is some markup but no character
data). The Subject is maybe 400 or 500 chars long.
Needless to say, this is a 100% spam
On 2017-01-26 01:03, RW wrote:
> Probably what's happening is that these are emails over 500 kB which
> by default are just passed through by spamc without sending them to
> spamd. If they don't get sent to spamd the existing SA headers don't
> get stripped.
>
> You can to set the -s parameter
On 2017-01-03 13:47, Antony Stone wrote:
> Given the increasing usage of Google-based business email services
> (and others, similar), wouldn't that tend to prevent you being able to
> manipulate the Message-ID header, because you are no longer in charge
> of the outbound server used by senders
On 2016-12-31 20:20, RW wrote:
> Yes, whitelist_auth requires DKIM_VALID_AU. The use of the subdomain
> is something that's allowed under DMARC.
> whitelist_from_dkim my...@aol.com mx.aol.com
Thanks! That explains things to a large degree.
Now, what about the case when envelope and header
I have a frequent correspondent on AOL. I have whitelisted her with
whitelist_auth my...@aol.com
and that is in fact the address on her mails (both envelope and From:).
But the whitelist rule doesn't fire, even though DKIM_VALID _does_
fire. How so?
I noticed that the domain with which AOL
On 2016-12-24 19:50, Michael Orlitzky wrote:
> > All mail I get from yahoo customers [1] scores on T_DKIM_INVALID,
> > and always has. Why?
>
> Is there any correlation between the DKIM result and the size of the
> message?
Hmm. I got a few more messages from those domains and they seem to be
On 2016-12-24 16:32, Groach wrote:
> I have just done a test and do not get the same results as you. My
> yahoo incoming emails pass ok:
And yours passed for me, too. So it's only a subset of yahoo senders,
apparently :-(
> This might explain it:
> http://spamassassin.1065346.n5.nabble.com/
All mail I get from yahoo customers [1] scores on T_DKIM_INVALID, and
always has. Why?
Maybe I can prepare a spample, but it will take some work to find a
privacy friendly specimen, since it obviously can't be altered.
[1] same for hotmail, while other big domains get DKIM_VALID.
--
Please
On 2016-12-15 11:32, Kevin A. McGrail wrote:
> I'm a fan of MIMEDefang but I am not very familiar with Arch Linux so
> I don't know what mta you are using nor it's capabilities.
By now I have heard of MIMEDefang many times, and each time I wanted to
try it. But it seems to require the milter
On 2016-11-25 13:57, Bill Cole wrote:
> It LOOKS like that is being generated by a PHP script on the host that's
> delivering it, which appears to be running some atrocious mail handler
> calling itself 'nullmailer' that doesn't do Received headers in any
> useful way.
FWIW nullmailer is a
On 2016-11-22 14:54, Eric Abrahamsen wrote:
> Can anyone tell me why it's scored so heavily? Would it be a bad idea
> to just drop it down to -1.5 or something?
I score it as 0, and I think a number of others on this list (with much
more expertise than me) do the same.
--
Please *no* private
On 2016-11-21 14:27, @lbutlr wrote:
> It’s unclear why you are doing this, but if you want to run SA after
> delivery then the time to do that is in your LDA. *HOW* to do that,
> depends on your LDA. If you are using dovecot, then you can call SA
> from sieve. If not, you can setup procmail as an
On 2016-11-18 21:18, MRob wrote:
> I am looking at a system where SpamAssassin is called out from the
> delivery agent. I know there will be a difference here in terms of the
> envelope information but I'm not familiar enough to know the pitfalls of
> this versus calling SA from the postfix
On 2016-10-20 08:34, simplerezo wrote:
> My understanding is that AWL is helping frequent senders who are known
> to not send spam to "reduce" their spam score, preventing false
> positive. That's exactly what I want to rely on for my rules: adding
> score for mail with "invoice" pretention and
On 2016-09-12 11:06, John Hardin wrote:
> Consider greylisting.
This will depend on the OP business needs, but a poor man's version of
graylisting is to just delay deliveries unconditionally for a couple of
minutes. (I use 2 minutes). If you do this in the MTA make sure the
delay is before SA
On 2016-09-05 16:14, @lbutlr wrote:
> > but -1.653 is just a bad joke because it means every homeuser which
> > manages to get some DNS records fine (as well as every spammer which
> > registers a ton of domains and cheap hosts) get a large benefit
> > compared to any professional mainatained
On 2016-09-05 21:31, Axb wrote:
> In what file do you see T_RP_MATCHES_RCVD ?
