WLamotte wrote:
> Sorry if this is an obvious question but why isn't there an option for
> Spamassassin to bounce spam? Sure it does a good job at filtering spam but I
> don't want it from my web(mail)server to my inbox. I want my web- or
> mailserver to bounce suspected spam. Is this a feature tha
Bret Miller wrote:
> The subject says it. I installed 3.2.1 on Windows Server 2003 with
> ActivePerl 5.8.8.820 yesterday. No problems since installing. Good job
> as usual.
Similar result under Cygwin installing from the source package (over an old cpan
install), plus sa-compile (with some manual
Daniel J McDonald wrote the following on 6/15/2007 3:37 PM -0800:
On Fri, 2007-06-15 at 15:27 -0700, Bill Landry wrote:
Daniel J McDonald wrote the following on 6/15/2007 2:54 PM -0800:
On Fri, 2007-06-15 at 22:08 +0100, Randal, Phil wrote:
And a few others... Might as well be complet
On Fri, 2007-06-15 at 15:27 -0700, Bill Landry wrote:
> Daniel J McDonald wrote the following on 6/15/2007 2:54 PM -0800:
> > On Fri, 2007-06-15 at 22:08 +0100, Randal, Phil wrote:
> >
> > And a few others... Might as well be completely consistent. Try this
> > patch:
> > --- Botnet.pm.orig
Daniel J McDonald wrote the following on 6/15/2007 2:54 PM -0800:
On Fri, 2007-06-15 at 22:08 +0100, Randal, Phil wrote:
Bill,
The problem is that Botnet uses Net::DNS::Resolver's default retry and
timeout values, which are way too high.
Spamassassin's DnsResolver.pm uses these values:
u
John Rudd wrote the following on 6/15/2007 3:00 PM -0800:
Bill Landry wrote:
Also, I'm not sure if John Rudd is still supporting Botnet or not,
since I have sent him 3 e-mails to the address listed in Botnet.pm
off-list over the past week about this, and asked him if he would
consider addin
John Rudd wrote:
Bill Landry wrote:
Also, I'm not sure if John Rudd is still supporting Botnet or not,
since I have sent him 3 e-mails to the address listed in Botnet.pm
off-list over the past week about this, and asked him if he would
consider adding user configurable timeout values, but h
Bill Landry wrote:
Also, I'm not sure if John Rudd is still supporting Botnet or not, since
I have sent him 3 e-mails to the address listed in Botnet.pm off-list
over the past week about this, and asked him if he would consider adding
user configurable timeout values, but have not received a
On Fri, 2007-06-15 at 22:08 +0100, Randal, Phil wrote:
> Bill,
>
> The problem is that Botnet uses Net::DNS::Resolver's default retry and
> timeout values, which are way too high.
>
> Spamassassin's DnsResolver.pm uses these values:
>
> udp_timeout:3
> tcp_timeout:3
> retrans:0
> retry:1
Mark Martinec wrote the following on 6/15/2007 2:34 PM -0800:
So far so good with Mark's patches - although I am awaiting his
follow-up regarding a possible bug...
Not sure I understand this. My fixes make SA more robust when
plugins misbehave. The Botnet problem still causes the mail
pro
Bill,
> Hmmm, once I patched the correct SA version Dns.pm file, Mark's patches
> worked fine. However, perhaps my error caused Mark to find a bug, as
> noted by his follow-up e-mail, which might have gone undetected
> otherwise. :-)
Indeed, thanks! (but there were two other similar reports as
Randal, Phil wrote the following on 6/15/2007 2:08 PM -0800:
Bill,
The problem is that Botnet uses Net::DNS::Resolver's default retry and
timeout values, which are way too high.
Spamassassin's DnsResolver.pm uses these values:
udp_timeout:3
tcp_timeout:3
retrans:0
retry:1
try
expor
> Spamassassin to bounce spam? Sure it does a good job at filtering spam but I
> don't want it from my web(mail)server to my inbox. I want my web- or
> mailserver to bounce suspected spam. Is this a feature that could be
> implemented?
