Re: Some rules I created for suspicious Javascript practices
On 16 Feb 2012, at 18:11 , neon_overload wrote: I have been hard at work on tweaking these rules and have come up with new versions which appear more effective. Have not spent much time on performance though. Curious how you arrived at the scoring. For example, I would thing that LOCAL_U_UNESCAPE would be scored much higher as, at least as it looks to me, no one would ever do that legitimately. -- You know, Calculus is sort of like measles. Once you've had it, you probably won't get it again, and you're glad of it. -- W. Carr
Re: Spamassassin detect my mails as spam
On 25 Feb 2012, at 11:17 , Michelle Konzack wrote: There is something in spamassassin which does recursive rDNS lookups on all Received: headers No there isn’t. -- Exit, pursued by a bear.
Allowing IMAP users to train spam/ham
I sued to have a setup where IMAP users could put mail into either SPAM or Junk mailboxes to have it auto trained and then I had a script that stepped through and did the training, and it also processed non-new mail in the inbox as ham. USERROOT=$HOME; MAILP=Maildir; J_PATH=$USERROOT/${MAILP}/.Junk; S_PATH=$USERROOT/${MAILP}/.SPAM; H_PATH=$USERROOT/${MAILP}/cur; if [ `test -d $J_PATH` ]; then /usr/local/bin/sa-learn --spam --progress $i $J_PATH/{new,cur} fi if [ `test -d $S_PATH` ]; then /usr/local/bin/sa-learn --spam --progress $i $S_PATH/{new,cur} fi if [ `test -d $H_PATH` ]; then /usr/local/bin/sa-learn --ham $H_PATH fi This all worked fine, but it was very resource intensive, and it only worked with the very few shell users. I tried to run it (manually) a few times with the virtual users, but I ended up with a process that ground the computer to a halt and generated a bayes database that was massively large (GBs). So, other than throwing more iron at the problem, is there something I can do to make this process a little smarter? Make it work with the virtual users without generating a massive db file? -- 'What can I do? I'm only human,' he said aloud. Someone said, Not all of you. --Pyramids
Re: Allowing IMAP users to train spam/ham
LuKreme wrote: I sued to have a setup where IMAP users could put mail into either SPAM or Junk mailboxes to have it auto trained and then I had a script that stepped through and did the training, and it also processed non-new mail in the inbox as ham. Hi what do you think of something less complex? you need but probably have autolearn enabled I offer the users a mailbox where they can drop/move any message they think is spam, what obviously not was processed by spamassasin and classified as such i my case the folder's name is X-SPAM this extra folder is necessary because what is in SPAM already is supposed to be SPAM I don't now if it is a good idea running sa-learn n new msgs without knowing what it is Also, chose well your users, that they do not throw everything into this forlder then you run a script from cron once a day like this ### #!/bin/sh folders=`/usr/bin/find /home/ -maxdepth=2 -type f -name X-Spam -print` for folder in $folders; do /usr/local/bin/sa-learn --spam --mbox $folder done ### good luck Hans USERROOT=$HOME; MAILP=Maildir; J_PATH=$USERROOT/${MAILP}/.Junk; S_PATH=$USERROOT/${MAILP}/.SPAM; H_PATH=$USERROOT/${MAILP}/cur; if [ `test -d $J_PATH` ]; then /usr/local/bin/sa-learn --spam --progress $i $J_PATH/{new,cur} fi if [ `test -d $S_PATH` ]; then /usr/local/bin/sa-learn --spam --progress $i $S_PATH/{new,cur} fi if [ `test -d $H_PATH` ]; then /usr/local/bin/sa-learn --ham $H_PATH fi This all worked fine, but it was very resource intensive, and it only worked with the very few shell users. I tried to run it (manually) a few times with the virtual users, but I ended up with a process that ground the computer to a halt and generated a bayes database that was massively large (GBs). So, other than throwing more iron at the problem, is there something I can do to make this process a little smarter? Make it work with the virtual users without generating a massive db file? -- XTrade Assessory International Facilitator BR - US - CA - DE - GB - RU - UK +55 (11) 4249. http://xtrade.matik.com.br
Re: Allowing IMAP users to train spam/ham
On 04 Mar 2012, at 03:55 , xTrade Assessory wrote: what do you think of something less complex? Yeah, I went with Junk/NotJunk, anything placed in Junk gets trained as spam, anything in NotJunk trained as ham. What I’d like to do though is move the messages that are in NotJunk to the inbox maildir as they are processed. Possible? -- Belief is one of the most powerful organic forces in the multiverse. It may not be able to move mountains, exactly. But it can create someone who can.
