Re: Exim4, Clamav, SA-Exim, (was Re: SWEN isn't slowing down)
On Sunday 12 October 2003 13:28, Paul Johnson wrote: > This howto seems to assume Red Hat, and I've never used exiscan > before. I tried to adapt, but doing so breaks exim. Is there a > howto that doesn't assume a retarded (RPM-based) distro? It was really useful to me, I'm pretty sure my Exim config is OK after following this. However, I experience problems with clamd, what kind of problems do you have...? Perhaps we can help each other out... Cheers, Kjetil -- Kjetil Kjernsmo Astrophysicist/IT Consultant/Skeptic/Ski-orienteer/Orienteer/Mountaineer [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] Homepage: http://www.kjetil.kjernsmo.net/OpenPGP KeyID: 6A6A0BBC -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim4, Clamav, SA-Exim, (was Re: SWEN isn't slowing down)
On Sun, Oct 12, 2003 at 04:28:12AM -0700, Paul Johnson wrote: > This howto seems to assume Red Hat, and I've never used exiscan > before. I tried to adapt, but doing so breaks exim. Is there a howto > that doesn't assume a retarded (RPM-based) distro? Odd. The how-to was straight forward for me. The main use I had of it was putting the ACL lines into Exim. The rest was reading "install clamav" as "aptitude install clamav" and so on. -- Steve C. Lamb | I'm your priest, I'm your shrink, I'm your PGP Key: 8B6E99C5 | main connection to the switchboard of souls. ---+- signature.asc Description: Digital signature
Re: Exim4, Clamav, SA-Exim, (was Re: SWEN isn't slowing down)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, Oct 08, 2003 at 08:14:34AM -0700, Steve Lamb wrote: > On Wed, 8 Oct 2003 02:37:47 -0700 > Paul Johnson <[EMAIL PROTECTED]> wrote: > > On Wed, Oct 08, 2003 at 02:12:41AM -0700, Steve Lamb wrote: > > > There isn't, really. My approach was to try to create a new eval() > > > test in SA which called clamav. I ended up installing > > > exim4-daemon-heavy and using exiscan-acl (compiled into -heavy) to > > > call clamav and left SA in the capable hands of sa-exim. > > > Close enough. Got a howto? > > I found a pretty good how-to on-line with Google. Search on "exiscan-acl > clamav pdf". It should be the 2nd link. This howto seems to assume Red Hat, and I've never used exiscan before. I tried to adapt, but doing so breaks exim. Is there a howto that doesn't assume a retarded (RPM-based) distro? - -- .''`. Paul Johnson <[EMAIL PROTECTED]> : :' : `. `'` proud Debian admin and user `- Debian - when you have better things to do than fix a system -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/iTrLUzgNqloQMwcRAjeDAKCSSWRYpoAsLbgb3GT43x8pcI4rcwCeOosa ZXB5P0CZC4ucVHsexD5jE4g= =J7WY -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim4, Clamav, SA-Exim, (was Re: SWEN isn't slowing down)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, Oct 08, 2003 at 11:09:25PM -0700, Steve Lamb wrote: > It is compiled into exim4-daemon-heavy so just install that package. I > think I had read somewhere that Andreas might eventually include exiscan-acl > into exim4-daemon-light. I may be wrong on that regard. Personally after > Swen and SoBig running -heavy with all its unused features is far preferable > to having those additional messages in my users' inboxes. Blargh...duh...shoulda checked apt-cache before posting... Package: exim4-daemon-heavy <...> This package features the exiscan-acl patch http://duncanthrax.net/exiscan-acl/ for integration of virus-scanners and spamassassin. - -- .''`. Paul Johnson <[EMAIL PROTECTED]> : :' : `. `'` proud Debian admin and user `- Debian - when you have better things to do than fix a system -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/hQDzUzgNqloQMwcRAmCXAKDIC8eygmFrAoVZ5Toq1dgAcrB6EACgyju5 dT2YQGMbyPYP84j3G+miiRI= =XzmO -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim4, Clamav, SA-Exim, (was Re: SWEN isn't slowing down)
