Re: install SA p a i n f u l l

[Nick Edwards]

omfg
even killing it, then having to kill every individual  sub process
manually...
re run using  -f

and it still loops and times out.

 very braindead install process. looks like there is no way for
spamassassin to install, I never recall having this problem ever before  on
all 3.x versions, but 4.0.0 is a useless bitch,  i'm about to install
rspamd




On Tue, Jan 30, 2024 at 1:36 PM Nick Edwards 
wrote:

> Venting
>
> Set up a new server today, took no time in postfix dovecot and amavisd,
> apache roundcube, and everything, then came spamassassin
>
> thankfully I chose to install this whilst we left for lunch, but 45mins
> later to my horror it was still trying to install, why?  because its tests
> failed for timeouts this, timeouts that,  everytime its set keeps on
> retrying reporting
>
> error: config: no rules were found!  Do you need to run 'sa-update'?
> config: no rules were found!  Do you need to run 'sa-update'?
>
> of fricken course there is no rules, its a new fricken install that cpan
> hasn't got around to yet to allow us to run sa-update.
>
> perhaps spamassassin developers can consider not everyone is upgrading,
> there are some of us trying to get the fricken thing on the fricken machine
> in the fricken first place.
>
> I am not going to run cpan with force because that may hide *real* errors.
>
>

install SA p a i n f u l l

[Nick Edwards]

Venting

Set up a new server today, took no time in postfix dovecot and amavisd,
apache roundcube, and everything, then came spamassassin

thankfully I chose to install this whilst we left for lunch, but 45mins
later to my horror it was still trying to install, why?  because its tests
failed for timeouts this, timeouts that,  everytime its set keeps on
retrying reporting

error: config: no rules were found!  Do you need to run 'sa-update'?
config: no rules were found!  Do you need to run 'sa-update'?

of fricken course there is no rules, its a new fricken install that cpan
hasn't got around to yet to allow us to run sa-update.

perhaps spamassassin developers can consider not everyone is upgrading,
there are some of us trying to get the fricken thing on the fricken machine
in the fricken first place.

I am not going to run cpan with force because that may hide *real* errors.

Re: DKIM fails on v4

[Nick Edwards]

Excuse my ignorance, but what is the difference between enable dkim in
amavisd-new and having it set to 0 letting spamassassin just do its thing
with loadmodule dkim?


On Mon, Jun 27, 2022 at 4:26 AM Henrik K  wrote:

> On Sun, Jun 26, 2022 at 12:57:32PM -0400, Alex wrote:
> >
> >
> > Amavisd-new works fine here. Maybe $enable_dkim_verification or
> something
> > is different.
> >
> >
> > It's good to know you're using amavisd. It's very dependent upon the SA
> version
> > you're using, though.
> >
> > It appears both DKIM and DMARC worked until the May 29th version from svn
> > (1901385).
> >
> > At some point after that, and even until yesterday's version, DKIM
> stopped
> > working. DMARC still passes with SPF, but there are no longer any
> occurrences
> > of DKIM.
>
> I think Giovannis changes don't work when amavisd is passing $suppl_attrib:
>
> https://svn.apache.org/viewvc?view=revision=1901719
>
> Sub _check_signature() isn't called at all in that case and things like
> tags
> are not set.  I'll leave it for Giovanni to fix..
>
>

Anti Phish Rules

[Nick Edwards]

Hi,

We've been using a separate product to do this, but it struck me, maybe
spamassassin can do this easier (or without having to call yet another
binary to run as can over mails)

Rules that look at URLs in a html message  href and src tags, check the "A"
tag to see if there is a URL there, and if they do not match,  consider it
a phis so apply said phis score to the message.

Has anyone done this? module even?

ciao

Mailing list ban evasion, ghost accounts

[Nick Edwards]

ATT Moderators

li...@rhsoft.net  is banned user  Reindl Harald of thelounge.net



Received: from mail.thelounge.net (mail.thelounge.net [91.118.73.15])
by mx2-lw-eu.apache.org (ASF Mail Server at mx2-lw-eu.apache.org) with
ESMTPS id EB9C55F4EC
for ; Mon, 15 Aug 2016 13:26:39 +
(UTC)
Received: from srv-rhsoft.rhsoft.net (Authenticated sender:
h.rei...@thelounge.net) by mail.thelounge.net (THELOUNGE MTA) with ESMTPSA
id 3sCbqW4sxGzXNB
for ; Mon, 15 Aug 2016 15:26:31 +0200
(CEST)
Subject: Re: google spamming ?

From: "li...@rhsoft.net" 

Re: Whitelisting and Expedia/Orbitz

[Nick Edwards]

clueless newbie troll
microsofts own attempt at SPF did allow checking in "from"


On Sat, May 21, 2016 at 2:50 AM, Reindl Harald 
wrote:

>
>
> Am 20.05.2016 um 19:25 schrieb Vincent Fox:
>
>> SPF is only about envelopes?
>>
>
> yes
>
> Unless you are Microsoft, who check against the From in the header.
>>
>
> nonsense
>
> you likely confuse DMARC with SPF
>
>
> 
>> From: Reindl Harald 
>> Sent: Friday, May 20, 2016 10:23:45 AM
>> To: users@spamassassin.apache.org
>> Subject: Re: Whitelisting and Expedia/Orbitz
>>
>> Am 20.05.2016 um 19:03 schrieb Alex:
>>
>>> Is it necessary to use the Envelope-From address when whitelisting
>>> with whitelist_from_spf? The docs are unclear as to whether I can just
>>> use the regular From address, which would be easier for me
>>>
>>
>> SPF is by definition only about envelopes
>> however, just use whitelist_auth -> RTFM
>>
>
>

Re: FSL_HELO_BARE_IP_2 fires on wrong header

[Nick Edwards]

just ignore reindl, most the world does (on the few lists he's not
been booted off - yet), because its his way or the wrong way - in his
eyes only of course, and history shows your wasting your time trying
to explain to him thats not how the world works, no-one is here to
make it work according to his-way.

