Spam management and sa-learn
Hi all Debian users, I have this setup for mail: exim4 as MTA, fetchmail to fetch mails from different pop3 servers which delivers mails to procmail and procmail calls spamc and finally I'm using mutt as my mail reader. I'm used to recollect spam messages in an archive named ~/Mail/archive/recent/spam, which contains *all* the spam messages collected in the last 6 months (weekly refreshed by an anacron script). In order to train spamassassin I also run weekly this anacron script: #! /bin/bash MAILROOT=$HOME/Mail # maildir inboxes # learn what is ham sa-learn --ham $MAILROOT/archive/recent/generic/* #learn what is spam sa-learn --spam $MAILROOT/archive/recent/spam/* both ~/archive/recent/spam and ~/archive/recent/generic are maildir mailbox (this is the reason I use the * to match cur, new and tmp). The problem with this setup is that I continue to get a *large* number of spam messages in my generic inbox (which contains no mailing-list mails), in the order of more then 50 messages per day, and I'm getting tired to manually filter it, while most of spam messages (200+) are directly addressed in the ~/inbox/probably-spam directory. So my question is: what's wrong with this setup, in particular can you suggest how to improve the spamassassing training? Also I would like to avoid to encapsulate messages detected as spam as it currently spamc does encapsulating in a message starting like this: "Spam detection software, running on the system "santefisi.caos.org", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see the administrator of that system for details." Can you suggest which option I have to switch off? Also I ask if such messages are correctly classified when the sa-learn is run against them (maybe *this* the problem). Also have you suggestions for how to improve this spam management system for this one-user system? Many thanks, regards and and an happy debianish new year. -- Stefano Sabatini Linux user number 337176 (see http://counter.li.org) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
sa-learn error message
Hello
I've got this error:
$ sa-learn --spam 1193706642.H221893P4714.tenpostadsl.lviv.farlep.net:2,S
syntax error for eval function GREYLIST_ISWHITE: greylisting("( 'dir' =>
'/var/spool/sa-exim/tuplets'; 'method' => 'dir'; 'greylistsecs' =>
'1800'; 'dontgreylistthreshold' => 11; 'connectiphdr' => ' at
/usr/share/perl5/Mail/SpamAssassin/Conf/Parser.pm line 717.
Learned tokens from 1 message(s) (1 message(s) examined)
Can anyone help me identifying the source of it?
Thank you in advance.
Yuriy
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
sa-learn error message
Hello
I've got this error:
$ sa-learn --spam 1193706642.H221893P4714.tenpostadsl.lviv.farlep.net:2,S
syntax error for eval function GREYLIST_ISWHITE: greylisting("( 'dir' =>
'/var/spool/sa-exim/tuplets'; 'method' => 'dir'; 'greylistsecs' =>
'1800'; 'dontgreylistthreshold' => 11; 'connectiphdr' => ' at
/usr/share/perl5/Mail/SpamAssassin/Conf/Parser.pm line 717.
Learned tokens from 1 message(s) (1 message(s) examined)
Can anyone help me identifying the source of it?
Thank you in advance.
Yuriy
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
sa-learn error message
I've got this error:
$ sa-learn --spam 1193706642.H221893P4714.tenpostadsl.lviv.farlep.net:2,S
syntax error for eval function GREYLIST_ISWHITE: greylisting("( 'dir' =>
'/var/spool/sa-exim/tuplets'; 'method' => 'dir'; 'greylistsecs' =>
'1800'; 'dontgreylistthreshold' => 11; 'connectiphdr' => ' at
/usr/share/perl5/Mail/SpamAssassin/Conf/Parser.pm line 717.
Learned tokens from 1 message(s) (1 message(s) examined)
Can anyone help me identifying the source of it?
Thank you in advance.