On Wed, 8 Oct 2003 22:48:54 -0700 Paul Johnson <[EMAIL PROTECTED]> wrote: > Yup, I found it. I like how KDE 3.2 finally has some kpdf > integration. > Question, though: Where do you get exiscan in debian form for exim4? It is compiled into exim4-daemon-heavy so just install that package. I think I had read somewhere that Andreas might eventually include exiscan-acl into exim4-daemon-light. I may be wrong on that regard. Personally after Swen and SoBig running -heavy with all its unused features is far preferable to having those additional messages in my users' inboxes. -- Steve C. Lamb | I'm your priest, I'm your shrink, I'm your PGP Key: 8B6E99C5 | main connection to the switchboard of souls. ---+- pgp0.pgp Description: PGP signature
Re: Exim4, Clamav, SA-Exim, (was Re: SWEN isn't slowing down)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, Oct 08, 2003 at 08:14:34AM -0700, Steve Lamb wrote: > > Close enough. Got a howto? > > I found a pretty good how-to on-line with Google. Search on "exiscan-acl > clamav pdf". It should be the 2nd link. Yup, I found it. I like how KDE 3.2 finally has some kpdf integration. Question, though: Where do you get exiscan in debian form for exim4? - -- .''`. Paul Johnson <[EMAIL PROTECTED]> : :' : `. `'` proud Debian admin and user `- Debian - when you have better things to do than fix a system -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/hPbGUzgNqloQMwcRAg0vAKCVcUfIDaTqRXk2+r+IxVlJtH8bQwCgqGAc jvw0IXuhqs1yxICJG+ye8lo= =73bp -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim4, Clamav, SA-Exim, (was Re: SWEN isn't slowing down)
On Wed, 8 Oct 2003 02:37:47 -0700 Paul Johnson <[EMAIL PROTECTED]> wrote: > On Wed, Oct 08, 2003 at 02:12:41AM -0700, Steve Lamb wrote: > > There isn't, really. My approach was to try to create a new eval() > > test in SA which called clamav. I ended up installing > > exim4-daemon-heavy and using exiscan-acl (compiled into -heavy) to > > call clamav and left SA in the capable hands of sa-exim. > Close enough. Got a howto? I found a pretty good how-to on-line with Google. Search on "exiscan-acl clamav pdf". It should be the 2nd link. -- Steve C. Lamb | I'm your priest, I'm your shrink, I'm your PGP Key: 8B6E99C5 | main connection to the switchboard of souls. ---+- pgp0.pgp Description: PGP signature
Re: SWEN isn't slowing down
On Tue, Oct 07, 2003 at 08:31:53AM -0700, A P wrote: | I have added practically every major country suffix in my | /etc/mail/access file Why? | and I am discovering new ones every day! Naturally. Search on google to find the listing of ISO country codes. You can add all of them at once and never discover another new one. (well, at least not until a new country is created or develops enough technology to be added to the ISO list) | Man, I am so close to blocking "net" and "com". Again, why? | Well, in that case I might just as well shutdown my email server. If you are going to universally block everyone anyways then you're right, you | Although I must say that it's kind of satisfying to see "reject=553" | messages in syslog. Rather than universally blocking various TLDs, why not just block the content that you dislike? It's really very effective. (Oh, btw, 80 copies of swen per day isn't a whole lot. I receive between 150 and 300 and some sites get 10 times that) Here's a sample from my /etc/postfix/body_checks (a pcre map) : # All .exe files from MSVC have the same starting bytes /^TVqQAAME\/\/8AALgAQA*$/ # Dumb. Just plain dumb. /^Outgoing mail is certified Virus Free\.$/ IGNORE |^Version: .\..\ / Virus Database: ... - Release Date: .?./../..(?:..)?$| IGNORE # Just as dumb. /Antigen for Exchange found/DISCARD /Sophos Plc MailMonitor for Domino/ DISCARD /^---+ +Virus Warning Message / DISCARD And this is from header_checks : # Dumb. Dumber. and Dumberer. /^From: NAV for Microsoft Exchange/ DISCARD /^Subject: .*(?:NAV|Norton AntiVirus) detected (?:and quarantined )?a virus/ DISCARD /^Subject: .*ScanMail for Lotus Notes/ DISCARD /^Subject: .*Symantec AVF detected a.*virus/DISCARD /^Subject: .*Virus Alert/ DISCARD /^Subject: .*A Virus was detected/ DISCARD /^Subject: .*VIRUS IN YOUR MAIL/DISCARD /^Subject: .*Virus Detected by Network Associates/ DISCARD -D -- "Open Source Software - Sometimes you get more than you paid for..." http://dman13.dyndns.org/~dman/ pgp0.pgp Description: PGP signature
