On Sat, 2009-07-04 at 21:49 -0400, Tara Natanson wrote:
Hello,
Normally I wouldn't jump in on a technical mailing list such as this,
but I was pointed to the archives by someone on the list and saw that
someone was asking specific questions on how we operate. I hope I can
clear up some
could it be using a different perl binary?
On Sun, Jul 5, 2009 at 03:26, LuKremekrem...@kreme.com wrote:
When trying to build SA3.3 I got the following error:
ERROR: the required NetAddr::IP module is not installed. at
lib/Mail/SpamAssassin/Util/DependencyInfo.pm line 285.
Trouble is, I
On Sun, Jul 5, 2009 at 3:05 AM,
rich...@buzzhost.co.ukrich...@buzzhost.co.uk wrote:
Perhaps you can look at your customer;
Received: from ccm01.constantcontact.com ([63.251.135.74]) by
From: GearSourceEurope i...@gearsourceeurope.com
Reply-To: i...@gearsourceeurope.com
Sender:
On Sun, July 5, 2009 02:50, MySQL Student wrote:
The X-MailCleaner headers were there when I received the email. I've
obfuscated our customers domain for security.
Any ideas greatly appreciated. Where can I start? Am I doing something wrong
or is there something in the header that is
On Fri, July 3, 2009 23:29, Res wrote:
Why are people still using the outdated and no longer recommended
domain TXT method?
2 problems:
1: sa uses default mail::spf::query
2: dns hosters use txt for anything even there bind support spf record
3: what about dkim then ? :)
The RR type SPF
On Sat, July 4, 2009 01:31, Michelle Konzack wrote:
Hello,
In a maill which hit the score I see this:
report the ip to dnswl
-1.0 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low
trust
[70.103.162.29 listed in
On Sat, July 4, 2009 07:16, rich...@buzzhost.co.uk wrote:
. Even Benny's
You don't have SPF so I'm blocking you was clearly b/s when I tried it
with other MX's with no SPF. Nothing more than a kiddy rule set-up
FWICS.
thanks for 170 spam mails, your /29 is now perm blocked in my postfwd,
On Sun, 2009-07-05 at 18:36 +0200, Benny Pedersen wrote:
On Sat, July 4, 2009 07:16, rich...@buzzhost.co.uk wrote:
. Even Benny's
You don't have SPF so I'm blocking you was clearly b/s when I tried it
with other MX's with no SPF. Nothing more than a kiddy rule set-up
FWICS.
thanks for
On Sat, July 4, 2009 10:20, Michelle Konzack wrote:
...because the Spamer From: is in the auto_whitelist.
aRG :/
from and SENDER IP is in the awl table, where is the problem ?
if you match the sender ip very well (/16 fuzzy) then i see the problem
and btw awl is NOT a whitelist !
--
On Sat, July 4, 2009 20:50, Michelle Konzack wrote:
Goog evening Jari,
Am 2009-07-04 13:46:45, schrieb Jari Fredriksson:
http://wiki.apache.org/spamassassin/BetterDocumentation/SqlReadmeAwl
Thankyou for the link, but if I understand it right, spamassassin is
then using ONE
On Sat, July 4, 2009 20:55, Michelle Konzack wrote:
To prevent manualy learning of the MEDS spams I have set my MEDS-Score
to 8.00 and do not get any spams except caNN and genNN.
perldoc Mail::SpamAssassin::Plugin::AWL
see the awl factor setting, default its 0.5, so if you dont like this,
On Sun, 2009-07-05 at 09:28 -0400, Tara Natanson wrote:
On Sun, Jul 5, 2009 at 3:05 AM,
rich...@buzzhost.co.ukrich...@buzzhost.co.uk wrote:
Perhaps you can look at your customer;
Received: from ccm01.constantcontact.com ([63.251.135.74]) by
From: GearSourceEurope
X-Asn: AS5656
X-AsnCidr: 209.145.128.0/18/18
others seen this ? double cidr ?
amavisd 2.6.1
sa 3.2.5
--
xpoint
On Sat, 4 Jul 2009, Pawe�~B T�~Ycza wrote:
Dnia 2009-07-03, pią o godzinie 23:38 -0400, MySQL Student pisze:
+body LOCAL_BODY_WWW_MEDSXX_NET /\bwww(?:\s|\s\W|\W
\s)\w{1,6}\d{1,6}(?:\s|\s\W|\W\s)(?:c\s?o\s?m|n\s?e\s?t|o\s?r\s?g)\b/i
^ ^
F... spammers. They spoil my weekend ;)
Whoops, missed the reply-all button...
-- Forwarded message --
From: Gary Baluha gumby3...@gmail.com
Date: Sun, Jul 5, 2009 at 4:47 PM
Subject: Re: Low Scoring Diploma Spam
To: rich...@buzzhost.co.uk
I recently turned on Bayes filtering with my SA install, and it has been
very
On Sun, 05 Jul 2009 08:09:09 +0100
rich...@buzzhost.co.uk rich...@buzzhost.co.uk wrote:
Last week I thought I would remove my Postfix Header check that looks
in a subject line for the word 'Diploma | Degree'. It's been very
effective but using a hammer to crack an egg is probably not the best
Hi,
spamassassin 21 -D --lint
search here for missing perl modules
How effective are razor/pyzor and SPF/DKIM? I've always been a bit hesitant
to use any of those.
and the spam mail have all_trusted ?, you trust a spammer in
trusted_networks
trusted_networks isn't at all defined. It looks
Hi again,
and the spam mail have all_trusted ?, you trust a spammer in
trusted_networks
I meant to add, how can I determine which IP it was that is being trusted,
anyway?
