Re: Increase in Spam
It's a few lines of perl. Download it. Put the pieces in the appropriate
places. Go.
(The direct answer is of course not. It's still beta and nobody has
done rpms, debs, or ports of it. There might now be a zip or tar file
of it.)
{^_-}
- Original Message -
From: Steve Lake [EMAIL PROTECTED]
Oh, this sounds spectacular. One question. Is there a port on
Freebsd for this? I don't see one offhand. If there is, then that would
assume that all the other necessary ports are present as well. If not,
it'll be a royal b trying to get the nix versions installed instead if
no freebsd ported versions are available. :(
Also, stupid question to go with the first comment. Will this
plugin be included in 3.2.0 so that it's native, or at least an optional
feature? I don't care if it takes a bit of extra processor power. The
server is a low volume dedicated server, so CPU load isn't an issue. Spam
catching of near 100% is. :)
At 05:01 PM 10/12/2006 -0700, Kelson wrote:
Max Clark wrote:
I have seen an increase in the amount of spam that has made its way
through our filters and in to our inboxes. Most of this seems to be
the stock pitches that are image attachments. Is there any way to
effectively combat this?
Look into FuzzyOCR.
http://wiki.apache.org/spamassassin/FuzzyOcrPlugin
Drawback: it needs lots of CPU and extra time per message (more precisely,
per message with attached images). YMMV.
--
Kelson Vibber
SpeedGate Communications www.speed.net
Steven Lake
Owner/Technical Writer
Raiden's Realm
www.raiden.net
A friendly web community
Re: Should I upgrade to 3.1.6?
3.1.7. Skip 6.
{^_^}
- Original Message -
From: Steve Lake [EMAIL PROTECTED]
To: users@spamassassin.apache.org
Sent: Saturday, October 14, 2006 20:14
Subject: Should I upgrade to 3.1.6?
Just looked over the bug fix list for 3.1.6 and it doesn't seem
like anything *major* that would suggest that I should make the leap. I'm
right now running 3.1.5 on my box. Is there other improvements, such as
rules and the like, that would make this a preferable upgrade? Or should I
just hold tight for 3.2.0 or one of the next maintenance updates?
Steven Lake
Owner/Technical Writer
Raiden's Realm
www.raiden.net
A friendly web community
Re: Which release of spamassassin should I use on a Debian sarge system?
Chris Purves schrieb: On October 13, 2006 06:42 am, Bart Veltman wrote: Currently I am using spamassassin version 3.0.3 on a Debian 3.1 sarge (stable release) linux system. According to Debian this version is stable but is more than a year old. Which version should I use, or must I use, to maintain a stable environment? Still go on with version 3.0.3 or upgrade to a newer version? You can also get newer versions of spamassassin from debian-volatile, which maintains packages that update often (such as spamassassin, antivirus, etc). You would need to add the following to your sources.list (although you'll probably want a closer mirror http://www.debian.org/devel/debian-volatile/volatile-mirrors): deb http://gulus.usherbrooke.ca/debian-volatile stable/volatile-sloppy main deb-src http://gulus.usherbrooke.ca/debian-volatile stable/volatile-sloppy main I definitely recommend that you upgrade your spamassassin. The version currently in volatile is 3.1.5. I can't comment as to the differences ^ it seems that currently only 3.1.4 is available through volatile-sloppy, but thx for your tip, i was not aware of sloppy too ... apt-cache policy spamassassin spamassassin: Installed: 3.1.4-1 3.1.4-0volatile1 900 1 http://ftp.de.debian.org stable/volatile-sloppy/main Packages Greetings THX MH
Does re-learning really work?
I'm worried. Whenever I feed a message with autolearn=spam or autolearn=ham to sa-learn --forget, I get Forgot tokens from 0 message(s) (1 message(s) examined) back. That's bad, because it means that the net effect of re-learning a spam incorrectly learnt as ham is one spam occurrence and one ham occurrence of each token, instead of just one spam occurrence. Indeed, when I did spamassassin -D bayes testmessage the debug output reported learning from a different @sa_generated message ID than sa-learn -D bayes --forget said it was trying to forget (but didn't find). AFAICT from reading the source, get_msg() in Mail::SpamAssassin::Bayes is used in both cases. So why does it make up different IDs? -- Magnus Holmgren[EMAIL PROTECTED] (No Cc of list mail needed, thanks) pgpXUlYVd2XFV.pgp Description: PGP signature
Re: Fuzzy cannot read this
On Sun, October 15, 2006 12:11, Spamassassin List wrote: gocr -d 2 -l 90 k.gif try gocr -d 2 -l 85 k.gif now DIET commes :-) D_o nor clIck,)usrrype In your browser hnp ((hoper_ ner or add some words from there -- This message was sent using 100% recycled spam mails.
Been getting alot of these lately.. anyone else?
Has anyone figured a good recipe for blocking these type of spam yet? I get 3-5 per day to each user on my mail server. Thanks Original Message Subject:Re: Work has been closed permanently Date: Sun, 15 Oct 2006 21:28:50 +0600 From: Leslie Hilton [EMAIL PROTECTED] To: [EMAIL PROTECTED] Attention , Find out how to generate 1.5 - 3.5k per day from your home. 800.671.9007 Phone me at my number if you can return calls. Thanks Alot, Leslie Hilton
RE: Increase in Spam
Steve Lake wrote: Oh, this sounds spectacular. One question. Is there a port on Freebsd for this? I don't see one offhand. If there is, then that would assume that all the other necessary ports are present as well. If not, it'll be a royal b trying to get the nix versions installed instead if no freebsd ported versions are available. :( Also, stupid question to go with the first comment. Will this plugin be included in 3.2.0 so that it's native, or at least an optional feature? I don't care if it takes a bit of extra processor power. The server is a low volume dedicated server, so CPU load isn't an issue. Spam catching of near 100% is. :) At 05:01 PM 10/12/2006 -0700, Kelson wrote: Max Clark wrote: I have seen an increase in the amount of spam that has made its way through our filters and in to our inboxes. Most of this seems to be the stock pitches that are image attachments. Is there any way to effectively combat this? Look into FuzzyOCR. http://wiki.apache.org/spamassassin/FuzzyOcrPlugin Drawback: it needs lots of CPU and extra time per message (more precisely, per message with attached images). YMMV. -- Kelson Vibber SpeedGate Communications www.speed.net Steven Lake Owner/Technical Writer Raiden's Realm www.raiden.net A friendly web community All the ports, except one, are there. I really should put together a port (I'm running it on my FreeBSD/amd64 mailhost. Works great. -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 512-248-2683 E-Mail: ler@lerctr.org US Mail: 430 Valona Loop, Round Rock, TX 78681-3893
Re: Which release of spamassassin should I use on a Debian sarge system?
On Sunday 15 October 2006 04:10, Matthias Haegele wrote: Chris Purves schrieb: I definitely recommend that you upgrade your spamassassin. The version currently in volatile is 3.1.5. I can't comment as to the differences ^ it seems that currently only 3.1.4 is available through volatile-sloppy, but thx for your tip, i was not aware of sloppy too ... Thanks for catching my mispassing my test. ;-) -- Take care, Chris
Re: Any comments of the SpamHaus lawsuit?