Yuriy
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: SA-learn on remote host
On 17:22 Fri 14 Sep , Andrew Sackville-West wrote: > On Fri, Sep 14, 2007 at 09:23:16PM +0100, John K Masters wrote: > > I am gradually implementing a mail system where I have a mail-server on > > host1 running Postfix/Courier/Procmail/spamc which passes all except > > whitelisted mail to spamd on another server - host2. host2 simply runs > > the mail through SA and passes it back to host1 from which I read on my > > local box via Mutt. > > > I see a couple possibilities. > > 1) if its a seceure network, just mount nfs the spam folder from host1 > on host2 and run it locally on host2. > > 2) pipe the mail through ssh. something like > > find /path/to/spam | cat | ssh [EMAIL PROTECTED] sa-learn --spam -u > appropriate-user-name - > > might work, but would require some mucking aorund with permissions and > pubkey authentication. > > Those are my guesses. > > A OK got it working roughly thus:- 1] Generate a passphraseless ssh key on the local machine. 2] Copy the .pub key to all the servers you wish to connect to. 3] Anacron job on local machine run daily - ssh-add /path/to/passphraseless/key ssh -A [EMAIL PROTECTED] /path/to/host1-script.sh ssh-add -d /path/to/passphraseless/key 4] host1-script.sh is - #!/bin/bash SPAMSERV="[EMAIL PROTECTED]" #FQDN of host running spamd LEARNDIR="/home/spamd/learnspam" #dir to hold spam TARGETDIR=$SPAMSERV:$LEARNDIR SPAMDIR="/path/to/spam-mailbox/*" #Where my spam is on host1 scp $SPAMDIR $TARGETDIR ssh $SPAMSERV sa-learn --spam $LEARNDIR rm $SPAMDIR exit Needs some (a lot of) tidying up but works for now and allows me to filter out false positives before they get assessed by sa-learn. Regards, John -- War is God's way of teaching Americans geography Ambrose Bierce (1842 - 1914) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: SA-learn on remote host
On 08:22 Sat 15 Sep , Daniel Burrows wrote: > On Fri, Sep 14, 2007 at 09:23:16PM +0100, John K Masters <[EMAIL PROTECTED]> > was heard to say: > > I am gradually implementing a mail system where I have a mail-server on > > host1 running Postfix/Courier/Procmail/spamc which passes all except > > whitelisted mail to spamd on another server - host2. host2 simply runs > > the mail through SA and passes it back to host1 from which I read on my > > local box via Mutt. > > > > Most spam gets filtered into the .Spam folder and I have bound keys in > > Mutt to move missed spam to this folder and to copy good messages to a > > .Ham folder. > > > > What I would like to do now is have a cronjob run the contents of these > > two folders through SA-learn and then delete them. ATM I am stumped as > > to how to go about this. Any pointers very welcome. > > I use IMAP to synchronize my mail across systems (sounds like you do > too?), and just run the attached script over folders holding spam and > ham to learn. (warning: it's quick and dirty, won't work for anyone > else without tweaks!) > > Daniel Thanks for that. The script looks interesting especially as I am trying to learn Python :) I am playing around with ssh agent-forwarding and it seems to be coming together although I tend to keep moving the goalposts when I think of some new possibility. Regards, John -- War is God's way of teaching Americans geography Ambrose Bierce (1842 - 1914) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: SA-learn on remote host
On Fri, Sep 14, 2007 at 09:23:16PM +0100, John K Masters <[EMAIL PROTECTED]>
was heard to say:
> I am gradually implementing a mail system where I have a mail-server on
> host1 running Postfix/Courier/Procmail/spamc which passes all except
> whitelisted mail to spamd on another server - host2. host2 simply runs
> the mail through SA and passes it back to host1 from which I read on my
> local box via Mutt.
>
> Most spam gets filtered into the .Spam folder and I have bound keys in
> Mutt to move missed spam to this folder and to copy good messages to a
> .Ham folder.
>
> What I would like to do now is have a cronjob run the contents of these
> two folders through SA-learn and then delete them. ATM I am stumped as
> to how to go about this. Any pointers very welcome.
I use IMAP to synchronize my mail across systems (sounds like you do
too?), and just run the attached script over folders holding spam and
ham to learn. (warning: it's quick and dirty, won't work for anyone
else without tweaks!)