Bounce spam? Are you nuts? This is as worse as the spammers s
Bill,
The problem is that Botnet uses Net::DNS::Resolver's default retry and
timeout values, which are way too high.
Spamassassin's DnsResolver.pm uses these values:
udp_timeout:3
tcp_timeout:3
retrans:0
retry:1
try
export RES_OPTIONS="udp_timeout:3 tcp_timeout:3 retrans:0 retry:1"
How did you setup your spamtrap address with postfix.. Do you have them
delivered after they are scanned by spamassassin or do you scan them and
send them on from there? If you bypass SA, how are you doing that?
If you don't mind, what tarpit settings are you using?
I am using the following:
smt
WLamotte wrote:
> Sorry if this is an obvious question but why isn't there an option for
> Spamassassin to bounce spam? Sure it does a good job at filtering spam but I
> don't want it from my web(mail)server to my inbox. I want my web- or
> mailserver to bounce suspected spam. Is this a feature th
Mark Martinec wrote the following on 6/15/2007 10:41 AM -0800:
Bill,
There is now an additional patch at:
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5511
which should fix this.
Mark, thanks for the patches. However, even with both Dns.pm patches
applied, unless I s
On Fri, 15 Jun 2007, WLamotte wrote:
> Sorry if this is an obvious question but why isn't there an option
> for Spamassassin to bounce spam?
To boil down the responses: because SA is a scoring tool, only.
--
John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
[EMAIL PROTECTED
Juergen Georgi wrote:
Hi,
I am wondering if bad things happen in case multiple
instances of sa-update run at the same time, e.g. if a
manual call interferes with a call invoked by cron in
background.
As I understand the code, sa-update downloads any new
rules into a temporary directory whe
> ...a bug pause here...
bug -> big
(29 seconds)
Bill,
> > There is now an additional patch at:
> > http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5511
> > which should fix this.
> Mark, thanks for the patches. However, even with both Dns.pm patches
> applied, unless I set "rbl_timeout" to a high enough time interval, SA
> still misse
I installed both patches and still get errors in some of the dnsbl
tests. Here is a possibly relevant section of t/log/d.dns/1 from a
system where the test succeeded:
[27718] dbg: check: running tests for priority: 500
[27718] dbg: async: select found 1 socks ready
[27718] dbg: uridnsbl: que
Richard Frovarp wrote:
I've heard Exchange and Notes/Domino in the past. I don't know if there
is any truth to this or not.
I swear Domino did/does it so that they can claim faster queue clearing
times.
In any case, be aware that caching of your involved MX and A records can
have drastic e
Mark Martinec wrote the following on 6/15/2007 3:36 AM -0800:
Phil, Bill,
Mark, I patched Dns.pm but this didn't resolve the issue for me.
You can test with the sample messages I posted to bugzilla:
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5506
I was getting this sort
Eric W. Bates wrote:
-BEGIN PGP SIGNED MESSAGE-
Also, you do have re2c version .12.0 or better, right?
pkg_info -cQ 're2c=>0.12.0'
Nope. Current FreeBSD port is pushing version 0.11.1. I can update
that manually without a lot of trouble (sent a note to the maintainer)
but
Marc Perkel wrote:
Richard Frovarp wrote:
Marc Perkel wrote:
Terry Soucy wrote:
In the testing we have done here, less than 1% of connections to
our low
priority MX actually cycled around to one of the higher priority MX
systems to deliver the message. I'm still not sure if this is a
gr
Jerry Durand schrieb:
I have a few spamtrap addresses that feed directly to sa-learn. Seems
to work pretty well.
I do almost the same, but i first check email coming into the spamtraps
and require a score of 2 before learning it to avoid poisening my bayes
in case a real ham should come in.
Marc Perkel wrote:
> I'm trying out a new idea for blacklisting hosts. I have several email
> servers for processing spam. These servers service my lowered numbered
> MX records. I also have several dummy mx records that are higher
> numbered than my real servers. So in theory no one should ever
On Jun 15, 2007, at 9:06 AM, [EMAIL PROTECTED] wrote:
A simpler approach might be to blacklist senders that try multiple
non-existent recipients,
regardless of mx priority
In Postfix I tarpit after the first bad recipient and eventually
disconnect. That's cut things down quite a bit.