On Wed, 2006-10-11 at 06:16 +, [EMAIL PROTECTED] wrote: Hi, quite frankly: mis-listings occur but if a domain remains blacklisted after a court case, it must be for a reason :) As an email user, I dont want to have to find out that reason :( As a non-american, I can see this as a vote with your feet case stop buying US products Wolfgang Hamann It's hard to stop buying US products, or UK products, or any particular nation's products: everybody is selling things to everybody else, and the computer in your German car might come from Malaysia, Texas, Japan, or Singapore. The list goes on. I suggest a different approach: organize your friends, coworkers, and neighbors to get your own government involved: after all, if a U.S. court can dictate the actions of a UK company, then it should be able to do so in other countries. FWIW. Bill Horne
RE: Fuzzy cannot read this
I got a couple of words at grey level 60-70 gocr -d 2 -l 60 k.gif _ _ _ _ ' '' \code(01d0).h\_ _ L_,^_ _,__'_ h __rrdcms osEsrn a \ _ \ _ 5uppN_Es dppErIm uRE _0 Dr_E* pRDo_cr _ l OOW ff*Tu_dL _No Um _ PuRE, UnnocEssED pRoDun _ ffo FrcLERs _ PRomTEs s*rE, _p7D rRr rws _ CtEEE7*Effp_EDM EyEE I _ CdN EtuL_ 8E rnm*drED r_N ExIsrING DIET puNs . w,,c, T,, N,,,s ,yD m, ,,, ,D, ,,r _ MimEs you mEc inD Loom rNc*EorRrEI. ?_ u D_o no, clIck,)us,,ype In your browser hnp ((hoper_ ne, -Original Message- From: Spamassassin List [mailto:[EMAIL PROTECTED] Sent: Sunday, October 15, 2006 5:12 AM To: users@spamassassin.apache.org Subject: Fuzzy cannot read this Hi, Can any one of you get the same result as I do? gocr -d 2 -l 90 k.gif __ _ ' '' \code(01d0).h\_ _ L_,^_ _,I_'_ _ __rrdcmsosEsrna \ W \ _ 5umR_Es dmErIm _E m Dr_E_ pR__c_ _ 100W JldTu_dL _No m _ PuRç U*nmwED pmwn _ ffo nccERs _ PRmDTEs 0rE, mp7D rir con _ I_EEE7*E/fpNEDu E*EE I _ Cd_ _u__ 8E J_mRdrED I*nD ExIsrIM _IET pu_s _ WjTm T_E Nu_0s ynT tmd _ tyo nE NEy w_ mEmEI _ Mimn rou mc i*D Lom rNcREorRcE.I __ u _ ___ _ i b Y L r D_o nor clIck,)usrrype In your browser hnp ((hoper_ ner
Re[2]: Any comments of the SpamHaus lawsuit?
On Wednesday, October 11, 2006, 1:16:18 AM, hamann.w wrote: hwtod As a non-american, I can see this as a vote with your feet hwtod case stop buying US products I'm squarely on the side of Spamhaus and sensitive to these issues, as I myself have been sued by a ROKSO-listed spa^H^H^H electronic marketing entrepreneur, in a foreign jurisdiction (California) and had to move to dismiss for lack of personal jurisdiction, which I was successful in doing. Blaming the court, the U.S., or the U.S. legal system is completely unwarranted. From what I have seen from news articles, public discussion, and the documents filed in the case itself, Spamhaus did not challenge personal jurisdiction. Spamhaus, after removing the case from state court to federal court and filing an answer, deliberately allowed a default judgment for damages and a permanent injunction to be taken against it, apparently under the theory that any such judgment would be unenforceable anyway. I'm not an expert on German law, but I suspect that if some spammer sued me in Germany, I'd have to take some affirmative steps to deal with that, lest I end up with a German judgment rendered against me. Blame the plaintiffs, blame what some might consider to be less-than-stellar legal advice given Spamhaus, but don't blame the court for following the law. -- Best regards, Robert Braver [EMAIL PROTECTED]
How to filter these spam messages
Hello, I'm trying to figure out what to do to filter these spam messages. I can't seem to find a ruleset which would filter them. Perhaps I need to change something in my configuration? any help would be appreciated, thanks! Here are the latest spam I'm receiving: http://optinet.com/spam.txt My config is pretty much default and I have few extra rulesets from rulesemporium Thanks, Simon
Re: How to filter these spam messages
I have adopted the following policy, I run commercial free email. If it is unsolicited it gets blacklisted. If they want to run commercials through my email site, I will let them, provided they use a mailing list and the user can opt out. Random, unsolicited emails go in the blacklist. This method (too me) works the best. While spamassassin works very well also, it becomes much more inflated in terms of code, the more rules there are. I use spamassassin also, but for just standard unsolicited email, it goes to the bit bucket. I will sell them commercials on my site, I will be glad to set up a site wide mailing list and let my customers subscribe to the ones they want (for a monthly fee). I am not going to subsidize email commercials on bandwidth my customers and I pay for, nor do I want to let someone, such as a spammer, use my resources for free, if they want to use them, they will pay for them, through the sales of subscribe/unsubscribe mailing lists. So, if they wanna play, their gonna hafta pay. I believe this is the only way to force spammers to comply with some kind of email policy. Simon wrote: Hello, I'm trying to figure out what to do to filter these spam messages. I can't seem to find a ruleset which would filter them. Perhaps I need to change something in my configuration? any help would be appreciated, thanks! Here are the latest spam I'm receiving: http://optinet.com/spam.txt My config is pretty much default and I have few extra rulesets from rulesemporium Thanks, Simon
Re: Does re-learning really work?
On Sunday 15 October 2006 16:55, Magnus Holmgren took the opportunity to say: Indeed, when I did spamassassin -D bayes testmessage the debug output reported learning from a different @sa_generated message ID than sa-learn -D bayes --forget said it was trying to forget (but didn't find). AFAICT from reading the source, get_msg() in Mail::SpamAssassin::Bayes is used in both cases. So why does it make up different IDs? Apparently, when sa-learn reads a message from stdin, for some reason the entire header, and possibly even the empty line separating it from the body, disappears. Or at least $msg-get_header(Date) and $msg-get_header(Received) in get_msgid() in Bayes.pm return undef or ''. When I give sa-learn a filename it works. Also, learning via the TELL spamd method works, as does spamassassin -r with filename as well as stdin. -- Magnus Holmgren[EMAIL PROTECTED] (No Cc of list mail needed, thanks) pgpMlZK2lBfzc.pgp Description: PGP signature
RE: Been getting alot of these lately.. anyone else?