Re: dccifd error
LuKreme wrote: On 04 Mar 2012, at 04:44 , LuKreme wrote: mail spamd[26839]: dcc: failed to connect to local socket /var/dcc/dccifd OK, I found http://wiki.apache.org/spamassassin/InstallingDCC after doing some other googling, got DCC installed (I wiped the existing /var/dcc directory contents), restarted spamd and postfix, and still getting the same error. If I check /var/lib/dcc (I build with the FHS options) the dccifd file does not exist. # cdcc info | grep anon dcc1.dcc-servers.net,- RTT+1000 ms anon dcc2.dcc-servers.net,- RTT+1000 ms anon dcc3.dcc-servers.net,- RTT+1000 ms anon dcc4.dcc-servers.net,- RTT+1000 ms anon dcc5.dcc-servers.net,- RTT+1000 ms anon not sure but probably the dccifd is the remote daemon and since DCC is a commerial service you might not have a account there, so you cannot connect ... ? Hans -- XTrade Assessory International Facilitator BR - US - CA - DE - GB - RU - UK +55 (11) 4249. http://xtrade.matik.com.br
Re: Allowing IMAP users to train spam/ham
On Sun, 04 Mar 2012 09:36:25 -0300 xTrade Assessory wrote: LuKreme wrote: On 04 Mar 2012, at 03:55 , xTrade Assessory wrote: what do you think of something less complex? Yeah, I went with Junk/NotJunk, anything placed in Junk gets trained as spam, anything in NotJunk trained as ham. What I’d like to do though is move the messages that are in NotJunk to the inbox maildir as they are processed. That's similar to what I do and some ESPs like Tuffmail do. An alternative would be to be more selective. I'm not sure if this is specific to dovecot but when I copy/move a file in IMAP the new maildir file has the same mtime, but a new epoch time in the file name. What you might do is generate a list of filenames that contain an epoch time later than the start of the previous run and sim-link them into a temporary directory, and then learn that. if you have bayes already active as well as autolearn then why should you run all this again, still more since manual work may not be accurate. or do you read all this msgs to be sure they are ham/spam? Because autolearn is better than nothing, but isn't very good. It only learns the spam that's easily caught, It's very poor at capturing a representative selection of ham without miss-learning, and it wont train actual errors where BAYES has generated a point or more in the wrong direction.
Re: dccifd error
On 04 Mar 2012, at 05:38 , xTrade Assessory wrote: not sure but probably the dccifd is the remote daemon and since DCC is a commerial service you might not have a account there, so you cannot connect ... ? http://www.rhyolite.com/dcc/ The non-commercial DCC software is distributed under a license that is free only to organizations that do not sell filtering devices or services except to their own users and that participate in the global DCC network. ISPs that use DCC to filter mail for their own users are intended to be covered by the free license. “ But here’s the thing, if dcc is not enabled by spamassassin, I get a spamd error for every message. -- BILL: I can't get behind the Gods, who are more vengeful, angry, an dangerous if you don't believe in them! HENRY: Why can't all these God just get along? I mean, they're omni- potent and omnipresent, what's the problem?
Re: Allowing IMAP users to train spam/ham
On 04 Mar 2012, at 05:36 , xTrade Assessory wrote: question is if necessary ... Being able to train mis-tagged spam is necessary, yes. I don’t see anyway to process a message in a maildir and then move that message. How would you do it? -- Lister: What d'ya think of Betty? Cat: Betty Rubble? Well, I would go with Betty... but I'd be thinking of Wilma. Lister: This is crazy. Why are we talking about going to bed with Wilma Flintstone? Cat: You're right. We're nuts. This is an insane conversation. Lister: She'll never leave Fred, and we know it.