Daniel
#!/usr/bin/python
#
# Process spam in the maildir ~/Mail/spam-to-learn and ham in the
# maildir ~/Mail/ham-to-learn, clearing both maildirs as we work.
# This is meant to be run as a cronjob and will lock other instances
# of itself out. Note: the locking mechanism assumes that flock()
# behaves sanely; you may not want to use this if you have a
# networked $HOME. (it has the benefit that the lock is
# automatically dropped if the process dies unexpectedly)
import fcntl
import os
import sys
home = os.environ['HOME']
lockfile = '%s/.learnspam-lock' % home
f = file(lockfile, 'w')
try:
fcntl.flock(f.fileno(), fcntl.LOCK_EX | fcntl.LOCK_NB)
except IOError:
print 'learnspamjob already running'
sys.exit(0)
quiet = not os.isatty(1)
def dolistdir(dirname):
return ['%s/%s'%(dirname, x) for x in os.listdir(dirname)]
# Process and delete each message in the maildir with the given
# command template.
def process_maildir(dname, cmd):
files = dolistdir('%s/cur'%dname) + dolistdir('%s/new'%dname)
for f in files:
rval = os.system(cmd % f)
if not os.WIFEXITED(rval):
if os.WIFSIGNALED(rval):
msg = '"%s" terminated with signal %d' % (cmd % f,
os.WTERMSIG(rval))
elif os.WIFSTOPPED(rval):
msg = '"%s" unexpectedly stopped' % (cmd % f)
elif os.WIFCONTINUED(rval):
msg = '"%s" unexpectedly continued' % (cmd % f)
if os.WCOREDUMP(rval):
msg += ' (core dumped)'
sys.stderr.write('ERROR processing %s: %s\n'%(f, msg))
elif os.WEXITSTATUS(rval) <> 0:
sys.stderr.write('ERROR processing %s: "%s" exited with status
%d'%(f, cmd % f, os.WEXITSTATUS(rval)))
else:
try:
os.unlink(f)
except OSError, e:
sys.stderr.write('Unable to unlink %s: %s\n'%(f, e.strerror))
process_maildir('%s/Mail/spam-to-learn' % home, 'spamassassin -r %s >
/dev/null')
process_maildir('%s/Mail/ham-to-learn' % home, 'sa-learn --ham %s > /dev/null')
Re: SA-learn on remote host
On Fri, Sep 14, 2007 at 09:23:16PM +0100, John K Masters wrote: > I am gradually implementing a mail system where I have a mail-server on > host1 running Postfix/Courier/Procmail/spamc which passes all except > whitelisted mail to spamd on another server - host2. host2 simply runs > the mail through SA and passes it back to host1 from which I read on my > local box via Mutt. > > Most spam gets filtered into the .Spam folder and I have bound keys in > Mutt to move missed spam to this folder and to copy good messages to a > .Ham folder. > > What I would like to do now is have a cronjob run the contents of these > two folders through SA-learn and then delete them. ATM I am stumped as > to how to go about this. Any pointers very welcome. I see a couple possibilities. 1) if its a seceure network, just mount nfs the spam folder from host1 on host2 and run it locally on host2. 2) pipe the mail through ssh. something like find /path/to/spam | cat | ssh [EMAIL PROTECTED] sa-learn --spam -u appropriate-user-name - might work, but would require some mucking aorund with permissions and pubkey authentication. Those are my guesses. A signature.asc Description: Digital signature
SA-learn on remote host
I am gradually implementing a mail system where I have a mail-server on host1 running Postfix/Courier/Procmail/spamc which passes all except whitelisted mail to spamd on another server - host2. host2 simply runs the mail through SA and passes it back to host1 from which I read on my local box via Mutt. Most spam gets filtered into the .Spam folder and I have bound keys in Mutt to move missed spam to this folder and to copy good messages to a .Ham folder. What I would like to do now is have a cronjob run the contents of these two folders through SA-learn and then delete them. ATM I am stumped as to how to go about this. Any pointers very welcome. Regards, John -- War is God's way of teaching Americans geography Ambrose Bierce (1842 - 1914) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: automating sa-learn via cyrus mailbox?
Will Trillich wrote: i've been thinking again, so to avoid doing something dangerous i thought i run it past y'all'uns-- :) we're running cyrus21 and exim4 for email services, and would like to automate the "sa-learn" feature system-wide. so why not create a "user.spam" cyrus mailbox, BOUNCE any spams there and have cron do some sort of automated "sa-learn --spam" on the results, and then delete them? anybody doing anything like this? got code i could sniff before i work up my own wheel from scratch? I've had another thought... The utility of the sa-learn feature depends on the quantitiy of mail you feed it: does anyone know how much mail sa needs to see to learn anything useful? I use it to report spam, which I think is different. -- Cheers John -- spambait [EMAIL PROTECTED] [EMAIL PROTECTED] Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: automating sa-learn via cyrus mailbox?