Has anyone figured a good recipe for blocking these type of spam yet? I get 3-5 per day to each user on my mail server. Thanks Original Message Subject:Re: Work has been closed permanently Date: Sun, 15 Oct 2006 21:28:50 +0600 From: Leslie Hilton [EMAIL PROTECTED] To: [EMAIL PROTECTED] Attention , Find out how to generate 1.5 - 3.5k per day from your home. 800.671.9007 Phone me at my number if you can return calls. Thanks Alot, Leslie Hilton These score around 9 for me. They hit on DCC, Bayes and other network tests. X-Spam-Status: Yes, score=14.774 tag=x tag2=5 kill=8 tests=[BAYES_99=3.5, DCC_CHECK=1.75, FORGED_RCVD_HELO=0.135, L_P0F_WXP=1.5, RCVD_IN_NJABL_DUL=1.946, RCVD_IN_SORBS_DUL=2.046, RCVD_IN_XBL=3.897 X-Spam-Status: Yes, score=9.995 tag=x tag2=5 kill=8 tests=[BAYES_95=3, DNS_FROM_RFC_DSN=2.597, DNS_FROM_RFC_POST=0.5, L_P0F_UNKN=0.001, RCVD_IN_XBL=3.897] The L_P0F_ is an amavis thing. Feed them to bayes. Install, configure and use DCC if you are not now. Make sure other network tests are working. Gary V _ Share your special moments by uploading 500 photos per month to Windows Live Spaces http://clk.atdmt.com/MSN/go/msnnkwsp007001msn/direct/01/?href=http://www.get.live.com/spaces/features
Re: Been getting alot of these lately.. anyone else?
Scott Friedman wrote: Has anyone figured a good recipe for blocking these type of spam yet? I get 3-5 per day to each user on my mail server. Thanks Original Message Subject: Re: Work has been closed permanently Date: Sun, 15 Oct 2006 21:28:50 +0600 From: Leslie Hilton [EMAIL PROTECTED] To: [EMAIL PROTECTED] Attention , Find out how to generate 1.5 - 3.5k per day from your home. 800.671.9007 Phone me at my number if you can return calls. Thanks Alot, Leslie Hilton Me my self, catch most of them through Greylisting, and therefore they will never enter my network or mail server at all. :-) /Micke
Re: How to filter these spam messages
Yea, I was getting ready to post about the same kind of spam.. Very obnoxious. Anyone ideas? - Original Message - From: Simon [EMAIL PROTECTED] To: users@spamassassin.apache.org Sent: Sunday, October 15, 2006 2:29 PM Subject: How to filter these spam messages Hello, I'm trying to figure out what to do to filter these spam messages. I can't seem to find a ruleset which would filter them. Perhaps I need to change something in my configuration? any help would be appreciated, thanks! Here are the latest spam I'm receiving: http://optinet.com/spam.txt My config is pretty much default and I have few extra rulesets from rulesemporium Thanks, Simon
Re: Does re-learning really work?
From: Magnus Holmgren [EMAIL PROTECTED]
On Sunday 15 October 2006 16:55, Magnus Holmgren took the opportunity to say:
Indeed, when I did spamassassin -D bayes testmessage the debug output
reported learning from a different @sa_generated message ID
than sa-learn -D bayes --forget said it was trying to forget (but didn't
find). AFAICT from reading the source, get_msg() in
Mail::SpamAssassin::Bayes is used in both cases. So why does it make up
different IDs?
Apparently, when sa-learn reads a message from stdin, for some reason the
entire header, and possibly even the empty line separating it from the body,
disappears. Or at least $msg-get_header(Date) and
$msg-get_header(Received) in get_msgid() in Bayes.pm return undef or ''.
When I give sa-learn a filename it works. Also, learning via the TELL spamd
method works, as does spamassassin -r with filename as well as stdin.
Magnus, either you have horridly hashed up your SA setup or you are
learning differently than you think.
First, if you have fed a message through SpamAssassin and it has
encapsulated the spam as an attachment the resultant message will
have a different message id. I am not sure which message ID gets
reported at the place you are looking. (It appears you are messing
with the source. That's not a good idea until you are sure what the
program is doing. But I'm sure you know that already.)
You do not give adequate information about how you are running salearn
for anybody to make any useful guesses about how to help you. So I
rather hesitate to make a lot of guesses like testmessage being a
pile of spam messages all rolled into one in mbox format without using
the --mbox flag on sa-learn or guessing you did not read the salearn
man page or even feeding the message to be learned to sa-learn through
stdin.
These two lines provable work properly for me when I learn a packet
of spam messages in mbox format.
sa-learn --ham --showdots --mbox ~/mail/ham
sa-learn --spam --showdots --mbox ~/mail/spam
Your prior message indicated you were fussing with something like
autolearn=ham or autolearn=spam. Those are simply informative
tags in the message markup. They are not instructions for sa-learn.
You do not want to change the message file in ANY way. Do not strip
off the SA markup. The sa-learn tool is smart enough to do that for
you. Take the raw spamassassin marked up message, feed it to sa-learn
with the proper --ham or --spam marking on it. Feed it in by filename,
which is all sa-learn understands. Give sa-learn a hint about the
mailbox format. It's designed to read masses of messages so you do not
need to feed them one at a time, although that works, too.
{^_^}
{^_^}
Re: Been getting alot of these lately.. anyone else?
From: Scott Friedman [EMAIL PROTECTED]
Has anyone figured a good recipe for blocking these type of spam yet?
I get 3-5 per day to each user on my mail server.
Thanks
Original Message
Subject: Re: Work has been closed permanently
Date: Sun, 15 Oct 2006 21:28:50 +0600
From: Leslie Hilton [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Attention ,
Find out how to generate 1.5 - 3.5k per day from your home.
800.671.9007
Phone me at my number if you can return calls.
Thanks Alot,
Leslie Hilton
The lowest scoring one of those puppies to hit here ran up a score
of 7.3:
-1.5 JD_SENDER_RELAYGood list with Sender header
0.0 DK_POLICY_SIGNSOME Domain Keys: policy says domain signs some mails
3.0 BAYES_95 BODY: Bayesian spam probability is 95 to 99%
[score: 0.9771]
0.0 JD_VHI_BAYES JD_VHI_BAYES
0.0 JD_HI_BAYESJD_HI_BAYES
3.8 JD_HI_BAYES_LKML LKML likely spam
2.0 JD_VHI_BAYES_LKML LKML very likely spam
That first rule that was hit shows it was through an open mailing list.
The BAYES_95 rule hits 3.0 points here. I don't remember changing it
from the default. It triggered two rules for BAYES being pretty strong
spam indicators. The VHI BAYES is 95 or 99. The HI BAYES is 80, 95, or
99. They are components for the next two rules that hit which are meta
rules indicating high and very high BAYES scores and an open mailing
list relay.
Poof - spam gone. It works very nicely here for three lists I am on
that work with open relaying and don't have perfect spam filtering.