Just look at the energy he's spent whining about it -V- the energy he
could have spent to lower/zero the score



On 1/26/16, Matus UHLAR - fantomas  wrote:
> On 25.01.16 15:17, Reindl Harald wrote:
>>not worth an argument when it's simply wrong and hits mostly clear
>>ham and is broken by definition looking at *random* headers?
>>
>>cat maillog | grep FSL_HELO_BARE_IP_2 | grep "result: Y" | wc -l
>>21
>>
>>cat maillog | grep FSL_HELO_BARE_IP_2 | wc -l
>>130
>>
>>cat maillog | grep FSL_HELO_BARE_IP_2 | grep BAYES_00 | wc -l
>>93
>
> excuse me, did you get a FP?
> Together with BAYES_00?
>
> --
> Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> He who laughs last thinks slowest.
>

Re: FSL_HELO_BARE_IP_2 fires on wrong header

[Nick Edwards]

proven wrong my arse, like everything   "proven wrong according to
reindl" means SFA and does NOT make it wrong just because YOU think it
is wrong. I think its right, other members of this list think its
right and the SA devies think its right, live with it, you were
already told what to do to over come if it YOU disagree with it,
acting like a 2yo baby going wah wah wah rolling over the floor temper
tamping to try get his own way will NOT work.

On 1/26/16, Reindl Harald <h.rei...@thelounge.net> wrote:
>
>
> Am 25.01.2016 um 23:45 schrieb Nick Edwards:
>> Just look at the energy he's spent whining about it -V- the energy he
>> could have spent to lower/zero the score
>
> what happened long ago  but a local workaround makes proven wrong
> behavior not right - see below
>
> i run likely the most customized SA on this planet
>
> -rw-r--r-- 1 root root  80K 2016-01-25 20:24 local-00-bayes-ignore.cf
> -rw-r--r-- 1 root root 3,0K 2016-01-25 13:39 local-01-unister.cf
> -rw-r--r-- 1 root root 1,2K 2015-09-13 07:47 local-02-blocked-tld.cf
> -rw-r--r-- 1 root root 111K 2016-01-25 20:36 local.cf
>
>  Weitergeleitete Nachricht 
> Betreff: Re: FSL_HELO_BARE_IP_2 fires on wrong header
> Datum: Mon, 25 Jan 2016 15:17:38 +0100
> Von: Reindl Harald <h.rei...@thelounge.net>
> An: users@spamassassin.apache.org
>
> -
>> score FSL_HELO_BARE_IP_1 0.1
>> score FSL_HELO_BARE_IP_2 0.1
> -
>
> OK: /usr/bin/systemctl reload spamassassin.service
>
>

uri eval over zelous or bug

[Nick Edwards]

Hey there,
In my final hours (34) at job X before moving back home to Australia
to start job Y next week, I  would love to solve an issue I've been
seeing for a few weeks now, some domains in eval are wrongfully
hitting.

Take postfix.org for example, it has no A record, so this check should
return NXDOMAIN and therefore not score the mail with a positive
value.

However, it does, so, I either screwed up something in the rule :

uridnsblATQ_URI2 snowshoers.int. A
bodyATQ_URI2 eval:check_uridnsbl('ATQ_URI2')
describeATQ_URI2 URL's domain A record listed in snowshoe netblocks
score   ATQ_URI2 3.0
tflags  ATQ_URI2 net a

or spamassassins  lookup is over bearing?

The list  in snowshoers.int contains about 400  /24's so removing one
at a time is not feasable, but, as indicated, postifx.org has no A
record so this shojldnt be an issue, I did check the IP's of
www.postifx.org both of them are not in any netblock.

So how can it be it gets tagged as being in it?
It can not be a nxdomain false in code, since undernet.org has no A
records and it passes fine without tagging/scoring.

TIA

Re: SPF code change?

[Nick Edwards]

Situation is resolved.

Below is part of the fault.
Our secondaries are dual stacked, although they are configured to use
ipv4 over ipv6 and usually do.
Our config only trusts ipv4 addresses (the problem)

There was a 3 day blockage in routing for one ipv4 range (it is
external and out of our hands, its on a third party network and there
was a problem with BGP on their end), this did not affect routing of
ipv6, so ipv6 because ipv4 failed, sent the messages, resulting in SPF
fail, we have since added ipv6 addresses to trusted settings.


On 10/16/15, Matus UHLAR - fantomas <uh...@fantomas.sk> wrote:
> On 16.10.15 09:10, Nick Edwards wrote:
>>Was there a change recently to the spamassassin code for SPF?
>>
>>Lately, any messages that come in via secondary MX's are failing, this
>>nevefr used to be the case
>
> the MX servers for your domain MUST be listed in internal_network (and in
> trusted_network too).
> This is exactly what internal_networks is for...
>
>
> --
> Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> I just got lost in thought. It was unfamiliar territory.
>

SPF code change?

[Nick Edwards]

Was there a change recently to the spamassassin code for SPF?

Lately, any messages that come in via secondary MX's are failing, this
nevefr used to be the case

Most common is facebook, lately they are marked as complete fail did
someone break something? I assumed it used trusted networks or such to
know, but its not.
(we also run spf milters on MTA so hard fail would not normally get to
spamassassin so not sure how long this gone on for)

(yes - they ARE from facebookmail before anyone asks)

Re: Live upgrade safe?

