Re: SOLVED: Spamassassin with single link in body
On Wed, 2013-07-10 at 22:37 -0700, Celene wrote: On 7/6/2013 2:07 PM, Martin Gregorie wrote: On Sat, 2013-07-06 at 12:24 -0700, Celene wrote: To be honest, I have never gotten any emails from people with only a URL, unless they are spam, so this shouldn't be a problem. I just want to match all emails that have a single link in the body I'm getting reasonable results from this: rawbody MG_BARE_URI /^\s{0,10}(http:|www\.)\S{1,70}\s{0,10}$/i Ive been testing this, and it seems to have the effect I want. Good. FWIW, I can probably get away with more dangerous rules than a lot of people on this list partly because my MTA serves a small closed group of users and partly because I use an auto-whitelister. This is an SA rule and associated module that queries my Postgres-based mail archive: senders of incoming mail are compared with recipients of previously sent outgoing mail and matches are white-listed. Martin
auto whitelist path
hi I can't set this command in local.cf and in --lint mode I face some error auto_whitelist_path /etc/mail/spamassassin/auto-whitelist
Re: auto whitelist path
On 07/11/2013 12:53 PM, Moein Sarvi wrote: hi I can't set this command in local.cf and in --lint mode I face some error auto_whitelist_path /etc/mail/spamassassin/auto-whitelist some error is not very descriptive (helpful) What error?
Re: auto whitelist path
warn: config: failed to parse line, skipping, in /etc/spamassassin/local.cf: auto_whitelist_path /etc/mail/spamassassin/auto-whitelist
Re: auto whitelist path
On 07/11/2013 01:01 PM, Moein Sarvi wrote: warn: config: failed to parse line, skipping, in /etc/spamassassin/local.cf: auto_whitelist_path /etc/mail/spamassassin/auto-whitelist is the AWL plugin enabled in v310.pre ? if yes please post the full output from - SA version - spamassassin --lint -D and your local.cf
Re: auto whitelist path
T he AWL plugin in v310.pre was disabled! By enabling that and give enough permission it's working thanks
Help eliminate false positive for Google Code notifications
Google Code sends out notifications from project name@googlecode.com. These notifications have Message-ID headers that start with two digits and a dash, triggering this rule: SARE_MSGID_DDDASH Message-ID has ratware pattern (9-, 9$, 99-) The rule was proposed in 2004: https://mail-archives.apache.org/mod_mbox/spamassassin-users/200402.mbox/%3c20040204190450.9b96217...@jmason.org%3E A sample Message-ID (I have an issue starred in the Android project): 46-1531741276455824-7215198307142895543-android=googlecode@googlecode.com Complete mbox message at http://pastebin.com/W5cN4DFd The false positive is not contributing much to the score (1.666), but I don't like it, so I'd like to avoid triggering the rule altogether if I can. I want to do it in the preferred way, if there is a preferred way. Any solution I would come up with would be pretty kludgy. So, suggestions appreciated! Thanks.
Re: Help eliminate false positive for Google Code notifications
On 07/11/2013 06:09 PM, Mike Brown wrote: Google Code sends out notifications from project name@googlecode.com. These notifications have Message-ID headers that start with two digits and a dash, triggering this rule: SARE_MSGID_DDDASH Message-ID has ratware pattern (9-, 9$, 99-) The rule was proposed in 2004: https://mail-archives.apache.org/mod_mbox/spamassassin-users/200402.mbox/%3c20040204190450.9b96217...@jmason.org%3E A sample Message-ID (I have an issue starred in the Android project): 46-1531741276455824-7215198307142895543-android=googlecode@googlecode.com Complete mbox message at http://pastebin.com/W5cN4DFd The false positive is not contributing much to the score (1.666), but I don't like it, so I'd like to avoid triggering the rule altogether if I can. I want to do it in the preferred way, if there is a preferred way. Any solution I would come up with would be pretty kludgy. So, suggestions appreciated! Thanks. SARE rules are obsolete/unsupported/ancient/history/etc and shouldn't be used. Do yourself a favour and remove those files - will save you CPU cycles, memory and lots of headaches. your truly, a retired SARE Ninja
Re: Help eliminate false positive for Google Code notifications
Axb wrote: SARE rules are obsolete/unsupported/ancient/history/etc and shouldn't be used. Do yourself a favour and remove those files - will save you CPU cycles, memory and lots of headaches. Heh, even easier than I thought. I think I had assumed that if I stopped fetching them, I wouldn't have them anymore, especially after upgrading Spamassassin. But they stayed and got copied over from upgrade to upgrade. Thanks!