{^_-}
Re: How to filter these spam messages
Try Greylisting if you are admin on your own e-mail server! That will filter most of those e-mails. /Micke Simon wrote: Hello, I'm trying to figure out what to do to filter these spam messages. I can't seem to find a ruleset which would filter them. Perhaps I need to change something in my configuration? any help would be appreciated, thanks! Here are the latest spam I'm receiving: http://optinet.com/spam.txt My config is pretty much default and I have few extra rulesets from rulesemporium Thanks, Simon
Re: How to filter these spam messages
Someone want to explain Greylisting? - Original Message - From: Micke Andersson [EMAIL PROTECTED] To: Simon [EMAIL PROTECTED] Cc: users@spamassassin.apache.org Sent: Sunday, October 15, 2006 3:50 PM Subject: Re: How to filter these spam messages Try Greylisting if you are admin on your own e-mail server! That will filter most of those e-mails. /Micke Simon wrote: Hello, I'm trying to figure out what to do to filter these spam messages. I can't seem to find a ruleset which would filter them. Perhaps I need to change something in my configuration? any help would be appreciated, thanks! Here are the latest spam I'm receiving: http://optinet.com/spam.txt My config is pretty much default and I have few extra rulesets from rulesemporium Thanks, Simon
Re: How to filter these spam messages
From: Simon [EMAIL PROTECTED]
Hello,
I'm trying to figure out what to do to filter these spam messages. I can't seem
to
find a ruleset which would filter them. Perhaps I need to change something in
my configuration? any help would be appreciated, thanks!
Here are the latest spam I'm receiving:
http://optinet.com/spam.txt
My config is pretty much default and I have few extra rulesets from
rulesemporium
1) Technically every message sent through SpamAssassin is filtered. So
I've no idea what you mean above.
2) Taking a stab in the dark you are expecting SpamAssassin to fail to
pass along spam messages for delivery. This is not something that
SpamAssassin does. All SA does is issue a score, one of several
different ways. It is up to your MDA to act on that score if you do
not want spams (and mismarked hams) delivered. Personally I use a
markup that places this at the front of the spam message subject
lines and encapsulates the spam inside a protective outer message.
*SPAM* 057.6 **
(That one was a drug spam that triggered just a whole LOT of regular,
SARE, DNS, and JD special rules that are up to 100% perfect anti-spam
rules.)
Then I use OutlookExpress's filtering capability on the first part of
that markup to toss the messages into a SPAM folder. I check the
spam folder maybe twice a day to see if there is any mismarked ham.
Those will be low scoring so I sort on the subjects and look at the
ones with the low scores only. Sometimes I amuse myself with the
rather high scores some spams can achive. Leo (see SpamHaus) managed
to break 100 on all low points rules once. He has a sense of humor
at least. He's still a dispensible human being.
I hope this helps you just a little. (And maybe even shows how to make
anti-spam at least amusing as well as rewarding.)
{^_^}
Re: How to filter these spam messages
Google for it. LOTS OF information lives out there to find. - Original Message - From: Billy Huddleston [EMAIL PROTECTED] To: users@spamassassin.apache.org Sent: Sunday, October 15, 2006 12:58 Subject: Re: How to filter these spam messages Someone want to explain Greylisting? - Original Message - From: Micke Andersson [EMAIL PROTECTED] To: Simon [EMAIL PROTECTED] Cc: users@spamassassin.apache.org Sent: Sunday, October 15, 2006 3:50 PM Subject: Re: How to filter these spam messages Try Greylisting if you are admin on your own e-mail server! That will filter most of those e-mails. /Micke Simon wrote: Hello, I'm trying to figure out what to do to filter these spam messages. I can't seem to find a ruleset which would filter them. Perhaps I need to change something in my configuration? any help would be appreciated, thanks! Here are the latest spam I'm receiving: http://optinet.com/spam.txt My config is pretty much default and I have few extra rulesets from rulesemporium Thanks, Simon
Scanning aliases for spam
Hi. I hope this question isnt beyond the scope of this group or hasnt been answered already. I maintain a site that runs Majordomo v. 1.94.5. We have over 55 groups and close to 4800 members. Some of these groups have been in existence for a while and have found themselves in spammer databases. Spamd runs fine on a local user account, but does not scan any aliases from the /etc/aliases file. Is there a way to have this done? Or is it beyond SA capabilities? TIA Michael Fenimore SysAdmin/WebMaster GriefNet.org
Re: How to filter these spam messages
What I meant to say is that, eventhough they do get filtered, these spam messages
do not get scored high enough to offset threshold so they get marked as spam. I
will check on greylisting, but what I was really hoping for is a ruleset which helps
score these high enough so they are marked as spam.
-Simon
On Sun, 15 Oct 2006 13:00:12 -0700, jdow wrote:
From: "Simon" [EMAIL PROTECTED]
Hello,
I'm trying to figure out what to do to filter these spam messages. I can't seem to
find a ruleset which would filter them. Perhaps I need to change something in
my configuration? any help would be appreciated, thanks!
Here are the latest spam I'm receiving:
http://optinet.com/spam.txt
My config is pretty much default and I have few extra rulesets from rulesemporium
1) Technically every message sent through SpamAssassin is filtered. So
I've no idea what you mean above.
2) Taking a stab in the dark you are expecting SpamAssassin to fail to
pass along spam messages for delivery. This is not something that
SpamAssassin does. All SA does is issue a score, one of several
different ways. It is up to your MDA to act on that score if you do
not want spams (and mismarked hams) delivered. Personally I use a
markup that places this at the front of the spam message subject
lines and encapsulates the spam inside a protective outer message.
*SPAM* 057.6 **
(That one was a drug spam that triggered just a whole LOT of regular,
SARE, DNS, and JD special rules that are up to 100% perfect anti-spam
rules.)
Then I use OutlookExpress's filtering capability on the first part of
that markup to toss the messages into a "SPAM" folder. I check the
spam folder maybe twice a day to see if there is any mismarked ham.
Those will be low scoring so I sort on the subjects and look at the
ones with the low scores only. Sometimes I amuse myself with the
rather high scores some spams can achive. Leo (see SpamHaus) managed
to break 100 on all low points rules once. He has a sense of humor
at least. He's still a dispensible human being.
I hope this helps you just a little. (And maybe even shows how to make
anti-spam at least "amusing" as well as rewarding.)
{^_^}
RE: How to filter these spam messages
-Original Message- From: Billy Huddleston [mailto:[EMAIL PROTECTED] Sent: Sunday, October 15, 2006 3:58 PM To: users@spamassassin.apache.org Subject: Re: How to filter these spam messages Someone want to explain Greylisting? It delays any email for up to 45 mins. If the sender is running a REAL server[sic] like aol or yahoo, it will retry it. Ok if you don't mind waiting a log time for email.
RE: Scanning aliases for spam
Title: Message 'scan' aliases? what do you mean? is what you meant to say is that spamd only scans LOCAL users and that email to an alias that is NOT LOCAL DESTINATION is not run through SA?
Re: Scanning aliases for spam
Hi. I hope this question isn't beyond the scope of this group or hasn't been answered already. I maintain a site that runs Majordomo v. 1.94.5. We have over 55 groups and close to 4800 members. Some of these groups have been in existence for a while and have found themselves in spammer databases. Spamd runs fine on a local user account, but does not scan any aliases from the /etc/aliases file. Is there a way to have this done? Or is it beyond SA capabilities? I have a similar problem. If you use Sendmail, try smf-spamd out.