Re: Exim4, Clamav, SA-Exim, (was Re: SWEN isn't slowing down)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, Oct 08, 2003 at 02:12:41AM -0700, Steve Lamb wrote: > On Wed, 8 Oct 2003 01:24:27 -0700 > Paul Johnson <[EMAIL PROTECTED]> wrote: > > I've been curious on how to tie in virus scanning to sa-exim as well, > > post it to this list if you figure it out. > There isn't, really. My approach was to try to create a new eval() > test in SA which called clamav. I ended up installing > exim4-daemon-heavy and using exiscan-acl (compiled into -heavy) to > call clamav and left SA in the capable hands of sa-exim. Close enough. Got a howto? - -- .''`. Paul Johnson <[EMAIL PROTECTED]> : :' : `. `'` proud Debian admin and user `- Debian - when you have better things to do than fix a system -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/g9rrUzgNqloQMwcRAp9pAKCA8JwsmnbXWKGR8AfifermJBBcbQCfZ/Zz 1iCgFZdyXlIvJo20FTD4vMA= =hKyf -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim4, Clamav, SA-Exim, (was Re: SWEN isn't slowing down)
On Wed, 8 Oct 2003 01:24:27 -0700 Paul Johnson <[EMAIL PROTECTED]> wrote: > I've been curious on how to tie in virus scanning to sa-exim as well, > post it to this list if you figure it out. There isn't, really. My approach was to try to create a new eval() test in SA which called clamav. I ended up installing exim4-daemon-heavy and using exiscan-acl (compiled into -heavy) to call clamav and left SA in the capable hands of sa-exim. -- Steve C. Lamb | I'm your priest, I'm your shrink, I'm your PGP Key: 8B6E99C5 | main connection to the switchboard of souls. ---+- pgp0.pgp Description: PGP signature
Re: Exim4, Clamav, SA-Exim, (was Re: SWEN isn't slowing down)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, Oct 07, 2003 at 10:05:43PM +0200, Kjetil Kjernsmo wrote: > Yeah, that's one option. I considered it, but the problem is, if you > feed the learner with tons of similar viruses, how good will it be to > kill spam...? Bayesian filtering goes on what *you* consider spam, not the traditional definition. > Also, if you feed those to Vipul's Razor, what would it > mean for Razor? Potentially, the virus infected messages get flagged as spam by razor, which isn't neccisarilly a Bad Thing. > I'm working on it right now, actually. I have just upgraded my mail > server to Exim4. I think I would recommend that to everyone. If you ask > for help on the Exim users list about Exim 3, people don't remember > what it was like running Exim 3 anymore, so you're quite lost... :-) Which is really strange, since it's the same MTA, just different layout of the configs which makes it easier to take advantage of the more advanced features. > What I've done is to install exim4-daemon-heavy and clamav-daemon, then > have a DATA ACL reject certain executables, then pass it to clamd if > that didn't do the trick. They are rejected in the SMTP dialogue, if I > got this right (somebody correct me if I'm wrong, ASAP :-) ), so the > bounce doesn't hit an innocent bystander. I wouldn't reject arbitrarily on filenames but the rest sounds good. > Before I run along to the sa-exim mailing list, has anybody here got it > working? I've been curious on how to tie in virus scanning to sa-exim as well, post it to this list if you figure it out. - -- .''`. Paul Johnson <[EMAIL PROTECTED]> : :' : `. `'` proud Debian admin and user `- Debian - when you have better things to do than fix a system -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/g8m7UzgNqloQMwcRAsRkAJ9vVB0bDk0uHFvEHs5XCJu0IsXIrwCgqC3+ BNaxJmQRi1MmAmthGgoDHOo= =PREa -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: SWEN isn't slowing down
