-q -u vmail -r /var/run/spamd/spamd.pid -m 5
Then I run spamc like so:
spamc -s 512000 -u $RECIPIENT
$RECIPIENT is set by my MTA and is replaced with the user's account name.
[snip]
--
Randy Smith
http://perlstalker.amigo.net/
Work is the miracle by which talent is brought to the surface
favorite sigh. Any
suggestions?
Thanks,
Jim Smith
really think about the next question. Is the mini-flame war you're
tying to conduct productive to the preventing of spam, i.e. this group?
I'd check the archives... Matt's been around for a while. He's advice
is usually on the money.
Gary Wayne Smith
-Original Message-
From: Philip
Craploads... They are scoring .2 under my threshold. But I haven't seen
any decrease in the level. I was meaning to train these into bayes...
X-Spam-Level:
X-Spam-Status: No, score=4.8 required=5.0 tests=RCVD_IN_SBL,URIBL_SBL
autolearn=no version=3.1.0
-Original
server that
my mail servers talk to.
--
Randy Smith
http://perlstalker.amigo.net/
http://vuser.org
Title: [OT] Paypal scam emails
Hello,
I received a typical paypal email today and wanted to ask this question of the group before looking too deep into the matter. I normally get at least one a day in my personal account. This is normal. Two weeks ago I setup a new account for purchasing
the probably is of being randomly
spammed over that of someone in the company selling a list.
-Original Message-
From: List Mail User [mailto:[EMAIL PROTECTED]
Sent: Saturday, January 14, 2006 1:26 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Cc: Gary W. Smith; users@spamassassin.apache.org
Hi,
I'm currently getting FPs from users sending themselves mail from personal
accounts with blank message bodies. Many times these messages are presumably
reminders, and as such have valid subject lines. Often these messages
contain attachments with the same filename as the subject, such as I
Tony,
One thing that you need to keep in mind with the question as well. All
distro's are thoroughly tested and sometimes custom compiled. That
isn't necessarily bad but it means that whatever you get out of the box
isn't new. As mentioned you can go with bleeding edge (opensuse,
fedora, etc)
On Thu, Nov 10, 2005 at 04:08:56PM +0100, nick wrote:
Rejecting the mail after DATA?
Spamassassin runs behind my MTA, if the sender passes blacklist checks
and any other obvious no-nos, it's then passed to spamassassin which
NEVER discards email, but places them in a spam folder.
, November 09, 2005 1:54 AM
To: Gary W. Smith; users@spamassassin.apache.org
Subject: RE: HUGE bayes DB (non-sitewide) advice?
Our production database for a large number of emails (but using
site
wide) is about 40mb.
What is your bayes_expiry_max_db_size set to? Do you feel that it
has
been
You're right, my guy gave me the size of bayes + awl. The real number
is 14.5mb. (with an overhead of 3.2mb).
-Original Message-
From: Gary W. Smith [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 09, 2005 9:00 AM
To: email builder; users@spamassassin.apache.org
Subject: RE: HUGE
I'd also through www.linux-ha.org into the mix. We use that to manage
the cluster for the SA database and use DRBD for the filesystem. We
also use the same concept backend email stores as well.
It's more open source to complement this open source.
-Original Message-
From: Michael
Default.
Gart
-Original Message-
From: email builder [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 08, 2005 8:58 PM
To: Gary W. Smith; users@spamassassin.apache.org
Subject: RE: HUGE bayes DB (non-sitewide) advice?
Our production database for a large number of emails (but using
To: Gary W. Smith; users@spamassassin.apache.org
Subject: RE: HUGE bayes DB (non-sitewide) advice?
Our production database for a large number of emails (but using site
wide) is about 40mb.
What is your bayes_expiry_max_db_size set to? Do you feel that it has
been
enough to effectively
an opinion.
Gary Wayne Smith
-Original Message-
From: email builder [mailto:[EMAIL PROTECTED]
Sent: Monday, November 07, 2005 10:56 AM
To: [EMAIL PROTECTED]; users@spamassassin.apache.org
Subject: Re: HUGE bayes DB (non-sitewide) advice?
