of the files in /etc/spamassassin.
The Mail::SpamAssassin::Conf is silent on this issue. Is there a way to
do this?
--
Lindsay Haisley | In an open world,| PGP public key
FMP Computer Services |who needs Windows | available at
512-259-1190 | or Gates| http
the email
unmodified, as it should. I've only been using SpamAssassin for a
couple of days and have seen one such instance already.
--
Lindsay Haisley | We are all broken | PGP public key
FMP Computer Services | toasters, but we | available at
512-259-1190 | still manage
is on a commercial server, and is in beta until
I can determine whether or not it's working as expected. My wife and I
are beta testers until I determine that everything is working properly,
at which point I'll turn it loose on my customers :-)
--
Lindsay Haisley | In an open world,| PGP public
favorite text editor.
--
Lindsay Haisley | We are all broken | PGP public key
FMP Computer Services | toasters, but we | available at
512-259-1190 | still manage to make |http://pubkeys.fmp.com
http://www.fmp.com|toast
Rules Emporium has been having some issues with a DDoS attack and made
some configuration changes pursuant to overcoming this and probably
balancing their load. Looks like they had a redirect and curl doesn't
understand a http-equiv=refresh or else the HTML was incorrect and
curl just barfed on
On Sat, 2007-06-16 at 15:49 -0700, SM wrote:
Unfortunately, nobody reads that or else we would not be seeing one
week of messages about SARE RBJ failures.
Oh well
I guess you have to be an old-time UNIX geek to know to look in script
files for clues on how to use them.
--
Lindsay
irritate
bayes filters, score in fact almost always bayes_99. I can only imagine
that the additional random text is not really random but taken from a
fixed library that is not very big and not changed very often.
Interesting!
--
Lindsay Haisley | In an open world,| PGP public key
On Sun, 2007-06-17 at 19:24 -0400, Michael B Allen wrote:
Although rule_du_jour is still giving me HTML for SARE_OEM.
Delete /etc/mail/spamassassin/RulesDuJure/70_sare_oem*
(or /etc/spamassassin/RulesDuJure/70_sare_oem*) and run rules_du_jour
again.
--
Lindsay Haisley | In an open world
-il 'META HTTP-EQUIV=Refresh' ${TMPDIR}/* |xargs -n1 rm
*
This won't pick up the problem file on the current run, but will clear
the way for it to be retrieved next time.
On Sun, 2007-06-17 at 19:43 -0500, Lindsay Haisley wrote:
On Sun, 2007-06-17 at 19:24 -0400, Michael
rules_du_jour will still fail, but this will clean up the mess and next
time (hopefully) it'll run properly. I'm plumb out of time to figure
this out today so I'll revisit it later and submit a better patch.
--
Lindsay Haisley | In an open world,| PGP public key
FMP Computer
I'm well over the minimum required count of both spam
and ham. Is there something I need to do to turn this on? I have all
Bayes stuff in MySQL, and seem to remember someone else posting with a
similar problem a while back with 3.2.0.
Where should I look for the answer to this?
--
Lindsay
On Wed, 2007-06-27 at 22:24 -0500, Lindsay Haisley wrote:
I just upgraded from SA 3.1.8-gr1 to SA 3.2.1-gr1 (Gentoo) and notice
that I'm no longer getting any BAYES_NN test notices in my X-Spam-Status
summary in my mail headers, or in the content analysis details in
intercepted spam. Under
SA have to do with RDJ triggering Prolexic's DoS protection?
Daryl is right, there is no fix due in 3.2.2 - I got the RDJ and the
sa-update errors confused. I guess maybe I should dye my hair blonde.
Apologies for any confusion I've caused.
Kind regards
Nigel
--
Lindsay Haisley [EMAIL
.
--
Lindsay Haisley |Fighting against human | PGP public key
FMP Computer Services | creativity is like | available at
512-259-1190 | trying to eradicate |http://pubkeys.fmp.com
http://www.fmp.com| dandelions |
| (Pamela Jones
, Lindsay Haisley wrote:
On Wed, 2007-06-27 at 22:24 -0500, Lindsay Haisley wrote:
I just upgraded from SA 3.1.8-gr1 to SA 3.2.1-gr1 (Gentoo) and notice
that I'm no longer getting any BAYES_NN test notices in my X-Spam-Status
summary in my mail headers, or in the content analysis details
On Thu, 2007-06-28 at 15:39 -0400, Theo Van Dinter wrote:
Why not just use sa-update and not deal with this?
sa-update and rules_du_jour deal with different rules repositories. I
use both.