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Turn your line wraps on! On Tue, Oct 07, 2003 at 08:31:53AM -0700, A P wrote: > These f** SWEN emails are still pouring in. I am getting about 80 per day. It's > sickening. http://ursine.ca/~baloo/ has a list of virus infected hosts. - -- .''`. Paul Johnson <[EMAIL PROTECTED]> : :' : `. `'` proud Debian admin and user `- Debian - when you have better things to do than fix a system -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/g7ruUzgNqloQMwcRAovwAJ9ddjHcHqKnllRTuXVH06ApBV2vcwCfVPpM pu2DMDLzDvhkkeICin0KnwA= =s2Lm -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
RE: SWEN isn't slowing down
> -Original Message- > From: Karsten M. Self [mailto:[EMAIL PROTECTED] > Sent: Wednesday, 8 October 2003 9:05 AM > To: [EMAIL PROTECTED] > Subject: Re: SWEN isn't slowing down > > > on Tue, Oct 07, 2003 at 08:31:53AM -0700, A P > ([EMAIL PROTECTED]) wrote: > > These f** SWEN emails are still pouring in. I am > getting about 80 > > per day. It's sickening. > > > > I have added practically every major country suffix in my > > /etc/mail/access file and I am discovering new ones every > day! Man, I > > am so close to blocking "net" and "com". Well, in that case I might > > just as well shutdown my email server. Although I must say > that it's > > kind of satisfying to see "reject=553" messages in syslog. > > > > I am curious to find out how long it takes for SWEN to find > the email > > address I am posting this from. > > If you control your own SMTP server: deny mail with > executable attachments, or if you want finer-grained control, > install clamav and block viruses specifically. exim4 > specifically has configurations which make this relatively trivial. > > If you don't control your SMTP server, request your ISP > provide you with the tools to: > > - Deny (not block) executables or viruses at SMTP time. > - Deny (not block) high-scoring spam based on SpamAssassin > (ask for it > by name) or known good Bayesian classifiers (bogofilter, > spambayes, > etc.), at SMTP time. > - Provide regular reports of what mail was blocked by sender and > subject (daily/weekly/monthly), so you can track performance. > > Why at SMTP time? Because legitimate senders then know that > their message didn't get through, because _their_ sending > SMTP server will generate a bounce. Your SMTP server *isn't* > generating a bounce, so it doesn't spam (joe-job) innocent > third parties spoofed in headers. > > I've seen some ordinarially intelligent people suggest that > this is encouraging ISP censorship of email. It's *not*. > It's extending *your* perimiter of control -- remember that > I'd said first "If _you_ control your SMTP server...". In > this case you have the control. If you're relying on an ISP, > you don't, which is specifically what we're trying to change. > > > Peace. > > -- > Karsten M. Self <[EMAIL PROTECTED]> > http://kmself.home.netcom.com/ > What Part of "Gestalt" don't > you understand? >Support the EFF, they support you: http://www.eff.org/ > Also consider http://sourceforge.net/projects/bmf/ I have been using for nearly a year, very very happy with it too. deb available too. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: SWEN isn't slowing down
