Re: FRT_APPROV, FRT_EXPERIENCE FPs on French text

[John Wilcock]

Le 28/02/2011 20:34, Adam Katz a écrit :

I agree.  I have fixed those two specific examples on SA trunk at svn
revision 1075489.

Please note that this sort of thing is better handled as a bug request,
and complaints directed at this list tend not to get such prompt
attention.  Try filing it in https://issues.apache.org/SpamAssassin/
next time.  (Final note:  it's better to note such a thing here than not
at all.)


There was already a bug filed for this: 
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6541


As mentioned in the bug, FRT_DIPLOMA can hit French "diplôme" or "diplômé".

There's also FUZZY_CREDIT that hits on French "crédit" and that should 
perhaps also be mentioned in the bug. And there are almost certainly 
other similar cases in other European languages.


John.

--
-- Over 4000 webcams from ski resorts around the world - www.snoweye.com
-- Translate your technical documents and web pages- www.tradoc.fr

Re: report_safe 0 doesn't work

[Karsten Bräckelmann]

On Wed, 2011-03-02 at 08:00 -0800, macke...@animalhead.com wrote:
> On Mar 1, 2011, at 9:50 AM, Karsten Bräckelmann wrote:

> > > Mar  1 09:12:23.566 [68051] dbg: generic: Perl 5.010001, PREFIX=/usr/
> > > local, DEF_RULES_DIR=/usr/local/share/spamassassin, LOCAL_RULES_DIR=/
> > > etc/mail/spamassassin, LOCAL_STATE_DIR=/var/lib/spamassassin
> >   ^
> > There's a severe difference to the man-pages you just quoted.
> >
> > How did you install SA? It appears you ended up with two different
> > installations, though both being 3.3.1.
> 
> Installing SA 3.3.1 via CPAN cleared up problems from a failed attempt
> by our hosting provider to update something on the server (they never
> said exactly what), which left SA inoperative.  (It cleared up problems
> except for this one -- how SA tagged spam.)  The original SA install
> years ago was using a script from our hosting provider.

Indeed, two different installations. It appears, the man-page is the one
installed by your hosting provider, showing paths that actually are not
used life.

The correctly working executable you do use, installed via CPAN, uses
the SA default paths. That explains why it didn't clear up this problem
of report_safe -- it's non-0 by default.


> animalhead:~ $ spamassassin -D --lint 2>&1 | grep "site rules"
> Mar  2 07:33:27.529 [75068] dbg: config: using "/etc/mail/ 
> spamassassin" for site rules pre files

> So I edited etc/mail/spamassassin/local.cf to include report_safe 0.
> Probably all will be well now.
> 
> This problem may go back further than the 3.1.1 install.  I have a vague
> memory of trying to tweak some scoring coefficients years ago, without
> SA noticing those changes.

Well, you need to edit cf files in the site-config path your executable
actually uses. ;)


> Thanks very much,

Glad we've tracked down the bugger. :)


-- 
char *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}

Re: new rules - where do i activate them?

[Karsten Bräckelmann]

On Wed, 2011-03-02 at 13:59 -0800, an anonymous Nabble user wrote:
> Thanks Martin, for your help and time.  As you can see, I'm really new to SA. 
> I do see that the rules are there from the install and the the DNS module is
> there.  However, when I send a test email it doesn't score for the bl uri. 
> I created a test message that the only thing it has is 9hz.com, which is a
> bl site, and this is how it scores it.

>  0.9 MISSING_HEADERSMissing To: header

>From your scores I can tell you are using SA 3.3.x, and score-set 0.
That is, both Bayes AND network tests disabled. You will need to enable
network tests. Or rather, not disable them, since they are enabled by
default.

Hint: The option 'skip_rbl_checks 1' does NOT enable them, despite the
positive 1 argument.

Likewise, make sure skip_uribl_checks is not set to 1, either. And do
not use the -L, --local option with 'spamassassin' (for ad-hoc testing)
or 'spamd', since this explicitly disables network tests.

Also, do make sure DNS works on that machine. That is, specifically the
first nameserver entry in /etc/resolv.conf must work.

The -D debug output will tell you if DNS is available, though not with
the --lint option, which disables network tests. Feed it a mail instead.


> No points for the uri rule.

User support is all about being psychic -- or crystal balls. ;)

(More serious, this is the classic of not just answering a particular
user question, but to understand -- and have the user articulate --
their actual issue, not what they think might solve it...)

> >>> On 3/2/2011 8:49 AM, Karsten Bräckelmann wrote:
> 
>  Point being, this domain and likely most (if not all) others in the list
>  you're basing off, are listed in URI DNSBLs. This particular one is
>  listed in URIBL and SURBL JP and PH. With network test enabled, SA will
>  score them high already.
> 
>  So what is the point in this static, and likely huge, list of uri
>  rules?

-- 
char *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}

Re: new rules - where do i activate them?

[John Hardin]

On Wed, 2 Mar 2011, tr_ust wrote:


Thanks Martin, for your help and time.  As you can see, I'm really new to SA.
I do see that the rules are there from the install and the the DNS module is
there.  However, when I send a test email it doesn't score for the bl uri.
I created a test message that the only thing it has is 9hz.com, which is a
bl site, and this is how it scores it.

Content analysis details:   (6.4 points, 5.0 required)

pts rule name  description
 --
--
-0.0 NO_RELAYS  Informational: message was not relayed via SMTP
0.9 MISSING_HEADERSMissing To: header
0.6 MISSING_MIDMissing Message-Id: header
0.0 MISSING_SUBJECTMissing Subject: header
2.2 EMPTY_MESSAGE  Message appears to have no textual parts and no
   Subject: text
-0.0 NO_RECEIVEDInformational: message has no Received headers
2.7 MISSING_DATE   Missing Date: header
0.0 NO_HEADERS_MESSAGE Message appears to be missing most RFC-822
headers



No points for the uri rule.


Your test message appears poorly-formed.

--
 John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
 jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org
 key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
---
  The Constitution is a written instrument. As such its meaning does
  not alter. That which it meant when adopted, it means now.
-- U.S. Supreme Court
   SOUTH CAROLINA v. US, 199 U.S. 437, 448 (1905)
---
 11 days until Albert Einstein's 132nd Birthday

Re: new rules - where do i activate them?