On Saturday 28 August 2004 10:31 pm, Will Trillich wrote:
> we're running cyrus21 and exim4 for email services, and would
> like to automate the "sa-learn" feature system-wide.
Here's what I'm using for that purpose:
###
#!/usr/bin/env python
# Copyright 2004 by Kirk Strauser. BSD licence, etc.
import os
import re
mailboxes = {
'mailserver.example.com':
{ 'ham' : 'INBOX.spam.train.ham',
'spam': 'INBOX.spam.train.spam', }
}
learncmd = 'fetchmail %(options)s --silent --folder %(folder)s --mda "sa-learn
--%(type)s" %(server)s'
printed = None
resre = re.compile(r'Learned from (\d+) message\(s\) \((\d+) message\(s\)
examined\)\.')
totalexamined = totallearned = 0
for server in mailboxes.keys():
for mailtype in mailboxes[server].keys():
# print 'Fetching', mailtype
execcmd = learncmd % {
'folder' : mailboxes[server][mailtype],
'server' : server,
'type' : mailtype,
'options': '',
}
# print execcmd
cmdoutput = os.popen(execcmd).readlines()
if not cmdoutput:
continue
learned = examined = 0
for line in cmdoutput:
result = resre.match(line)
if result:
learned += int(result.group(1))
examined += int(result.group(2))
if not printed:
print 'sa-learn results:'
print
printed = 1
print ' Type:', mailtype
print 'Examined:', examined
print 'Learned :', learned
###
I preconfigured fetchmail with my username and password like so:
###
poll mailserver.example.com with proto IMAP
user 'myusername' there with password 'password' is 'myusername' here options
fetchall batchlimit 100
###
Then, I run the script as a cron job every 15 minutes. It downloads mail
from 'INBOX.spam.train.ham' and uses that for ham training, then repeats
the process for .spam. This is a single-user setup, but you should be
able to extend it pretty easily.
I read my mail with Kmail and drag false positives and negatives into the
appropriate folders as I go.
--
Kirk Strauser
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: automating sa-learn via cyrus mailbox?
Alex Nordstrom wrote: On Sunday, 29 Aug 2004 12:46, [EMAIL PROTECTED] wrote: so why not create a "user.spam" cyrus mailbox, BOUNCE any spams there and have cron do some sort of automated "sa-learn --spam" on the results, and then delete them? I've thought about it, but not done any active investigation. Problems I see: How much does SA depend on headers for identiying spam in learn mode? It uses them in diagnosing spam. not forward, bounce. of course, mutt seems like the only client that has that feature, and my gui-happy clientele will never use anything so arcane (or so powerful). While KMail does have a bounce feature, it actually does what its name implies and bounces to the apparent sender. However, it also has a feature that sounds like what you speak of, called, appropriately, "redirect to". You can set it up as a filter and add it to the Apply Filter menu with a corresponding shortcut key and/or toolbar button. My main point, of course, is that it's a feature widely not implemented. Of most interest in _my_environment are Entourage and Apple's Mail. Even if those do, I'm not confident in my ability to teach the users to get it write. With kmail you can push mail through a program of your choice. Tbird lacks that feature, and Moz leaks memory too much for me to be bothered to try it: I won't be using it for mail anyway. -- Cheers John -- spambait [EMAIL PROTECTED] [EMAIL PROTECTED] Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: automating sa-learn via cyrus mailbox?
On Sunday, 29 Aug 2004 12:46, [EMAIL PROTECTED] wrote: > > >so why not create a "user.spam" cyrus mailbox, BOUNCE any spams > > >there and have cron do some sort of automated "sa-learn --spam" > > >on the results, and then delete them? > > > > > I've thought about it, but not done any active investigation. > > Problems I see: How much does SA depend on headers for identiying > > spam in learn mode? It uses them in diagnosing spam. > > not forward, bounce. of course, mutt seems like the only client > that has that feature, and my gui-happy clientele will never > use anything so arcane (or so powerful). While KMail does have a bounce feature, it actually does what its name implies and bounces to the apparent sender. However, it also has a feature that sounds like what you speak of, called, appropriately, "redirect to". You can set it up as a filter and add it to the Apply Filter menu with a corresponding shortcut key and/or toolbar button. -- Alex Nordstrom http://lx.n3.net/ Please do not CC me in followups; I am subscribed to debian-user. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: automating sa-learn via cyrus mailbox?