RE: Scanning aliases for spam
Title: Message Majordomo uses aliases in the /etc/alias file that matches a list of members. Some of these lists have 100s of email addresses. So to answer your question, yes. Local users being those that are users on the network and have FQDN email addresses to this machine. Aliased names are those like the majordomo aliases. -Original Message- From: Michael Scheidell [mailto:[EMAIL PROTECTED] Sent: Sunday, October 15, 2006 4:53 PM To: Michael Fenimore; users@spamassassin.apache.org Subject: RE: Scanning aliases for spam 'scan' aliases? what do you mean? is what you meant to say is that spamd only scans LOCAL users and that email to an alias that is NOT LOCAL DESTINATION is not run through SA?
Re: senders domain has MX or not?
Suhas (QualiSpace) wrote: Hello, Which rule will help me in checking if senders domain has MX record or not. E.g I am getting email from [EMAIL PROTECTED], then the rule should check whether domain.com has an MX record or not. grin Fix your DNS: # host -t mx domain.com domain.com mail is handled by 10 sentry.domainbank.com. # host sentry.domainbank.com sentry.domainbank.com has address 64.85.73.28 so domain.com has an MX (which even resolves to an IP) . if you meant an example domain, then please use example.com and friends. /grin some notes: - Note that a domain is not required to have an MX. An A record is enough. - you may consider rejecting mail at MTA level if MX points to an obviously bad MX (127.0.0.1, as well as private address classes, ...), or if the MX points to a well-known spammer host, ... - you may also use the bougusmx list at rfc-ignorant, but this catches some legitimate (misconfigured) sites. so think twice before using it to reject at MTA level.
Re: How to filter these spam messages
(Long answer in email sent direct.)
Short answer - SARE. Check the Other Rules in the side bar. Fred's
rules are generally useful. And Jennifer's are timeless and useful.
{^_^}
- Original Message -
From: Simon [EMAIL PROTECTED]
What I meant to say is that, eventhough they do get filtered, these spam
messages
do not get scored high enough to offset threshold so they get marked as spam. I
will check on greylisting, but what I was really hoping for is a ruleset which
helps
score these high enough so they are marked as spam.
-Simon
On Sun, 15 Oct 2006 13:00:12 -0700, jdow wrote:
From: Simon [EMAIL PROTECTED]
Hello,
I'm trying to figure out what to do to filter these spam messages. I can't seem
to
find a ruleset which would filter them. Perhaps I need to change something in
my configuration? any help would be appreciated, thanks!
Here are the latest spam I'm receiving:
http://optinet.com/spam.txt
My config is pretty much default and I have few extra rulesets from
rulesemporium
1) Technically every message sent through SpamAssassin is filtered. So
I've no idea what you mean above.
2) Taking a stab in the dark you are expecting SpamAssassin to fail to
pass along spam messages for delivery. This is not something that
SpamAssassin does. All SA does is issue a score, one of several
different ways. It is up to your MDA to act on that score if you do
not want spams (and mismarked hams) delivered. Personally I use a
markup that places this at the front of the spam message subject
lines and encapsulates the spam inside a protective outer message.
*SPAM* 057.6 **
(That one was a drug spam that triggered just a whole LOT of regular,
SARE, DNS, and JD special rules that are up to 100% perfect anti-spam
rules.)
Then I use OutlookExpress's filtering capability on the first part of
that markup to toss the messages into a SPAM folder. I check the
spam folder maybe twice a day to see if there is any mismarked ham.
Those will be low scoring so I sort on the subjects and look at the
ones with the low scores only. Sometimes I amuse myself with the
rather high scores some spams can achive. Leo (see SpamHaus) managed
to break 100 on all low points rules once. He has a sense of humor
at least. He's still a dispensible human being.
I hope this helps you just a little. (And maybe even shows how to make
anti-spam at least amusing as well as rewarding.)
{^_^}
Re: How to filter these spam messages
From: Michael Scheidell [EMAIL PROTECTED]
From: Billy Huddleston [mailto:[EMAIL PROTECTED]
Someone want to explain Greylisting?
It delays any email for up to 45 mins.
If the sender is running a REAL server[sic] like aol or yahoo, it will
retry it.
Ok if you don't mind waiting a log time for email.
/for email/s//for some email/
Done right greylisting includes a list of addresses allowed to skip
the greylisting delay once the address proves to be valid.
{^_-}
RE: Any comments of the SpamHaus lawsuit?
On Wed, 2006-10-11 at 09:23 -0400, Coffey, Neal wrote: [snip] SpamHaus took on more responsibility than they'd like to admit. Unfortunately, this bit of the story isn't widely reported. Here's the best reference I could find, from the blog of an Illinois lawyer: http://blogs.securiteam.com/index.php/archives/664 From the article: As lawyers always do, let me caveat this with the usual disclaimers: I know only the bare minimum of details about the case, this message should not be construed in any way as legal advice, and no one should mistake me for a qualified trial lawyer. As someone, probably a law professor, once said: those who can do, do; those who can’t, teach. From my mother: ... and those who can't teach, teach teachers ;-) Spamhaus may have waived personal jurisdiction as a defense early on in the case when they not only appeared, but then asked for the case to be removed from state court (where it was originally filed) and moved to federal district court (where it is today). Arguably, [...] doing so inherently acknowledged the jurisdiction of the federal court. Basically, SpamHaus said Hey, you don't have jurisdiction, the Federal courts do! Then, when the case went to the Federal courts, SpamHaus said Wait...you don't either! Which doesn't work. That being said, I'm definitely on SpamHaus' side of the case in every legal and moral sense. It's unfortunate that they may have screwed themselves. Well, the dillemma is now clear: have a public presence and risk SLAPP suits, or join SPEWS and put up with getting your email via NANAB. Seems like an easy choice to me. Bill
RE: Re[2]: Any comments of the SpamHaus lawsuit?
Blame the plaintiffs, blame what some might consider to be less-than-stellar legal advice given Spamhaus, but don't blame the court for following the law. -- Best regards, Robert Braver Why blame the plaintiffs? Fortunately or unfortunately as the case may be, law is subject to interpretation based upon precedent, or lack thereof. As is authority and jurisdiction. Plus, people are fallible, make mistakes. Judges too. Then what? - rh -- Robert - Abba Communications Computer Internet Services (509) 624-7159 - www.abbacomm.net
RE: How to filter these spam messages
Someone want to explain Greylisting? Here is an example that references a coupla websites http://qmail.jms1.net/scripts/jgreylist.shtml - rh -- Robert - Abba Communications Computer Internet Services (509) 624-7159 - www.abbacomm.net
Re[4]: Any comments of the SpamHaus lawsuit?
On Sunday, October 15, 2006, 5:21:38 PM, R Lists06 wrote: Blame the plaintiffs, blame what some might consider to be less-than-stellar legal advice given Spamhaus, but don't blame the court for following the law. -- Best regards, Robert Braver RL Why blame the plaintiffs? The plaintiffs are the parties who filed the lawsuit against Spamhaus. I'm not familiar with the merits of their case, nor was there ever a determination on the merits in this case. Spamhaus walked away from the proceedings, allowing a default judgement to be entered against it. However, Spamhaus has a great deal of credibility as far as I'm concerned, and I have been hauled to court more than once by vindictive electronic marketing entrepreneurs making similar claims, so I tend to take it on faith that Spamhaus was publishing accurate information, and therefore the plaintiff's case had no merit. RL Fortunately or unfortunately as the case may be, law is subject to RL interpretation based upon precedent, or lack thereof. RL As is authority and jurisdiction. RL Plus, people are fallible, make mistakes. Judges too. RL Then what? Huh? -- Best regards, Robert Braver [EMAIL PROTECTED]
Re: Does re-learning really work?