Well, I know there have to be some admins out
We run a linux-ha cluster. Works out well.
-Original Message-
From: email builder [mailto:[EMAIL PROTECTED]
Sent: Monday, November 07, 2005 6:51 PM
To: users@spamassassin.apache.org
Subject: RE: HUGE bayes DB (non-sitewide) advice?
From what I understand, MySQL cluster design is
, crontabs, time. These are all things that Murphy keeps in
his pocket.
Gary Smith
-Original Message-
From: Marc Perkel [mailto:[EMAIL PROTECTED]
Sent: Monday, October 31, 2005 10:09 AM
To: users@spamassassin.apache.org
Subject: MySQL server resolution
ok - here's what I'm thinking. I want
up if the primary is down. (Note: I am
not currently using AWL or Bayes so the 2nd server is read-only. You can get
around this by using a chained replication thing so A-B-A but that can be
hairy to setup.)
--
Randy Smith
http://perlstalker.amigo.net/
the cluster correctly you shouldn't have any real downtime. It takes 15
seconds max to fail over (that's pulling the plug on the main node).
Why replicate... WE tried that with limited success. Do it right from
the beginning.
Gary Wayne Smith
-Original Message-
From: Marc Perkel [mailto
On Sat, Oct 22, 2005 at 11:05:07AM -0400, Chris L. Franklin wrote:
For starters AWL, white lists and black lists in my option ar ethe worst
things ever. I disable them from the start. If your going to whitelist
some one, why would you want them to even go though SA. (I don't)
Because a
Perhaps this might be a better one for the developers list... I'm writing a
small reporting (perl) script to parse the syslog entries produced by spamd
and produce a report based on its findings. One of the reports is the top n
most triggered spam tests. Does anyone know of an easy way to access
Title: AWL maintenance...
I just though Id share this with everyone.
I noticed that our backend MySQL data instance was running a little slow recently with more of a load on it. This instance is shared between 4 front end servers so I figured maybe we were getting a little more of a load.
Hi,
On one of my machines I'm running v3.0.3 under spamd with a fairly default
config for debian sarge. This is a reasonable spec machine, a 3GHz P4 that is
not swapping, but I'm seeing that each message seems to take quite a while to
check, between 3.5 and 15 seconds each (I'd say averaging at
On Thu, Oct 13, 2005 at 05:17:49AM -0700, Loren Wilton wrote:
On one of my machines I'm running v3.0.3 under spamd with a
fairly default config for debian sarge. This is a reasonable
spec machine, a 3GHz P4 that is not swapping, but I'm seeing
that each message seems to take quite a
but it should give you an idea.
Thanks,
Dan Horne
--
Randy Smith
http://perlstalker.amigo.net/
Work is the miracle by which talent is brought to the surface and
dreams become reality. - Gordon B. Hinckley
combinations of acceptable return
addresses matched with server names.
Many thanks to all, especially Bowie, who patiently walked me through
this one. I really appreciate it.
Smith
Alan Premselaar wrote:
NFN Smith wrote:
Following up on my own post. I'm still thrashing, and not getting any
difference in results.
...snip...
Sorry, I just have to ask. Since you're using MIMEDefang... you are
remembering to restart (or reload) mimedefang after making your changes
with SpamAssassin (2.64 2004-01-11);
Tue, 27 Sep 2005 15:24:16 -0700
From: NFN Smith [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: *SPAM* Sequential test #12a
Date: Tue, 27 Sep 2005 15:21:15 -0700
Message-Id: [EMAIL PROTECTED]
X-Spam-Flag: YES
X-Spam-Checker-Version: SpamAssassin
Following up on my own post. I'm still thrashing, and not getting any
difference in results.
NFN Smith wrote:
You really do HAVE to trust all your own mail relays. Anything else is
just broken.
Agreed.