On Sun, Aug 29, 2004 at 12:01:44PM +0800, John Summerfield wrote: > Will Trillich wrote: > >we're running cyrus21 and exim4 for email services, and would > >like to automate the "sa-learn" feature system-wide. > > > >so why not create a "user.spam" cyrus mailbox, BOUNCE any spams > >there and have cron do some sort of automated "sa-learn --spam" > >on the results, and then delete them? > > > >anybody doing anything like this? got code i could sniff before > >i work up my own wheel from scratch? > I've thought about it, but not done any active investigation. Problems > I see: How much does SA depend on headers for identiying spam in learn > mode? It uses them in diagnosing spam. not forward, bounce. of course, mutt seems like the only client that has that feature, and my gui-happy clientele will never use anything so arcane (or so powerful). > How many email clients forward headers? None I currently use do AFAIK. > > I wouldn't want SA learning wrong facts. > > OTOH any email to my spambait addresses goes into SA unseen by human eye. > > Something I've not checked and which might work is asking users to move > verified spam into a specific folder. Depending on needs and trust, the > folder could be per user, per group (as in all of accounts) or site-wide. > > > > > >also -- sa-learn appears to work based on the shell user's home > >~/.spamassassin/* files, and our cyrus setup is non-shell-user > >heaven. do we have to "su - $spamassassin_user" before > >"sa-learn" will work the way we want? haven't been able to track > >it down in black-and-white yet... > > I think newer SA can talk to an SQL server for per-user stuff. yep. but spam is basically spam no matter who you are, and we're going to try system-wide configs (we may migrate to user configs later, of course). how to get sa-learn to use /path/to/bayes_* instead of ~/.spam*/bayes_*? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: automating sa-learn via cyrus mailbox?
Will Trillich wrote: i've been thinking again, so to avoid doing something dangerous i thought i run it past y'all'uns-- :) we're running cyrus21 and exim4 for email services, and would like to automate the "sa-learn" feature system-wide. so why not create a "user.spam" cyrus mailbox, BOUNCE any spams there and have cron do some sort of automated "sa-learn --spam" on the results, and then delete them? anybody doing anything like this? got code i could sniff before i work up my own wheel from scratch? I've thought about it, but not done any active investigation. Problems I see: How much does SA depend on headers for identiying spam in learn mode? It uses them in diagnosing spam. How many email clients forward headers? None I currently use do AFAIK. I wouldn't want SA learning wrong facts. OTOH any email to my spambait addresses goes into SA unseen by human eye. Something I've not checked and which might work is asking users to move verified spam into a specific folder. Depending on needs and trust, the folder could be per user, per group (as in all of accounts) or site-wide. also -- sa-learn appears to work based on the shell user's home ~/.spamassassin/* files, and our cyrus setup is non-shell-user heaven. do we have to "su - $spamassassin_user" before "sa-learn" will work the way we want? haven't been able to track it down in black-and-white yet... I think newer SA can talk to an SQL server for per-user stuff. -- Cheers John -- spambait [EMAIL PROTECTED] [EMAIL PROTECTED] Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
automating sa-learn via cyrus mailbox?
i've been thinking again, so to avoid doing something dangerous i thought i run it past y'all'uns-- :) we're running cyrus21 and exim4 for email services, and would like to automate the "sa-learn" feature system-wide. so why not create a "user.spam" cyrus mailbox, BOUNCE any spams there and have cron do some sort of automated "sa-learn --spam" on the results, and then delete them? anybody doing anything like this? got code i could sniff before i work up my own wheel from scratch? also -- sa-learn appears to work based on the shell user's home ~/.spamassassin/* files, and our cyrus setup is non-shell-user heaven. do we have to "su - $spamassassin_user" before "sa-learn" will work the way we want? haven't been able to track it down in black-and-white yet... -- I use Debian/GNU Linux version 3.0; Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown DEBIAN NEWBIE TIP #111 from Alvin Oga <[EMAIL PROTECTED]> : HOW TO MAKE DEBIAN MORE SECURE: 1. turn off everything in inetd: sunrpc, printer, unknowns, netbios, finger, time (comment-out lines in /etc/inetd.conf or later versions in xinetd.d/*) 2. you need to verify that you are running bind-8.2.3 or better 3. turn off ftp (especially anonymous ftp) 4. if you allow users to upload files... make them do it it with scp 5. for more hardening stuff, see http://www.Linux-Sec.net/ and for generic debian security updates be sure you have these in /etc/sources.list: http://security.debian.org/debian-security stable/updates main contrib non-free http://security.debian.org/debian-non-US stable/non-US main contrib non-free http://security.debian.org stable/updates main contrib non-free Also see http://newbieDoc.sourceForge.net/ ... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Cyrus/Imap and sa-learn?
