Re: ANNOUNCE: Apache SpamAssassin 3.1.1 available!

[Theo Van Dinter]

On Sun, Mar 12, 2006 at 06:37:53AM +0100, Jim Knuth wrote:
> > Downloads are available from:
> > http://spamassassin.apache.org/downloads.cgi?update=200603111700
> 
> Mmh, not available: The requested URL
> /spamassassin/source/Mail-SpamAssassin-3.1.1.tar.gz was not found
> on this server.
> 
> What`s wrong?

You may have picked a server which hasn't picked up the new version yet.
All of the default mirrors (3 right now) that are chosen when I've gone
to the downloads page have the latest files.  If you choose a different
mirror from the list, they may or may not have the files.

-- 
Randomly Generated Tagline:
"We are used to a deep-rooted Arab tradition of democracy where results
 are first declared, then elections are conducted and votes brought in
 to affirm it." - Talal Salman, editor of the As-Safir newspaper in Lebanon


pgpdXsM6sHl5F.pgp
Description: PGP signature

RE: ANNOUNCE: Apache SpamAssassin 3.1.1 available!

[Greg Allen]

Try to keep refreshing the download page to get a different download mirror
site. You will eventually find one that has it.



> Mmh, not available: The requested URL
> /spamassassin/source/Mail-SpamAssassin-3.1.1.tar.gz was not found
> on this server.
>
> What`s wrong?
>

Out of curiosity, anyone know which spam gang these scum are?

[Loren Wilton]

Received: (from [EMAIL PROTECTED]) by mx-103.gdicustomers2.ws
(8.12.9p2/8.12.9/Submit) id 32Nhzj9ndZMB.) for [EMAIL PROTECTED]; Sat
Mar 11 05:40:17 2006) (envelope-from [EMAIL PROTECTED]))
Message-Id: <[EMAIL PROTECTED]>
Date: Sat, 11 Mar 2006 05:40:17 PST
From: "Scott Gillespie" <[EMAIL PROTECTED]>
To: "Loren Wilton" <[EMAIL PROTECTED]>
MIME-Version: 1.0
Content-Type: multipart/alternative;
 boundary="GDI-mailer_000_1142083862"
X-Return-Path: [EMAIL PROTECTED]
Errors-To: [EMAIL PROTECTED]
X-Mailer: GDI Mailer (0.02.99628786..)
X-CampaignID: global-INVITE_POST_VIEWED 20060311053101

Your name was entered into an automatic invitation
system by Scott Gillespie, whose
email address is [EMAIL PROTECTED] If you want to
ensure that you never receive another invitation to
your email address at [EMAIL PROTECTED], then please simply
go here: [EMAIL PROTECTED]

Global Domains International, Inc., 701 Palomar
Airport Rd. #300, Carlsbad, CA, 92009, USA

Copyright © 2001-2006 Global Domains International,
Inc. - All Rights Reserved.

Re: ANNOUNCE: Apache SpamAssassin 3.1.1 available!

[Jim Knuth]

Heute (12.03.2006/02:16 Uhr) schrieb Theo Van Dinter ([EMAIL PROTECTED]),

> Apache SpamAssassin 3.1.1 is now available!  This is a maintainance
> release of the 3.1.x branch.

> Downloads are available from:
>  
> http://spamassassin.apache.org/downloads.cgi?update=200603111700


Mmh, not available: The requested URL
/spamassassin/source/Mail-SpamAssassin-3.1.1.tar.gz was not found
on this server.

What`s wrong?

> The release file will also be available via CPAN in the near future.


-- 
Viele Gruesse, Kind regards,
 Jim Knuth
 [EMAIL PROTECTED]
 ICQ #277289867
--
Zufalls-Zitat
--
Immer wenn ich Morgens ind den Spiegel schau, denke ich, 
wir haben Besuch. (Gerald Drews)
--
Der Text hat nichts mit dem Empfaenger der Mail zu tun
--
Virus free. Checked by NOD32 Version 1.1439 Build 6902  11.03.2006

RE: ANNOUNCE: Apache SpamAssassin 3.1.1 available!