[tr_ust]

Thanks Martin, for your help and time.  As you can see, I'm really new to SA. 
I do see that the rules are there from the install and the the DNS module is
there.  However, when I send a test email it doesn't score for the bl uri. 
I created a test message that the only thing it has is 9hz.com, which is a
bl site, and this is how it scores it.

Content analysis details:   (6.4 points, 5.0 required)

 pts rule name  description
 --
--
-0.0 NO_RELAYS  Informational: message was not relayed via SMTP
 0.9 MISSING_HEADERSMissing To: header
 0.6 MISSING_MIDMissing Message-Id: header
 0.0 MISSING_SUBJECTMissing Subject: header
 2.2 EMPTY_MESSAGE  Message appears to have no textual parts and no
Subject: text
-0.0 NO_RECEIVEDInformational: message has no Received headers
 2.7 MISSING_DATE   Missing Date: header
 0.0 NO_HEADERS_MESSAGE Message appears to be missing most RFC-822
headers



No points for the uri rule.




Martin Hepworth-2 wrote:
> 
> Those rules are already in the default spamassassin install, just make
> sure you've got the perl dns modules installed and theyll run
> automatically
> 
> Martin.
> 
> Run "spamassassin -D -lint" and you'll see if u have the perl modules
> etc installed
> 
> On Wednesday, 2 March 2011, tr_ust  wrote:
>>
>> All you had to do is add these lines to a cf file?
>>
>> urirhssub       URIBL_BLACK  multi.uribl.com.        A   2
>> body            URIBL_BLACK  eval:check_uridnsbl('URIBL_BLACK')
>> describe        URIBL_BLACK  Contains an URL listed in the URIBL
>> blacklist
>> tflags          URIBL_BLACK  net
>> score           URIBL_BLACK  3.0
>>
>> urirhssub       URIBL_GREY  multi.uribl.com.        A   4
>> body            URIBL_GREY  eval:check_uridnsbl('URIBL_GREY')
>> describe        URIBL_GREY  Contains an URL listed in the URIBL greylist
>> tflags          URIBL_GREY  net
>> score           URIBL_GREY  0.25
>>
>>
>>
>>
>> RGB Camera wrote:
>>>
>>> I can't comment about the particular URIs mentioned in this
>>> discussion, but we do run some URI rules that are redundant with URIBL
>>> listings.
>>>
>>> The reason we do this is because URIBL listings will sometimes
>>> time-out and be removed.  So we will list some domain names in our
>>> rules in case they are dropped by URIBL et al later.
>>>
>>>
>>>
>>> On 3/2/2011 8:49 AM, Karsten Bräckelmann wrote:

 Point being, this domain and likely most (if not all) others in the
 list
 you're basing off, are listed in URI DNSBLs. This particular one is
 listed in URIBL and SURBL JP and PH. With network test enabled, SA will
 score them high already.

 So what is the point in this static, and likely huge, list of uri
 rules?


>>>
>>>
>>
>> --
>> View this message in context:
>> http://old.nabble.com/new-rules---where-do-i-activate-them--tp31008400p31053506.html
>> Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
>>
>>
> 
> -- 
> -- 
> Martin Hepworth
> Oxford, UK
> 
> 

-- 
View this message in context: 
http://old.nabble.com/new-rules---where-do-i-activate-them--tp31008400p31054217.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.

Re: new rules - where do i activate them?

[Martin Hepworth]

Those rules are already in the default spamassassin install, just make
sure you've got the perl dns modules installed and theyll run
automatically

Martin.

Run "spamassassin -D -lint" and you'll see if u have the perl modules
etc installed

On Wednesday, 2 March 2011, tr_ust  wrote:
>
> All you had to do is add these lines to a cf file?
>
> urirhssub       URIBL_BLACK  multi.uribl.com.        A   2
> body            URIBL_BLACK  eval:check_uridnsbl('URIBL_BLACK')
> describe        URIBL_BLACK  Contains an URL listed in the URIBL blacklist
> tflags          URIBL_BLACK  net
> score           URIBL_BLACK  3.0
>
> urirhssub       URIBL_GREY  multi.uribl.com.        A   4
> body            URIBL_GREY  eval:check_uridnsbl('URIBL_GREY')
> describe        URIBL_GREY  Contains an URL listed in the URIBL greylist
> tflags          URIBL_GREY  net
> score           URIBL_GREY  0.25
>
>
>
>
> RGB Camera wrote:
>>
>> I can't comment about the particular URIs mentioned in this
>> discussion, but we do run some URI rules that are redundant with URIBL
>> listings.
>>
>> The reason we do this is because URIBL listings will sometimes
>> time-out and be removed.  So we will list some domain names in our
>> rules in case they are dropped by URIBL et al later.
>>
>>
>>
>> On 3/2/2011 8:49 AM, Karsten Bräckelmann wrote:
>>>
>>> Point being, this domain and likely most (if not all) others in the list
>>> you're basing off, are listed in URI DNSBLs. This particular one is
>>> listed in URIBL and SURBL JP and PH. With network test enabled, SA will
>>> score them high already.
>>>
>>> So what is the point in this static, and likely huge, list of uri rules?
>>>
>>>
>>
>>
>
> --
> View this message in context: 
> http://old.nabble.com/new-rules---where-do-i-activate-them--tp31008400p31053506.html
> Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
>
>

-- 
-- 
Martin Hepworth
Oxford, UK

Re: new rules - where do i activate them?

[tr_ust]

All you had to do is add these lines to a cf file?

urirhssub   URIBL_BLACK  multi.uribl.com.A   2
bodyURIBL_BLACK  eval:check_uridnsbl('URIBL_BLACK')
describeURIBL_BLACK  Contains an URL listed in the URIBL blacklist
tflags  URIBL_BLACK  net
score   URIBL_BLACK  3.0

urirhssub   URIBL_GREY  multi.uribl.com.A   4
bodyURIBL_GREY  eval:check_uridnsbl('URIBL_GREY')
describeURIBL_GREY  Contains an URL listed in the URIBL greylist
tflags  URIBL_GREY  net
score   URIBL_GREY  0.25




RGB Camera wrote:
> 
> I can't comment about the particular URIs mentioned in this
> discussion, but we do run some URI rules that are redundant with URIBL
> listings.
> 
> The reason we do this is because URIBL listings will sometimes
> time-out and be removed.  So we will list some domain names in our
> rules in case they are dropped by URIBL et al later.
> 
> 
> 
> On 3/2/2011 8:49 AM, Karsten Bräckelmann wrote:
>>
>> Point being, this domain and likely most (if not all) others in the list
>> you're basing off, are listed in URI DNSBLs. This particular one is
>> listed in URIBL and SURBL JP and PH. With network test enabled, SA will
>> score them high already.
>>
>> So what is the point in this static, and likely huge, list of uri rules?
>>
>>
> 
> 

-- 
View this message in context: 
http://old.nabble.com/new-rules---where-do-i-activate-them--tp31008400p31053506.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.