On Friday 27 February 2004 07:21, [EMAIL PROTECTED] wrote: > Hej, > > I am wondering if anyone have any suggestions on how to do a cron > based sa-learn on a SaLearn.spam and a SaLearn.ham folder in > Cyrus/Imap. [...] > /Bengt Hi Bengt, I just wrote a Python script that does something quite similar: - looks for users with a uid within a set range (defaults to 1000-1999) - Spam trains on each of those user's ~/Maildir/.spam/cur|new|tmp folders - Ham trains on each of those user's ~/Maildir/.ham/cur|new|tmp folders - deletes the contents of those folders The documentation and script can be downloaded from: http://ericwalstad.com/pub/code It's easy to customize the script if your folder structure is a little different or if you don't want the mail deleted after training. I welcome your feedback on the script. Best, Eric. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Cyrus/Imap and sa-learn?
> Hej,
>
> I am wondering if anyone have any suggestions on how to do a cron
> based
> sa-learn on a SaLearn.spam and a SaLearn.ham folder in Cyrus/Imap.
>
> I want to move/copy misslabeld mails to these folders and have run
> regurlar (hourly?) sa-learn on these folders (each user should have
> them, about 10 users or so)
>
> ==> Will the fact that sa-learn is reading/touching the files affect
> Cyrus/Imap? (The access flag for instance)
>
> ==> Do I need to stop Cyrus to read?
>
> ==> Any suggestion on how to move the contents of SaLearn to other
> folder from the script. To clean up the SaLearn folders.
> I want to keep all Spams in Spam folder, and Ham in other folders.
>
> Thank you in advance for any and all answers
>
> /Bengt
My setup might be similar to yours.
I have 2 folders, HAM and SPAM. I move legit emails to HAM, and
unwanted to SPAM. Addittionally, my procmail places all the spam mail
(over 5.0) to SPAM folder.
After learning from HAM and SPAM, I want the emails moved to Trash.
Also, I do not want the scripts to take the unread spam to trash,
since I want to review it and discard some false positive. I usually
just mark all the spam as read and leave it in SPAM, and the scripts
take care of it. Beware though, once any IMAP client scans the SPAM
folder, all the files are moved to "cur" from "new", and they will be
picked up by my scripts.
So, here are the scripts:
learn-ham:
/usr/bin/sa-learn --ham --dir /home/bojan/Maildir/cur
/home/bojan/Maildir/.HAM/cur /home/bojan/Maildir/.HAM
find /home/bojan/Maildir/.HAM/cur/* -exec mv {}
/home/bojan/Maildir/.Trash/cur/ \;
learn-spam:
/usr/bin/sa-learn --spam --dir /home/bojan/Maildir/.SPAM/cur
find /home/bojan/Maildir/.SPAM/cur/* -exec mv {}
/home/bojan/Maildir/.Trash/cur/ \;
and crontab:
#
# Run the script to learn spam from the read SPAM folder and move it
to Trash.
#
13 0-23/6 * * * /home/bojan/learn-spam >>
$HOME/logs/learn-spam.log
#
# Run the script to learn the ham drom the HAM folder and read INBOX
and move all the mails from HAM to Trash.
#
43 0-23/6 * * * /home/bojan/learn-ham >> $HOME/logs/learn-ham.log
Now, there are other setups (some probably better), but this is what I
am comfortable with.
I hope this helps somewhat.
Bojan
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Cyrus/Imap and sa-learn?