--
Lindsay Haisley | In an open world,| PGP public key
FMP Computer Services |who
have had this problem and know more about it than I do. If the SA
developers are aware of the problem and already working on it then my
own efforts might well be a waste of my time. In the meantime I'm happy
to use an older version of SA which works just fine on my installation.
--
Lindsay
for this, I see. I
may try this.
--
Lindsay Haisley | In an open world,| PGP public key
FMP Computer Services |who needs Windows | available at
512-259-1190 | or Gates| http://pubkeys.fmp.com
http://www.fmp.com| |
On Thu, 2007-06-28 at 15:43 -0400, Theo Van Dinter wrote:
On Thu, Jun 28, 2007 at 02:27:36PM -0500, Lindsay Haisley wrote:
So what's the best fix for this? Should one just freeze SA at an
earlier version on a production server until this is fixed upstream? Is
upstream aware of the problem
wait.
As a couple of people have pointed out to me, though, you can use
sa-update to retrieve the same rules data as per the instructions at
http://saupdates.openprotect.com .
--
Lindsay Haisley | In an open world,| PGP public key
FMP Computer Services |who needs Windows
will be welcome.
--
Lindsay Haisley | In an open world,| PGP public key
FMP Computer Services |who needs Windows | available at
512-259-1190 | or Gates| http://pubkeys.fmp.com
http://www.fmp.com| |
.
--
Lindsay Haisley | In an open world,| PGP public key
FMP Computer Services |who needs Windows | available at
512-259-1190 | or Gates| http://pubkeys.fmp.com
http://www.fmp.com| |
-Length: 56238
Keep-Alive: timeout=15, max=99
Content-Type: text/plain; charset=ISO-8859-1
I'd rather fix the actual problem and not patch around it.
Absolutely!!
--
Lindsay Haisley | In an open world,| PGP public key
FMP Computer Services |who needs Windows | available
On Thu, 2007-06-28 at 18:56 -0500, Lindsay Haisley wrote:
By running a curl hit repeatedly on the RE server I reproduced the
problem.
By running this test a couple of times I'm apparently now blocked by
RE :-P
Oh well .
Hope the info I sent was useful.
--
Lindsay Haisley
On Fri, 2007-06-29 at 06:46 -0700, jdow wrote:
You will have to wait for up to a day for the Prolexic block to go
away.
I got blocked for checking out their anti-DDoS measures. The block went
away in about 15 minutes.
--
Lindsay Haisley |Fighting against human | PGP public key
FMP
pointed out to me yesterday,
there's a mirroring service for SARE rules at
http://saupdates.openprotect.com, along with instructions on
incorporating these into sa-update, thus avoiding problems with
rules_du_jour altogether.
--
Lindsay Haisley |Fighting against human | PGP public key
FMP
is yes. My undersanding is that everything in that directory
gets read.
--
Lindsay Haisley | In an open world,| PGP public key
FMP Computer Services |who needs Windows | available at
512-259-1190 | or Gates| http://pubkeys.fmp.com
http://www.fmp.com| |
* -2.6 BAYES_00 BODY: Bayesian spam probability is 0 to 1%
* [score: 0.]
--
Lindsay Haisley | In an open world,| PGP public key
FMP Computer Services |who needs Windows | available at
512-259-1190 | or Gates| http://pubkeys.fmp.com
http
which
should assign a much smaller (possibly positive) spam score, and
shouldn't evoke a hit on USER_IN_WHITELIST.
Am I missing something here, or is this a SA bug?
--
Lindsay Haisley | In an open world,| PGP public key
FMP Computer Services |who needs Windows | available
to
eval:check_from_in_whitelist() in 60_whitelist.cf.
What about whitelist_from_rcvd, or whitelist_from_spf?
Do you have any whitelist commands at the site config level (ie:
local.cf or add-on rulesets)?
--
Lindsay Haisley | In an open world,| PGP public key
FMP Computer Services
of bandwidth between the boxes?
--
Lindsay Haisley | Everything works|Accredited
FMP Computer Services | if you let it | by the
512-259-1190 |(The Roadie) | Austin Better
http://www.fmp.com| | Business Bureau
header in an email.
This address can't be spoofed. If it were, it would have been
technically impossible to send the email.