BT
Marc Perkel schrieb:
Dude - that sucks! Anything I can do to help?
Guess in the long term it might be a good idea if someone provided a
"second level" i.e. non-rootzone alternate dns server that provides data
from all 3 companies that use the IXhash system.
Unfortunately i'm not good with name
[EMAIL PROTECTED] wrote:
Hi, list,
the DNS server of manitu.net, Germany, currently the only server hosting
the iXhash blacklist @ ix.dnsbl.manitu.net, is apparently being ddos'ed.
Admins using the iXhash plugin should either temporarily disable using
that server or request being included in a
Richard Frovarp wrote:
Marc Perkel wrote:
Terry Soucy wrote:
In the testing we have done here, less than 1% of connections to our
low
priority MX actually cycled around to one of the higher priority MX
systems to deliver the message. I'm still not sure if this is a
growing
pattern yet, b
[EMAIL PROTECTED] schrieb:
BTW: at one time I was quite happy with some pre-filtering on my private mail
(which is
fetchmail ultimately feeding to SA) until I found that SA would no longer
recognize some
spam in the bayes section. So, if capacity permits, it might be a good idea to
feed (a ran
>> >>
>> >>
>> >> I'm trying out a new idea for blacklisting hosts. I have
>> >> several email
>> >> servers for processing spam. These servers service my lowered
>> >> numbered
>> >>
>> >
>> > As others said, not a good idea.
>> >
>> > Don't bother BL isting them, if they hit your dummy m
On Fri, 15 Jun 2007 11:42:43 -0400
Theo Van Dinter <[EMAIL PROTECTED]> wrote:
> On Fri, Jun 15, 2007 at 10:00:43AM -0400, Michael B Allen wrote:
> > X-Spam-Status: Yes, score=5.3 required=5.0 tests=AWL autolearn=no
> > version=3.1.9
> > X-Spam-Report:
> > * 5.3 AWL AWL: From: address is
Marc Perkel wrote:
Terry Soucy wrote:
In the testing we have done here, less than 1% of connections to our low
priority MX actually cycled around to one of the higher priority MX
systems to deliver the message. I'm still not sure if this is a growing
pattern yet, but it could be a sign of spa
Michael B Allen wrote:
> Hi,
>
> I just installed SA on a stock CentOS 5 machine. I forwarded a spam to it
> and it worked. Then I sent a very short "hi" message that I would expect
> should make it through but it did not.
>
>> From looking at the X-Spam headers:
>
> X-Spam-Status: Yes, score=5.3
On Fri, Jun 15, 2007 at 10:00:43AM -0400, Michael B Allen wrote:
> X-Spam-Status: Yes, score=5.3 required=5.0 tests=AWL autolearn=no
> version=3.1.9
> X-Spam-Report:
> * 5.3 AWL AWL: From: address is in the auto white-list
>
> I don't see an explaination. Where is the explaination?
It's
Terry Soucy wrote:
In the testing we have done here, less than 1% of connections to our low
priority MX actually cycled around to one of the higher priority MX
systems to deliver the message. I'm still not sure if this is a growing
pattern yet, but it could be a sign of spambots catching on.
The subject says it. I installed 3.2.1 on Windows Server 2003 with
ActivePerl 5.8.8.820 yesterday. No problems since installing. Good job
as usual.
Bret
[EMAIL PROTECTED] schrieb:
Hi, list,
the DNS server of manitu.net, Germany, currently the only server hosting
the iXhash blacklist @ ix.dnsbl.manitu.net, is apparently being ddos'ed.
Admins using the iXhash plugin should either temporarily disable using
that server or request being included in a
[EMAIL PROTECTED] schrieb:
Hi, list,
the DNS server of manitu.net, Germany, currently the only server hosting
the iXhash blacklist @ ix.dnsbl.manitu.net, is apparently being ddos'ed.