[1+0]~$ cd /usr/share/spamassassin/
[2+0]spamassassin$ fgrep T_RP_MATCHES_RCVD *
72_active.cf:##{ T_RP_MATCHES_RCVD if version >= 3.003000 ifplugin
Mail::SpamAssassin::Plugin::WLBLEval
72_active.cf:header
On 2016-09-05 12:21, John Hardin wrote:
> header __RP_MATCHES_RCVD eval:check_mailfrom_matches_rcvd()
>
> ...which means you'd need to go digging around in the perl code to find
> out what it's doing.
>
> Basically, it's a check that the return-path (the SMTP "MAIL FROM"
>
On 2016-09-05 20:38, li...@rhsoft.net wrote:
> > Since I have seen other rules in results with the T_ prefix (for example
> > T_DKIM_INVALID) I think it must be some kind of convention with an
> > accepted meaning. What is this conventional meaning, and how do these
> > rules relate to the ones
I want to use RP_MATCHES_RCVD in a meta rule. I thought I'd check its
definition before I plunged in and wrote any code, so I grepped in
/usr/share/spamassassin where all the original rules seem to live on my
system (debian jessie). But all the hits are either for
__RP_MATCHES_RCVD (which I
On 2016-08-05 09:46 +0100, Martin wrote:
> The biggest reason is the way this mailing list is set up, when you
> click reply it replies to the poster not the list, this has always
> been a bug bare of mine and something that probably should be
> addressed.
Then don't "click reply" but use a
On 2016-07-01 20:25 +0200, Massimo Sandolo wrote:
> Hi,
> I have an issue when try to disable ipv6.
> I'm running Debian 8.3 with SpamAssassin version 3.4.0 (running on Perl
> version 5.20.2).
> In /etc/defualt/spamassassin the options line is the following:
> OPTIONS="-4 --create-prefs
On 2016-05-04 08:13 -0700, John Hardin wrote:
> > alias sa-update='env http_proxy=http://myserver:myport/
> > https_proxy=http://myserver:myport/ sa-update'
>
> Lose the "env"?
Why? Apart from using an extra process, this should work exactly the same.
--
Please *no* private copies of
On 2016-04-07 13:55 -0700, Ian Zimmerman wrote:
> sa-learn doesn't do any reporting, right?
[snip snip]
> By the way, manpage for spamc says:
>
>-C report type, --reporttype=type
>Report or revoke a message to one of the configured
>colla
On 2016-04-13 09:12 -0400, Michael Orlitzky wrote:
> package will be recompiled automatically as part of the updates. Any
> packages *depending on* that package (like, if they're statically linked
> to it) will also be recompiled.
But also _direct_ dependencies of the affected package, if the
On 2016-04-12 10:57 -0400, David Niklas wrote:
> You could use Gentoo, you get to configure it all yourself!
Funny you'd say that, I _am_ actually switching to it - on my
"workstation" role computers. I'm already over 50% over the hump, I
think.
But on "server type" computers, I just cannot
On 2016-04-07 14:37 +0100, RW wrote:
> What exactly are you trying to do here?
>
> The pyzor plugin does testing and reporting, use_pyzor is mostly there
> to control the test. The spamcop plugin does reporting only.
So, if I don't do any explicit reporting (neither spamc -C nor
spamassassin
Is there any way to disable the spamcop plugin for an individual user
(i.e. from ~/.spamassassin/user_prefs) if the plugin is loaded by
/etc/spamassassin/*.pre ?
By comparison, I seem to be able to disable pyzor even if it is loaded,
by writing
use_pyzor 0
in my user_prefs.
--
Please *no*
I am sorry to return to this horse which has perhaps been beaten
enough. But I still don't know and don't understand (_after_ reading
the docs) if I can, at the same time:
1. completely disable expiry
2. force a sync of the journal
I just saw with my own eyes that passing --sync to sa-learn
On 2016-03-09 07:12 -0800, Marc Perkel wrote:
> >>HAM RULES:
> >>...
> >> 80056 HTML_MESSAGE
> >
> >What's happening here? This seems to imply that HTML_MESSAGE only
> >appears in ham.
> >
> >
>
> I think my results are a little strange in that I might not be
> training off all the data
On 2015-12-29 20:41 -0500, Bill Cole wrote:
> Neither su nor sudo magically changes the permissions or ownership of
> files. If you pass filenames as arguments they must be readable by the
> user actually running sa-learn, which is the *unprivileged* user
> handling the system-wide BayesDB
On 2015-12-29 19:44 -0500, Bill Cole wrote:
> On 29 Dec 2015, at 18:54, Ian Zimmerman wrote:
>
> >In fact sa-learn accepts multiple named arguments on the command line,
> >so the alternative I use is to go through the spambox N files at a time
> >in a shell loop. (I
On 2015-12-29 17:50 -0500, Bill Cole wrote:
> Yes, with the advantage of using Mail::SpamAssassin::Util::secure_tmpfile()
> rather
> than whatever I happen to roll up in a bit of Q shell that I never get
> around to
> reviewing for edge cases...