spam problem Centos 6
I installed this two rpm on Centos 6 amavisd-new.noarch 0:2.8.0-4.el64 postfix-2.6.6-2.2.el6_1.i686 clamav-0.97.8-1.el6.i686 and dont see any errors in logs , antivirus works fine but spam NO If i receive spam message nothing happens I foolwed tutorial on Centos Wiki..everything is the same.. Br Dejan
Re: spam problem Centos 6
On 7/11/2013 3:32 PM, Dejan Doder wrote: I installed this two rpm on Centos 6 amavisd-new.noarch 0:2.8.0-4.el64 postfix-2.6.6-2.2.el6_1.i686 clamav-0.97.8-1.el6.i686 and dont see any errors in logs , antivirus works fine but spam NO If i receive spam message nothing happens I foolwed tutorial on Centos Wiki..everything is the same.. Did you install SpamAssassin? Amavis will work with it, but you have to install it. Give us a link to the wiki page so we can see which tutorial you were following. And note that you do not need the spamd daemon running if you are calling SA through amavis. -- Bowie
Re: spam problem Centos 6
http://wiki.centos.org/HowTos/Amavisd When I send spam test I see in log CLEAN?!? Do not need spake daemon means I have to stop daemon? On 7/11/13, Bowie Bailey bowie_bai...@buc.com wrote: On 7/11/2013 3:32 PM, Dejan Doder wrote: I installed this two rpm on Centos 6 amavisd-new.noarch 0:2.8.0-4.el64 postfix-2.6.6-2.2.el6_1.i686 clamav-0.97.8-1.el6.i686 and dont see any errors in logs , antivirus works fine but spam NO If i receive spam message nothing happens I foolwed tutorial on Centos Wiki..everything is the same.. Did you install SpamAssassin? Amavis will work with it, but you have to install it. Give us a link to the wiki page so we can see which tutorial you were following. And note that you do not need the spamd daemon running if you are calling SA through amavis. -- Bowie
Re: spam problem Centos 6
Yes of course I have installed spamassassin On 7/11/13, Dejan Doder dode...@gmail.com wrote: http://wiki.centos.org/HowTos/Amavisd When I send spam test I see in log CLEAN?!? Do not need spake daemon means I have to stop daemon? On 7/11/13, Bowie Bailey bowie_bai...@buc.com wrote: On 7/11/2013 3:32 PM, Dejan Doder wrote: I installed this two rpm on Centos 6 amavisd-new.noarch 0:2.8.0-4.el64 postfix-2.6.6-2.2.el6_1.i686 clamav-0.97.8-1.el6.i686 and dont see any errors in logs , antivirus works fine but spam NO If i receive spam message nothing happens I foolwed tutorial on Centos Wiki..everything is the same.. Did you install SpamAssassin? Amavis will work with it, but you have to install it. Give us a link to the wiki page so we can see which tutorial you were following. And note that you do not need the spamd daemon running if you are calling SA through amavis. -- Bowie
Re: spam problem Centos 6
On 7/11/13 3:23 PM, Dejan Doder dode...@gmail.com wrote: Yes of course I have installed spamassassin Some of the spamassassin tuning parameters are amavisd specific, or overwritten by amavisd. In particular, the tag_level parameters in amavisd.conf is used set threshold scores for including headers, marking as spam, and quarantines. Most likely you need to tweak those. Also, you need to set localdomain. Amavisd will by default only scan messages bound for your localdomain, so that you aren't marking outbound mail as spam... I would suggest finding amavisd.conf and reading through it. Lots of interesting things to set up in there. I'm sure there is someone for whom the defaults are right, but I've never met that person... On 7/11/13, Dejan Doder dode...@gmail.com wrote: http://wiki.centos.org/HowTos/Amavisd When I send spam test I see in log CLEAN?!? Do not need spake daemon means I have to stop daemon? On 7/11/13, Bowie Bailey bowie_bai...