On Fri, 2009-04-10 at 12:13 -0400, martes wrote:
> I have been running spamassassin in default install mode for a few
> months now, and in the past week, I have been getting some miss-fires, I
> would have to assume, since I have been receiving obvious spam.
By mis-fire you actually mean "not firing", spam slipping by? There is
absolutely no way to give advice how to catch these, without a sample, a
raw message including all headers (upload it somewhere, maybe using a
pastebin).
Well, other than re-iterating common practices, which have been
mentioned numerous times on this list. ;)
> Where should I start in troubleshooting this type of issue?
By looking at the mail body, its headers and the rules triggered. Or
hope someone on this list will do it for you -- if you provide samples.
SA version? Do you use sa-update?
> I have not had the time to really get deep into custom rule sets, and
> all, so I just wanted to know how if I need to add these addresses to
> the blacklist, or if I should first check to see if a specific setting
> is failing. I even got a particular email that listed a different name
> as the recipient, and gave that name in the heading of the email, but it
> was still addressed to me. I am not that familiar with spam practices,
> so that was just odd, in the least.
Nothing odd about that at all. The To header is just some sugar coating.
It's irrelevant otherwise, and not involved in specifying the actual
recipients.
--
char *t="\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