on Tue, Oct 07, 2003 at 08:31:53AM -0700, A P ([EMAIL PROTECTED]) wrote: > These f** SWEN emails are still pouring in. I am getting about 80 > per day. It's sickening. > > I have added practically every major country suffix in my > /etc/mail/access file and I am discovering new ones every day! Man, I > am so close to blocking "net" and "com". Well, in that case I might > just as well shutdown my email server. Although I must say that it's > kind of satisfying to see "reject=553" messages in syslog. > > I am curious to find out how long it takes for SWEN to find the email > address I am posting this from. If you control your own SMTP server: deny mail with executable attachments, or if you want finer-grained control, install clamav and block viruses specifically. exim4 specifically has configurations which make this relatively trivial. If you don't control your SMTP server, request your ISP provide you with the tools to: - Deny (not block) executables or viruses at SMTP time. - Deny (not block) high-scoring spam based on SpamAssassin (ask for it by name) or known good Bayesian classifiers (bogofilter, spambayes, etc.), at SMTP time. - Provide regular reports of what mail was blocked by sender and subject (daily/weekly/monthly), so you can track performance. Why at SMTP time? Because legitimate senders then know that their message didn't get through, because _their_ sending SMTP server will generate a bounce. Your SMTP server *isn't* generating a bounce, so it doesn't spam (joe-job) innocent third parties spoofed in headers. I've seen some ordinarially intelligent people suggest that this is encouraging ISP censorship of email. It's *not*. It's extending *your* perimiter of control -- remember that I'd said first "If _you_ control your SMTP server...". In this case you have the control. If you're relying on an ISP, you don't, which is specifically what we're trying to change. Peace. -- Karsten M. Self <[EMAIL PROTECTED]>http://kmself.home.netcom.com/ What Part of "Gestalt" don't you understand? Support the EFF, they support you: http://www.eff.org/ signature.asc Description: Digital signature
Re: Exim4, Clamav, SA-Exim, (was Re: SWEN isn't slowing down)
On Tue, 7 Oct 2003 22:05:43 +0200 Kjetil Kjernsmo <[EMAIL PROTECTED]> wrote: > Yeah, that's one option. I considered it, but the problem is, if you > feed the learner with tons of similar viruses, how good will it be to > kill spam...? Also, if you feed those to Vipul's Razor, what would it > mean for Razor? People are already feeding it to Razor. > With those considerations, I have opted to kill viruses first, then let > SpamAssassin take care of the rest. This seems to be the preferred method. > I've been working hard to get SA-Exim working on the top of this... > SA-Exim is one of Marc Merlins beautiful hacks, to use SpamAssassin to > reject spam at SMTP-time. It looks so simple; just install the .deb > from What do you want to do? exiscan-acl can also query Spamassassin and reject at SMTP time. The main reason to go with sa-exim is to get the extra features it offers. Those features being saving the message easily, teergrubing and such. If you have no need of those features then there's no need to install sa-exim. > edit /etc/exim4/spamassassin.conf to enable it, then uncomment one line > in /etc/exim4/conf.d/main/15_sa-exim_plugin_path rebuild the config > file, and that, I thought, would do the trick But nothing happens. > It doesn't enter the config file, but there is no error message... > Before I run along to the sa-exim mailing list, has anybody here got it > working? Yup, what do your logs say? -- Steve C. Lamb | I'm your priest, I'm your shrink, I'm your PGP Key: 8B6E99C5 | main connection to the switchboard of souls. ---+- pgp0.pgp Description: PGP signature
Exim4, Clamav, SA-Exim, (was Re: SWEN isn't slowing down)