Re: new rules - where do i activate them?

[RGB Camera]

I can't comment about the particular URIs mentioned in this
discussion, but we do run some URI rules that are redundant with URIBL
listings.

The reason we do this is because URIBL listings will sometimes
time-out and be removed.  So we will list some domain names in our
rules in case they are dropped by URIBL et al later.



On 3/2/2011 8:49 AM, Karsten Bräckelmann wrote:
>
> Point being, this domain and likely most (if not all) others in the list
> you're basing off, are listed in URI DNSBLs. This particular one is
> listed in URIBL and SURBL JP and PH. With network test enabled, SA will
> score them high already.
>
> So what is the point in this static, and likely huge, list of uri rules?
>
>

Re: new rules - where do i activate them?

[Karsten Bräckelmann]

On Wed, 2011-03-02 at 07:46 -0800, an anonymous Nabble user wrote:
> I'm sorry - there's only one line in the sample of how to write a uri rule.

I strongly suggest to read the SA docs, at the very least some intro
style rule writing guide. Depending solely on a brief third-party usage
example without any knowledge about SA rules is unlikely to work out.

> Are you saying that for each line I need to create a unique
> "LOCAL_URI_EXAMPLE" line?  In other words it should look more like this?

If I where to guess, I'd say that rule name is an *example* and not
meant to be used literally...

> uri LOCAL_URI_EXAMPLE_1 /03ysl.9hz.com/
> core LOCAL_URI_EXAMPLE_1 20

As others already have answered -- yes, the rule names must be unique.
Also, lint checking your custom rules would be very advisable.


However, maybe this whole exercise was futile anyway. What do you really
want to accomplish?

Point being, this domain and likely most (if not all) others in the list
you're basing off, are listed in URI DNSBLs. This particular one is
listed in URIBL and SURBL JP and PH. With network test enabled, SA will
score them high already.

So what is the point in this static, and likely huge, list of uri rules?


-- 
char *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}

Re: new rules - where do i activate them?

[Bowie Bailey]

On 3/2/2011 11:43 AM, John Hardin wrote:
> On Wed, 2 Mar 2011, Bowie Bailey wrote:
>
>> On 3/2/2011 11:16 AM, Jeff Mincy wrote:
>>> Also, the rules could be combined into a single rule (untested) using
>>> regexp (?:index|nana|ontokoros|tbt|webadmin)
>>>
>>> uri LOCAL_URI_EXAMPLE
>>> /zynetsw.com\/forms\/use\/(?:index|nana|ontokoros|tbt|webadmin)\/form1.html/
>>
>> Or, if you want to catch any of the forms, you could use this:
>>
>> uri LOCAL_URI_EXAMPLE /zynetsw\.com\/forms\/use\/.*\/form1.html/
>>
>> (also escaped the period, as that means "any character" in a Perl regex)
>
> ...almost...
>
>   uri LOCAL_URI_EXAMPLE /zynetsw\.com\/forms\/use\/.*\/form1\.html/

Ok, so I missed a period

Already corrected in my last post.  :)

-- 
Bowie

Re: new rules - where do i activate them?

[Bowie Bailey]

On 3/2/2011 11:32 AM, Bowie Bailey wrote:
> On 3/2/2011 11:16 AM, Jeff Mincy wrote:
>> Also, the rules could be combined into a single rule (untested) using
>> regexp (?:index|nana|ontokoros|tbt|webadmin)
>>
>> uri LOCAL_URI_EXAMPLE 
>> /zynetsw.com\/forms\/use\/(?:index|nana|ontokoros|tbt|webadmin)\/form1.html/
> Or, if you want to catch any of the forms, you could use this:
>
> uri LOCAL_URI_EXAMPLE /zynetsw\.com\/forms\/use\/.*\/form1.html/
>
> (also escaped the period, as that means "any character" in a Perl regex)

Also, you can avoid all the extra backslashes by quoting the regex a bit
differently:

uri LOCAL_URI_EXAMPLE m'zynetsw\.com/forms/use/.*/form1\.html'

Now the only things that need quoting are the periods.

-- 
Bowie

Re: new rules - where do i activate them?

[John Hardin]

On Wed, 2 Mar 2011, Bowie Bailey wrote:


On 3/2/2011 11:16 AM, Jeff Mincy wrote:

Also, the rules could be combined into a single rule (untested) using
regexp (?:index|nana|ontokoros|tbt|webadmin)

uri LOCAL_URI_EXAMPLE 
/zynetsw.com\/forms\/use\/(?:index|nana|ontokoros|tbt|webadmin)\/form1.html/


Or, if you want to catch any of the forms, you could use this:

uri LOCAL_URI_EXAMPLE /zynetsw\.com\/forms\/use\/.*\/form1.html/

(also escaped the period, as that means "any character" in a Perl regex)


...almost...

  uri LOCAL_URI_EXAMPLE /zynetsw\.com\/forms\/use\/.*\/form1\.html/



--
 John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
 jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org
 key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
---
  Phobias should not be the basis for laws.
---
 11 days until Albert Einstein's 132nd Birthday

Re: new rules - where do i activate them?

[Bowie Bailey]

On 3/2/2011 11:16 AM, Jeff Mincy wrote:
> Also, the rules could be combined into a single rule (untested) using
> regexp (?:index|nana|ontokoros|tbt|webadmin)
>
> uri LOCAL_URI_EXAMPLE 
> /zynetsw.com\/forms\/use\/(?:index|nana|ontokoros|tbt|webadmin)\/form1.html/

Or, if you want to catch any of the forms, you could use this:

uri LOCAL_URI_EXAMPLE /zynetsw\.com\/forms\/use\/.*\/form1.html/

(also escaped the period, as that means "any character" in a Perl regex)

-- 
Bowie

Re: new rules - where do i activate them?