OK, I've expanded my settings, but I'm still not making any progress
PROTECTED]
Date: Fri, 23 Sep 2005 12:03:32 -0700
From: NFN Smith [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: [SPAM: 7.737] Spam test #6
X-Spam-Status: Yes
X-Spam-Score: 7.737 (***) (required=4) tests=BLANK_LINES_70_80,CLICK_BELOW,E
XCUSE_3,FREE_CONSULTATION,MAILTO_TO_REMOVE,NO_OBLIGATION
, and its internal
IP address is 10.10.10.91
- lacecmmtao05.coxmail.com is 68.99.120.79
- 24.249.175.230 (wsip-24-249-175-230.ph.ph.cox.net) is the network that
I'm sending my mail from.
What else am I missing?
Smith
,REMOVE_IN_QUOTES,REMOVE_SUBJ,RISK_FREE
Sep 22 13:57:21 alpha sendmail[19879]: j8MKvFC4019879: Milter change: header
Subject: from Spam test #4 to [SPAM: 6.87] Spam test #4
Smith
there
is the suggestion of doing it via MIMEDefang, and bypassing the call to
SA altogether if the message is coming from a trusted (but non-local)
server.
Thanks for taking the time to help on this one. I really appreciate it.
Smith
per day.
HTH...
Gary Smith
really trust those servers not to
relay any spam. The trusted_networks setting does not give quite that
level of trust.
Still something to consider. In this case, the servers in question are
really trusted.
Is there something else I might be missing?
Thanks for your help.
Smith
as spam.
Thus, it appears that SA is ignoring my designation of trusted_networks.
Is there something else that I have to make sure is enabled (such as
skip_rbl_checks), is it something that's not functional when I'm running
from MIMEDefang, or something else that I'm missing?
TIA,
Smith
You mentioned firewall. Is it possible that you are not opening up the
right connections to localhost or to the 192.x.x.x machine?
We tend to mix firewall and server software on the same machine from
many small small clients. I'm assuming that you are using iptables.
Did you open up lo for
of getting the proper information for resolv.conf.
HTH,
Gary
-Original Message-
From: Chris [mailto:[EMAIL PROTECTED]
Sent: Saturday, September 10, 2005 10:16 AM
To: Gary W. Smith; users@spamassassin.apache.org
Subject: Re: Net::DNS install assistance
I'm running firestarter, I have
If it's just one of the test that's failing then you might just want to
try installing it anyways. It could be that the particular test is
buggy.
Gary
-Original Message-
From: Chris [mailto:[EMAIL PROTECTED]
Sent: Saturday, September 10, 2005 2:32 PM
To: users@spamassassin.apache.org
Hi,
We are currently seeing scan times of 60-90 seconds on a P4 3Ghz box
after adding some new rules emporium rules to try to increase the
effectiveness of spamassassin.
Is there a way to list the timing for each test rather that the total
scan time so I can see which parts are taking
if you are seeing
long delays. You probably have a half dozen or more DNS based rules
setup and DNS is not working.
{^_^}
- Original Message -
From: Paul J. Smith [EMAIL PROTECTED]
Hi,
We are currently seeing scan times of 60-90 seconds on a P4 3Ghz box
after adding some new rules
I have seen this before as well. I think that it assumes that the
process is dead after it tries to kill and but in reality it's not
because it's still processing an email. I put a sleep 10 in right after
the $RETVAL=$? in the SA init script.
I think the reason is that the init script tries to
How do you (make and) balance the calls to the AV servers? How do you
(make
and) balance the calls to the spamd machines? I am very interested in
these
details!
We just call them in order case on the connection line. On two of the 4
SMTP gateways we use node 1 as the primary and node
PM
To: Jason Frisvold
Cc: Gary W. Smith; users@spamassassin.apache.org
Subject: Re: Load balancing spamd
--- Jason Frisvold [EMAIL PROTECTED] wrote:
On 8/1/05, email builder [EMAIL PROTECTED] wrote:
Even if I had forgotten the -A, I think I would have been seeing
connection
Do you happen to have any firewall rules in place on the LVS instance?
Have you specified which IP's are allowed to access the instance?