[Nick Edwards]

lol I KNEW youd that cause you just cant help yourself, trying to draw
attention away from yourself, but thats OK every person whos come
across you knows better,  a simple google of your name shows an
immense number of your vitriol  on many many lists.

the bannings youve had from many many lists shows a pattern of abuse,
it takes a bit to piss off Weitse, but you managed to do it and even
he banned you from postfix list, not to mention some of the centos and
fedora lists, roundcube, dovecot, youve even had a warning in here
from Karsten,  also I wonder why an unbound user joins the bind list,
given time youll be booted from there too because you cant help
yourself, youve been at it for years


https://lists.fedoraproject.org/pipermail/advisory-board/2013-May/011984.html
http://comments.gmane.org/gmane.linux.redhat.fedora.general/430887
https://fedorahosted.org/council/ticket/6
http://www.securityfocus.com/archive/1/527924

I could go on but id be here all month, and next month, and the month after


On 9/16/15, Reindl Harald <h.rei...@thelounge.net> wrote:
>
>
> Am 16.09.2015 um 04:25 schrieb Nick Edwards:
>> On 9/15/15, Reindl Harald <h.rei...@thelounge.net> wrote:
>>>
>>>
>>> Am 15.09.2015 um 00:05 schrieb Nick Edwards:
>>>> On 9/15/15, Matus UHLAR - fantomas <uh...@fantomas.sk> wrote:
>>>>>>>>>>> On 12.09.15 15:27, Reindl Harald wrote:
>>>>>>>> and no, i am not the package maintainer but the first person who
>>>>>>>> would

>>>>>>>> file a bug for *any* package which rely on a internet connection
>>>>>>>> due
>>>>>>>> update
>>>>>
>>>>>> Am 14.09.2015 um 17:25 schrieb Matus UHLAR - fantomas:
>>>>>>> in such case it's up to the distributions' maintainer to:
>>>>>>> - provide static rules in the (maybe separate) package
>>>>>>> - to warn user that he must immediately get new rules or the SA
>>>>>>> won't
>>>>>>> work
>>>>>
>>>>> On 14.09.15 18:40, Reindl Harald wrote:
>>>>>> it is a SA 3.4.1 bug that it don't start when
>>>>>> /var/lib/spamassassin/3.004001/ while the package ships the static
>>>>>> rules in /usr/share/spamassassin/
>>>>>
>>>>>> with the original 3.4.0 setup it started just fine before sa-update
>>>>>> as i installed all that stuff a year ago
>>>>>>
>>>>>> if you would have followed the thread before response you would know
>>>>>> that already
>>>>>
>>>>> I see this particular information for the first time.
>>>>> Maybe you could point me to proper place in the archive?
>>>>> Or maybe you could be more specific instead of blame everyone for
>>>>> everything?
>>>>>
>>>>>> - and no that is not rude, you have no idea how i sound
>>>>>> if i start to get rude
>>>>>
>>>>> the fact you don't feel being rude does not mean you are not.
>>>>
>>>> Rude, arrogant, abusive, and obnoxious is all he knows, he's been
>>>> kicked off many many mailing lists, and spends most his time here now
>>>> Timo has finally moderated him on dovecot list, he has a huge track
>>>> record of thinking he's not a bully and does nothing wrong, you only
>>>> need 30 seconds of google to see otherwise.
>>>
>>> don't remember that i asked *you* especially after you are so much more
>>> personally abusive as anybody else - the list of your personal attacks
>>> is bookmarked, so don't play saint and shut up
>>
>> what  a dreamland you live in, I'm not half as much an abusive
>> arsehole as you are, and google shows it
>
> you are - period
> http://www.gossamer-threads.com/lists/spamassassin/users/189665
>
> http://mail-archives.apache.org/mod_mbox/spamassassin-users/201411.mbox/%3CCAMD-=VLKStiPb_6NCn5EY7sNhJO7eAKE9dPpUEffHhH9xM_w=a...@mail.gmail.com%3E
> http://mail-archives.apache.org/mod_mbox/spamassassin-users/201410.mbox/%3CCAMD-=VJprfqO-g5M4hQiva5wwHONYqrS+EtGES-+KF=gwat...@mail.gmail.com%3E
> http://marc.info/?l=spamassassin-users=141126392202533=2
> http://mail-archives.apache.org/mod_mbox/spamassassin-users/201502.mbox/%3CCAMD-=VLSP4sfKaQWRaCTKVkWf+UJSo+wS0czNOCV=mfxlfx...@mail.gmail.com%3E
>
>

Re: Live upgrade safe?

[Nick Edwards]

On 9/15/15, Reindl Harald <h.rei...@thelounge.net> wrote:
>
>
> Am 15.09.2015 um 00:05 schrieb Nick Edwards:
>> On 9/15/15, Matus UHLAR - fantomas <uh...@fantomas.sk> wrote:
>>>>>>>>> On 12.09.15 15:27, Reindl Harald wrote:
>>>>>> and no, i am not the package maintainer but the first person who
>>>>>> would
>>>>>> file a bug for *any* package which rely on a internet connection due
>>>>>> update
>>>
>>>> Am 14.09.2015 um 17:25 schrieb Matus UHLAR - fantomas:
>>>>> in such case it's up to the distributions' maintainer to:
>>>>> - provide static rules in the (maybe separate) package
>>>>> - to warn user that he must immediately get new rules or the SA won't
>>>>> work
>>>
>>> On 14.09.15 18:40, Reindl Harald wrote:
>>>> it is a SA 3.4.1 bug that it don't start when
>>>> /var/lib/spamassassin/3.004001/ while the package ships the static
>>>> rules in /usr/share/spamassassin/
>>>
>>>> with the original 3.4.0 setup it started just fine before sa-update
>>>> as i installed all that stuff a year ago
>>>>
>>>> if you would have followed the thread before response you would know
>>>> that already
>>>
>>> I see this particular information for the first time.
>>> Maybe you could point me to proper place in the archive?
>>> Or maybe you could be more specific instead of blame everyone for
>>> everything?
>>>
>>>> - and no that is not rude, you have no idea how i sound
>>>> if i start to get rude
>>>
>>> the fact you don't feel being rude does not mean you are not.
>>
>> Rude, arrogant, abusive, and obnoxious is all he knows, he's been
>> kicked off many many mailing lists, and spends most his time here now
>> Timo has finally moderated him on dovecot list, he has a huge track
>> record of thinking he's not a bully and does nothing wrong, you only
>> need 30 seconds of google to see otherwise.
>
> don't remember that i asked *you* especially after you are so much more
> personally abusive as anybody else - the list of your personal attacks
> is bookmarked, so don't play saint and shut up
>
>

what  a dreamland you live in, I'm not half as much an abusive
arsehole as you are, and google shows it, despite any links you want
to post to this list, google shows EVERYTHING, not only what you hope
people will read but EVERYTHING