[Martin Gregorie]

On Wed, 2011-03-02 at 07:46 -0800, tr_ust wrote:
> I'm sorry - there's only one line in the sample of how to write a uri rule.
> 
> Are you saying that for each line I need to create a unique
> "LOCAL_URI_EXAMPLE" line?  In other words it should look more like this?
> 
> uri LOCAL_URI_EXAMPLE /03ysl.9hz.com/
> core LOCAL_URI_EXAMPLE 20
> 
> uri LOCAL_URI_EXAMPLE_1 /03ysl.9hz.com/
> core LOCAL_URI_EXAMPLE_1 20
> 
> uri LOCAL_URI_EXAMPLE_2 /03ysl.9hz.com/
> core LOCAL_URI_EXAMPLE_2 20
> 
> Would that be correct?
> 
Short answer, yes.

Reason: every rule needs a unique name.

Longer answers: 

(a)You can combine rules by using a more complex regular expression 
   (aka regex):

   describe MULTI_MATCH  Example rule to match several URIs
   uri  MULTI_MATCH  /(03ysl.1ab.com|03ysl.5zz.com|03ysl.9ml.com)/
   scoreMULTI_MATCH 20

   and if the regex extends over more than one line you can use
   meta-rules to OR them together. 

(b) I use a number of large regexes (25 terms on average, min 2 terms,
max over 200 terms) and wrote a script, portmanteau, that assembles
a rule from a file containing a list of terms. Its a bash script
wrapper round an awk/gawk script.

If that sounds useful, you can find the portmanteau script here:
http://www.libelle-systems.com/free/

You don't need to know Perl to write good Spamassassin rules but you do
need to be able to read and create Perl regular expressions.


Martin

 

> 
> Karsten Bräckelmann-2 wrote:
> > 
> > On Tue, 2011-03-01 at 13:11 -0500, Bowie Bailey wrote:
> >> On 3/1/2011 12:39 PM, tr_ust wrote:
> >> > Thanks...I could really use the help!  
> > 
> > [...]
> >> > uri LOCAL_URI_EXAMPLE /03ysl.9hz.com\//
> >> > score LOCAL_URI_EXAMPLE 20
> >> > uri LOCAL_URI_EXAMPLE /040jk.9hz.com\//
> >> > score LOCAL_URI_EXAMPLE 20
> >> > uri LOCAL_URI_EXAMPLE /0oczg.9hz.com\//
> >> > score LOCAL_URI_EXAMPLE 20
> >> >
> >> > I'm using the per user option right now for spamassassin, so I test it
> >> by
> >> > sending the user an email with one of these links...and it's still
> >> going
> >> > through.
> >> 
> >> You are aware that these rules are specifying that there MUST be a slash
> >> after .com in order to match, right?
> >> 
> >> Other than that, I don't see any obvious problem.  Send an example email
> >> through your system and put the resulting email (with headers) into a
> >> pastebin so I can look at it.
> > 
> > Uhm... There is only ONE rule. Repeatedly overwriting the previous rule
> > definition. Last one is defined, everything prior to that is effectively
> > non-existent.
> > 
> > Does that count as obvious problem? ;)
> > 
> > 
> > -- 
> > char
> > *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
> > main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i > c<<=1:
> > (c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0;
> > }}}
> > 
> > 
> > 
> 

Re: new rules - where do i activate them?

[Jeff Mincy]

   From: John Hardin 
   Date: Wed, 2 Mar 2011 07:50:38 -0800 (PST)
   
   On Wed, 2 Mar 2011, tr_ust wrote:
   
   
   > This is what my rules look like now:
   >
   > uri LOCAL_URI_EXAMPLE /zynetsw.com\/forms\/use\/index\/form1.html/
   > score LOCAL_URI_EXAMPLE 200
   > uri LOCAL_URI_EXAMPLE /zynetsw.com\/forms\/use\/nana\/form1.html/
   > score LOCAL_URI_EXAMPLE 100
   > uri LOCAL_URI_EXAMPLE /zynetsw.com\/forms\/use\/ontokoros\/form1.html/
   > score LOCAL_URI_EXAMPLE 100
   > uri LOCAL_URI_EXAMPLE /zynetsw.com\/forms\/use\/tbt\/form1.html/
   > score LOCAL_URI_EXAMPLE 200
   > uri LOCAL_URI_EXAMPLE /zynetsw.com\/forms\/use\/webadmin\/form1.html/
   > score LOCAL_URI_EXAMPLE 200
   >
   > I took out the last "/" as you suggested...thanks.
   
   You may also want to escape the periods so they are literal matches rather 
   then "match any single character":
   
  uri LOCAL_URI_EXAMPLE /zynetsw\.com\/forms\/use\/webadmin\/form1\.html/
   
   Also, you only have one rule there. Every time you put in another "uri 
   LOCAL_URI_EXAMPLE" you overwrite the previous definition. Change the name 
   of each rule, for example by appending _00 _01 _02, etc.
   
Also, the rules could be combined into a single rule (untested) using
regexp (?:index|nana|ontokoros|tbt|webadmin)

uri LOCAL_URI_EXAMPLE 
/zynetsw.com\/forms\/use\/(?:index|nana|ontokoros|tbt|webadmin)\/form1.html/


-jeff

Re: report_safe 0 doesn't work

[mackenna]

On Mar 1, 2011, at 9:50 AM, Karsten Bräckelmann wrote:

On Tue, 2011-03-01 at 09:28 -0800, macke...@animalhead.com wrote:

On Mar 1, 2011, at 6:35 AM, Karsten Bräckelmann wrote:


Since an upgrade. Sounds like the new SA installation actually  
uses a

different site-config dir -- and probably prefix altogether.

The spamassassin(1) man page will tell you, section Configuration  
Files.
Note that in the same list of paths also is a version tagged one,  
just

in case you're looking at the old man page.


I grepped all the files/direcs noted in SPAMASSASSIN(1) and
Mail::SpamAssassin::Conf(3), the former included

/var/db/spamassassin/3.003001   in its "default" list and
/usr/local/etc/mail/spamassassinin its "site-specific" list
 (the latter is where my local.cf with report_safe 0 is located)


Running spamassassin with the -D debug switch also will tell you the
correct path.


animalhead:~ $ spamassassin -D
Mar  1 09:12:23.566 [68051] dbg: logger: adding facilities: all
Mar  1 09:12:23.566 [68051] dbg: logger: logging level is DBG
Mar  1 09:12:23.566 [68051] dbg: generic: SpamAssassin version 3.3.1
Mar  1 09:12:23.566 [68051] dbg: generic: Perl 5.010001, PREFIX=/usr/
local, DEF_RULES_DIR=/usr/local/share/spamassassin, LOCAL_RULES_DIR=/
etc/mail/spamassassin, LOCAL_STATE_DIR=/var/lib/spamassassin

  ^
There's a severe difference to the man-pages you just quoted.