On Sunday 15 October 2006 21:38, jdow took the opportunity to say: From: Magnus Holmgren [EMAIL PROTECTED] On Sunday 15 October 2006 16:55, Magnus Holmgren took the opportunity to say: Indeed, when I did spamassassin -D bayes testmessage the debug output reported learning from a different @sa_generated message ID than sa-learn -D bayes --forget said it was trying to forget (but didn't find). AFAICT from reading the source, get_msg() in Mail::SpamAssassin::Bayes is used in both cases. So why does it make up different IDs? Apparently, when sa-learn reads a message from stdin, for some reason the entire header, and possibly even the empty line separating it from the body, disappears. Or at least $msg-get_header(Date) and $msg-get_header(Received) in get_msgid() in Bayes.pm return undef or ''. When I give sa-learn a filename it works. Also, learning via the TELL spamd method works, as does spamassassin -r with filename as well as stdin. jdow: First, if you have fed a message through SpamAssassin and it has encapsulated the spam as an attachment the resultant message will have a different message id. I will do no such thing. I want my mail intact. I am not sure which message ID gets reported at the place you are looking. (It appears you are messing with the source. That's not a good idea until you are sure what the program is doing. But I'm sure you know that already.) The only thing I've done to the source is add a debug printout. You do not give adequate information about how you are running salearn testmessage is of course a single plain message. What I'm saying is that $ sa-learn --spam testmessage and $ sa-learn --spam testmessage give different results. I forgot to mention the version, 3.1.4 (Debian Etch). 3.0.3 (Debian Sarge) doesn't exhibit this behaviour, but there seems to be some other fishiness going on. I'll investigate further. -- Magnus Holmgren[EMAIL PROTECTED] (No Cc of list mail needed, thanks) pgpymZSS4UfHQ.pgp Description: PGP signature
Re: Scanning aliases for spam
On Sun, 15 Oct 2006, Michael Fenimore wrote:
Hi. I hope this question isn't beyond the scope of this group or hasn't
been answered already.
I maintain a site that runs Majordomo v. 1.94.5. We have over 55 groups
and close to 4800 members.
Some of these groups have been in existence for a while and have found
themselves in spammer databases.
Spamd runs fine on a local user account, but does not scan any aliases
from the /etc/aliases file.
Is there a way to have this done? Or is it beyond SA capabilities?
It depends upon how you have SA integrated into your mail system.
Usually SA is used in one of two ways; either at delivery time
(via procmail, etc) or as a part of your MTA chain (eg a sendmail
milter, Mimedefang, Amavis-new, Mailscanner, etc).
In the first way aliases may not be scanned, in the second as SA is
part of the transmission of mail thru your system it will be.
So the general answer is to look at your incoming MTA and see how you
can fit SA into that (different MTAs have different sets of options
available to them).
This is similar to the question of how to SA filter mail for an
Exchange server (no procmail there ;).
Dave
--
Dave Funk University of Iowa
dbfunk (at) engineering.uiowa.eduCollege of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_adminIowa City, IA 52242-1527
#include std_disclaimer.h
Better is not better, 'standard' is better. B{
Re: Should I upgrade to 3.1.6?
Ok, well I only see 3.1.6 on the site. Not unless I'm looking in
the wrong place.
At 11:26 PM 10/14/2006 -0700, jdow wrote:
3.1.7. Skip 6.
{^_^}
- Original Message - From: Steve Lake [EMAIL PROTECTED]
To: users@spamassassin.apache.org
Sent: Saturday, October 14, 2006 20:14
Subject: Should I upgrade to 3.1.6?
Just looked over the bug fix list for 3.1.6 and it doesn't seem
like anything *major* that would suggest that I should make the
leap. I'm right now running 3.1.5 on my box. Is there other
improvements, such as rules and the like, that would make this a
preferable upgrade? Or should I just hold tight for 3.2.0 or one of the
next maintenance updates?
Steven Lake
Owner/Technical Writer
Raiden's Realm
www.raiden.net
A friendly web community
Steven Lake
Owner/Technical Writer
Raiden's Realm
www.raiden.net
A friendly web community
Re: Increase in Spam
Oh, beta. Hmm, I guess I'm going to have to hold off on
installing it then. I can't risk putting betas on a production server,
even if it is a small one. Do you know if they'll make an announcement
about it when it's released?
At 11:25 PM 10/14/2006 -0700, jdow wrote:
It's a few lines of perl. Download it. Put the pieces in the appropriate
places. Go.
(The direct answer is of course not. It's still beta and nobody has
done rpms, debs, or ports of it. There might now be a zip or tar file
of it.)
{^_-}
- Original Message - From: Steve Lake [EMAIL PROTECTED]
Oh, this sounds spectacular. One question. Is there a port on
Freebsd for this? I don't see one offhand. If there is, then that
would assume that all the other necessary ports are present as well. If
not, it'll be a royal b trying to get the nix versions installed
instead if no freebsd ported versions are available. :(
Also, stupid question to go with the first comment. Will this
plugin be included in 3.2.0 so that it's native, or at least an optional
feature? I don't care if it takes a bit of extra processor power. The
server is a low volume dedicated server, so CPU load isn't an
issue. Spam catching of near 100% is. :)
At 05:01 PM 10/12/2006 -0700, Kelson wrote:
Max Clark wrote:
I have seen an increase in the amount of spam that has made its way
through our filters and in to our inboxes. Most of this seems to be
the stock pitches that are image attachments. Is there any way to
effectively combat this?
Look into FuzzyOCR.
http://wiki.apache.org/spamassassin/FuzzyOcrPlugin
Drawback: it needs lots of CPU and extra time per message (more
precisely, per message with attached images). YMMV.
--
Kelson Vibber
SpeedGate Communications www.speed.net
Steven Lake
Owner/Technical Writer
Raiden's Realm
www.raiden.net
A friendly web community
Steven Lake
Owner/Technical Writer
Raiden's Realm
www.raiden.net
A friendly web community
Re: Any comments of the SpamHaus lawsuit?