How many lists has I been moderated?  ONE - dovecot and thats for
calling you out as the wanker you are, how many lists have you been
moderated on? 6? 7 now with dovecot

How many lists have I been kicked off?  NONE, how many have you been
kicked off? at least one that I know of, maybe two, or was it you left
the fedora list because they refused to unmoderate you, cant recall,
dont care

like I said  the evidence speaks for itself
only you can change your attitude but since you dont think you do any
wrong, snowlfakes in hell before you admit fault.

So, that alone says it all.

Re: Live upgrade safe?

[Nick Edwards]

On 9/15/15, Matus UHLAR - fantomas  wrote:
>>>On 12.09.15 15:27, Reindl Harald wrote:
and no, i am not the package maintainer but the first person who would
file a bug for *any* package which rely on a internet connection due
update
>
>>Am 14.09.2015 um 17:25 schrieb Matus UHLAR - fantomas:
>>>in such case it's up to the distributions' maintainer to:
>>>- provide static rules in the (maybe separate) package
>>>- to warn user that he must immediately get new rules or the SA won't
>>> work
>
> On 14.09.15 18:40, Reindl Harald wrote:
>>it is a SA 3.4.1 bug that it don't start when
>>/var/lib/spamassassin/3.004001/ while the package ships the static
>>rules in /usr/share/spamassassin/
>
>>with the original 3.4.0 setup it started just fine before sa-update
>>as i installed all that stuff a year ago
>>
>>if you would have followed the thread before response you would know
>>that already
>
> I see this particular information for the first time.
> Maybe you could point me to proper place in the archive?
> Or maybe you could be more specific instead of blame everyone for
> everything?
>
>> - and no that is not rude, you have no idea how i sound
>>if i start to get rude
>
> the fact you don't feel being rude does not mean you are not.


Rude, arrogant, abusive, and obnoxious is all he knows, he's been
kicked off many many mailing lists, and spends most his time here now
Timo has finally moderated him on dovecot list, he has a huge track
record of thinking he's not a bully and does nothing wrong, you only
need 30 seconds of google to see otherwise.

Though he has tamed it down a lot in recent months, probably because
he realizes finally he's running out of mailing lists to post on.

phishing rules

[Nick Edwards]

Hey,

Kind of had enough of regular URIBL's not getting this stuff, so
wondering has anyone wrote any rules they want to share on/off list to
match on mismatched URI links,

example
the displayed version in mail might be www.example.com, but the actual
URI when you highlight or click on it, is foobar.example.net

I want to score all mismatches rather high (i'm not interested in oh
you shouldnt do that .. reason type replies, sorry :) but have given
this long though and the pros  do outweigh the cons.

SA usually catches the phishing stuff, there is often many get through
of late, so the collateral damage is acceptable by our risk
assessments.

ciao

Re: dkim invalid and 3.4.1

[Nick Edwards]

On 5/3/15, Reindl Harald h.rei...@thelounge.net wrote:


 Am 03.05.2015 um 05:34 schrieb Nick Edwards:
 Is there any reason

 reason=invalid (public key: not available)  is declared as error
 to fail t_dkim_invalid

 yes, it hits way too often for legit, signed mail and so produces false
 positives



I assume you are agreeing with me, since you are not answering me
because you are in no way related to the spam assassin project so
wouldn't know the answer.

anyway, I have zero'd this score to make this rule irrelevant

dkim invalid and 3.4.1

[Nick Edwards]

Is there any reason

reason=invalid (public key: not available)  is declared as error
to fail t_dkim_invalid


1.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

This is published a neutral so should not be considered invalid

This only occurs since upgrade 3.4.0 - 3.4.1, no changed made by the
sender - its a govt dept, who doesnt change things at all let alone in
middle of weekend.

Be a shame to have to score that 0 simply because the code over reacts.

Re: Spamassassin not catching spam (Follow-up)

[Nick Edwards]

On 3/26/15, Reindl Harald h.rei...@thelounge.net wrote:

 Am 25.03.2015 um 14:56 schrieb Nick Edwards:
 if i need to take the phone and ask the admin if a mail was discarded or
 just not delivered at the moment the mailservice is shit

 get into the real world, and there you go again someone does different
 than reindl does so they must be shit.  jesus christ you have a lame
 outlook on life, get used to the fact  because someone does something
 different than you, doesnt mean its bad.

 you should get into the real world

 if iw rite a mail and don't get a bounce i have to expect it was
 delivered, if mail delivery is not trustable it is shit - not because
 you are doing it different than me - but because your mailservice is
 some sort of lottery



BINGO!

Thats exactly what mail delivery has been for nearing 25 years.

An Enormous number of service providers in the western world will
discard spam messages we do nothing special or out of the ordinary,
the lottery game is for the spammers, they have no idea if anyone read
their trash or not, if your message is not spam it would be delivered.

we have 3.8 million users, so I think we would know pretty quickly if
we were doing it wrong.

you will just have to accept the world doesnt follow your handbook or wishes.


 a reject at SMTP level in case of spam don't produce bounces anywhere,
 but the bot may interpret as that RCPT don't accept mail - with a

 bots have not learned from 55x messages  EVER they dont care, they
 never have they never will, they will resend their shit 50 times a
 second without hesitation anyone whos been a mail admin for more than
 5 years knows this

 in the time you wrote that paragraph you could have opened the
 attachment, the curve of RBL rejects moved dramatically down while the
 number of daily delivered mail is unchanged


RBL blocks are still very significant around here, dont presume that
we see what you see, same as I'd never presume you'd see what we see,
I can say that with fact because the regions hitting our hamburg
servers are nothing like what hits our hong kong servers, and vice
versa.