How did you install SA? It appears you ended up with two different
installations, though both being 3.3.1.


Installing SA 3.3.1 via CPAN cleared up problems from a failed attempt
by our hosting provider to update something on the server (they never
said exactly what), which left SA inoperative.  (It cleared up problems
except for this one -- how SA tagged spam.)  The original SA install
years ago was using a script from our hosting provider.


[...]
Mar  1 09:12:23.605 [68051] dbg: dns: is Net::DNS::Resolver  
available? yes

Mar  1 09:12:23.605 [68051] dbg: dns: Net::DNS version: 0.66


At this point, spamassassin waits for input on STDIN. Run the  
debugging
with lint, which uses an internal mail. The command below will grep  
out

the site-config directory used.

  spamassassin -D --lint 2>&1 | grep "site rules"

animalhead:~ $ spamassassin -D --lint 2>&1 | grep "site rules"
Mar  2 07:33:27.529 [75068] dbg: config: using "/etc/mail/ 
spamassassin" for site rules pre files
Mar  2 07:33:27.566 [75068] dbg: config: using "/etc/mail/ 
spamassassin" for site rules dir

animalhead:~ $ sudo find /etc -name "local.cf"
/etc/mail/spamassassin/local.cf
animalhead:~ $ sudo find /usr -name "local.cf"
/usr/local/etc/mail/spamassassin/local.cf

So I edited etc/mail/spamassassin/local.cf to include report_safe 0.
Probably all will be well now.

This problem may go back further than the 3.1.1 install.  I have a vague
memory of trying to tweak some scoring coefficients years ago, without
SA noticing those changes.


A plain 'spamassassin --lint' does not generate any warnings, right?

Right.

Thanks very much,
cmac

Re: new rules - where do i activate them?

[Daniel McDonald]

On 3/2/11 9:46 AM, "tr_ust"  wrote:

> 
> I'm sorry - there's only one line in the sample of how to write a uri rule.
> 
> Are you saying that for each line I need to create a unique
> "LOCAL_URI_EXAMPLE" line?  In other words it should look more like this?

Yes, although score is usually spelled with a leading "s"...
 
> uri LOCAL_URI_EXAMPLE /03ysl.9hz.com/
> core LOCAL_URI_EXAMPLE 20
> 
> uri LOCAL_URI_EXAMPLE_1 /03ysl.9hz.com/
> core LOCAL_URI_EXAMPLE_1 20
> 
> uri LOCAL_URI_EXAMPLE_2 /03ysl.9hz.com/
> core LOCAL_URI_EXAMPLE_2 20

-- 
Daniel J McDonald, CCIE # 2495, CISSP # 78281

Re: new rules - where do i activate them?

[John Hardin]

On Wed, 2 Mar 2011, tr_ust wrote:



This is what my rules look like now:

uri LOCAL_URI_EXAMPLE /zynetsw.com\/forms\/use\/index\/form1.html/
score LOCAL_URI_EXAMPLE 200
uri LOCAL_URI_EXAMPLE /zynetsw.com\/forms\/use\/nana\/form1.html/
score LOCAL_URI_EXAMPLE 100
uri LOCAL_URI_EXAMPLE /zynetsw.com\/forms\/use\/ontokoros\/form1.html/
score LOCAL_URI_EXAMPLE 100
uri LOCAL_URI_EXAMPLE /zynetsw.com\/forms\/use\/tbt\/form1.html/
score LOCAL_URI_EXAMPLE 200
uri LOCAL_URI_EXAMPLE /zynetsw.com\/forms\/use\/webadmin\/form1.html/
score LOCAL_URI_EXAMPLE 200

I took out the last "/" as you suggested...thanks.


You may also want to escape the periods so they are literal matches rather 
then "match any single character":


  uri LOCAL_URI_EXAMPLE /zynetsw\.com\/forms\/use\/webadmin\/form1\.html/

Also, you only have one rule there. Every time you put in another "uri 
LOCAL_URI_EXAMPLE" you overwrite the previous definition. Change the name 
of each rule, for example by appending _00 _01 _02, etc.


There's nothing in the header of the emails that indicates it went 
through spamassassin - is there a way to use a spamassassin command to 
test out the rules?


Yes:

  spamassassin -L -t < your_test_message

More info cam be obtained by doing something like:

  spamassassin -L -t --debug area=rules < your_test_message

--
 John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
 jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org
 key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
---
  The fetters imposed on liberty at home have ever been forged out
  of the weapons provided for defense against real, pretended, or
  imaginary dangers from abroad.   -- James Madison, 1799
---
 11 days until Albert Einstein's 132nd Birthday

Re: new rules - where do i activate them?

[tr_ust]

I'm sorry - there's only one line in the sample of how to write a uri rule.

Are you saying that for each line I need to create a unique
"LOCAL_URI_EXAMPLE" line?  In other words it should look more like this?

uri LOCAL_URI_EXAMPLE /03ysl.9hz.com/
core LOCAL_URI_EXAMPLE 20

uri LOCAL_URI_EXAMPLE_1 /03ysl.9hz.com/
core LOCAL_URI_EXAMPLE_1 20

uri LOCAL_URI_EXAMPLE_2 /03ysl.9hz.com/
core LOCAL_URI_EXAMPLE_2 20

Would that be correct?