Thanks again,
Alex
What would cause my SA installation to score a message 0 every once in a
while? Last night I received a spam message in my inbox, which is kinda
strange since SA is pretty much foolproof for me. Upon further
investigation, I found out that the message was scored 0 --not a single hit
on any
Hi,
I'm receiving a lot of spam that I can't catch containing fields where the
recipient is supposed to enter their contact details, like this:
Full Legal Name :
Address :
City :
State :
Zip code :
Country :
Nationality :
Home and Cell # :
I've added specific rules that look for, say /Full
MySQL Student wrote:
Hi,
I'm receiving a lot of spam that I can't catch containing fields where
the recipient is supposed to enter their contact details, like this:
We have some in-house rules for catching those someone died and left
you money scams. They always ask for your personal details,
On Sun, 5 Jul 2009 16:29:25 -0700 (PDT)
MrGibbage s...@pelorus.org wrote:
What would cause my SA installation to score a message 0 every once
in a while? Last night I received a spam message in my inbox, which
is kinda strange since SA is pretty much foolproof for me. Upon
further
On Sun, 5 Jul 2009, MySQL Student wrote:
Hi,
I'm receiving a lot of spam that I can't catch containing fields where the
recipient is supposed to enter their contact details, like this:
Full Legal Name :
Address :
City :
State :
Zip code :
Country :
Nationality :
Home and Cell # :
I've added
On Sun, 5 Jul 2009, John Hardin wrote:
On Sun, 5 Jul 2009, MySQL Student wrote:
Hi,
I'm receiving a lot of spam that I can't catch containing fields where the
recipient is supposed to enter their contact details, like this:
Full Legal Name :
Address :
City :
State :
Zip code :
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/04/09 13:56, quoth Steven W. Orr:
I think I have a problem. Maybe not, but I'd like to hear what other people
think.
I have a small home server running sendmail, spamassassin, spamass-milter and
clamav-milter. The clamav helped a lot but
On Mon, July 6, 2009 00:57, MySQL Student wrote:
spamassassin 21 -D --lint
search here for missing perl modules
How effective are razor/pyzor and SPF/DKIM? I've always been a bit hesitant
to use any of those.
well it helps, if used properly, how thay works is depending on your need and
On Mon, July 6, 2009 01:00, MySQL Student wrote:
I meant to add, how can I determine which IP it was that is being trusted,
anyway?
spamassassin 21 -D -t spammsg | grep trusted | less
there you see all trusted ip, is all safe ?
grep untrusted aswell to see where other ips is, hopefully the
On Mon, July 6, 2009 01:29, MrGibbage wrote:
Hoping for some help,
whitelist all trusted senders in cpanel, and lover default kill score, so all
will get in quarantine if sender is not known in the
whitelist, or another way, get a bluehost.com postmaster to join this maillist
:)
--
xpoint
On Sun, 5 Jul 2009 18:17:21 +0200 (CEST)
Benny Pedersen m...@junc.org wrote:
and the spam mail have all_trusted ?, you trust a spammer in
trusted_networks
ALL_TRUSTED is a bit odd. If you you look back through the debug, it
has identified untrusted relays:
[11689] dbg: metadata:
Hi,
...actually, the rules sandbox in svn has been rearranged a bit since that
announcement. The current ruleset lives here:
http://svn.apache.org/viewvc/spamassassin/trunk/rulesrc/sandbox/jhardin/20_fillform.cf
The updated ReplaceTags.pm is available at:
Hi,
ALL_TRUSTED is a bit odd. If you you look back through the debug, it
has identified untrusted relays:
[11689] dbg: metadata: X-Spam-Relays-Untrusted: [ ip=194.230.33.137
rdns=mx.xm-rz.net helo=mail.xm-rz.net by=myhost.mydomain.com ident=
envfrom= intl=0 id=B94C2118004 auth= msa=0 ] [
Hi again,
I have more information on those untrusted hosts.
ALL_TRUSTED is a bit odd. If you you look back through the debug, it
has identified untrusted relays:
[11689] dbg: metadata: X-Spam-Relays-Untrusted: [ ip=194.230.33.137
rdns=mx.xm-rz.net helo=mail.xm-rz.net by=myhost.mydomain.com
Hmmm... my SA installation is on the dreamhost server. I happened to just
just recently switch from bluehost though. Is there something in the
headers that makes you think my installation is on bluehost still? I did
copy most of the configuration files from my old bluehost server, so it
could
I thought I was careful and deleted all the headers that were added/altered
after passing through my server and onto gmail. And I didn't see any
erroneous blank lines. Perhaps I didn't do as good as I thought. Anyway, I
did try it again, and here are the results:
On Sun, 2009-07-05 at 20:48 -0400, MySQL Student wrote:
How did you determine the scores for FILL_THIS_FORM?
Well, I figured a form should be worth a couple of points, since bayes
and sought_fraud and the SARE fraud rules would also likely hit (for me
at least). I don't think it should be
35 matches
Mail list logo