Re: Spamassassin not catching spam (Follow-up)

[Nick Edwards]

On 3/26/15, David F. Skoll d...@roaringpenguin.com wrote:
 On Thu, 26 Mar 2015 11:36:36 +0100
 Reindl Harald h.rei...@thelounge.net wrote:

 What make you think you have the right to put a mail for a different
 person to /dev/null without reject it proper and so sender nor RCPT
 are aware?

 People who sign up for our service do so knowing that we sometimes
 silently discard spam.  If they don't agree, then they don't have to
 use our service.


Exactly, and I've never found anyone to leave over it, most people
appreciate not getting spam, they dont give a rats how we stop it
getting to them, so long as we stop it.

Re: Spamassassin not catching spam (Follow-up)

[Nick Edwards]

On 3/26/15, Reindl Harald h.rei...@thelounge.net wrote:

 Am 26.03.2015 um 13:10 schrieb Nick Edwards:
 On 3/26/15, Reindl Harald h.rei...@thelounge.net wrote:
 bots have not learned from 55x messages  EVER they dont care, they
 never have they never will, they will resend their shit 50 times a
 second without hesitation anyone whos been a mail admin for more than
 5 years knows this

 in the time you wrote that paragraph you could have opened the
 attachment, the curve of RBL rejects moved dramatically down while the
 number of daily delivered mail is unchanged

 RBL blocks are still very significant around here, dont presume that
 we see what you see, same as I'd never presume you'd see what we see,
 I can say that with fact because the regions hitting our hamburg
 servers are nothing like what hits our hong kong servers, and vice
 versa

 a last reply to that thread:

 the point was not RBL's and whatz you see where, the point was that
 after switch to unconditionally reject instead drop the number of
 *delivery attempts* dramatically went down

 and since it is the same userbase, the same network and the same
 mailflow it's not a matter of what you and i see different - it is a
 matter of what i see different just by stop silent discard


i'm confused, its not a mater of what we see different but then you
say it is matter of what you see different, I think unknowingly you
agreed with me. Dont think we have not  looked at reject, we looked at
that years ago, never changed, just like we never saw graylisting as
beneficial, most the bastards still resend so we dropped that too, all
it did was delay legitimate mail.

Either way, the way you run your network suites you, and the way we
run ours suites us.
Just dont go round calling other organisations method shit or dumb or
silly or stupid because  you disagree with how we successfully choose
to run our networks, we could turn around and say the same about how
you run yours, but we dont because we  know and understand each to
our own

Re: Spamassassin not catching spam (Follow-up)

[Nick Edwards]

On 3/25/15, Niamh Holding ni...@fullbore.co.uk wrote:

 Hello Reindl,

 Wednesday, March 25, 2015, 9:51:48 AM, you wrote:

 RH i don't know the UK laws but in germany it's for sure not allowed
 RH because it's legally classified identical to a postman says meh i don't

 RH walk to go upstairs today and throw the letter away

 RH if you pretend to provide relieable mailservices it should be logically

 RH that discard instead reject so that none of both parties can take notice

 RH in case of false positives is not that smart

 Better go tel MS as that's exactly what hotmail and live do.


It only applies to German based providers, located in Germany, serving Germany.
A similar rule applies in Sweden too, and there are exceptions.

I can reject who or what I want, because I'm not based in Germany,
however we do have multiple mx backups there, but not directly
providing a service directly to Germans, we can block who we want.



 --
 Best regards,
  Niamhmailto:ni...@fullbore.co.uk

Re: Spamassassin not catching spam (Follow-up)

[Nick Edwards]

On 3/25/15, Reindl Harald h.rei...@thelounge.net wrote:

 Am 25.03.2015 um 11:17 schrieb Niamh Holding:
 Hello Reindl,

 Wednesday, March 25, 2015, 9:51:48 AM, you wrote:

 RH i don't know the UK laws but in germany it's for sure not allowed
 RH because it's legally classified identical to a postman says meh i
 don't
 RH walk to go upstairs today and throw the letter away

 RH if you pretend to provide relieable mailservices it should be
 logically
 RH that discard instead reject so that none of both parties can take
 notice
 RH in case of false positives is not that smart

 Better go tel MS as that's exactly what hotmail and live do

 because others do wrong is not a good justification

Doesnt mean its the wrong thing, our companies secondary mx's are in
Hamburg and we can discard who we want, RFC's   say so


 barracuda networks does the same (which i did not imagine) and hence we

barrqacuda is shit, has bee shit and always will be shit

 
 that game is over at the moment you got a complaint from the sender
 proving you MX has responded with 250 OK and the message was never
 delivered - that is *not* how SMTP is designed to work

read up on your RFC's, silent discard is permitted for spam, has been
RFC'd for few years now replacing old 2822 or whatever it was

Re: Spamassassin not catching spam (Follow-up)

[Nick Edwards]

On 3/25/15, Reindl Harald h.rei...@thelounge.net wrote:

 Am 25.03.2015 um 13:39 schrieb Nick Edwards:
 On 3/25/15, Reindl Harald h.rei...@thelounge.net wrote:
 that game is over at the moment you got a complaint from the sender
 proving you MX has responded with 250 OK and the message was never
 delivered - that is *not* how SMTP is designed to work

 read up on your RFC's, silent discard is permitted for spam, has been
 RFC'd for few years now replacing old 2822 or whatever it was

 tell that your angry user after a false-positive in case of important
 mails - in the real world not only matters what is permitted - common
 sense could help here.