>
> The main reason to do something like that is
On 2015-12-16 14:21 -0800, jdow wrote:
> One thing worth pointing out is if this CAN be done refusing to do it
> yourself is a shallow gesture.
No, it is not. Refusing to take part in what you believe is wrong, even
if you know the wrong will be done eventually because the Zeitgeist
favors it,
On 2015-12-11 14:29 -0800, Marc Perkel wrote:
> Anyone using this rule timing plugin? Having trouble getting it to
> work. Just wondering if it's worth it?
>
> Mail::SpamAssassin::Plugin::RuleTimingRedis
I use it and I have no trouble now. But I remember I had to disable the
LUA scripting
On 2015-11-09 16:42 +0100, Antony Stone wrote:
> What did Jessie install it as?
>
> > > /var/mail/.spamassassin/user_prefs
This is very strange. Are you really sure it is not operator error?
I run wheezy, so I can't flat out exclude it, but it flies in the face
of too much Debian tradition.
On 2015-10-16 20:59 -0500, Ryan Coleman wrote:
> sa-learn commands:
> [scans domains for specified folders and scans them]
> > /usr/bin/find /var/mail/vhosts/ -name '*.Spam.New*' -type d -exec
> > /usr/bin/sa-learn --no-sync --spam --progress {}* \;
> > /usr/bin/find /var/mail/vhosts/ -name
On 2015-09-19 20:12 +0200, A. Schulze wrote:
> today I was notified by ezmlm that my MTA rejected messages to
> me. Messages to this list where classified as spam by .. spamassassin.
All of today's messages here scored around -7.5 for me, with no special
handling.
--
Please *no* private copies
On 2015-06-09 17:57 +0200, Benning, Markus wrote:
> RuleTimingRedis - collect SA rule timings in redis
I'm trying this out. I have a little annoying problem: the logs
beginning on line 178 seem to go to stdout or stderr as well as syslog.
The result is that cron sends me email every time spamd
On 2015-09-11 17:35 +0200, Reindl Harald wrote:
> >>>Can I safely upgrade SA from 3.4.0 to 3.4.1 without changing any local
> >>>configuration files, and without regenerating the Bayes database? (I
> >>>use the default bdb Bayes store.)
> >>
> >>yes, but you need to run "sa-update" before
On 2015-08-14 17:45 +0200, Reindl Harald wrote:
> >Can I safely upgrade SA from 3.4.0 to 3.4.1 without changing any local
> >configuration files, and without regenerating the Bayes database? (I
> >use the default bdb Bayes store.)
>
> yes, but you need to run "sa-update" before restart to fetch
Can I safely upgrade SA from 3.4.0 to 3.4.1 without changing any local
configuration files, and without regenerating the Bayes database? (I
use the default bdb Bayes store.)
--
Please *no* private copies of mailing list or newsgroup messages.
Rule 420: All persons more than eight miles high to
~$ grep '^bayes_expiry_max_db_size' ~/.spamassassin/user_prefs | awk '{print
$2}'
200
~$ sa-learn --force-expire
bayes: synced databases from journal in 0 seconds: 2784 unique entries (2805
total entries)
~$ sa-learn --dump magic
0.000 0 3 0 non-token data: bayes
On 2015-08-05 12:58 +0100, RW wrote:
The number of tokens is within 0.5% of the configured value. It's
designed to produce a value between 75% and roughly 150%.
I can't quite parse that answer, so let's be more specific.
Doc says:
bayes_expiry_max_db_size (default: 15)
What
On 2015-08-05 19:34 +0100, RW wrote:
What it actually does is estimate a cut-off time and then delete all
tokens older than that. How it gets the cut-off time is described the
next two sections: EXPIRE LOGIC and ESTIMATION PASS LOGIC.
OMG. For one thing, are the clauses in the definition of
On 2015-07-31 18:28 -0500, David B Funk wrote:
Reporting is separate from learning.
It is the case that spamassassin -r is supposed to report and learn.
However it isn't quite the same as sa-learn --spam in that unlike
sa-learn --spam it won't override the spam learn prohibition of
I run spamassassin -r from cron nightly. Last night I got this output:
Jul 30 23:00:11.830 [31065] warn: reporter: no reporting methods
available, so couldn't report
Jul 30 23:00:11.830 [31065] warn: spamassassin: warning, unable to
report message
Jul 30 23:00:11.830 [31065] warn: spamassassin:
I have
bayes_auto_learn0
bayes_auto_expire 0
bayes_learn_to_journal 0
add_header all Autolearn _AUTOLEARN_
and indeed, all messages are tagged with
X-Spam-Autolearn: disabled
Nevertheless, the mtime _and_ size of ~/.spamassassin/bayes_journal
inches forward with every delivery. Why?
1 - 100 of 166 matches
Mail list logo