Both of the above are what I ran into on the default RH build (even
though I don't run LVS).
spamd -s local5 -d -c -m10 -H -A 10.0.8.0/21
I believe without
M 10BAYES_9915351 4.46% 45.42% 60.57%
M 19BAYES_50 6443 1.87% 19.06% 25.42%
M 31BAYES_80 1154 0.34% 3.41% 4.55%
M 32BAYES_60 1147 0.33% 3.39% 4.53%
M 38
MHello martin,
M
M
MSARE has been playing around with URI rules lately, and when
Mwe need to test for something in the host/domain area, we use
Msomething like:
M uri rule_name m'(?:https?://)?[^/]*testgoeshere'
MIn other words, the test must precede any/all slashes except
Mfor those that
MNot that I'm aware of. To my knowledge the URI rule always
Mmatches the full URL. There are several SA and/or SARe rules
Mwhich depend upon this.
M
MOr do you mean something different by URI and URL than I do.
MI generally use the definitions found at
Has the behaviour of the uri rule been changed at some point to match the
whole of the URL? I have just noticed I am getting some FP when one of my
uri rules matches against the URL rather than URI.
To prevent FP would be very difficult, I think to match the whole of the URL
with uri rules is not
For those thinking of upgrading who have patched earlier versions of 3.0.
you will need to do it again after upgrading.
I was disappointed to see the fix for the above bug was not included in
3.0.4, just had to apply the fix again to get the surbl to work with caps in
the URI.
Martin
install.
Regards,
David Smith
Systems Administrator
University of Oxford
On Wed, 1 Jun 2005, Michael Parker wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
David W Smith wrote:
So I reverted to SA 3.0.2 and the memory leak ceased rapidly plus
the load on the server normalized.
The SA 3.0.3 install had both the URIDNSBL and the SPF module
enabled
M-Original Message-
MFrom: Martin Hepworth [mailto:[EMAIL PROTECTED]
MSent: 31 May 2005 17:45
MTo: Robert Menschel
MCc: SpamAssassin Users
MSubject: Re: problem with split line URL's
M
MRobert
M
Mjust got one in - no matches...
M
MIf anyone wants an example let me know..
M
M--
MMartin
-Original Message-
MFrom: Martin Hepworth
MSent: 31 May 2005 17:45
MTo: Robert Menschel
MCc: SpamAssassin Users
MSubject: Re: problem with split line URL's
M
MRobert
M
Mjust got one in - no matches...
M
MIf anyone wants an example let me know..
M
M--
MMartin Hepworth
Ok just got a spam
M-Original Message-
MFrom: Chris [mailto:[EMAIL PROTECTED]
MSent: 30 May 2005 04:00
MTo: users@spamassassin.apache.org
MSubject: cannot open bayes databases
M
MWhile running my sa-learn script I'm suddenly getting the below:
M
Mdebug: lock: 26313
Mcreated
I was curious if anyone had used Spamassassin caller for Imail?
One of my clients is currently running Imail 8.05 on a windows 2000
machine. I installed Perl 5.8.4 (downloaded recommended modules), SA
3.0.1, and SAC 1.1.0.
Spamassassin sample-spam.txt return everything that it should,
M-Original Message-
MFrom: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
MSent: 15 May 2005 10:46
MTo: users@spamassassin.apache.org
MCc: Loren Wilton
MSubject: Re: Bombarded by German political spam
M
Mnpd.de is Nazi political party
M
M
M Kanzler erleichtert Visaverfahren für Golfstaaten:
M-Original Message-
MFrom: Valery V. Bobrov [mailto:[EMAIL PROTECTED]
MSent: 14 May 2005 13:36
MTo: users@spamassassin.apache.org
MSubject: more spam with SpamAssassin version 3.0.2
M
MHello!
M
MI upgraded to SpamAssassin version 3.0.2 from 2.64 and I
Mnoticed the amount of spam
M-Original Message-
MFrom: Dan Simmons [mailto:[EMAIL PROTECTED]
MSent: 14 May 2005 18:13
MTo: users@spamassassin.apache.org
MSubject: Drug SPAM problem..any fixes?
M
MHi All,
M
MI am having an issue with the following DRUG related spam. Does
Manyone have any rules to catch this?