I dont have any angry users, if we discard a message its very clearly
spam, no one has ever complained about that, get into the real world

 if i need to take the phone and ask the admin if a mail was discarded or
 just not delivered at the moment the mailservice is shit


get into the real world, and there you go again someone does different
than reindl does so they must be shit.  jesus christ you have a lame
outlook on life, get used to the fact  because someone does something
different than you, doesnt mean its bad.


 a reject at SMTP level in case of spam don't produce bounces anywhere,
 but the bot may interpret as that RCPT don't accept mail - with a

bots have not learned from 55x messages  EVER they dont care, they
never have they never will, they will resend their shit 50 times a
second without hesitation anyone whos been a mail admin for more than
5 years knows this.

Re: Spamassassin not catching spam (Follow-up)

[Nick Edwards]

On 3/25/15, Reindl Harald h.rei...@thelounge.net wrote:

 Am 25.03.2015 um 13:34 schrieb Nick Edwards:
 It only applies to German based providers, located in Germany, serving
 Germany.
 A similar rule applies in Sweden too, and there are exceptions.

 I can reject who or what I want

 well, start with understand the difference between reject and discard


we reject and discard crap all the time here in hong kong,  our
secondaries in hamburg, and in texas. I'm not revealing the SA score
we use to discard but it works perfect for us.
Anyway, your Austrian not German.

Re: Skipping RBL checks for internal servers

[Nick Edwards]

On 3/19/15, Reindl Harald h.rei...@thelounge.net wrote:

 Am 19.03.2015 um 12:57 schrieb Nick Edwards:
 On 3/19/15, Steve Freegard s...@fsl.com wrote:
 On 18/03/15 21:46, Reindl Harald wrote:

 Wow - you must be fun at parties...


 HAHAHA reindl doesnt go to parties because , he has no friends and no
 one would have him, he can start a fight when he's the only tosser in
 the room

 i can't remember that someody asked you to start your personal vendetta
 again and frankly i wonder why are you not banned after playing that
 games multiple times


Why would someone be banned for speaking the truth, you silly childish
abusive moron, you make out your the innocent person, but we both know
the truth, google shows the truth, you have burned every bridge you
cross, you abuse people, I hear you even blackmail people know days
too, and you still think the whole world is out to get you, perhaps
its just  KARMA.

Re: Skipping RBL checks for internal servers

[Nick Edwards]

On 3/19/15, Steve Freegard s...@fsl.com wrote:
 On 18/03/15 21:46, Reindl Harald wrote:


 Wow - you must be fun at parties...



HAHAHA reindl doesnt go to parties because , he has no friends and no
one would have him, he can start a fight when he's the only tosser in
the room.

Re: Skipping RBL checks for internal servers

[Nick Edwards]

hahahaha come on reindl, do you think people here will bother to click
your links when all they only need do is google  reindl harald  to
get an unbiased view of who you really are and the sort of offensive
abusive creep you really are.

fedora users BANNED
roundcube  MODERATED
postifx BANNED
Centos BANNED

feel free to update us all on how you are poor hard done by and all
innocent and its always someone else's fault why you were kicked or
moderated - arhhh there the whole world out to get you right hahaha,
well tosser, if you were not such a tosser you would not be banned or
moderated from most lists on the net - you only have yourself to blame
 no one else numbnuts.


On 3/19/15, Reindl Harald h.rei...@thelounge.net wrote:

 Am 19.03.2015 um 13:09 schrieb Nick Edwards:
 On 3/19/15, Reindl Harald h.rei...@thelounge.net wrote:

 Am 19.03.2015 um 12:57 schrieb Nick Edwards:
 On 3/19/15, Steve Freegard s...@fsl.com wrote:
 On 18/03/15 21:46, Reindl Harald wrote:

 Wow - you must be fun at parties...

 HAHAHA reindl doesnt go to parties because , he has no friends and no
 one would have him, he can start a fight when he's the only tosser in
 the room

 i can't remember that someody asked you to start your personal vendetta
 again and frankly i wonder why are you not banned after playing that
 games multiple times


 Why would someone be banned for speaking the truth, you silly childish
 abusive moron, you make out your the innocent person, but we both know
 the truth, google shows the truth, you have burned every bridge you
 cross, you abuse people, I hear you even blackmail people know days
 too, and you still think the whole world is out to get you, perhaps
 its just  KARMA.

 well, the only abuser here is in front of your mirror

 http://www.gossamer-threads.com/lists/spamassassin/users/189665

 http://mail-archives.apache.org/mod_mbox/spamassassin-users/201411.mbox/%3CCAMD-=VLKStiPb_6NCn5EY7sNhJO7eAKE9dPpUEffHhH9xM_w=a...@mail.gmail.com%3E
 http://mail-archives.apache.org/mod_mbox/spamassassin-users/201410.mbox/%3CCAMD-=VJprfqO-g5M4hQiva5wwHONYqrS+EtGES-+KF=gwat...@mail.gmail.com%3E
 http://marc.info/?l=spamassassin-usersm=141126392202533w=2
 http://mail-archives.apache.org/mod_mbox/spamassassin-users/201502.mbox/%3CCAMD-=VLSP4sfKaQWRaCTKVkWf+UJSo+wS0czNOCV=mfxlfx...@mail.gmail.com%3E

Re: Skipping RBL checks for internal servers

[Nick Edwards]

On 3/19/15, Reindl Harald h.rei...@thelounge.net wrote:

 and in fact i was *never ever* that abusive as you are all the time
 beause there is a difference in get heatet in a technical discussion or
 like you do absue for the sake of abuse


hahahaha thankfulyl google shows otherwise

 so you better stop making yourself laughable and shut up

or what you gunna try black mail me? bring it on bitch

I make it my lifes aim to bring down arseholes like you, to rid the
world of fools like you, makes the world a better happier place,  I
only hope Noel has the balls to keep to his word and end you for
trying to blackm ail him, how did that work out arsehole? hahaha he
laughed in your face because he didnt care what you copied and pasted,
yes arsehole the entire IRC knows all about it, and every word he said
to you, he put it up on a a website, and by fuck you deserved every
word he said and more.

