FW: [Samba] Viruses and the list
-Original Message- From: Michael Heironimus [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 20, 2003 8:36 PM To: '[EMAIL PROTECTED]' Subject: Re: [Samba] Viruses and the list On Wed, Aug 20, 2003 at 05:59:07PM -0700, Philip Edelbrock wrote: I was forced to put a filter (spambayes) on my list (Lm_sensors) to keep out most of the garbage. It's really helped a ton, and I can scan the 'spam' to make sure nothing real got blocked from the rest of the recipients of the list. It's pretty easy (I used procmail, spambayes, and a large amount of spam and normal mail to train it). It's also easy to refine the training as time goes on. In a nutshell, for my main mail server I created a database: hammiefilter.py -n -d/mypathtothedatabase/hammie.db Then trained it: nice mboxtrain.py -d/mypathtothedatabase/hammie.db -g /pathtomyGOODmail.mbox -s /pathtomyBADmail.mbox (You can run the line above as many times as you want with just -g or just -s or multiples to keep appending to the database) And then I added the rule to the top of /etc/procmailrc: :0fw | /pathtothebins/hammiefilter.py -d /mypathtothedatabase/hammie.db Finally, the emails will now contain a new header (nothing gets blocked or modified other than the addition of this header): X-Spambayes-Classification: ham; 0.01 ham/unsure/spam refers to the general classification, and 0.00-1.00 refers to the percentage likelihood that it is spam. From there, you can filter/forward/etc. in procmail scripts or on the client end, or whatever you want to do. You can even create multiple databases to do levels of classification (e.g. percentage chance that it is a virus, or that it is from your parole officer, etc.) and use formail to rename the header after each scan. Just a related FYI... Recent versions of spamassassin also include bayesian filtering. Until you've trained it with enough messages spamassassin will only use its other filtering rules, which are pretty good but don't catch these antivirus bounces. If you're using spamassassin already you don't need to set up a new tool, you just need to train the one you've got (or upgrade and train it if you're using an old version). -- Michael Heironimus -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: FW: [Samba] Viruses and the list
(Last comment on the spam issue) Here's some info on SourceForge for adding some restrictions (other than closing the list) to filter some spam: http://sourceforge.net/docman/display_doc.php?docid=9484group_id=1#antispamtools Phil -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Viruses and the list
-Original Message- From: [EMAIL PROTECTED] Looks like it's the Virus is forging my address now... :-( Jeesh. What a waste. If the guys writing viruses would put their energies into REAL code, we'd be so much farther ahead. Later, -- Kevin L. Collins, MCSE Systems Manager Nesbitt Engineering, Inc. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Viruses and the list
I was forced to put a filter (spambayes) on my list (Lm_sensors) to keep out most of the garbage. It's really helped a ton, and I can scan the 'spam' to make sure nothing real got blocked from the rest of the recipients of the list. It's pretty easy (I used procmail, spambayes, and a large amount of spam and normal mail to train it). It's also easy to refine the training as time goes on. In a nutshell, for my main mail server I created a database: hammiefilter.py -n -d/mypathtothedatabase/hammie.db Then trained it: nice mboxtrain.py -d/mypathtothedatabase/hammie.db -g /pathtomyGOODmail.mbox -s /pathtomyBADmail.mbox (You can run the line above as many times as you want with just -g or just -s or multiples to keep appending to the database) And then I added the rule to the top of /etc/procmailrc: :0fw | /pathtothebins/hammiefilter.py -d /mypathtothedatabase/hammie.db Finally, the emails will now contain a new header (nothing gets blocked or modified other than the addition of this header): X-Spambayes-Classification: ham; 0.01 ham/unsure/spam refers to the general classification, and 0.00-1.00 refers to the percentage likelihood that it is spam. From there, you can filter/forward/etc. in procmail scripts or on the client end, or whatever you want to do. You can even create multiple databases to do levels of classification (e.g. percentage chance that it is a virus, or that it is from your parole officer, etc.) and use formail to rename the header after each scan. I hope this helps. Phil Collins, Kevin wrote: -Original Message- From: [EMAIL PROTECTED] Looks like it's the Virus is forging my address now... :-( Jeesh. What a waste. If the guys writing viruses would put their energies into REAL code, we'd be so much farther ahead. Later, -- Kevin L. Collins, MCSE Systems Manager Nesbitt Engineering, Inc. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Viruses and the list
On Wed, Aug 20, 2003 at 05:59:07PM -0700, Philip Edelbrock wrote: I was forced to put a filter (spambayes) on my list (Lm_sensors) to keep out most of the garbage. It's really helped a ton, and I can scan the 'spam' to make sure nothing real got blocked from the rest of the recipients of the list. It's pretty easy (I used procmail, spambayes, and a large amount of spam and normal mail to train it). It's also easy to refine the training as time goes on. In a nutshell, for my main mail server I created a database: hammiefilter.py -n -d/mypathtothedatabase/hammie.db Then trained it: nice mboxtrain.py -d/mypathtothedatabase/hammie.db -g /pathtomyGOODmail.mbox -s /pathtomyBADmail.mbox (You can run the line above as many times as you want with just -g or just -s or multiples to keep appending to the database) And then I added the rule to the top of /etc/procmailrc: :0fw | /pathtothebins/hammiefilter.py -d /mypathtothedatabase/hammie.db Finally, the emails will now contain a new header (nothing gets blocked or modified other than the addition of this header): X-Spambayes-Classification: ham; 0.01 ham/unsure/spam refers to the general classification, and 0.00-1.00 refers to the percentage likelihood that it is spam. From there, you can filter/forward/etc. in procmail scripts or on the client end, or whatever you want to do. You can even create multiple databases to do levels of classification (e.g. percentage chance that it is a virus, or that it is from your parole officer, etc.) and use formail to rename the header after each scan. Just a related FYI... Recent versions of spamassassin also include bayesian filtering. Until you've trained it with enough messages spamassassin will only use its other filtering rules, which are pretty good but don't catch these antivirus bounces. If you're using spamassassin already you don't need to set up a new tool, you just need to train the one you've got (or upgrade and train it if you're using an old version). -- Michael Heironimus -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