M-Original Message-
MFrom: Matt Kettler [mailto:[EMAIL PROTECTED]
MSent: 14 May 2005 18:37
MTo: Dan Simmons
MCc: users@spamassassin.apache.org
MSubject: Re: {SPAM} Drug SPAM problem..any fixes?
M
MDan Simmons wrote:
M Hi All,
M
M I am having an issue with the following DRUG related spam.
M-Original Message-
MFrom: Eddy Beliveau [mailto:[EMAIL PROTECTED]
MSent: 12 May 2005 16:49
MTo: users@spamassassin.apache.org
MSubject: spammer is using html code for spamming
M
MHi!
M
MI'm using spamassassin 2.64 with success
M
MI'm having problem catching some specific spammer.
M
MHe
Whoops outlook capitalised this wrong with an I instead of i at the end.
This is what it should have been;
body MS_Body_Hide_DRUG /\b(?:R[!a-z]?eta il|P[!a-z]?ri ces|V.?I RA|C[!a-z]?I
S|(?:V|U)L AM|U[!a-z]?LTRAM|S[!a-z]?MA)\b/i
M-Original Message-
MFrom: Rakesh [mailto:[EMAIL PROTECTED]
MSent: 07 May 2005 07:41
MTo: [EMAIL PROTECTED]; users@spamassassin.apache.org
MSubject: Way to evade URI checks
M
MSeems Spammers have found a way to evade the URI checks
M
Mthe domain coolestrxever.com is listed in
M-Original Message-
MFrom: Jeff Chan [mailto:[EMAIL PROTECTED]
MSent: 04 May 2005 02:29
MTo: users@spamassassin.apache.org
MSubject: Re: [SURBL] how to report
M
MOn Monday, May 2, 2005, 11:34:14 PM, hamann w wrote:
M I just came across this website
M
I second.
HSA (Historical Score Averager) might be reasonably accurate,
but unless
you think about the math, it's purpose isn't clear. (And in my
experience, most people don't enjoy thinking about math. )
Got any better suggestions for a name?
Average Scoring System or ASS :)
--Chris
M-Original Message-
MFrom: Antonio DeLaCruz [mailto:[EMAIL PROTECTED]
MSent: 28 April 2005 23:12
MTo: Pettit, Paul
MCc: users@spamassassin.apache.org
MSubject: RE: Blacklists entries not getting blocked
M
MAttached is a file that contains the header information and
Mthe preview of the
M-Original Message-
MFrom: ROY,RHETT G [mailto:[EMAIL PROTECTED]
MSent: 26 April 2005 14:51
MTo: users@spamassassin.apache.org
MSubject: SA config recommendations to block these spammers?
M
MI have two spammers that consistently get messages through to
Mmy inbox.
MBased on the
M-Original Message-
MFrom: Chris Santerre [mailto:[EMAIL PROTECTED]
MSent: 26 April 2005 21:26
MTo: 'martin smith'; Spamassassin
MSubject: RE: SA config recommendations to block these spammers?
M
M
MMartin, could we get permission to put this in a SARE file?
MFull credit to you obviously
Since 3.0.1 we have had great success with SA and MySQL. In production
we have a decent MySQL server serving two separate Servers running SA
which in turn are used by 4 frond end relays.
All in all I think it's a good solution if you need a central database
shared between multiple instances. It
M-Original Message-
MFrom: Steven Stern
MSent: 15 April 2005 15:56
MTo: spamass-milt-list@nongnu.org; spamass
MSubject: Does -r reject or discard
M
MWe're using spamass-milter with -r 10. Does this reject
Mthe message (causing Sendmail to send a reject) or just
Mdiscard it? If it's a
spamassassinpass
-Original Message-
From: alan premselaar [mailto:[EMAIL PROTECTED]
Sent: Tuesday, April 12, 2005 6:12 PM
To: Gary W. Smith
Cc: [EMAIL PROTECTED]
Subject: Re: SQL install with mSQL driver
Gary,
I'm not a database expert by any means, but I've done a bit
the instance to
production and used a bogus username and it created it in the bayes_vars
database. I'll need to check into why the database isn't cooperating.