--
Lindsay Haisley | Everything works|Accredited
FMP Computer Services | if you let it | by the
512-259-1190 |(The Roadie
On Fri, 2009-02-13 at 12:43 -0600, McDonald, Dan wrote:
On Fri, 2009-02-13 at 12:20 -0600, Lindsay Haisley wrote:
On Fri, 2009-02-13 at 17:43 +, Martin Gregorie wrote:
I've heard it said that IPV6 will...
You can always spoof an IP address of any type. The only email header
you can
On Fri, 2009-02-13 at 15:24 -0600, Lindsay Haisley wrote:
Although I appreciate your advice, my question here is not _whether_ I
should do the integration, but which of the two methods of integrating
the databases will be most efficient of bandwidth and other resources.
After thinking about
On Fri, 2009-02-13 at 15:21 -0500, Kris Deugau wrote:
Lindsay Haisley wrote:
I have two servers. Currently they're both running instances of spamd
with separate mysql databases, however I'd like run both instances from
the same database on one of the servers. There are two ways to do
On Fri, 2009-02-13 at 14:27 -0800, John Hardin wrote:
If I may try:
The question is which is better, sending the message body (spamc - spamd
traffic) or database queries (spamd - mysql traffic) over the expensive
link?
Implicit point well make :-) I think I agree with you.
--
Lindsay
local config files but uses a MySQL connection _over the
network_ to box A to access the Bayes/userpref database.
Sorry if I wasn't entirely clear before. I hope this clarifies the
choice, which looks at this point as if I'd be better off with #2.
--
Lindsay Haisley | Everything works
On Fri, 2009-02-13 at 16:51 -0600, Lindsay Haisley wrote:
Scenario 2: spamc on box A communicates with a _local_ spamd, which
accesses local config files but uses a MySQL connection _over the
network_ to box A to access the Bayes/userpref database.
Sorry, this should read:
Scenario 2: spamc
more intelligently.
Thanks!
--
Lindsay Haisley | Everything works|Accredited
FMP Computer Services | if you let it | by the
512-259-1190 |(The Roadie) | Austin Better
http://www.fmp.com| | Business Bureau
I've found several people of
good will who don't seem to know a whole lot more about SA than I do,
but have given me some good points to think about.
Do you have any idea where I might inquire to get advice from people
with more precise knowledge?
--
Lindsay Haisley | Everything works
/wiki/Wildcard_DNS_record and in particular
the quote from RFC 1912.
--
Lindsay Haisley | Everything works|Accredited
FMP Computer Services | if you let it | by the
512-259-1190 |(The Roadie) | Austin Better
http://www.fmp.com
tried it.
It'll take you less time to read the relatively short section than it
will to reply to this email :-)
--
Lindsay Haisley |Fighting against human | PGP public key
FMP Computer Services | creativity is like | available at
512-259-1190 | trying to eradicate
for which they're the registrar of record.
I'm as offended by spam to me and my customers as anyone, but I'm also a
big proponent of open source and net neutrality, and like to see
pressure applied where the actual functional responsibility for a
mis-deed lies.
--
Lindsay Haisley | Everything
need to be in the supply path for a
misdeed to work to remove themselves from that supply path upon proper
notification. I would NOT expect them to be proactive in this regard.
Reactive is fine and proper.
{^_^} Joanne
--
Lindsay Haisley | Everything works|Accredited
FMP
an unknown user.
I would expect that a list devoted to making the Internet mail system
run to everyone's benefit rather than to everyone's detriment would be
operated in a more professional manner!
Is anyone minding the store
--
Lindsay Haisley | Everything works|Accredited
FMP
an unknown user.
I would expect that a list devoted to making the Internet mail system
run to everyone's benefit rather than to everyone's detriment would be
operated in a more professional manner!
Is anyone minding the store
--
Lindsay Haisley | Everything works|Accredited
FMP
on the bounces is ,
which is correct.
--
Lindsay Haisley | Everything works|Accredited
FMP Computer Services | if you let it | by the
512-259-1190 |(The Roadie) | Austin Better
http://www.fmp.com| | Business Bureau
. company that uses recombinant DNA to put an unusual
color in a bean. Then they patent it and sue a Mexican company and block
imports of a bean that the Mexicans have been growing for generations.
That's just nucking futs.
Sounds like Monsanto at work.
--
Lindsay Haisley | Everything
lm of SA. I apply this test using a python
program written to work with Gordon Messmer's courier-pythonfilter for
Courier-MTA.
--
Lindsay Haisley | "We have met the enemy and he is us."