Karsten Bräckelmann-2 wrote:
> 
> On Tue, 2011-03-01 at 13:11 -0500, Bowie Bailey wrote:
>> On 3/1/2011 12:39 PM, tr_ust wrote:
>> > Thanks...I could really use the help!  
> 
> [...]
>> > uri LOCAL_URI_EXAMPLE /03ysl.9hz.com\//
>> > score LOCAL_URI_EXAMPLE 20
>> > uri LOCAL_URI_EXAMPLE /040jk.9hz.com\//
>> > score LOCAL_URI_EXAMPLE 20
>> > uri LOCAL_URI_EXAMPLE /0oczg.9hz.com\//
>> > score LOCAL_URI_EXAMPLE 20
>> >
>> > I'm using the per user option right now for spamassassin, so I test it
>> by
>> > sending the user an email with one of these links...and it's still
>> going
>> > through.
>> 
>> You are aware that these rules are specifying that there MUST be a slash
>> after .com in order to match, right?
>> 
>> Other than that, I don't see any obvious problem.  Send an example email
>> through your system and put the resulting email (with headers) into a
>> pastebin so I can look at it.
> 
> Uhm... There is only ONE rule. Repeatedly overwriting the previous rule
> definition. Last one is defined, everything prior to that is effectively
> non-existent.
> 
> Does that count as obvious problem? ;)
> 
> 
> -- 
> char
> *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
> main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i c<<=1:
> (c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0;
> }}}
> 
> 
> 

-- 
View this message in context: 
http://old.nabble.com/new-rules---where-do-i-activate-them--tp31008400p31050552.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.

Re: new rules - where do i activate them?

[tr_ust]

This is what my rules look like now:

uri LOCAL_URI_EXAMPLE /zynetsw.com\/forms\/use\/index\/form1.html/
score LOCAL_URI_EXAMPLE 200
uri LOCAL_URI_EXAMPLE /zynetsw.com\/forms\/use\/nana\/form1.html/
score LOCAL_URI_EXAMPLE 100
uri LOCAL_URI_EXAMPLE /zynetsw.com\/forms\/use\/ontokoros\/form1.html/
score LOCAL_URI_EXAMPLE 100
uri LOCAL_URI_EXAMPLE /zynetsw.com\/forms\/use\/tbt\/form1.html/
score LOCAL_URI_EXAMPLE 200
uri LOCAL_URI_EXAMPLE /zynetsw.com\/forms\/use\/webadmin\/form1.html/
score LOCAL_URI_EXAMPLE 200

I took out the last "/" as you suggested...thanks.


There's nothing in the header of the emails that indicates it went through
spamassassin - is there a way to use a spamassassin command to test out the
rules?

Thanks again for your help.




Bowie Bailey wrote:
> 
> On 3/1/2011 12:39 PM, tr_ust wrote:
>> Thanks...I could really use the help!  
>>
>> basically - I'm getting the list of phishing links of aper
>> (https://aper.svn.sourceforge.net/svnroot/aper/) and creating a rule for
>> it. 
>>
>> Here's a snippet of my rule -
>>
>> uri LOCAL_URI_EXAMPLE /-la2u.9hz.com\//
>> score LOCAL_URI_EXAMPLE 20
>> uri LOCAL_URI_EXAMPLE /0-vgj.9hz.com\//
>> score LOCAL_URI_EXAMPLE 20
>> uri LOCAL_URI_EXAMPLE /007vt.9hz.com\//
>> score LOCAL_URI_EXAMPLE 20
>> uri LOCAL_URI_EXAMPLE /02khw.9hz.com\//
>> score LOCAL_URI_EXAMPLE 10
>> uri LOCAL_URI_EXAMPLE /03l6c.9hz.com\//
>> score LOCAL_URI_EXAMPLE 50
>> uri LOCAL_URI_EXAMPLE /03ysl.9hz.com\//
>> score LOCAL_URI_EXAMPLE 20
>> uri LOCAL_URI_EXAMPLE /040jk.9hz.com\//
>> score LOCAL_URI_EXAMPLE 20
>> uri LOCAL_URI_EXAMPLE /0oczg.9hz.com\//
>> score LOCAL_URI_EXAMPLE 20
>>
>>
>> I'm using the per user option right now for spamassassin, so I test it by
>> sending the user an email with one of these links...and it's still going
>> through.
> 
> You are aware that these rules are specifying that there MUST be a slash
> after .com in order to match, right?
> 
> Other than that, I don't see any obvious problem.  Send an example email
> through your system and put the resulting email (with headers) into a
> pastebin so I can look at it.
> 
> -- 
> Bowie
> 
> 

-- 
View this message in context: 
http://old.nabble.com/new-rules---where-do-i-activate-them--tp31008400p31050515.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.

Re: Should Emails Have An Expiration Date

[Adam Moffett]

I think this entire thread should be "expired".

It's already specified in RFC's 1327 and 2076 and no MUA supports it 
because it's a dumb idea.
I can't believe 3 days later it's still being talked about like it's a 
serious thing.


Regarding the side discussion on copyrights:  If anybody went into a 
court room and argued to the judge that they were compelled to delete an 
email by copyright law due to an "expires:" header they would be laughed 
out of the room.

Re: Should Emails Have An Expiration Date

[Per Jessen]

Ted Mittelstaedt wrote:

> On 3/2/2011 12:19 AM, Mariusz Kruk wrote:
>> On Wednesday 02 of March 2011, Patrick Ben Koetter wrote:
>>  From a legal perspective I will point out that any e-mail you
>>
>> receive is (at least in the US, but most other countries too)
>> considered copyrighted by the sender.  Under copyright law the
>> sender has the right to control expiration of content they
>> create,
>>> German law will not work in this case for the same reason it won't
>>> for email disclaimers too. The rationale is that "one-sided
>>> agreements rescind a contract", which is the case if a sender
>>> declares e.g. a copyright on a message or wants "to control
>>> expiration of content they create".
>>
>> Furthermore, let's not forget that while maybe in US every possible
>> imaginable thing can be covered by copyright law, in sane countries
>> copyright only applies to "works". Work has to be creative.
> 
> That applies in the US also.
> 
>> If I just send you an email
>> saying "pay me back my $200 you stupid bastard", it doesn't make it a
>> copyrighted work.
> 
> It depends on how you say it.  The above statement isn't original
> so because of that alone it's not creative.

So how can an email be automatically copyrighted when its originality
depends on the contents? 


/Per Jessen, Zürich

Re: Should Emails Have An Expiration Date

[David F. Skoll]

On Tue, 01 Mar 2011 21:15:13 -0800
Ted Mittelstaedt  wrote:

> Please, instead of just randomly selecting terms related to copyright,
> why don't you try to make a coherent and logical argument why
> expiration dates on copyrighted material are illegal and should be
> ignored.

The purpose of copyright is to encourage the creation of works.  Copyright
is not a blanket gift to content creators; it's a deal between society
and content creators.

