On 04.08.14 12:51, RobertGrimes wrote:
I have changed the user that runs the spamd service to be the same as when I
ran from command line. I will see what, if any changes occur. I will leave
Bayes alone for the moment; just try one thing at a time to keep the
confusion down.
It's better to
Kevin Miller-18 wrote
Easy to test. Go to a command line, and run nslookup. From the prompt,
type:
Server DNS-SERVER-NAME-OR-IP
Then type in any domain you want to query. If it returns a valid address
it's working. I think DNS servers cache lookups by default.
What's referred to
Karsten Bräckelmann-2 wrote
On Mon, 2014-08-04 at 13:02 -0700, Robert Grimes wrote:
Robert Grimes wrote
I have changed the user that runs the spamd service to be the same as
when
I ran from command line. I will see what, if any changes occur. I will
leave Bayes alone for the moment;
From: RobertGrimes gri...@rgconsulting.com
Date: Tue, 5 Aug 2014 08:50:44 -0700 (PDT)
I don't know if this is fair to ask, but would you (or anyone) care to see
if the message I am posting should be rated higher than 1.9? I appologize if
this is not appropriate.
The
On 8/5/2014 11:50 AM, RobertGrimes wrote:
I don't know if this is fair to ask, but would you (or anyone) care to see
if the message I am posting should be rated higher than 1.9? I appologize if
this is not appropriate.
The message is at http://pastebin.com/UZeDtLWZ
The debug log from spamd is
On 08/05/2014 06:06 PM, Bowie Bailey wrote:
On 8/5/2014 11:50 AM, RobertGrimes wrote:
I don't know if this is fair to ask, but would you (or anyone) care to
see
if the message I am posting should be rated higher than 1.9? I
appologize if
this is not appropriate.
The message is at
The last few days, I’ve been getting a lot of spams that have a similar
pattern. They are plain-text messages, and each one ends with a paragraph from
a restaurant review (apparently to confuse bayesian filters), with some numbers
inserted. There is an 8-digit decimal number and a 32-digit hex
Saw the following SPAM:
http://pastebin.com/eLm1iRpN
Note that:
header From:name =~ /\.\d{7,8}$/
seems to detect it reliably. Easier than trying to detect the “notice” or
“ref.no.” etc. that some have at the end of the subject line.
On Aug 2, 2014, at 4:12 PM, Jo Rhett jrh...@netconsonance.com wrote:
When you send an e-mail to yahoo's published abuse contact, you get back an
e-mail saying to report the issue at http://abuse.yahoo.com/. Now, I really
and truly hate people who think that you should do their job for them,
On Aug 5, 2014, at 10:16 AM, Philip Prindeville
philipp_s...@redfish-solutions.com wrote:
Saw the following SPAM:
http://pastebin.com/eLm1iRpN
That’s the same group of spams that I just posted a rule for, but I’m looking
at the repeated numbers in the last paragraph.
On 8/5/2014 1:08 PM, Andy Balholm wrote:
The last few days, I’ve been getting a lot of spams that have a similar
pattern. They are plain-text messages, and each one ends with a paragraph from
a restaurant review (apparently to confuse bayesian filters), with some numbers
inserted. There is an
On Tue, 5 Aug 2014, Andy Balholm wrote:
The last few days, I’ve been getting a lot of spams that have a similar
pattern. They are plain-text messages, and each one ends with a paragraph from
a restaurant review (apparently to confuse bayesian filters), with some numbers
inserted. There is an
On Aug 5, 2014, at 10:31 AM, John Hardin jhar...@impsec.org wrote:
There's already a rule for this sort of thing in the sandbox.
http://ruleqa.spamassassin.org/20140804-r1615505-n/HEXHASH_WORD/detail
How do I find the actual rule that the page is about?
On Tue, 5 Aug 2014, Andy Balholm wrote:
On Aug 5, 2014, at 10:31 AM, John Hardin jhar...@impsec.org wrote:
There's already a rule for this sort of thing in the sandbox.
http://ruleqa.spamassassin.org/20140804-r1615505-n/HEXHASH_WORD/detail
How do I find the actual rule that the page is
On Aug 5, 2014, at 10:48 AM, John Hardin jhar...@impsec.org wrote:
Unfortunately the masscheck pages' links to SVN got broken in the recent
rebuild.
That rule lives here:
https://svn.apache.org/viewvc/spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf?view=log
It should be
On Tue, 5 Aug 2014, Andy Balholm wrote:
On Aug 5, 2014, at 10:48 AM, John Hardin jhar...@impsec.org wrote:
Unfortunately the masscheck pages' links to SVN got broken in the recent
rebuild.
That rule lives here:
On Aug 5, 2014, at 11:16 AM, John Hardin jhar...@impsec.org wrote:
It can hit on embedded phone numbers, which are, strictly speaking, valid
hexadecimal strings...
I suspect it's hitting on all those dates as well, and needs some more
tightening.
In the spams I’m looking at, all the hex
On 8/5/2014 1:48 PM, John Hardin wrote:
On Tue, 5 Aug 2014, Andy Balholm wrote:
On Aug 5, 2014, at 10:31 AM, John Hardin jhar...@impsec.org wrote:
There's already a rule for this sort of thing in the sandbox.
http://ruleqa.spamassassin.org/20140804-r1615505-n/HEXHASH_WORD/detail
How do I
On 8/4/2014 9:56 PM, Karsten Bräckelmann wrote:
On Sun, 2014-08-03 at 09:22 -0400, Kevin A. McGrail wrote:
Hi Karsten, I did bring this up a few months ago discussing releases.
I'm currently catching up on list mail, and figured recent threads might
be more important than revising old-ish,
On Tue, 5 Aug 2014, Kevin A. McGrail wrote:
On 8/5/2014 1:48 PM, John Hardin wrote:
On Tue, 5 Aug 2014, Andy Balholm wrote:
On Aug 5, 2014, at 10:31 AM, John Hardin jhar...@impsec.org wrote:
There's already a rule for this sort of thing in the sandbox.
--On Wednesday, July 23, 2014 9:39 PM +0100 Martin Gregorie
mar...@gregorie.org wrote:
On Wed, 2014-07-23 at 11:45 -0600, Amir 'CG' Caspi wrote:
I'm definitely considering writing a rule to catch #x0[0-9]{3};
patterns. I'm definitely worried it could cause FPs, but are there
common
Ted Mittelstaedt wrote:
What do other people do? Or are we just going to end up with an Internet in
about 10 years where every single email box is either on Microsoft 365 or
Gmail and the NSA has a wonderful interface to use to hunt through whatever
they want without bothering with a warrant?
Hi,
On Tue, Aug 5, 2014 at 1:20 PM, Andy Balholm a...@balholm.com wrote:
On Aug 5, 2014, at 10:16 AM, Philip Prindeville
philipp_s...@redfish-solutions.com wrote:
Saw the following SPAM:
http://pastebin.com/eLm1iRpN
That’s the same group of spams that I just posted a rule for, but
Wrong address. To unsubscribe, send a mail to the appropriate
list-command address, not the mailing list itself.
See the headers of each and every post on this list:
list-help: mailto:users-h...@spamassassin.apache.org
list-unsubscribe: mailto:users-unsubscr...@spamassassin.apache.org
--
25 matches
Mail list logo