[Greg Allen]

I installed the new 3.1.1 release from 3.0.4 this evening.

No unusual problems noticed, it appears to be running fine.

I had to install a few new modules from CPAN but 'perl Makefile.PL' told me
which ones, so no problem there.

I also had to comment out a few rules I had created. 3.1.1 did not like
something about the way they were written.

As always, run 'spamassassin --lint' after upgrading to make sure there are
no errors.





> -Original Message-
> From: Theo Van Dinter [mailto:[EMAIL PROTECTED]
> Sent: Saturday, March 11, 2006 8:17 PM
> To: Spamassassin Users List; Spamassassin Devel List; Spamassassin
> Announcements List
> Subject: ANNOUNCE: Apache SpamAssassin 3.1.1 available!
>
>
> Apache SpamAssassin 3.1.1 is now available!  This is a maintainance
> release of the 3.1.x branch.
>
> Downloads are available from:
>   http://spamassassin.apache.org/downloads.cgi?update=200603111700

Re: errors on 3.1.1

[Theo Van Dinter]

On Sat, Mar 11, 2006 at 11:09:25PM -0600, Steven Stern wrote:
> I can't find anything with rpm -qa |grep perl tha tlooks like list-util 
> or anything similar. Where would the XS file be?

That depends on your install.  I'd look at the directories for @INC (and
PERL5LIB if you have it set) via "perl -V", then do a find in those
directories for "List*" and "Util*".  Something like:

$ find /usr/lib/perl5 -name "List*" -o -name "Util*" -print
[...]
/usr/lib/perl5/5.8.6/List/Util.pm
[...]

-- 
Randomly Generated Tagline:
"Zero equals Zero"   - Prof. Farr


pgpo1qC49H4sy.pgp
Description: PGP signature

Re: errors on 3.1.1

[Steven Stern]

Theo Van Dinter wrote:

On Sat, Mar 11, 2006 at 10:54:50PM -0600, Steven Stern wrote:
After installing 3.1.1 by building the RPM from the .tar.gz file, I get 
the following in my log:


Hrm.  None of these are SpamAssassin related, fwiw.

Mar 11 22:51:52 mooch spamd[15660]: List::Util object version 1.14 does 
not match bootstrap parameter 1.18 at 


You have multiple versions of List::Util installed, 1.14 and 1.18.

Mar 11 22:51:53 mooch spamd[15660]: Undefined subroutine 
&Scalar::Util::weaken called at 
/usr/lib/perl5/site_perl/5.8.6/i386-linux-thread-multi/DBI.pm line 279.


DBI is looking for a function that apparently doesn't exist in Scalar::Util.


cpan> install List::Util
List::Util is up to date (1.18).


I think you will want to delete all List::Util related files, and then
reinstall.  Basically List::Util is an XS module, and you have one
version of perl and one of the compiled XS.


I can't find anything with rpm -qa |grep perl tha tlooks like list-util 
or anything similar. Where would the XS file be?





cpan> install Scalar::Util:weaken
Warning: Cannot install Scalar::Util:weaken, don't know what it is.
Try the command


weaken is the function name, you can try "install Scalar::Util".



cpan tells me that's up to date, too.

--

  Steve

Re: errors on 3.1.1

[Theo Van Dinter]

On Sat, Mar 11, 2006 at 10:54:50PM -0600, Steven Stern wrote:
> After installing 3.1.1 by building the RPM from the .tar.gz file, I get 
> the following in my log:

Hrm.  None of these are SpamAssassin related, fwiw.

> Mar 11 22:51:52 mooch spamd[15660]: List::Util object version 1.14 does 
> not match bootstrap parameter 1.18 at 

You have multiple versions of List::Util installed, 1.14 and 1.18.

> Mar 11 22:51:53 mooch spamd[15660]: Undefined subroutine 
> &Scalar::Util::weaken called at 
> /usr/lib/perl5/site_perl/5.8.6/i386-linux-thread-multi/DBI.pm line 279.