Admins using the iXhash plugin should either temporarily disable using
that server or request being included in a
Hi, list,
the DNS server of manitu.net, Germany, currently the only server hosting
the iXhash blacklist @ ix.dnsbl.manitu.net, is apparently being ddos'ed.
Admins using the iXhash plugin should either temporarily disable using
that server or request being included in a whitelist the provider has s
Terry Soucy wrote:
In the testing we have done here, less than 1% of connections to our low
priority MX actually cycled around to one of the higher priority MX
systems to deliver the message. I'm still not sure if this is a growing
pattern yet, but it could be a sign of spambots catching on.
In the testing we have done here, less than 1% of connections to our low
priority MX actually cycled around to one of the higher priority MX
systems to deliver the message. I'm still not sure if this is a growing
pattern yet, but it could be a sign of spambots catching on. Whether or
not they hit
Jari Fredriksson wrote, On 15/6/07 7:53 AM:
> Both installation tries were via cpan, and here is the result.
That looks like bug 5510, about failing tests when they are run s root,
which breaks CPAN installation in the common setup in which the build
and test are run as root. I think you can confi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael Scheidell wrote:
>> -Original Message-
>> From: Eric W. Bates [mailto:[EMAIL PROTECTED]
>> Sent: Thursday, June 14, 2007 2:17 PM
>> To: users@spamassassin.apache.org
>> Subject: spamd crashes when using sa-compile body (undefined symbo
> -Original Message-
> From: WLamotte [mailto:[EMAIL PROTECTED]
> Sent: Friday, June 15, 2007 10:13 AM
> To: users@spamassassin.apache.org
> Subject: Why doesn't Spamassassin bounce spam?
>
>
> Sorry if this is an obvious question but why isn't there an
> option for
> Spama
On Jun 15, 2007, at 5:37 AM, Mark Martinec wrote:
always_trust_envelope_sender 1
envelope_sender_header Return-Path
Done, thanks.
Hi!
Spamassassin to bounce spam? Sure it does a good job at filtering spam but I
don't want it from my web(mail)server to my inbox. I want my web- or
mailserver to bounce suspected spam. Is this a feature that could be
implemented?
Bounce spam? Are you nuts? This is as worse as the spammers se
On Fri, June 15, 2007 15:13, WLamotte wrote:
>
> Sorry if this is an obvious question but why isn't there an option for
> Spamassassin to bounce spam? Sure it does a good job at filtering spam but I
> don't want it from my web(mail)server to my inbox. I want my web- or
> mailserver to bounce
> su
On Fri, 15 Jun 2007, Marc Perkel wrote:
Shane Williams wrote:
Unless you have some other reliable source of statistics regarding how
various entities choose MX records, I'd expect blacklisting this way
is likely to garner significant false positives.
It appears that some spammers hit the h
Sorry if this is an obvious question but why isn't there an option for
Spamassassin to bounce spam? Sure it does a good job at filtering spam but I
don't want it from my web(mail)server to my inbox. I want my web- or
mailserver to bounce suspected spam. Is this a feature that could be
implemented?
Shane Williams wrote:
On Fri, 15 Jun 2007, Marc Perkel wrote:
What I see happening is that they are hitting MX randomly. So some
times they hit a good server and sometimes they hit the trap. Once
they have hit the trap several times then they are blacklisted in my
hostkarma blacklist and if
On Fri, 15 Jun 2007, Marc Perkel wrote:
What I see happening is that they are hitting MX randomly. So some times they
hit a good server and sometimes they hit the trap. Once they have hit the
trap several times then they are blacklisted in my hostkarma blacklist and if
they hit a real server t
Hi,
I just installed SA on a stock CentOS 5 machine. I forwarded a spam to it
and it worked. Then I sent a very short "hi" message that I would expect
should make it through but it did not.