Gary
-Original Message-
From: Michael Parker [mailto:[EMAIL PROTECTED]
Sent: Tuesday, April 12, 2005 8:10 PM
To: Gary W. Smith
Michael,
You're 100% on the money. I went back and found that the version table
was empty. I populated it with 3 and it magically works. One more
item for our intrawiki.
That's curveball with the missing entry just had me all messed up.
Thanks,
Gary Wayne Smith
-Original Message
M-Original Message-
MFrom: Andreas Davour [mailto:[EMAIL PROTECTED]
MSent: 13 April 2005 21:23
MCc: users@spamassassin.apache.org
MSubject: Need for a new rule?
M
M
MThe following message have many characteristics in common with much
Mspam I've been getting lately. It's about investments,
MI had the same problem. It turns out that if the email is being
Mrelayed through trusted or internal hosts, SA will skip the
MSPF checks on the belief that it cannot trust that one of
Mthose hosts hasn't
Mchanged the envelope headers.I ended up opening an enhancement
Mrequest to allow
: Tue, 12 Apr 2005 03:08:04 -0400
From: Daryl C. W. O'Shea [EMAIL PROTECTED]
User-Agent: Mozilla Thunderbird 0.8 (Windows/20040913)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: martin smith [EMAIL PROTECTED]
CC: Spamassassin users@spamassassin.apache.org
Subject: Re: about SPF
References
read recommend that we use DBD::mysql instead of DBD::mSQL. Does anyone know if this will work in place of the other package?
Gary Wayne Smith
Hi,
I have been playing about with senderbase a bit and have noticed that
SB_NSP_VOLUME_SPIKE is looking for S5 to be NSP but have also noticed that
they use unknown and in the case of my provider NTL the field is blank.
I tried:
header SB_NSP_VOLUME_SPIKE eval:check_rbl_sub('sb', 'sb:S5 =~
Using a script and a crontab. That's about as automatic as you can get.
For example, we have several account aliases that we have intentionally
signed up on the remove lists and they all end up in a user account
called spam. There will never be any legitimate email going to this
account. So
And what is the dummy record? If it's not valid (i.e. and unroutable IP
such as the 10,192, 172 blocks, then it might get routed back to the
client's internal network. If it's a public IP it can be worse. Say
you route it to a dummy IP owned by you and there isn't anything on
there and one day
they
decided to compare the IP's in the future.
That's what we have done to manage the situation.
Gary Wayne Smith
-Original Message-
From: Menno van Bennekom [mailto:[EMAIL PROTECTED]
Sent: Monday, March 21, 2005 3:05 AM
To: Jeff Chan
Cc: users@spamassassin.apache.org
Subject: Re
The problem is that when they forward the email you will loose the
headers and it will think they are the spam/hammers.
-Original Message-
From: Matt [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 17, 2005 3:05 PM
To: [EMAIL PROTECTED]
Subject: sa-learn help
I am running a Directadmin
I managed to write a metarule for anyone interested, to catch a URL with
trailing : without a port specified, without FP on a 4 digit port.
uri __SpoofPort_URL /.*\:.*|.*\...:.*/
uri __OkPort_URL
/.*\:[0-9]|.*\:[0-9].+\/.*|.*\...:[0-9]|.*\...:[0-9].+\/.*/
meta Spoof_Port_URL
|-Original Message-
|From: Theo Van Dinter [mailto:[EMAIL PROTECTED]
|Sent: 05 March 2005 01:27
|To: SpamAssassin Users
|Subject: Re: [SPAM-TAG] SURBL missing this spam
|
|On Fri, Mar 04, 2005 at 05:23:35PM -0800, Jeff Chan wrote:
| Given that it's apparently fixed in 3.1 should we make a
|-Original Message-
|From: martin smith [mailto:[EMAIL PROTECTED]
|Sent: 05 March 2005 11:41
|To: Spamassassin
|Subject: RE: [SPAM-TAG] SURBL missing this spam
|
|Is there a uri rule we could use to catch e.g. .com: or .uk:
|in the mean time untill 3.1 becomes available
|
|uri SpoofPort_URL /.*\:.*|.*\...:.*/ score SpoofPort_URL 1
|
Ok MK2 that one could FP on genuine URLs with a port specified
uri SpoofPort_URL /.*\:.*|.*\...:.*/
score SpoofPort_URL 1
uri OkPort_URL
/.*\:|.*\...:./|/.*\:\/.*|.*\...:.\/.*/
score OkPort_URL -1
|-Original Message-
|From: Duncan Hill [mailto:[EMAIL PROTECTED]
|Sent: 05 March 2005 15:02
|To: users@spamassassin.apache.org
|Subject: Re: [SPAM-TAG] SURBL missing this spam
|
|On Saturday 05 March 2005 14:49, martin smith wrote:
| |uri SpoofPort_URL /.*\:.*|.*\...:.*/ score
Title: Spamd stops responding...???