Hej, I am wondering if anyone have any suggestions on how to do a cron based sa-learn on a SaLearn.spam and a SaLearn.ham folder in Cyrus/Imap. I want to move/copy misslabeld mails to these folders and have run regurlar (hourly?) sa-learn on these folders (each user should have them, about 10 users or so) ==> Will the fact that sa-learn is reading/touching the files affect Cyrus/Imap? (The access flag for instance) ==> Do I need to stop Cyrus to read? ==> Any suggestion on how to move the contents of SaLearn to other folder from the script. To clean up the SaLearn folders. I want to keep all Spams in Spam folder, and Ham in other folders. Thank you in advance for any and all answers /Bengt -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: sa-learn
Hello Attila Csosz (<[EMAIL PROTECTED]>) wrote: > Is "sa-learn" available? Where is located? I got "command not found". > ii spamassassin 2.20-1woody3 Perl-based spam filter using text > analysis The sa-learn program is not available in Woody. Get a newer version of spamassassin, for example from: deb http://people.debian.org/~aurel32/BACKPORTS woody-spamassassin main (that backport is not installable right now because the spamassassin pakage was built against a version of debconf that is too new, I guess the problem will be corrected soon) or from <http://www.backports.org>. best regards Andreas Janssen -- Andreas Janssen [EMAIL PROTECTED] PGP-Key-ID: 0xDC801674 Registered Linux User #267976 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: sa-learn
On Thu, Jan 22, 2004 at 02:10:36AM +0100, Attila Csosz wrote: > Is "sa-learn" available? Where is located? I got "command not found". > > Name VersionDescription > +++-==-==- > ii spamassassin 2.20-1woody3 Perl-based spam filter using text analysis SpamAssassin's Bayesian learner wasn't introduced until 2.50; the version in woody doesn't have it. If you look around the net (apt-get.org, backports.org), you should be able to find backports of newer versions. Cheers, -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: sa-learn
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, Jan 22, 2004 at 02:10:36AM +0100, Attila Csosz wrote: > Is "sa-learn" available? Where is located? I got "command not found". All the cool versions haven't made it to stable yet. - -- .''`. Paul Johnson <[EMAIL PROTECTED]> : :' : `. `'` proud Debian admin and user `- Debian - when you have better things to do than fix a system -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFAD1XCUzgNqloQMwcRAqzdAJ9gMURT+t27avT5m0QrdoHtHmSrrQCfbLgP loxQHXoNwSmtg0p6mbskmQ0= =tbyz -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: sa-learn
On Thu, Jan 22, 2004 at 02:10:36AM +0100, Attila Csosz wrote: > Hi, > > Is "sa-learn" available? Where is located? I got "command not found". > > Name VersionDescription > +++-==-==- > ii spamassassin 2.20-1woody3 Perl-based spam filter using text analysis sa-learn is in sarge/testing. -- Jerome signature.asc Description: Digital signature
sa-learn
Hi, Is "sa-learn" available? Where is located? I got "command not found". Name VersionDescription +++-==-==- ii spamassassin 2.20-1woody3 Perl-based spam filter using text analysis Thanks Attila -- - - Mail: [EMAIL PROTECTED]; Debian stable / 2.4.24 / qmail - -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: sa-learn and spamassassin's markup
On Fri, 26 Sep 2003 11:56:23 -0400, Kenneth Dombrowski <[EMAIL PROTECTED]> penned:
>
> The --dir option supports globbing too, since I have separate maildirs
> for SA-caught & SA-missed spam, I was able to do something like:
>
> $ sa-learn --spam --dir ~/Maildir/.spam-*/cur
>
> & then
>
> $ sa-learn --ham --dir ~/Maildir/.clients.*/cur
> $ sa-learn --ham --dir ~/Maildir/.people.*/cur
>
> etc, etc
>
> It still takes some time to churn through, but I was able to learn it
> something like 6,000 messages with 1/2 dozen commands, fairly unattended
>
'find' is also remarkably effective. Temporarily move spam mailboxes to
some other location and run
find . -type f -exec sa-learn --nonspam --mbox {} \;
from your mail directory.
Then run sa-learn on the spam boxes in similar faction, but with --spam.