Content creators get time-limited protection for their works in return for
their works eventually passing into the public domain.  Unfortunately, given
the intense lobbying efforts by RIAA, MPAA and friends, people seem to
forget the second half of the bargain.  And the never-ending extensions
to copyright term passed by US lawmakers is helping to subvert the bargain.

Something that expires cannot pass into the public domain and therefore
violates the copyright bargain between society and content producers.

Regards,

David.

Re: Should Emails Have An Expiration Date

[Mariusz Kruk]

On Wednesday 02 of March 2011, Ted Mittelstaedt wrote:
> >>> Furthermore, many copyright laws have "permitted use"
> >>> (sorry, don't know the right english term for it) instead of fair use
> >>> which explicitly says what can be done with a work after its first
> >>> publishing. And this use cannot be limited by any contract,
> >> Untrue when it comes to electronic works, as a result of WIPO Copyright
> >> 1996.
> > True.
> > For example, polish Office of Competition and Consumer Protection ruled
> > in 2007 that stamping "any form of copying or distribution" on CD's is
> > illegal because it misleads consumers into believing they don't have the
> > rights I mentioned above and forced the producer to change said notice
> > to the one corresponding to polish copyright law.
> > 
> > http://decyzje.uokik.gov.pl/dec_prez.nsf/0/2DEDF4B2AF9B7717C12574F6002AD7
> > E4?OpenDocument (sorry, polish only).
> 
> Still untrue.  As I said, electronic works.  A CD is treated
> in just about every country as a phonograph recording, not an
> electronic work.

What if I rip said CD to mp3? What if I send this mp3 to a friend via email?
It's perfectly legal for me to do both those things.

> We are in the midst of a time when people's right to use
> copyrighted material is being curtailed and the general public
> is just sucking it down like candy and hasn't a clue.

Unfortunately I have to agree here.


-- 
d'`'`'`'`'`'`'`'`'`'`'`'`'Yb 
`b  k...@epsilon.eu.org   d' 
d' http://epsilon.eu.org/ Yb 
`b,-,.,-,.,-,.,-,.,-,.,-,.d' 

Re: Should Emails Have An Expiration Date

[Martin Gregorie]

On Wed, 2011-03-02 at 02:13 -0800, Ted Mittelstaedt wrote:
> On 3/1/2011 1:41 AM, Per Jessen wrote:
> > As well as anyone keeping
> > email-archives (e.g. for legals reasons).
> >
> 
> archiving is also specifically spelled out in the 1996 treaty as
> allowed.
> 
So, on that reading keeping an archival copy is OK under all legal
regimes provided that copies in all other mailboxes are expired on the
expiry date? 

And if, after that date, a copy is retrieved from the archive and placed
in a mailbox for later perusal by the person who asked to see it? Is it
meant to vanish immediately its been retrieved before it can be read?
  

Martin

Re: Should Emails Have An Expiration Date

[Ted Mittelstaedt]

On 3/2/2011 2:31 AM, Mariusz Kruk wrote:

On Wednesday 02 of March 2011, Ted Mittelstaedt wrote:

Furthermore, many copyright laws have "permitted use"
(sorry, don't know the right english term for it) instead of fair use
which explicitly says what can be done with a work after its first
publishing. And this use cannot be limited by any contract,

Untrue when it comes to electronic works, as a result of WIPO Copyright
1996.


True.
For example, polish Office of Competition and Consumer Protection ruled in
2007 that stamping "any form of copying or distribution" on CD's is illegal
because it misleads consumers into believing they don't have the rights I
mentioned above and forced the producer to change said notice to the one
corresponding to polish copyright law.

http://decyzje.uokik.gov.pl/dec_prez.nsf/0/2DEDF4B2AF9B7717C12574F6002AD7E4?OpenDocument
(sorry, polish only).



Still untrue.  As I said, electronic works.  A CD is treated
in just about every country as a phonograph recording, not an
electronic work.  And if you read the treaties (it's easy they
aren't long) it's clear what the intent is.  WIPO '96 is basically
a subtle plan to greatly extend copyright rights.  Even in 1996
they realized that non-electronic content distribution was
going to be replaced by electronic distribution.  So they
loaded a lot of new use restrictions into the electronic
content, because they understood that as time passed it would
expand copyright rights for more and more creations.

How long do you think that CD's are going to last?  In a
lot of audio forums they aren't giving them more than a decade
before they are mostly gone and it will all be itunes and
such.  Why do you think the book publishers are pushing
kindles and such?

We are in the midst of a time when people's right to use
copyrighted material is being curtailed and the general public
is just sucking it down like candy and hasn't a clue.

People think that Apple is some sort of white knight for
"forcing" the music publishers into using itunes, I laughed
my ass off the first time I read that.  Apple?  One of the
biggest proponents of the "we are going to control everything"
mentality?  They worship copyright.  Far from being forced,
the music publishers chose Apple because of this mentality.

Ted

Re: Should Emails Have An Expiration Date

[Mariusz Kruk]

On Wednesday 02 of March 2011, Ted Mittelstaedt wrote:
> > Furthermore, many copyright laws have "permitted use"
> > (sorry, don't know the right english term for it) instead of fair use
> > which explicitly says what can be done with a work after its first
> > publishing. And this use cannot be limited by any contract,
> Untrue when it comes to electronic works, as a result of WIPO Copyright
> 1996.

True.
For example, polish Office of Competition and Consumer Protection ruled in 
2007 that stamping "any form of copying or distribution" on CD's is illegal 
because it misleads consumers into believing they don't have the rights I 
mentioned above and forced the producer to change said notice to the one 
corresponding to polish copyright law.

http://decyzje.uokik.gov.pl/dec_prez.nsf/0/2DEDF4B2AF9B7717C12574F6002AD7E4?OpenDocument
(sorry, polish only).

-- 
[] 
[  k...@epsilon.eu.org   ] 
[ http://epsilon.eu.org/ ] 
[] 

Re: Should Emails Have An Expiration Date

[Ted Mittelstaedt]

On 3/1/2011 1:41 AM, Per Jessen wrote:

Ted Mittelstaedt wrote:


   From a legal perspective I will point out that any e-mail you
receive is (at least in the US, but most other countries too)
considered copyrighted by the sender.  Under copyright law the
sender has the right to control expiration of content they create,
the movie houses are doing this with digital copies that are
time-limited and included with blue-ray disc purchases.  Thus if
a corporation suddenly has e-mail disappearing from it's servers
due to expiration dates inserted by the e-mail creator they are
absolutely protected from a legal point of view - because of the
demands of copyright law.