DBI is looking for a function that apparently doesn't exist in Scalar::Util.

> cpan> install List::Util
> List::Util is up to date (1.18).

I think you will want to delete all List::Util related files, and then
reinstall.  Basically List::Util is an XS module, and you have one
version of perl and one of the compiled XS.

> cpan> install Scalar::Util:weaken
> Warning: Cannot install Scalar::Util:weaken, don't know what it is.
> Try the command

weaken is the function name, you can try "install Scalar::Util".

-- 
Randomly Generated Tagline:
"It's not you Bernie.  I guess I'm just not used to being chased around
 a mall at night by killer robots." - Linda from the movie "Chopping Mall"


pgp3RSppmFsuV.pgp
Description: PGP signature

errors on 3.1.1

[Steven Stern]

After installing 3.1.1 by building the RPM from the .tar.gz file, I get 
the following in my log:


Mar 11 22:51:52 mooch spamd[15660]: List::Util object version 1.14 does 
not match bootstrap parameter 1.18 at 
/usr/lib/perl5/5.8.6/i386-linux-thread-multi/XSLoader.pm line 92.
Mar 11 22:51:52 mooch spamd[15660]: List::Util object version 1.14 does 
not match bootstrap parameter 1.18 at 
/usr/lib/perl5/5.8.6/i386-linux-thread-multi/List/Util.pm line 30.
Mar 11 22:51:53 mooch spamd[15660]: Undefined subroutine 
&Scalar::Util::weaken called at 
/usr/lib/perl5/site_perl/5.8.6/i386-linux-thread-multi/DBI.pm line 279.


I don't know what to update:


cpan> install List::Util
List::Util is up to date (1.18).

cpan> install Scalar::Util:weaken
Warning: Cannot install Scalar::Util:weaken, don't know what it is.
Try the command

i /Scalar::Util:weaken/

to find objects with matching identifiers.

--

  Steve

[SARE] Whitelist updated

[Robert Menschel]

Just a quick note that SARE's whitelist has been updated.

For information, http://www.rulesemporium.com/rules.htm#whitelist

Bob Menschel

ANNOUNCE: Apache SpamAssassin 3.1.1 available!

[Theo Van Dinter]

Apache SpamAssassin 3.1.1 is now available!  This is a maintainance
release of the 3.1.x branch.

Downloads are available from:
  http://spamassassin.apache.org/downloads.cgi?update=200603111700

The release file will also be available via CPAN in the near future.

md5sum of archive files:
  33bc2bef2619135125ccf3b5a663be1d  Mail-SpamAssassin-3.1.1.tar.bz2
  f7844cbc149de3d7b09a4310f4ab6739  Mail-SpamAssassin-3.1.1.tar.gz
  e5ae2dc25b6fc93c048adaf4beaa86e0  Mail-SpamAssassin-3.1.1.zip

sha1sum of archive files:
  7723663486b013f738eb8e805a7503f52f50e347  Mail-SpamAssassin-3.1.1.tar.bz2
  cda06e3d38d831521c59e50ec024e468b76035cb  Mail-SpamAssassin-3.1.1.tar.gz
  582114d083dcdc0975d710d54ebdb39cb020a10e  Mail-SpamAssassin-3.1.1.zip


The release files also have a .asc accompanying them.  The file serves
as an external GPG signature for the given release file.  The signing 
key is available via the wwwkeys.pgp.net key server, as well as
http://spamassassin.apache.org/released/GPG-SIGNING-KEY

The key information is:

pub  1024D/265FA05B 2003-06-09 SpamAssassin Signing Key <[EMAIL PROTECTED]>
 Key fingerprint = 26C9 00A4 6DD4 0CD5 AD24  F6D7 DEE0 1987 265F A05B

3.1.1 includes a large number of bug fixes and documentation updates.
Here is an abbreviated changelog (since 3.1.0) for major updates (see
the Changes file for a complete list):