Re: Handling very large messages (was Re: Which milter do you prefer?)

[Nick Edwards]

On 3/15/15, Robert Schetterer r...@sys4.de wrote:
 Am 14.03.2015 um 20:22 schrieb David F. Skoll:
 On Sat, 14 Mar 2015 20:17:27 +0100
 Robert Schetterer r...@sys4.de wrote:

 Ok, but big spam mails are extrem rare, i wouldnt invest time in that

 They are quite rare, but common enough IMO that our customers would be
 annoyed if we didn't scan them.

 Regards,

 David.


 In the last ten years i saw a handfull of these, but ok, perhaps
 different at your site.



 Best Regards
 MfG Robert Schetterer

 --
 [*] sys4 AG

 http://sys4.de, +49 (89) 30 90 46 64
 Franziskanerstraße 15, 81669 München

 Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
 Vorstand: Patrick Ben Koetter, Marc Schiffbauer
 Aufsichtsratsvorsitzender: Florian Kirstein




I think we too would know if large spam were a problem and our users
active email count is fair size, not huge, but not small

mysql select count(*) from users where active='1';
+--+
| count(*) |
+--+
| 3801914 |
+--+
1 row in set (0.00 sec)

and we have some bitchy customers that make reindl look like a sunday
school kid.

Re: updated RegistrarBoundaries.pm

[Nick Edwards]

On 2/22/15, Benny Pedersen m...@junc.eu wrote:
 Axb skrev den 2015-02-21 12:09:
 DOH! - need more coffee...

 whisky free ? :-)


when corresponding with reindl, you need whiskey, just to tolerate his rhetoric

Re: updated RegistrarBoundaries.pm

[Nick Edwards]

On 2/22/15, Axb axb.li...@gmail.com wrote:
 On 02/21/2015 04:04 PM, Jim Popovitch wrote:
 On Sat, Feb 21, 2015 at 9:35 AM, Axb axb.li...@gmail.com wrote:

 Many moons ago, obviously before you started using SA, what you *now*
 consider dynamic, was very static with less than than handfull of
 changes
 /release.

 There's some pointless blabber in that as well.  ;-)

 that pointless blabber tries to explain why we're still carrying
 historical karma. It's not unknown, new, or has been forgotten.

 Irregardless of last century's history, what Reindl said makes good
 sense.   Highly dynamic content shouldn't have to be exported in a .pm
 from svn every month.

 the TLD additions hardly qualify as higly dynamic and till SA delivers
 the new method in bug 6782  if you look into RegistrarBoundaries.pm,
 Joe Quinn (thanks Joe!) documented the starting steps to pickup the
 changes required so you can script your own updates.

 wonder why I spent Saturday time updating/commiting/announcing so
 others could make use of it instead of doing facility management aka
 house chores...


Plenty appreciate your work, dont worry about reindl, that fuckstain
causes problems  on every mailing list he joins (google is your friend
there), he's always right, everyone else is either wrong or an idiot,
he cant handle the fact that some people want to run their systems in
a way that differs fro  him,  most of the internet who's had the
displeasure of interacting with the tosser laugh at him knowing that
in reality he's the only idiot.

Re: ancient perl versions

[Nick Edwards]

I cant see what the fuss is about, using gmail, your text is all about
the same size, except when Noel says he changed to 12pt, then it looks
larger than everyone else's, including jdow's.

I think it comes down to what client you're using, and its fine by my
reckoning, and it also word wraps fine here, if I was him I wouldnt
bother changing a thing.

On 12/8/14, Ted Mittelstaedt t...@ipinc.net wrote:

 Eh?  I'm not young, unfortunately, although I'll take it as a compliment.

 I don't really care if Noel uses Roundcube or not, but it was irritating
 when he was asserting a few days ago that it wasn't his MUA's problem
 when it clearly WAS his MUA's problem.

 After several others chimed in telling him that yes, they were seeing
 the same thing, I see he has finally accepted it.

 Please note that I didn't start this one either, I was NOT the first one
 to point out the legibility issues.  Others did, were told it was their
 problem.  I don't like innocents being blamed, and I'm quite sure if
 most people were in a car accident where the other driver was 100% at
 fault, they would not stand for accepting blame either.

 If that's impolite, I'm not sure what the definition of polite is - is
 it paying for the car accident you didn't cause?  Just asking.

 Ted

 On 12/5/2014 12:24 PM, jdow wrote:
 Charmingly polite again, eh Ted? Surely you can do better, young man.

 {+_+}

 On 2014-12-05 01:46, Ted Mittelstaedt wrote:


 The problem is Roundcube. It does not insert soft line breaks
 as per the MIME Quoted-Printable encoding. There's a lot of
 MIME stuff that Roundcube doesn't do very well, it's just not a very
 good web
 mail interface. I'm always surprised at how vehemently
 people defend it.

 Many email clients can be set to automatically wrap received text.
 Including the
 one I'm using now. But I don't turn that feature on because I want to
 give the
 SENDER of the message control over text positioning. I feel that if
 the sender
 has laid out their email a particular way, they have a reason for it.

 ASCII with a fixed font like Courier has always been the standard for
 email, and
 you can do stuff like this with it:

 -- --- \
 | Network router |---| NID |---
 -- --- /

 Which is far, far quicker and more efficient than attaching some visio
 drawing
 that I probably don't have a viewer for loaded on whatever system I'm
 using.
 And I won't even get into indentation of code in Email messages.

 As such, senders who are clever and careful and make use of fixed
 width fonts
 and ASCII text can do a heck of a lot quicker communicating and more
 understandable than a bunch of HTMLized stuff using a proportional
 spaced font
 that munges drawings, and destroys indentation, and such people have a
 damn good
 reason at times to send out text that is soft broken at specific
 places. So if
 I turn on Word Wrap like Android does I have just succeeded in
 shooting myself
 in the foot when I get an email from the smart people. So I assume the
 sender
 knows what they are doing and do I don't try to second guess them by
 wrapping
 their stuff.