@buc.com wrote: On 7/11/2013 3:32 PM, Dejan Doder wrote: I installed this two rpm on Centos 6 amavisd-new.noarch 0:2.8.0-4.el64 postfix-2.6.6-2.2.el6_1.i686 clamav-0.97.8-1.el6.i686 and dont see any errors in logs , antivirus works fine but spam NO If i receive spam message nothing happens I foolwed tutorial on Centos Wiki..everything is the same.. Did you install SpamAssassin? Amavis will work with it, but you have to install it. Give us a link to the wiki page so we can see which tutorial you were following. And note that you do not need the spamd daemon running if you are calling SA through amavis. -- Bowie
Re: spam problem Centos 6
On 7/11/2013 4:22 PM, Dejan Doder wrote: http://wiki.centos.org/HowTos/Amavisd When I send spam test I see in log CLEAN?!? Do not need spake daemon means I have to stop daemon? The CLEAN message in the log is coming from the ClamAV virus scanner. A spam test would be expected to show as clean since it doesn't include a virus. If you send a test message containing the EICAR virus test string, you should see INFECTED instead. Depending on your settings, your spam test would be either delivered, sorted to a spam folder, or bounced back. If it is delivered, you can look in the headers to see if it was processed by Amavis. If you are using amavis for spam processing, then it will call the SpamAssassin module directly. If you have spamd processes running, you should stop them. This is specified (vaguely) in the wiki when it lists the services: # chkconfig --list | grep amavisd\|clamd\|spamassassin amavisd 0:off 1:off 2:on3:on4:on5:on 6:off clamd 0:off 1:off 2:on3:on4:on5:on 6:off spamassassin0:off 1:off 2:off 3:off 4:off 5:off 6:off You will notice that spamassassin is off in all runlevels. -- Bowie
Re: spam problem Centos 6
On 7/11/2013 4:23 PM, Dejan Doder wrote: Yes of course I have installed spamassassin I just asked since you did not list it as one of the rpms you installed. -- Bowie
Re: spam problem Centos 6
Variable #@bypass_spam_checks(1) Should I place in brackets 0 or remove # to enable spam checks? On 7/11/13, Bowie Bailey bowie_bai...@buc.com wrote: On 7/11/2013 4:23 PM, Dejan Doder wrote: Yes of course I have installed spamassassin I just asked since you did not list it as one of the rpms you installed. -- Bowie
Site Training via Redirect to a spam and/or ham mailbox
I suspect someone has already done this somewhere but I can't seem to come up with the right key words in my search. I'd like to set up spam and ham mailboxes to which all my users can redirect/bounce errors for Bayes training for the site. Then I can run sa-learn via cron against a single mailbox. Can someone point me to some info on this? Thanks.
IP Blacklisting
Hello is there anyway to blacklist an IP address?
Re: Site Training via Redirect to a spam and/or ham mailbox
W T Riker wrote: I suspect someone has already done this somewhere but I can't seem to come up with the right key words in my search. I'd like to set up spam and ham mailboxes to which all my users can redirect/bounce errors for Bayes training for the site. Then I can run sa-learn via cron against a single mailbox. Can someone point me to some info on this? Thanks. You want to know how to configure aliases in your MTA, i.e. sendmail, postfix, exim, or qmail. They all support files as the destination. So I suggest doing a web search for the name of your MTA plus aliases. See also https://wiki.apache.org/spamassassin/SiteWideBayesFeedback - at the end it points to a postfix-specific recipe.