- better validate a number of different configuration options
- support new Mail::DomainKeys API, which changed incompatibly between
  0.18 and 0.80 without warning
- more properly handle new Received header formats
- bug 4788: backport sa-update from 3.2 along with the local_state_dir
  code, etc.
- bug 4760: strictly validate trusted/internal network configurations
- bug 4696: consolidated fixes for timeout bugs
- bug 3710: add timeout to connect so spamc -t works
- bug 4363: if a message uses CRLF for line endings, use it for header
  rewrites as well
- bug 4748: add ExpressionEngine and Google redirector patterns
- bug 3815: add _RELAYCOUNTRY_ tag so that the RelayCountry plugin can
  put in the list of countries relayed through
- bug 4090: x86_64 platforms (linux specifically) have an issue compiling
  libspamc.so causing RPM build failures
- bug 4791: fix issue where perl would throw a UTF-8 warning for certain
  messages
- bugs 4606, 4609: Adjust MIME parsing limits
- bug 4780: fix IP_ADDRESS & LOCALHOST regexes to correctly parse IPv6
  addresses
- bug 4728: DUL rules should only use the last external IP, not all but
  the first of the external IPs
- bug 4700: certain privileged configuration settings can inject code,
  due to a bad fix for bug 3846.  Back that out
- bug 4655: have redhat-rc-script create .pid file for spamassassin
  service to avoid killing the wrong processes and leaving spamd running


pgpN5OlrvEi9O.pgp
Description: PGP signature

Re: HTML Validator

[Philip Prindeville]

Eric W. Bates wrote:
> I have never used it in a mail context; but tidy (from our friends at w3
> http://www.w3.org/People/Raggett/tidy/) is a very nice validator. Might
> be too big a load for SA, tho.  I think you will also find that M$ html
> output from OE is probably full of errors anyway...

All the better.  Maybe they can be shamed into fixing it.  ;-)

And maybe pigs will grow wings...  Sigh.

-Philip

Re: HTML Validator

[Eric W. Bates]

Kenneth Porter wrote:
> On Wednesday, March 08, 2006 6:46 PM -0800 Kenneth Porter
> <[EMAIL PROTECTED]> wrote:
> 
>> Makes me wonder about installing outbound filters that run a validator
>> and reject anything that fails. I often see flame wars on mailing lists
>> about allowing HTML posts to the list, but I wonder how the arguments
>> would change if one allowed only *validated* HTML. I'll bet most who
>> insist on using HTML would immediately be rejected by the validator.
>> "Sorry, your message was rejected because your MUA vendor writes garbage
>> that we can't parse, and makes you look like a spammer." ;)
> 
> 
> Anyone know of a good validator that can be run over a MIME part to
> report on the quality of the HTML? This might be used as a go/no-go
> filter at milter level, or it could be used as an SA plugin to assign a
> variable score based on the quality of the HTML.
> 
> For mailing lists catering to newbies who love HTML and can't understand
> why us old-timers hate it, we can set the list to exclude all invalid
> HTML. "Sure, we'll accept your HTML. But only if it's really HTML. Not
> that crap that most MUA's write."

I have never used it in a mail context; but tidy (from our friends at w3
http://www.w3.org/People/Raggett/tidy/) is a very nice validator. Might
be too big a load for SA, tho.  I think you will also find that M$ html
output from OE is probably full of errors anyway...

> 
> 

Re: trusted_networks seems to be ignored after upgrade

[Eric W. Bates]