>From looking at the X-Spam headers:
X-Spam-Status: Yes, score=5.3 required=5.0 tests=AWL autolearn=no ver
Michael Scheidell wrote:
-Original Message-
From: Marc Perkel [mailto:[EMAIL PROTECTED]
Sent: Friday, June 15, 2007 3:19 AM
To: users@spamassassin.apache.org
Subject: Innovative Host Blacklisting Idea
I'm trying out a new idea for blacklisting hosts. I have
several email
servers f
Raymond Dijkxhoorn wrote:
Hi!
servers for processing spam. These servers service my lowered
numbered MX records. I also have several dummy mx records that are
higher numbered than my real servers. So in theory no one should ever
hit the higher numbered servers. Especially when the IP addres
Daryl C. W. O'Shea wrote:
Marc Perkel wrote:
I'm trying out a new idea for blacklisting hosts. I have several
email servers for processing spam. These servers service my lowered
numbered MX records. I also have several dummy mx records that are
higher numbered than my real servers. So in the
Daryl writes:
> Make sure your milter is providing a return path header field so that SA
> gets the correct envelope-from address. I believe old versions of
> amavisd-new don't do this. If the milter fails to do this SA will end
> up using the From: header field value and, yeah, you'll get SPF fai
> -Original Message-
> From: Marc Perkel [mailto:[EMAIL PROTECTED]
> Sent: Friday, June 15, 2007 3:19 AM
> To: users@spamassassin.apache.org
> Subject: Innovative Host Blacklisting Idea
>
>
> I'm trying out a new idea for blacklisting hosts. I have
> several email
> servers for proces
Phil, Bill,
> Mark, I patched Dns.pm but this didn't resolve the issue for me.
> You can test with the sample messages I posted to bugzilla:
> http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5506
> I was getting this sort of symptom without using Botnet.
> It's almost as if something's dead
Hi!
servers for processing spam. These servers service my lowered numbered MX
records. I also have several dummy mx records that are higher numbered than
my real servers. So in theory no one should ever hit the higher numbered
servers. Especially when the IP addresses are on the same server as
From: "Duncan Hill" <[EMAIL PROTECTED]>
On Fri, June 15, 2007 08:20, Helmut Schneider wrote:
From: "Justin Mason" <[EMAIL PROTECTED]>
[EMAIL PROTECTED] ~]# sa-update --nogpg
can't resolve "localhost" to address at
/usr
local/libdata/perl5/site_perl/i386-openbsd/Net/DNS/Resolver/Base.pm
line
Hi,
I am wondering if bad things happen in case multiple
instances of sa-update run at the same time, e.g. if a
manual call interferes with a call invoked by cron in
background.
As I understand the code, sa-update downloads any new
rules into a temporary directory where it does some
sanity c
Marc Perkel wrote:
I'm trying out a new idea for blacklisting hosts. I have several email
servers for processing spam. These servers service my lowered numbered
MX records. I also have several dummy mx records that are higher
numbered than my real servers. So in theory no one should ever hit th
On Fri, June 15, 2007 08:20, Helmut Schneider wrote:
> Hi,
>
>
> From: "Justin Mason" <[EMAIL PROTECTED]>
>
>
>>> [EMAIL PROTECTED] ~]# sa-update --nogpg
>>> can't resolve "localhost" to address at
>>> /usr/local/libdata/perl5/site_perl/i386-openbsd/Net/DNS/Resolver/Base.pm
>>> line 751. [EMAIL PR
Hi,
From: "Justin Mason" <[EMAIL PROTECTED]>
[EMAIL PROTECTED] ~]# sa-update --nogpg
can't resolve "localhost" to address at
/usr/local/libdata/perl5/site_perl/i386-openbsd/Net/DNS/Resolver/Base.pm
line 751.
[EMAIL PROTECTED] ~]#
A guess-- you have
server localhost
in /etc/resolv.conf.
In d
I'm trying out a new idea for blacklisting hosts. I have several email
servers for processing spam. These servers service my lowered numbered
MX records. I also have several dummy mx records that are higher
numbered than my real servers. So in theory no one should ever hit the
higher numbered s
69 matches
Mail list logo