FMP Computer Services |
512-259-1190 | -- Pogo
http://www.fmp.com|
On Fri, 2016-09-23 at 17:10 -0400, btb wrote:
> On 2016.09.23 16.16, Lindsay Haisley wrote:
> >
> > On Fri, 2016-09-23 at 18:43 +0100, RW wrote:
> > >
> > > Right, but the question here is why isn't a forwarding server also a
> > > recursive server
So why is this bad informaton?
--
Lindsay Haisley | "The voice of dissent was arrested before
FMP Computer Services | the president cleared his throat to
512-259-1190 |speak of freedom"
http://www.fmp.com|
|-- Chris Chandler
On Sat, 2016-09-24 at 00:15 -0500, Dave Funk wrote:
> On Fri, 23 Sep 2016, Lindsay Haisley wrote:
>
> >
> > On Fri, 2016-09-23 at 19:03 -0400, listsb-spamassas...@bitrate.net
> > wrote:
> > >
> > > consider that, to do the work described as &quo
On Fri, 2016-09-23 at 20:21 -0400, Bill Cole wrote:
> On 23 Sep 2016, at 16:10, Lindsay Haisley wrote:
>
> >
> > On Fri, 2016-09-23 at 15:28 -0400, Bill Cole wrote:
> > >
> > > As much as I love BIND (no, seriously, I do) it's very hard to
> >
;
What am I missing?
Justin Ellingwood, who wrote the DigitalOcean piece, is a very
experienced documenter. From his rather impressive resume, I'd be
inclined to trust what he posts.
--
Lindsay Haisley |"Friends are like potatoes.
FMP Computer Services |If you eat them, they
ack surface in itself and is a richer prize if hijacked, either
> directly or as a consequence of a general system compromise.
>
> On 23 Sep 2016, at 16:10, Lindsay Haisley wrote:
> >
> >
> > On Fri, 2016-09-23 at 15:28 -0400, Bill Cole wrote:
> > >
> >
ed by
competent peers, as is the way of the world with open source software.
--
Lindsay Haisley | "The first casualty when
FMP Computer Services | war comes is truth."
512-259-1190 |
http://www.fmp.com| -- Hiram W Johnson
No sooner did I complete a small python filter to divert untrapped
style gibberish spams than I started getting these without the
ns {
directory "/var/cache/bind";
recursion yes;
allow-query { goodclients; };
etc
};
--
Lindsay Haisley | "Never expect the people who caused a problem
FMP Computer Services | to solve it." - Albert Einstein
512-259-1190 |
http://www.fmp.com|
{
1.2.3.0/24;
4.5.6.0/24;
127.0.0.1;
etc
};
options {
..
recursion yes;
allow-query { goodclients; };
etc...
};
--
Lindsay Haisley | "The first casualty when
FMP Computer Services | war comes is truth."
512-259-1190
21/what-s-the-difference-between-recursion-and-forwarding-in-bind
--
Lindsay Haisley | "The difference between a duck is because
FMP Computer Services |one leg is both the same"
512-259-1190 | - Anonymous
http://www.fmp.com|
I'm getting a _lot_ of spam slipping through the STYLE_GIBBERISH
filter, probably more than is getting caught (although some of it _is_
getting caught). An example body is
s any good. The Big Guys don't need
to allocate any of their hard-earned resources to clamping down on spam
sent trom their customers' accounts :(
--
Lindsay Haisley | "UNIX is user-friendly, it just
FMP Computer Services | chooses its friends."
512-259-1190 | -- Andreas Bogk
http://www.fmp.com|
looking for a way to block
them with a finer tool.
--
Lindsay Haisley | "The first casualty when
FMP Computer Services | war comes is truth."
512-259-1190 |
http://www.fmp.com| -- Hiram W Johnson
etting a number of these, and someone else on this list
reported the same format. I haven't seen a SA rules solution to
blocking these.
--
Lindsay Haisley | "The first casualty when
FMP Computer Services | war comes is truth."
512-259-1190 |
http://www.fmp.com| -- Hiram W Johnson
ection via the Courier MTA. The Mailman code substitutes the
word "at" in the comment field for the ampersand to avoid this sort of
problem, but other implementation may not.
--
Lindsay Haisley | "The world is full of monsters with friendly
FMP Computer Services | face
ddress while providing a functional From address
using a domain name which passes SPF, a sufficient condition for
passing DMARC.
--
Lindsay Haisley | "The world is full of monsters with friendly
FMP Computer Services | faces and angels with scars."
512-259-1190 |
http://www.fmp.com| - Heather Brewer
66 matches
Mail list logo