Matt Kettler wrote:
...
>>
>>Is the whole trusted_net, dnsbl business written up somewhere?  I would
>>rather not waste your time; but searching the wiki doesn't turn anything up.
>>
>>
> 
> 
> 
> Not really, but I can go over it really fast..
> 
> 
> First, SA parses all the received headers, in backward order, starting with 
> the
> most recent. While doing so, it determines if each host is trusted or 
> untrusted,
> and internal or external (by default trusted_networks == internal_networks, so
> for you, the two are the same).
> 
> Let's make a "simple" example here, that somewhat reflects your situation. In
> this case "B" is taking the place of your 127.0.0.1.
> 
> trusted_networks A
> trusted_networks C
> 
> And a message:
> Received from B by A
> Received from C by B
> Received from D by C
> Received from E by D
> 
> In this case, SA would determine:
> A - trusted, internal
> B - untrusted, external
> C - untrusted, external, because it's "outside" of B.
> D - untrusted, external
> E - untrusted, external
> 
> 
> Now, when evaluating RBLs, the first thing SA does is eliminate all the 
> internal
> hosts from the list. Poof, A disappears from the list.
> 
> For all of the "dialup" type RBLs, SA excludes the first hop. Poof, E
> disappears. So SA will check B, C, and D against the various DUL RBLs.
> 
> In your case, C happens to be a dialup-node, so it matches against SORBS_DUL 
> and
> similar rules.
> 
> 
> Now, if you had:
> 
> trusted_networks A
> trusted_networks B
> trusted_networks C
> 
> Then SA would parse as:
> 
> A - trusted, internal
> B - trusted, internal
> C - trusted, internal (because there's no "break" in the path)
> D - untrusted, external
> E - untrusted, external
> 
> Now when evaluating the DUL RBLs, A,B and C will be dropped because they're
> internal, and E will be dropped because it's a first-hop. Only D gets checked.
> 
> As long as D isn't a dialup node, SORBS_DUL won't hit.
> 

Excellent description, thank you.  Clearly worthy of inclusion on the
wiki.  Adding 127/8 to the trusted list seems to be behaving as you
described.  All is well.

Re: Fuz1, fuz2

[Matt Kettler]

Egoitz Aurrekoetxea Aurre wrote:
> I've an spamassasin running with spamd in a machine and passess some
> antispam tests like dcc; for trying it I've set in local.cf in spamassasin
> conf file body fuz1 and fuz2 to 1 as max values but If I send me thrice a
> message I obtain the next header :
>
> X-Spam-DCC: EATSERVER: zeus 1166; Body=1 Fuz1=2
> X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13)
>
> and it doesn't sais it's spam although I set max value (in local.cf as
> 1)and in the header for example fuz1 is equal 2... if the max value is 1
> why this is not spam? or marked as it like other with another tests are
> marked?
Changing the DCC fuzz values will NOT force a message to be tagged as
spam. They will however change what messages match the DCC_CHECK rule.
This adds to the score that is used by SA to decide if the message is
spam or not.

Check the X-Spam-Status header.. did DCC_CHECK fire?

Fuz1, fuz2

[Egoitz Aurrekoetxea Aurre]

I've an spamassasin running with spamd in a machine and passess some
antispam tests like dcc; for trying it I've set in local.cf in spamassasin
conf file body fuz1 and fuz2 to 1 as max values but If I send me thrice a
message I obtain the next header :

X-Spam-DCC: EATSERVER: zeus 1166; Body=1 Fuz1=2
X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13)

and it doesn't sais it's spam although I set max value (in local.cf as
1)and in the header for example fuz1 is equal 2... if the max value is 1
why this is not spam? or marked as it like other with another tests are
marked?

Egoitz Aurrekoetxea
Director técnico
INFOBIOK C.B.
Tfno : 94-6743721
Fax  : 94-6748621

Re: Foreign Language SPAM

[Benny Pedersen]

On Thu, March 9, 2006 20:23, Matt Kettler wrote:
>> Hey all!
>> I have the following in my local.cf:
>> loadplugin Mail::SpamAssassin::Plugin::TextCat
> You can't do loadplugins in your local.cf.

local.pre works

and the exact line of loadplugin, but currect do not make it so there is 
multiply pre files that loads the
same pluging

Re: Latest spammers' trick - email address in body instead of url

[List Mail User]

>...
>>>...
>>> Thoughts, anyone?
>> 
>> Um... SA should already be treating email addresses in the body as
>> URIs... Are you sure yours isn't looking up the offending domains
>> agianst the URIBLs you're using?
>
>I don't believe that's accurate.  I know Jeff C. argued that it "wasn't 
>what SURBL was intended for" so we ended up disabling it.
>
>Personally, I still think email address should be looked up.  Either the 
>domain is bad or it isn't.
>
>http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4201
>
>
>Daryl
>

Agreed.  They are called URI rules, not URL rules.  All URIs should
be checked (including Message-IDs, and all other cases in RFC2396, RFC2483
and the new "Standards Track" RFC3986).  Also note that URI types are IANA
registered and a complete list of allocations is available at iana.org.
NOTE: the issue of incomplete URIs is still an open problem (e.g. email
addresses like [EMAIL PROTECTED] are not properly formated URIs, but an
entry like mailto:[EMAIL PROTECTED] is).