On Tuesday 07 October 2003 19:48, Alfredo Valles wrote: > > I have added practically every major country suffix in my > > /etc/mail/access file and I am discovering new ones every day! > > Man, I am so close to blocking "net" and "com". Well, in that case > > I might just as well shutdown my email server. Although I must say > > that it's kind of satisfying to see "reject=553" messages in > > syslog. > > > > I am curious to find out how long it takes for SWEN to find the > > email address I am posting this from. > > I was near suicide when some good guy in this list recommended me > spamassissin. It's so easy to get to work and once that you train the > bayesian filter bye bye to all the stupids swen mails. Yeah, that's one option. I considered it, but the problem is, if you feed the learner with tons of similar viruses, how good will it be to kill spam...? Also, if you feed those to Vipul's Razor, what would it mean for Razor? With those considerations, I have opted to kill viruses first, then let SpamAssassin take care of the rest. I'm working on it right now, actually. I have just upgraded my mail server to Exim4. I think I would recommend that to everyone. If you ask for help on the Exim users list about Exim 3, people don't remember what it was like running Exim 3 anymore, so you're quite lost... :-) But don't ask me for help if you do, I'm really struggling myself... :-) What I've done is to install exim4-daemon-heavy and clamav-daemon, then have a DATA ACL reject certain executables, then pass it to clamd if that didn't do the trick. They are rejected in the SMTP dialogue, if I got this right (somebody correct me if I'm wrong, ASAP :-) ), so the bounce doesn't hit an innocent bystander. I'm seeing these beautiful lines in my rejectlog: 2003-10-07 21:15:32 1A6xIx-0007Hq-Fi H=vsmtp4.tin.it [212.216.176.224] F=<[EMAIL PROTECTED]> rejected after DATA: exe files are not accepted here A few docs: http://www.timj.co.uk/linux/exim.php http://marc.merlins.org/linux/exim/ http://www.tu-berlin.de/zrz/dienste/netz/mail/EXIM/spec_37.html#CHAP37 http://duncanthrax.net/exiscan-acl/exiscan-acl-spec.txt Needed APT sources: deb http://www.logic.univie.ac.at/~ametzler/debian/exim4manpages/ woody/ deb http://www.logic.univie.ac.at/~ametzler/debian/gnutls/ woody/ deb http://people.debian.org/~aurel32/BACKPORTS stable main I've been working hard to get SA-Exim working on the top of this... SA-Exim is one of Marc Merlins beautiful hacks, to use SpamAssassin to reject spam at SMTP-time. It looks so simple; just install the .deb from http://www.logic.univie.ac.at/~ametzler/debian/exim4manpages/exim-sa/sa-exim_3.0-1_i386.deb edit /etc/exim4/spamassassin.conf to enable it, then uncomment one line in /etc/exim4/conf.d/main/15_sa-exim_plugin_path rebuild the config file, and that, I thought, would do the trick But nothing happens. It doesn't enter the config file, but there is no error message... Before I run along to the sa-exim mailing list, has anybody here got it working? Cheers, Kjetil -- Kjetil Kjernsmo Astrophysicist/IT Consultant/Skeptic/Ski-orienteer/Orienteer/Mountaineer [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] Homepage: http://www.kjetil.kjernsmo.net/OpenPGP KeyID: 6A6A0BBC -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: SWEN isn't slowing down
On Tuesday 07 October 2003 11:31 am, A P wrote: > These f** SWEN emails are still pouring in. I am getting about 80 per > day. It's sickening. > > I have added practically every major country suffix in my /etc/mail/access > file and I am discovering new ones every day! Man, I am so close to > blocking "net" and "com". Well, in that case I might just as well shutdown > my email server. Although I must say that it's kind of satisfying to see > "reject=553" messages in syslog. > > I am curious to find out how long it takes for SWEN to find the email > address I am posting this from. I was near suicide when some good guy in this list recommended me spamassissin. It's so easy to get to work and once that you train the bayesian filter bye bye to all the stupids swen mails. And you can make it work in your mail client too if you don't have access to your mail server. Alfredo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