On Tue, 2006-10-10 at 23:25 -0700, John Rudd wrote: Jason Haar wrote: I've been waiting for anyone else to bring it up - but no-one has. If Spamhaus lose this lawsuit (which they are ignoring as they are UK-based and this is some judge in Chicago), they may very well lose their .ORG domain - which would have a rather large impact on our Antispam scores for a start... http://www.ibtimes.com/articles/20061009/anti-spam-lawsuit.htm Americans to arms I say... Start sending Internet for Dummies to the judge for starters ;-) I'm not really sure it's such a big deal. Spamhaus will have to resort to their UK domain. One where the laws entirely protect them from this kind of harassment. We'll all switch to using that domain instead of the .org domain, when using/referencing their RBLs. Oh the horror. Meanwhile, the twit who sued them has wasted a bunch of court fees, and made only the slightest dent in their operations. And the UK gets to look good. And the US government gets to look stupid in front of the world court of opinion (like that's anything new, given our current administration). Where's the problem? The precedent is the problem. As soon as one chickenboner wins the SLAPP lottery, they'll all line up to SLAPP any organization, corporation, or individual that annoys them. Convicted felons like Ralsky will be laughing themselves to sleep, thinking how easy it is to use a legal steamroller to quash their opposition. Spamfighting is almost entirely a volunteer operation, and those who join the Lumber Cartel (TINLC) do so with the expectation that they'll receive a lot of Cartooney threats from lawyers and pretend-lawyers. If this company succeeds in cutting off spamhaus's domain, the Cartooney letters will start to be real. At that point, the options open to the army of private citizens who've been fighting spam quickly narrow down to either quiting or joining/imitating SPEWS. Cartel members (TINC) will start looking over their shoulder and waiting for the process-server - and when that happens, the terrorists have won. FWIW. YMMV. Bill
A problem with AWL
Hi, I got a problem with a lot spam coming thru and it looks like the main reason is that AWL is on every test and when that is no there it give the e-mail negative points. How can I turn of AWL?And if I turn it off will effect domain and users on my list that I have that are whitelisted?Paynewww.britishscifiexchange.comwww.magigames.net
Re: Increase in Spam
As beta it works very well. No crashes etc. It needs fine tuning to
make it more effective, though.
{^_^}
- Original Message -
From: Steve Lake [EMAIL PROTECTED]
Oh, beta. Hmm, I guess I'm going to have to hold off on
installing it then. I can't risk putting betas on a production server,
even if it is a small one. Do you know if they'll make an announcement
about it when it's released?
At 11:25 PM 10/14/2006 -0700, jdow wrote:
It's a few lines of perl. Download it. Put the pieces in the appropriate
places. Go.
(The direct answer is of course not. It's still beta and nobody has
done rpms, debs, or ports of it. There might now be a zip or tar file
of it.)
{^_-}
- Original Message - From: Steve Lake [EMAIL PROTECTED]
Oh, this sounds spectacular. One question. Is there a port on
Freebsd for this? I don't see one offhand. If there is, then that
would assume that all the other necessary ports are present as well. If
not, it'll be a royal b trying to get the nix versions installed
instead if no freebsd ported versions are available. :(
Also, stupid question to go with the first comment. Will this
plugin be included in 3.2.0 so that it's native, or at least an optional
feature? I don't care if it takes a bit of extra processor power. The
server is a low volume dedicated server, so CPU load isn't an issue.
Spam catching of near 100% is. :)
At 05:01 PM 10/12/2006 -0700, Kelson wrote:
Max Clark wrote:
I have seen an increase in the amount of spam that has made its way
through our filters and in to our inboxes. Most of this seems to be
the stock pitches that are image attachments. Is there any way to
effectively combat this?
Look into FuzzyOCR.
http://wiki.apache.org/spamassassin/FuzzyOcrPlugin
Drawback: it needs lots of CPU and extra time per message (more
precisely, per message with attached images). YMMV.
--
Kelson Vibber
SpeedGate Communications www.speed.net
Steven Lake
Owner/Technical Writer
Raiden's Realm
www.raiden.net
A friendly web community
Steven Lake
Owner/Technical Writer
Raiden's Realm
www.raiden.net
A friendly web community
Any suggestions for 'postmaster' spams?
It appears that my email address is now being used as a from address in many spam emails to many addresses. Over the past week, I have gotten 150+ postmaster: mail delivery failure -each day-. Does anyone have suggestions on how to handle this? They're all semi-standard 'delivery failure' or 'content blocked' notices, so I created filtering rules based on the subjectline to put them all into a folder. I don't think they should be marked as spam though because they're not. Thanks, Brian -- All people who think everything is either black or white are idiots.
Re: How to filter these spam messages
On 2006-10-15, Michael Scheidell [EMAIL PROTECTED] wrote: Billy Huddleston wrote: Someone want to explain Greylisting? It delays any email for up to 45 mins. If the sender is running a REAL server[sic] like aol or yahoo, it will retry it. Ok if you don't mind waiting a log time for email. The latest versions of milter-greylist for sendmail allow you to fine tune greylisting on a per-user basis. My wife doesn't want to wait for her email, and has a small enough internet footprint that she doesn't get much spam anyway, so I put no delay on her account. My daughter and me, OTOH, get tons of spam and are willing to wait 30 minutes for delivery if it means less spam. Seems to work well here, anyway. -- John ([EMAIL PROTECTED])
Re: How to filter these spam messages
Won't work for my use.. Running SA for ISP.. Way too many people.. Way too much volume.. People upset at the time delays already.. which ar under 2 - 10 minutes.. Go Figure. - Original Message - From: John Thompson [EMAIL PROTECTED] To: users@spamassassin.apache.org Sent: Sunday, October 15, 2006 10:59 PM Subject: Re: How to filter these spam messages On 2006-10-15, Michael Scheidell [EMAIL PROTECTED] wrote: Billy Huddleston wrote: Someone want to explain Greylisting? It delays any email for up to 45 mins. If the sender is running a REAL server[sic] like aol or yahoo, it will retry it. Ok if you don't mind waiting a log time for email. The latest versions of milter-greylist for sendmail allow you to fine tune greylisting on a per-user basis. My wife doesn't want to wait for her email, and has a small enough internet footprint that she doesn't get much spam anyway, so I put no delay on her account. My daughter and me, OTOH, get tons of spam and are willing to wait 30 minutes for delivery if it means less spam. Seems to work well here, anyway. -- John ([EMAIL PROTECTED])
Re: Any suggestions for 'postmaster' spams?
Not much you can do about it other than find a shotgun, go find the
owner of the botnet sending the spam and the spammer generating them,
and shot the both of them in the groin. (That is to say, I know how
frustrating being on the incoming for a joejob can be. You could
also send email to the postmasters at the domains who are sending
you these failure messages and telling them that they are facilitating
spammers with their bounce messages. And if that does not work make a
procmail (or equivalent) rule to block these spam relaying domains.
Oh yes, and submit them to several block lists for good measure.
{^_^}
- Original Message -
From: Brian S. Meehan [EMAIL PROTECTED]
It appears that my email address is now being used as a from address in
many spam emails to many addresses. Over the past week, I have gotten 150+
postmaster: mail delivery failure -each day-.
Does anyone have suggestions on how to handle this? They're all
semi-standard 'delivery failure' or 'content blocked' notices, so I
created filtering rules based on the subjectline to put them all into a
folder. I don't think they should be marked as spam though because they're
not.
Thanks,
Brian
--
All people who think everything is either black or white are idiots.
Re: Should I upgrade to 3.1.6?