At least some of us use far more than just SURBL (and URIBL) for
URI rules - very effective, though low scores are needed because of FPs,
but multiple rule hits add up very quickly, even on brand new domains and
spam runs with IP based BLs.

BTW. The OP's example domains both appear to be Yambo Financials,
though the second is hosted at Yahoo! (Yambo's favorite "free provider"
to abuse).

Paul Shupak
[EMAIL PROTECTED]

Re: more pharmacy woes

[Dhawal Doshy]

Payal Rathod wrote:

On Fri, Mar 10, 2006 at 04:07:34PM +0530, Dhawal Doshy wrote:
Do you use SURBL (surbl.org), URIBL (uribl.com) and collaborative 
network tests like razor/pyzor/dcc?


No, can you please tell in short how to use surbl exactly? I am very new 
to SA.


What is your SA version? You'll need a recent Net::DNS installed for any 
network tests.  You can also add 'dns_available yes' to your local.cf if 
you have Net::DNS installed. If you're using spamd, make sure it's 
started without the -L or --local flags.


SURBL support is built into spamassassin version 3.x onwards.. (see 
Jeff's reply)


For URIBL, see http://www.uribl.com/usage.shtml OR add this to your local.cf

urirhssub   URIBL_BLACK  multi.uribl.com.A   2
bodyURIBL_BLACK  eval:check_uridnsbl('URIBL_BLACK')
describeURIBL_BLACK  Contains an URL listed in the URIBL blacklist
tflags  URIBL_BLACK  net
score   URIBL_BLACK  3.0

urirhssub   URIBL_GREY  multi.uribl.com.A   4
bodyURIBL_GREY  eval:check_uridnsbl('URIBL_GREY')
describeURIBL_GREY  Contains an URL listed in the URIBL greylist
tflags  URIBL_GREY  net
score   URIBL_GREY  0.25

Also the pasted spam originates from a korean IP address.. you could 
try scoring mails from korea a bit more.. using either 
countries.nerds.dk OR korea.services.net


Which file do I put it exactly?


Add something like this to your local.cf
# This part will add +2.0 for mail from korea
headerX_KOREAN_RELAY  eval:check_rbl('relay','korea.services.net.')
describe  X_KOREAN_RELAY  Received via a relay in Korea
score X_KOREAN_RELAY  2.0

Finally, get around to training your bayesian database to 200 or more 
spam and ham mails each..


We have trained 40,000+  of each.


That ought to be good enough for a start..

Do a lint test 'spamassassin -D --lint' before you make your changes 
production.


Hope that helps,
- dhawal


With warm regards,
-Payal


--
 CAUTION - Disclaimer *
This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely
for the use of the addressee(s). If you are not the intended recipient, please
notify the sender by e-mail and delete the original message. Further, you are
not to copy, disclose, or distribute this e-mail or its contents to any other
person and any such actions are unlawful. This e-mail may contain viruses.
NetMagic Solutions Pvt. Ltd. has taken every reasonable precaution to minimize
this risk, but is not liable for any damage you may sustain as a result of any
virus in this e-mail. You should carry out your own virus checks before
opening the e-mail or attachment. NetMagic Solutions Pvt. Ltd. reserves the
right to monitor and review the content of all messages sent to or from this
e-mail address.

Messages sent to or from this e-mail address may be stored on the NetMagic
Solutions Pvt. Ltd.'s e-mail system.
* End of Disclaimer ***

Re: Null Messages from Yahoo! Groups?

