Re: Bug or feature? ;-)
On Tue, Mar 26, 2019 at 04:35:09PM +0100, Tobi wrote: > Thanks for pointing it out. Sorry did not get it in first point. > Changed the regex in the rule to expect the scheme too and now we get > the expected hits again. > Just one thing. Does this mean that email addresses found in body always > have a scheme (mailto://) too? There's no such thing as mailto:// - it's just mailto:, so it wont match rules expecting \w+:// Quick test mailto:f...@bar.net;>mail me f...@bar.net ran uri rule MAILFOO ==> got hit: "mailto:f...@bar.net; ran uri rule MAILFOO ==> got hit: "mailto:f...@bar.net; ran uri rule MAILFOO ==> got hit: "f...@bar.net"
Re: track messages
On 3/25/2019 3:49 PM, Rick Gutierrez wrote: > El lun., 25 mar. 2019 a las 9:44, Kris Deugau () escribió: > >> That looks to be far too complicated for most purposes, and reading back >> and forth I don't think it's even intended for the standard spamd >> logging; it's looking at log traces from some other SA library caller >> entirely. Can you post a couple of example log entries you're expecting >> this to match and extract fields from? > https://pastebin.com/nsJ4PUBM Based on your original question, it looks like you could just grep the logs for 'spam-tag', but if you want to be sure, you could also check the score. This would also give you a bit more flexibility if you wanted to do a search for only high-scoring spam or something. I would do it with Perl. Here's an untested one-liner (assuming the file with the logs is called "maillog"): perl -ne '($score) = /spam-tag.*score=([\d.]+)/; if ($score > 5) {print}' maillog This could easily be expanded to output various parts of the log line, counts, average scores, etc. -- Bowie
Re: Bug or feature? ;-)
Thanks for pointing it out. Sorry did not get it in first point. Changed the regex in the rule to expect the scheme too and now we get the expected hits again. Just one thing. Does this mean that email addresses found in body always have a scheme (mailto://) too? Thanks for your help and have a good one Am 26.03.19 um 05:56 schrieb Henrik K: > On Mon, Mar 25, 2019 at 08:42:50PM +0100, Axb wrote: >> >> seems to me everybody is making an effort in disregarding the fact that the >> URI rule was hitting on a header and imo, that should not happen. >> This makes the whole uri behaviour even more unpredictable. > > As already was established, all body hits are guaranteed to have sceheme > > https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7440 > > I see no problem > Am 26.03.19 um 05:56 schrieb Henrik K: > On Mon, Mar 25, 2019 at 08:42:50PM +0100, Axb wrote: >> >> seems to me everybody is making an effort in disregarding the fact that the >> URI rule was hitting on a header and imo, that should not happen. >> This makes the whole uri behaviour even more unpredictable. > > As already was established, all body hits are guaranteed to have sceheme > > https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7440 > > I see no problem >
Re: Filtering at border routers: Is it possible?
On 25 Mar 2019, at 09:49, Matus UHLAR - fantomas wrote: I can't see anywhere how smtps could mean multicast audio. On 25.03.19 22:27, @lbutlr wrote: That may have been a different use for port 465? I was operating from memory. different use, but it was not called ssmtp. what I want to say is that smtps always meant ssl'ed smtp. I wasn't trying to do a ton of research on this. The point is 465 was a MSFT thing actually no. They used previously defined smtps. Yes, they used it after it was deprecated, but in compatible way. that they did ignoring the specs, as they loved to do (see breaking kerberos and many other examples), but that there is a new RFC for the use of port 465 as a submissions port (as opposed to the port 587 submission port). I've been using 465 with enforced authentication on many servers for years. never heard about source-specific multicast (SSM) until now... -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Atheism is a non-prophet organization.
Re: Filtering at border routers: Is it possible?
On 26 Mar 2019, at 0:27, @lbutlr wrote: That may have been a different use for port 465? I was operating from memory. Cisco SSM. See https://www.cisco.com/c/en/us/td/docs/ios/12_2/ip/configuration/guide/fipr_c/1cfssm.pdf -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Available For Hire: https://linkedin.com/in/billcole
Re: How add ITA channel to sa-update?
On 3/26/19 9:05 AM, Alessio Cecchi wrote: > Hello, > > I'm interesting into add the italian channel to spamassassin from > https://spamassassin.snb.it/, but what is the right way? > > I download ITA.conf in /etc/spamassassin/channel.d/ and run sa-update but I > don't see any new files in /var/lib/spamassassin/3.004002/. > you can use sa-update --channel spamassassin.snb.it to update from the specific channel, otherwise "/usr/share/spamassassin/sa-update.cron" (scheduled daily by default) will do that for you. Giovanni > Thanks (to Giovanni for the channel :-) ) > > -- > Alessio Cecchi > Postmaster @ http://www.qboxmail.it > https://www.linkedin.com/in/alessice >
How add ITA channel to sa-update?
Hello, I'm interesting into add the italian channel to spamassassin from https://spamassassin.snb.it/, but what is the right way? I download ITA.conf in /etc/spamassassin/channel.d/ and run sa-update but I don't see any new files in /var/lib/spamassassin/3.004002/. Thanks (to Giovanni for the channel :-) ) -- Alessio Cecchi Postmaster @ http://www.qboxmail.it https://www.linkedin.com/in/alessice