I guess this means places like gmane.org and marc.info are in gross
violation of all kinds of copyrights.


no, because fair use is defined in copyright.  those are fair use.


As well as anyone keeping
email-archives (e.g. for legals reasons).



archiving is also specifically spelled out in the 1996 treaty as
allowed.


Regardless, copyright is not the same everywhere.  Far from it. The
Urheberrecht in e.g. Germany and Switzerland is quite different.  I
doubt if anyone here would be able to claim Urheberrecht for an email.



Any country that is signatory to the 1996 WIPO treaty and the Berne
Convention is required by those to adjust their national laws to
match those treaties.  Most countries are signatories and most have
done so.  So yes, copyright IS mostly the same everywhere.  There
are some differences but they are not as significant as you think.

Ted



/Per Jessen, Zürich

Re: Should Emails Have An Expiration Date

[Ted Mittelstaedt]

On 3/2/2011 12:19 AM, Mariusz Kruk wrote:

On Wednesday 02 of March 2011, Patrick Ben Koetter wrote:

 From a legal perspective I will point out that any e-mail you

receive is (at least in the US, but most other countries too)
considered copyrighted by the sender.  Under copyright law the
sender has the right to control expiration of content they create,

German law will not work in this case for the same reason it won't for
email disclaimers too. The rationale is that "one-sided agreements rescind
a contract", which is the case if a sender declares e.g. a copyright on a
message or wants "to control expiration of content they create".


Furthermore, let's not forget that while maybe in US every possible imaginable
thing can be covered by copyright law, in sane countries copyright only
applies to "works". Work has to be creative.


That applies in the US also.


If I just send you an email
saying "pay me back my $200 you stupid bastard", it doesn't make it a
copyrighted work.


It depends on how you say it.  The above statement isn't original
so because of that alone it's not creative.


Furthermore, many copyright laws have "permitted use"
(sorry, don't know the right english term for it) instead of fair use which
explicitly says what can be done with a work after its first publishing. And
this use cannot be limited by any contract,


Untrue when it comes to electronic works, as a result of WIPO Copyright 
1996.


Ted

Re: Should Emails Have An Expiration Date

[Ted Mittelstaedt]

On 3/1/2011 11:11 PM, Patrick Ben Koetter wrote:

* Ted Mittelstaedt:

On 3/1/2011 11:55 AM, John Levine wrote:

 From a legal perspective I will point out that any e-mail you
receive is (at least in the US, but most other countries too)
considered copyrighted by the sender.  Under copyright law the
sender has the right to control expiration of content they create,


German law will not work in this case for the same reason it won't for email
disclaimers too. The rationale is that "one-sided agreements rescind a
contract", which is the case if a sender declares e.g. a copyright on a
message


It's actually a lot more complex than that.

For starters, by definition copyright is automatic on any created 
content.  See the Berne Convention.  Germany signed that in 1887. 
Application of copyright wouldn't be considered a one-sided agreement. 
I suspect your confusing this with the so-called "shrink-wrap licenses"


> or wants "to control expiration of content they create".
>

This is a lot more complicated.

Keep in mind that e-mail is an electronic work and those have
more extensive copyright.  This was defined in the 1996
WIPO copyright treaty (that was mainly created to cover electronic
forms of content distribution) that is here:

http://www.wipo.int/treaties/en/ip/wct/trtdocs_wo033.html

In particular I will bring up the following section of the
treaty

Article 12
Obligations concerning Rights Management Information

(1) Contracting Parties shall provide adequate and effective legal 
remedies against any person knowingly performing any of the following 
acts knowing, or with respect to civil remedies having reasonable 
grounds to know, that it will induce, enable, facilitate or conceal an 
infringement of any right covered by this Treaty or the Berne Convention:


(i) to remove or alter any electronic rights management information 
without authority



The question is, is an "Expiration:" header part of electronic
rights management?  I think it would be very hard to argue that it
is not.


It might have worked back in the days of half-way covenants
  ... ;)



  If your system was programmed to expire the
mail as a result of the expiration and the content creator knew this
and wanted to take advantage of it by putting in an expiration,
then if you filtered the expiration out or otherwise defeated it,
you would be removing the rights management information.

In the US the 1996 WIPO treaty is implemented by the Digital
Millennium Copyright Act  (yet another instance where Congress
signed away more of our Constitutional rights)  I don't know
about Germany, but the treaty requires signatories to implement
it in their legal framework.

Ted


p@rick






I really think it would be a good idea for people to refrain from
playing Junior Lawyer here.

I know just enough about copyright law to know that this claim is
nonsense.



No, it is not nonsense.  Copyright law does allow the content creator
to specify duration of use.  If you go view a movie in a movie theater
you buy a ticket for a single viewing, you do not automatically get
to view it multiple times just because you bought a ticket.

Ted


R's,
John

Re: Should Emails Have An Expiration Date

[Mariusz Kruk]

On Wednesday 02 of March 2011, Patrick Ben Koetter wrote:
> > >> From a legal perspective I will point out that any e-mail you
> > >>
> > >>receive is (at least in the US, but most other countries too)
> > >>considered copyrighted by the sender.  Under copyright law the
> > >>sender has the right to control expiration of content they create,
> German law will not work in this case for the same reason it won't for
> email disclaimers too. The rationale is that "one-sided agreements rescind
> a contract", which is the case if a sender declares e.g. a copyright on a
> message or wants "to control expiration of content they create".

Furthermore, let's not forget that while maybe in US every possible imaginable 
thing can be covered by copyright law, in sane countries copyright only 
applies to "works". Work has to be creative. If I just send you an email 
saying "pay me back my $200 you stupid bastard", it doesn't make it a 
copyrighted work. Furthermore, many copyright laws have "permitted use" 
(sorry, don't know the right english term for it) instead of fair use which 
explicitly says what can be done with a work after its first publishing. And 
this use cannot be limited by any contract, so even if the viewpoint of 
copyright was valid in US (I won't debate on this since I'm not an expert on 
US copyright law) it's definitely invalid with many other law systems.

-- 
\/ 
|  k...@epsilon.eu.org   | 
| http://epsilon.eu.org/ | 
/\