[Yousef Raffah]

On Sat, 2006-03-11 at 01:23 -0800, Loren Wilton wrote:
> > @yahoogroups.com, although the message has the below headers, it shows
> > no sender and no subject.
> 
> > Subject: [ Nawaf ] äÝÓ ÇáÅÍÓÇÓ íÇ äÇÓ / ÕæÑ æßáãÇÊ ÊÓÊÍÞ ÇáÞÑÇÁÉ
> > From: SOFI <[EMAIL PROTECTED]>
> 
> Looks to me like a sender and a subject.
> Of course, the sender doesn't match
> 
You are right but the message does not have any "From" nor subject in my
E-mail client! As a normal user, I'm not supposed to check the headers
of the message, right?

> > X-Sender: [EMAIL PROTECTED]
> 
> But maybe that has something to do with the mailing list software.
> 
If that is the case, anybody else having the same issue on the list here
with @yahoogroups.com mails?

> Loren
> 

Sincerely,
Yousef Raffah
Senior Systems Administrator
SSIS - The Savola Group

--
Aren't you using Firefox? Get it at getfirefox.com
yousef.raffah.com


signature.asc
Description: This is a digitally signed message part

Re: Null Messages from Yahoo! Groups?

[Loren Wilton]

> @yahoogroups.com, although the message has the below headers, it shows
> no sender and no subject.

> Subject: [ Nawaf ] äÝÓ ÇáÅÍÓÇÓ íÇ äÇÓ / ÕæÑ æßáãÇÊ ÊÓÊÍÞ ÇáÞÑÇÁÉ
> From: SOFI <[EMAIL PROTECTED]>

Looks to me like a sender and a subject.
Of course, the sender doesn't match

> X-Sender: [EMAIL PROTECTED]

But maybe that has something to do with the mailing list software.

Loren

Null Messages from Yahoo! Groups?

[Yousef Raffah]

Hi Everyone,

I'm having a quite strange status of all the mails coming from
@yahoogroups.com, although the message has the below headers, it shows
no sender and no subject.


