Re: SA 3.0 - USER_IN_BLACKLIST false positive?
From: "Kai Schaetzl" <[EMAIL PROTECTED]>
> Mike Zanker wrote on Sun, 10 Oct 2004 17:52:36 +0100:
>
> > Yes, I am using that, but I thought USER_IN_BLACKLIST related to
> > personal blacklists, not SURBL stuff.
> >
>
> It does not relate to SURBL. It relates to rules, no matter in which *.cf
> file they are in /etc/mail/spamassassin. The rulename is relevant, not the
> filename.
I think he mixed up SURBL and SARE. The latter produces the best sets
of addon rules. The former is just a black list.
{^_^}
Re: SA 3.0 - USER_IN_BLACKLIST false positive?
On 10 October 2004 20:44 +0200 Kai Schaetzl <[EMAIL PROTECTED]> wrote: It does not relate to SURBL. It relates to rules, no matter in which *.cf file they are in /etc/mail/spamassassin. The rulename is relevant, not the filename. Ah, OK. Thanks, Mike.
Re: SA 3.0 - USER_IN_BLACKLIST false positive?
Mike Zanker wrote on Sun, 10 Oct 2004 17:52:36 +0100: > Yes, I am using that, but I thought USER_IN_BLACKLIST related to > personal blacklists, not SURBL stuff. > It does not relate to SURBL. It relates to rules, no matter in which *.cf file they are in /etc/mail/spamassassin. The rulename is relevant, not the filename. Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com IE-Center: http://ie5.de & http://msie.winware.org
Re: SA 3.0 - USER_IN_BLACKLIST false positive?
On 10 October 2004 11:24 -0400 Matt Kettler <[EMAIL PROTECTED]> wrote: Are you sure you're not using sa-blacklist.cf from SURBL? Yes, I am using that, but I thought USER_IN_BLACKLIST related to personal blacklists, not SURBL stuff. Mike.
Re: SA 3.0 - USER_IN_BLACKLIST false positive?
At 07:56 AM 10/10/2004 +0100, Mike Zanker wrote: On 09 October 2004 18:40 -0400 Theo Van Dinter <[EMAIL PROTECTED]> wrote: Got me, you have to go hunting around and find out. I have no way to tell you what's on your box, but I can tell you the entries aren't from SpamAssassin itself. ;) I believe that it is a bug in SA 3.0. This is a fresh installation of SA, no blacklists have been created and the e-mail address was previously unknown. Having searched back through the archives there are a couple of other reports of this 'phenomenon'. Are you sure you're not using sa-blacklist.cf from SURBL? Double check a few things: grep blacklist /usr/share/spamassassin/*.cf grep blacklist /etc/mail/spamassassin/*.cf Since you use mailscanner user_prefs is replaced by: grep blacklist /etc/MailScanner/spam.assassin.prefs.conf
Re[2]: SA 3.0 - USER_IN_BLACKLIST false positive?
Hello Mike, Almost the same thing here... but it's the USER_IN_WHITELIST that's making me nuts. My configuration files have no whitelist_from... but in the detection description the USER_IN_WHITELIST is always there... Best regards -- Marcos Saint'Anna [EMAIL PROTECTED] You wrote: MZ> On 09 October 2004 18:40 -0400 Theo Van Dinter <[EMAIL PROTECTED]> MZ> wrote: >> Got me, you have to go hunting around and find out. I have no way to >> tell you what's on your box, but I can tell you the entries aren't >> from SpamAssassin itself. ;) MZ> I believe that it is a bug in SA 3.0. This is a fresh installation of MZ> SA, no blacklists have been created and the e-mail address was MZ> previously unknown. MZ> Having searched back through the archives there are a couple of other MZ> reports of this 'phenomenon'. MZ> Mike.
Re: SA 3.0 - USER_IN_BLACKLIST false positive?
On 09 October 2004 18:40 -0400 Theo Van Dinter <[EMAIL PROTECTED]> wrote: Got me, you have to go hunting around and find out. I have no way to tell you what's on your box, but I can tell you the entries aren't from SpamAssassin itself. ;) I believe that it is a bug in SA 3.0. This is a fresh installation of SA, no blacklists have been created and the e-mail address was previously unknown. Having searched back through the archives there are a couple of other reports of this 'phenomenon'. Mike.
Re: SA 3.0 - USER_IN_BLACKLIST false positive?
On Sat, Oct 09, 2004 at 11:24:19PM +0100, Mike Zanker wrote: > >There are no default blacklist entries in SpamAssassin. > Exactly, so where did it come from? Got me, you have to go hunting around and find out. I have no way to tell you what's on your box, but I can tell you the entries aren't from SpamAssassin itself. ;) -- Randomly Generated Tagline: That's weird. It's like something out of that twilighty show about that zone. -- Homer Simpson Treehouse of Horror VI pgpbRCqZidXcK.pgp Description: PGP signature
Re: SA 3.0 - USER_IN_BLACKLIST false positive?
On 09 October 2004 16:19 -0400 Theo Van Dinter <[EMAIL PROTECTED]> wrote: Well, yes you do. ;) I do what? There are no default blacklist entries in SpamAssassin. Exactly, so where did it come from? Mike.
Re: SA 3.0 - USER_IN_BLACKLIST false positive?
On Sat, Oct 09, 2004 at 09:09:12PM +0100, Mike Zanker wrote: > scored over 100 because of USER_IN_BLACKLIST. Now, I don't have any > blacklists defined anywhere > So, this seems to be a false positive. Anyone else seen it happening? Well, yes you do. ;) There are no default blacklist entries in SpamAssassin. -- Randomly Generated Tagline: "I love drag queens, you can take 'em to dinner and then dancing, and if you get a flat on the way home, they can help you fix it." - Dave Attell, Insomniac "Miami" pgpwY3zKvfVKq.pgp Description: PGP signature
SA 3.0 - USER_IN_BLACKLIST false positive?
Today I received a virus (Gibe-F) from an unknown e-mail address - it scored over 100 because of USER_IN_BLACKLIST. Now, I don't have any blacklists defined anywhere - in fact, SA is run only by MailScanner as user mail. So, this seems to be a false positive. Anyone else seen it happening? Thanks, Mike.