--
monique
My pointless ramblings:
http://www.bounceswoosh.org/phorum/index.php?f=6
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: sa-learn and spamassassin's markup
On 03-09-25 11:28 -0700, Vineet Kumar wrote: > Does sa-learn recognize and ignore spamassassin's markup? I just Hi Vineet, I can't give you an authorative answer, but I seem to have gotten good results just pointing it to my Maildir, SA 2.35 (i think..) headers & all.. The --dir option supports globbing too, since I have separate maildirs for SA-caught & SA-missed spam, I was able to do something like: $ sa-learn --spam --dir ~/Maildir/.spam-*/cur & then $ sa-learn --ham --dir ~/Maildir/.clients.*/cur $ sa-learn --ham --dir ~/Maildir/.people.*/cur etc, etc It still takes some time to churn through, but I was able to learn it something like 6,000 messages with 1/2 dozen commands, fairly unattended Kenneth -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: sa-learn and spamassassin's markup
On Thu, Sep 25, 2003 at 11:28:32AM -0700, Vineet Kumar wrote: > Does sa-learn recognize and ignore spamassassin's markup? I just Yes, if you turn up the verbosity with the debug switch it will even tell you about it. > recently upgraded spamassassin to 2.55-4 on this box, and I've been > feeding some messages into it, but so far I've been going through the > semi-tedious process of piping through spamassassin -d and then into > sa-learn. Am I wasting time? The spamassassin manpage says that -r > strips spamassassin's markup before reporting, but the sa-learn manpage > doesn't say that it does. Anybody know? What do you do, remove the > markup, or just pipe in the message? Actually, with the new way that > spamassassin 2.55 is mime-enveloping the messages, I'm going into mutt's > view-attachments screen and piping the "Original message before > spamassassin" part into sa-learn. It's much more tedious than being > able to just tag all of the messages and send them in, knowing that > sa-learn would do the right thing. Would it? Been there, done that. Now I just save spam to a special mailbox and use a cronjob to feed it to sa-learn in the middle of the night. HTH dt -- Dave Thayer | If trees could scream, would we be so cavalier about Denver, Colorado USA | cutting them down? We might, if they screamed all [EMAIL PROTECTED] | the time, for no good reason. - Jack Handey -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: sa-learn and spamassassin's markup
On Thu, Sep 25, 2003 at 11:28:32AM -0700, Vineet Kumar wrote: > Does sa-learn recognize and ignore spamassassin's markup? I just > recently upgraded spamassassin to 2.55-4 on this box, and I've been > feeding some messages into it, but so far I've been going through the > semi-tedious process of piping through spamassassin -d and then into > sa-learn. Am I wasting time? The spamassassin manpage says that -r > strips spamassassin's markup before reporting, but the sa-learn manpage > doesn't say that it does. Anybody know? sa-learn removes it automatically, yes. I went through the same tedious process with 2.55 and then read the source to find out that it was unnecessary. The man page in 2.60, at least, documents this: If the messages you are learning from have already been filtered through SpamAssassin, the learner will compensate for this. In effect, it learns what each message would look like if you had run "spamassassin -d" over it in advance. This is also faster than doing it yourself, because you don't have to load the pile of Perl that is spamassassin for every message. Cheers, -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: sa-learn and spamassassin's markup
On Thursday 25 September 2003 20:28, Vineet Kumar wrote: > Does sa-learn recognize and ignore spamassassin's markup? From what I've seen in the source, it does this for you (it's looking for the X-Spam-Status header IIRC). -- Got Backup? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
sa-learn and spamassassin's markup
Does sa-learn recognize and ignore spamassassin's markup? I just recently upgraded spamassassin to 2.55-4 on this box, and I've been feeding some messages into it, but so far I've been going through the semi-tedious process of piping through spamassassin -d and then into sa-learn. Am I wasting time? The spamassassin manpage says that -r strips spamassassin's markup before reporting, but the sa-learn manpage doesn't say that it does. Anybody know? What do you do, remove the markup, or just pipe in the message? Actually, with the new way that spamassassin 2.55 is mime-enveloping the messages, I'm going into mutt's view-attachments screen and piping the "Original message before spamassassin" part into sa-learn. It's much more tedious than being able to just tag all of the messages and send them in, knowing that sa-learn would do the right thing. Would it? good times, Vineet -- http://www.doorstop.net/ -- "If we do not believe in freedom of speech for those we despise we do not believe in it at all." --Noam Chomsky pgp0.pgp Description: PGP signature