On 2006-10-15, Steve Lake [EMAIL PROTECTED] wrote: Just looked over the bug fix list for 3.1.6 and it doesn't seem like anything *major* that would suggest that I should make the leap. I'm right now running 3.1.5 on my box. Is there other improvements, such as rules and the like, that would make this a preferable upgrade? Or should I just hold tight for 3.2.0 or one of the next maintenance updates? If you have 3.1.5 working well I wouldn't bother. Besides, 3.1.7 is out already to address some 3.1.6 oops issues, but it hasn't made it into the FreeBSD ports tree yet. -- John ([EMAIL PROTECTED])
Re: Increase in Spam
On 2006-10-15, Steve Lake [EMAIL PROTECTED] wrote: Oh, this sounds spectacular. One question. Is there a port on Freebsd for this? I don't see one offhand. If there is, then that would assume that all the other necessary ports are present as well. If not, it'll be a royal b trying to get the nix versions installed instead if no freebsd ported versions are available. :( FuzzyORC itself doesn't have a FreeBSD port, but it's just a perl script. It depends on gocr for image processing, though, and there is a FreeBSD port for that available. Seems to work fine here on FreeBSD-5.4 Stable. Also, stupid question to go with the first comment. Will this plugin be included in 3.2.0 so that it's native, or at least an optional feature? I don't care if it takes a bit of extra processor power. The server is a low volume dedicated server, so CPU load isn't an issue. Spam catching of near 100% is. :) I have no idea if FuzzyOCR is being considered for inclusion into SA. It does take a considerable amount of CPU and memory resources, though. I'm running it on a dual PIII-600 system with 512MB RAM and scan times are routinely over 2 minutes/message, and a fair amount of swap is always in use. -- John ([EMAIL PROTECTED])
Re: Should I upgrade to 3.1.6?
On Sunday 15 October 2006 19:08, John Thompson wrote: If you have 3.1.5 working well I wouldn't bother. Besides, 3.1.7 is out already to address some 3.1.6 oops issues, but it hasn't made it into the FreeBSD ports tree yet. Why does it have to be in the ports tree? Does the CPAN version not run on FreeBSD? Full disclosure: I ran FreeBSD for exactly 6 months many years ago, so consider me clueless. -- _ John Andersen
RE: Any comments of the SpamHaus lawsuit?
Really, the idea that a US courts can order an international organisation, like InterNIC (that's the Inter- bit of InterNIC), to deregister a domain is farcical. The only pressure the US courts can place on InterNIC is Do what we say or you get shut down. Well, go ahead. Somehow I think that the community might have something to say about that, as it's tantamount to shutting down the internet. Also, to suggest that a community run organisation in another country can be compelled to do ANYTHING, by a US court anyway, is ludicrous. If E360 had a legitimate claim they should have made it in a UK court. As they files it in the US this makes it obvious that they know their claim is bogus. And, lastly, as much as US citizens hate to hear it, .org is NOT a US domain, .org.us is. The .com, .org, etc domains are international domains. The convention of assuming that the non country coded domains are US domains is simply a result of American hubris. It would actually be great to see international domains be means tested (you have to have offices in two or more countries before you can get one), but I would assume that the bitchfest that would ensue wouldn't be worth it. That's my 2 cents, anyway. As an Australian resident and citizen I do not want opt-out style marketing sent to me and it is very disheartening to hear that a US court would even try to force an international effort to STOP spam to allow a spammer (unsolicited bulk e-mail is unsolicited, period, there is no way to wriggle around that) to continue their nefarious trade is insulting and arrogant. I think the only thing the court should be able to force Spamhaus to do is to provide a voting mechanism to its users on the issue to see if the users who use SpamHaus want E360 blocked, and to put some sort of warning on their front page and in the RSYNC domain files, that E360 is blocked and that's about it. To award for losses is just stupid. People don't have to use SpamHaus, they choose to, and it is a decent assumption that if you use SpamHaus you don't WANT E360's crap. Sure, maybe showing up for the case might have been smart, but that's the way the cookie crumbles. For now the ball is in InterNIC's court, and I say they have a chance to declare their independence. Maybe InterNIC should move it's servers to Finland or somewhere less draconian. -Original Message- From: Bill Horne [mailto:[EMAIL PROTECTED] Sent: Monday, 16 October 2006 11:24 AM To: users@spamassassin.apache.org Subject: Re: Any comments of the SpamHaus lawsuit? On Tue, 2006-10-10 at 23:25 -0700, John Rudd wrote: Jason Haar wrote: I've been waiting for anyone else to bring it up - but no-one has. If Spamhaus lose this lawsuit (which they are ignoring as they are UK-based and this is some judge in Chicago), they may very well lose their .ORG domain - which would have a rather large impact on our Antispam scores for a start... http://www.ibtimes.com/articles/20061009/anti-spam-lawsuit.htm Americans to arms I say... Start sending Internet for Dummies to the judge for starters ;-) I'm not really sure it's such a big deal. Spamhaus will have to resort to their UK domain. One where the laws entirely protect them from this kind of harassment. We'll all switch to using that domain instead of the .org domain, when using/referencing their RBLs. Oh the horror. Meanwhile, the twit who sued them has wasted a bunch of court fees, and made only the slightest dent in their operations. And the UK gets to look good. And the US government gets to look stupid in front of the world court of opinion (like that's anything new, given our current administration). Where's the problem? The precedent is the problem. As soon as one chickenboner wins the SLAPP lottery, they'll all line up to SLAPP any organization, corporation, or individual that annoys them. Convicted felons like Ralsky will be laughing themselves to sleep, thinking how easy it is to use a legal steamroller to quash their opposition. Spamfighting is almost entirely a volunteer operation, and those who join the Lumber Cartel (TINLC) do so with the expectation that they'll receive a lot of Cartooney threats from lawyers and pretend-lawyers. If this company succeeds in cutting off spamhaus's domain, the Cartooney letters will start to be real. At that point, the options open to the army of private citizens who've been fighting spam quickly narrow down to either quiting or joining/imitating SPEWS. Cartel members (TINC) will start looking over their shoulder and waiting for the process-server - and when that happens, the terrorists have won. FWIW. YMMV. Bill
Re: Should I upgrade to 3.1.6?
* On 15/10/06 21:11 -0800, John Andersen wrote: | On Sunday 15 October 2006 19:08, John Thompson wrote: | | If you have 3.1.5 working well I wouldn't bother. Besides, 3.1.7 is out | already to address some 3.1.6 oops issues, but it hasn't made it into | the FreeBSD ports tree yet. | | Why does it have to be in the ports tree? Does the CPAN version | not run on FreeBSD? | | Full disclosure: I ran FreeBSD for exactly 6 months many years | ago, so consider me clueless. You're right. They'd both work the same, as far as I've seen all these years. The only difference is that the port allows one to pull in some complementary apps like DCC, RAZOR, etc in a clean way (clean, as in a systems maintained mostly via ports, not manual compiles). -Wash http://www.netmeister.org/news/learn2quote.html DISCLAIMER: See http://www.wananchi.com/bms/terms.php -- +==+ |\ _,,,---,,_ | Odhiambo Washington[EMAIL PROTECTED] Zzz /,`.-'`'-. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +==+ Whistler's Law: You never know who is right, but you always know who is in charge.