Sure it could. How many
spamd processes do you have running? How much time is each taking?
What do your custom rulesets look like? What's the CPU speed? These
are all factors. If you have a bunch of machines hitting the same box and
there are a bunch
I must have received this spam 12 times or more in the last 24 hours and
even though its listed on the SURBL, spamassassin fails to match it against
them.
When I submit the spams to spamcop it parses the url everytime.
SURBL seems to work on all other spams, just wondering if they have found a
way
No really as it was marked at spam to being with. It only scored 9.1
because of AWL...
* -20 AWL AWL: From: address is in the auto white-list
Are you trying to skew my bayes or something :).
Gary
-Original Message-
From: Matt [mailto:[EMAIL PROTECTED]
Sent: Monday, February 28,
Just found this, could be the cause of some of the problems.
2005-02-04
The public server changed its address; please re-run 'pyzor discover' to
find the new server.
http://pyzor.sourceforge.net/
Martin
, but
ended up in myinbox. I am running amavisd-new with Postfix, how do I tell
ifspamassassin is even working?Gary W. Smith
wrote:You might want to collect some additional information from the
clientsuch as the headers. This is where I would
start.Gary-Original
Message-From: Robert
You might want to collect some additional information from the client
such as the headers. This is where I would start.
Gary
-Original Message-
From: Robert Fitzpatrick [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 23, 2005 5:54 AM
To: SpamAssassin
Subject: Porno
I have
Message-
From: Richard Ozer [mailto:[EMAIL PROTECTED]
Sent: 21 February 2005 21:58
To: Paul J. Smith
Cc: users@spamassassin.apache.org
Subject: Re: Auto learning
I had a similar issue and noticed that my bayes database files did not have the
proper
owner or permissions. That prevented auto
.
From: Andy Jezierski [mailto:[EMAIL PROTECTED]
Sent: 22 February 2005 15:19
To: users@spamassassin.apache.org
Subject: RE: Auto learning
Paul J. Smith [EMAIL PROTECTED] wrote on 02/22/2005 01:41:28
AM
the help!
-Original Message-
From: Richard Ozer [mailto:[EMAIL PROTECTED]
Sent: 22 February 2005 15:19
To: Paul J. Smith
Cc: users@spamassassin.apache.org
Subject: Re: Auto learning
Can you post your local.cf?
Paul J. Smith wrote:
Still nothing. I set the owner on the bayes
Still setting up
spamassassin. I've got it running and auto learning is enabled. It's
been running all yesterday and over night. I can see it has tried to auto
learn a lot of ham/spam and I've fed it a load of spam as well. Bayes
doesn't seem to have kicked in though and if I do a sa-learn
Thanks for that. Just reset the permissions and the owner to 'spamd' which
spamd is running under. I'll see if anything has changed in the morning.
-Original Message-
From: Richard Ozer [mailto:[EMAIL PROTECTED]
Sent: 21 February 2005 21:58
To: Paul J. Smith
Cc: users
Hello,
I'm trying to setup spamassassin (for the first time) and using spamd
over a network. The problem I'm getting is that no matter what I do I
can only get spamd to listed on 127.0.0.1.
I'm testing with
spamc -c -d 192.168.0.80 test.msg
If I run spamd from the prompt with no arguments
301 - 400 of 455 matches
Mail list logo