Re: Allowing IMAP users to train spam/ham
On 2012/03/04 10:30, LuKreme wrote: On 04 Mar 2012, at 05:36 , xTrade Assessory wrote: question is if necessary ... Being able to train mis-tagged spam is necessary, yes. I don’t see anyway to process a message in a maildir and then move that message. How would you do it? bash script with for each on the directory. Train then delete each file in sequence. {^_^}
Re: Allowing IMAP users to train spam/ham
On Sun, 4 Mar 2012, jdow wrote: On 2012/03/04 10:30, LuKreme wrote: On 04 Mar 2012, at 05:36 , xTrade Assessory wrote: question is if necessary ... Being able to train mis-tagged spam is necessary, yes. I don’t see anyway to process a message in a maildir and then move that message. How would you do it? bash script with for each on the directory. Train then delete each file in sequence. I'd suggest that it's a bad idea to delete your training corpus. -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- Failure to plan ahead on someone else's part does not constitute an emergency on my part. -- David W. Barts in a.s.r --- 7 days until Daylight Saving Time begins in U.S. - Spring Forward
Re: Allowing IMAP users to train spam/ham
4.3.2012 20:49, jdow kirjoitti: On 2012/03/04 10:30, LuKreme wrote: On 04 Mar 2012, at 05:36 , xTrade Assessory wrote: question is if necessary ... Being able to train mis-tagged spam is necessary, yes. I don’t see anyway to process a message in a maildir and then move that message. How would you do it? bash script with for each on the directory. Train then delete each file in sequence. If doing this, training via spamc would be good. And the spamd must have --allow-tell to make this work. -- Today is the first day of the rest of the mess. signature.asc Description: OpenPGP digital signature
Re: Allowing IMAP users to train spam/ham
On 04 Mar 2012, at 12:57 , John Hardin wrote: On Sun, 4 Mar 2012, jdow wrote: On 2012/03/04 10:30, LuKreme wrote: On 04 Mar 2012, at 05:36 , xTrade Assessory wrote: question is if necessary ... Being able to train mis-tagged spam is necessary, yes. I don’t see anyway to process a message in a maildir and then move that message. How would you do it? bash script with for each on the directory. Train then delete each file in sequence. I'd suggest that it's a bad idea to delete your training corpus. Yeah, I never said anything about deleting. Trouble with simply moving the messages about in the shell between Maildirs is that the courier files don’t get updated properly. -- Criticizing evolutionary theory because Darwin was limited is like claiming computers don't work because Chuck Babbage didn't foresee Duke Nukem 3.
Re: Allowing IMAP users to train spam/ham
4.3.2012 22:44, LuKreme kirjoitti: Trouble with simply moving the messages about in the shell between Maildirs is that the courier files don’t get updated properly. I move my files all the time, and no problems occurred so far. I use Courier too... -- Things past redress and now with me past care. -- William Shakespeare, Richard II signature.asc Description: OpenPGP digital signature
Re: dccifd error
LuKreme wrote: On 04 Mar 2012, at 05:38 , xTrade Assessory wrote: not sure but probably the dccifd is the remote daemon and since DCC is a commerial service you might not have a account there, so you cannot connect ... ? http://www.rhyolite.com/dcc/ The non-commercial DCC software is distributed under a license that is free only to organizations that do not sell filtering devices or services except to their own users and that participate in the global DCC network. ISPs that use DCC to filter mail for their own users are intended to be covered by the free license. “ But here’s the thing, if dcc is not enabled by spamassassin, I get a spamd error for every message. you can disable the plugin or setup use_dcc 0 in local.cf otherwise you should check if you have the dcc package on your machine, configured and running Hans -- XTrade Assessory International Facilitator BR - US - CA - DE - GB - RU - UK +55 (11) 4249. http://xtrade.matik.com.br