Return-Path: <>
Received: from 10.10.1.9 by mailsrv with ESMTP id 48206191142061138;
Sat, 11 Mar 2006 10:12:18 +0300
Received: from kansai.savoladns.com ([10.10.1.4]) by srv2 with InterScan
Messaging Security Suite; Sat, 11 Mar 2006 10:33:55 +0300
X-Envelope-From:
<[EMAIL PROTECTED]>
X-Envelope-To: <[EMAIL PROTECTED]>
X-Quarantine-Id: 
Received: from n3a.bullet.scd.yahoo.com (n3a.bullet.scd.yahoo.com
[66.94.237.37]) by kansai.savoladns.com (Postfix) with SMTP id
C2BB410202 for <[EMAIL PROTECTED]>; Sat, 11 Mar 2006 10:22:52 +0300
(AST)
Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=lima;
d=yahoogroups.com; b=McSL2mOL1JAeQdrWDsH+dj+3PKD3ZPnbcluWkPQt5peTWU/Qnp
+XWFgmG7r6xgNB7LQPZa3o+eTTw3US4sM70jrWRK
+XqnxNKXmcQ4JmyCczJW1Gg9MNbtqsTfVCkmDU;
Received: from [66.218.66.59] by n3.bullet.scd.yahoo.com with NNFMP; 11
Mar 2006 07:21:39 -
Received: from [66.218.66.96] by t8.bullet.scd.yahoo.com with NNFMP; 11
Mar 2006 07:21:39 -
X-Yahoo-Newman-Property: groups-email
Received: (qmail 39706 invoked from network); 11 Mar 2006 07:08:52 -
Received: from unknown (66.218.67.36) by m13.grp.scd.yahoo.com with
QMQP; 11 Mar 2006 07:08:52 -
Received: from unknown (HELO n4a.bullet.dcn.yahoo.com) (216.155.203.224)
by mta10.grp.scd.yahoo.com with SMTP; 11 Mar 2006 07:08:51 -
Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys
Received: from [216.155.201.64] by n4.bullet.dcn.yahoo.com with NNFMP;
11 Mar 2006 07:08:44 -
Received: from [66.218.69.5] by t1.bullet.dcn.yahoo.com with NNFMP; 11
Mar 2006 07:08:43 -
Received: from [66.218.66.89] by t5.bullet.scd.yahoo.com with NNFMP; 11
Mar 2006 07:08:43 -
X-Sender: [EMAIL PROTECTED]
X-Apparently-To: [EMAIL PROTECTED]
Received: (qmail 94798 invoked from network); 10 Mar 2006 03:31:55 -
Received: from unknown (66.218.67.33) by m13.grp.scd.yahoo.com with
QMQP; 10 Mar 2006 03:31:55 -
Received: from unknown (HELO hotmail.com) (65.54.174.17) by
mta7.grp.scd.yahoo.com with SMTP; 10 Mar 2006 03:31:55 -
Received: from mail pickup service by hotmail.com with Microsoft
SMTPSVC; Thu, 9 Mar 2006 19:31:33 -0800
Message-ID: <[EMAIL PROTECTED]>
Received: from 65.54.174.200 by by103fd.bay103.hotmail.msn.com with
HTTP; Fri, 10 Mar 2006 03:31:32 GMT
X-Originating-Email: [EMAIL PROTECTED]
X-Sender: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
X-OriginalArrivalTime: 10 Mar 2006 03:31:33.0974 (UTC)
FILETIME=[2132F760:01C643F3]
X-Originating-IP: 65.54.174.17
X-eGroups-Msg-Info: 1:7:0:0
From: SOFI <[EMAIL PROTECTED]>
X-eGroups-Edited-By: n_i_22000 <[EMAIL PROTECTED]>
X-eGroups-Approved-By: n_i_22000 <[EMAIL PROTECTED]> via web; 11 Mar
2006 07:08:41 -
MIME-Version: 1.0
Mailing-List: list [EMAIL PROTECTED]; contact
[EMAIL PROTECTED]
Delivered-To: mailing list [EMAIL PROTECTED]
List-Id: 
Precedence: bulk
List-Unsubscribe: 
Date: Fri, 10 Mar 2006 03:31:32 +  (06:31 AST)
Subject: [ Nawaf ] äÝÓ ÇáÅÍÓÇÓ íÇ äÇÓ / ÕæÑ æßáãÇÊ ÊÓÊÍÞ ÇáÞÑÇÁÉ
Reply-To: [EMAIL PROTECTED]
Content-Type: text/html
Content-Transfer-Encoding: 8bit
X-Spam-Status: Yes, score=11.167 tag=-100 tag2=6.3 kill=6.3
tests=[BAYES_99=3.5, DNS_FROM_RFC_ABUSE=0.2, DNS_FROM_RFC_WHOIS=1.447,
HTML_90_100=0.113, HTML_FONT_LOW_CONTRAST=0.194, HTML_MESSAGE=0.001,
HTML_TAG_EXIST_BGSOUND=2.107, MIME_HTML_ONLY=0.001,
MSGID_FROM_MTA_HEADER=0, SARE_HTML_COLOR_NWHT3=0.656,
SARE_HTML_FONT_INVIS2=0.64, SARE_HTML_GIF_SHORT=0.5,
SARE_HTML_NO_BODY2=0.2, SARE_HTML_NO_BODY3=0.129, SARE_HTML_P_BREAK=0.2,
SUBJ_ILLEGAL_CHARS=4.279]
X-Spam-Score: 11.167
X-Spam-Level: **
X-Spam-Flag: YES

Has any of you had a similar situation? What could it be related to?
One more thing, in case it makes any difference, I have greylisted
@yahoo.com and @hotmail.com mails! :|

Sincerely,
Yousef Raffah
Senior Systems Administrator
SSIS - The Savola Group

--
Aren't you using Firefox? Get it at getfirefox.com
yousef.raffah.com


signature.asc
Description: This is a digitally signed message part