 If you want to send out email that looks like it's been beaten by an
 ugly stick
 with weird looking fonts and lines that run on forever and ever, with
 no thought
 to positioning and making it look readable, as far as I'm concerned,
 that's not
 a reflection on me, it's a reflection on you. I'm not going to change
 my config
 to clean up your email, particularly when your the only one doing it,
 no more
 than I would waste time tucking in the shirt and straightening the tie
 and
 shining the shoes of a salesguy who showed up to sell me something.

 It's also not really my job to explain the concept of the blind
 leading the
 blind and relate that to the fact that nobody else has ever yadda
 yadda yadda
 but I'll do it anyway - it wasn't too long ago when the vast majority
 of people
 thought the world was flat, but that merely meant that the vast
 majority of
 people were ignorant - just like the vast majority of people who have
 never
 brought it up to you before are just as ignorant of line wrapping.
 After all,
 it is an esoteric subject.

 Ted

 On 12/4/2014 10:20 PM, Noel Butler wrote:
 On 05/12/2014 14:40, Dave Pooser wrote:

 On 12/4/14 10:27 PM, Nick Edwardsnick.z.edwa...@gmail.com
 mailto:nick.z.edwa...@gmail.com wrote:
 It's also not wrapping the text at all.
 it wraps fine here
 Look at the last roundcube post, the one sent at 01:06 GMT. The line
 of
 quoted text runs 273 columns without a linewrap.

 What client are you using?

 roundcube - wraps

 Evolution - wraps

 the font size btw is identical to yours on both.

 only two I use for this a/c

 forwarded that message in question to my private address, and checked
 it
 in android tablet and phone, both wrap.

 since no one has ever brought this up with me before, I'm placing this
 as not my problem to resolve.

Re: ancient perl versions

[Nick Edwards]

On 12/5/14, Ted Mittelstaedt t...@ipinc.net wrote:


 On 12/4/2014 6:24 PM, Noel Butler wrote:
 On Thu, 2014-12-04 at 20:22 -0600, Dave Pooser wrote:
   strange, it indicates 12pt, and looks same size when returned on list
  as
 everyone elses, something must be a miss, hows this one? it's from
 evolution

 That one looked significantly larger in my mail client (Outlook 2011 for
 Macintosh). Looking at source, your previous had 'font-size: 10pt' and
 this one omitted font-size entirely.

 thanks, seems yet another problem with roundcube *sigh*


 It's also not wrapping the text at all.

 Ted


bullshit, it wraps fine here

Re: Confused by new version of spamassassin

[Nick Edwards]

On 11/26/14, Paul Gardiner li...@glidos.net wrote:
 On 25/11/2014 09:57, Reindl Harald wrote:


 Am 25.11.2014 um 10:40 schrieb Paul Gardiner:
 I drive spamassassin using spampd.

 I've just swapped from using opensuse 13.1 to 13.2. That's taken
 me from spamassassin 3.3.2 to 3.4.0. I have two confusing changes.

 1) The really problematic one is that I no longer see X-Spam-Level
 and X-Spam-Status headers in the processed mail. I do still have
 X-Spam-Checker-Version. I was using status to trigger rejection,
 so now effectively I have no filtering.

 2) The confusing one: I used to have many .cf files in
 /usr/share/spamassassin/. I now have none

 you need to call sa-update after a version change since the rules are
 always below a versioned folder

 Gah! That was it. Silly me. I didn't restart spampd after the update.
 At least, I assume that's it because I just restarted spampd and it
 has all magically started working again.

 Thanks again everyone for all your help.

 Cheers,
   Paul.

 I'm still a little unsure as to why sa-update hadn't been called
 before. I seem to have a daily cron job that is supposed to call it,
 but still I do at least have filtering now.


such  a mes, i suggest you  use amavisd instead

Re: unsubscribe

[Nick Edwards]

how about you get fucked, dictator asswipe your  a nobody here so just
fuck off to your own hole you troll every list you join you act like
god but your nothing but an offensive troll nobody

On 11/25/14, Reindl Harald h.rei...@thelounge.net wrote:
 * don't hijack threads
 * don't send unsubscribe to the whole list
 * just unsubscribe yourself

 list-unsubscribe: mailto:users-unsubscr...@spamassassin.apache.org

 the same applies to any other mailing list
 https://www.google.at/#q=how+to+unsubscribe+from+a+mailing+list

 Am 25.11.2014 um 14:31 schrieb Ralf Longwitz:
 Am 25.11.2014 10:41 schrieb Paul Gardiner:

 Hi,
 I drive spamassassin using spampd.

 I've just swapped from using opensuse 13.1 to 13.2. That's taken
 me from spamassassin 3.3.2 to 3.4.0. I have two confusing changes.

 1) The really problematic one is that I no longer see X-Spam-Level
 and X-Spam-Status headers in the processed mail. I do still have
 X-Spam-Checker-Version. I was using status to trigger rejection,
 so now effectively I have no filtering.

 2) The confusing one: I used to have many .cf files in
 /usr/share/spamassassin/. I now have none.

 As you can probably tell, I don't really know much about
 spamassassin. I've to some degree been using it out of
 the box and having it just work. I realise the change could be
 down to opensuse packaging, but I thought someone here might
 know best where the problem lies. (I wondered if perhaps now
 spamassassin requires a cronjob to download and update the
 rules)

 Any advice gratefully received

Re: unsubscribe

[Nick Edwards]

my problem is pompus asswipe dictators like you who interfere where
not required, and go out of their way to abuse people and speak like
acid to them it is my aum in life to rid the internet of scum like you

centos list BANNED
fedora list MODERATED
roundcube list MODERATED
dovecot list FINAL WARNING
apache list FINAL WARNING
postfix list BANNED

says all anyone needs to know about your modus operandi

On 11/26/14, Reindl Harald h.rei...@thelounge.net wrote:

 Am 26.11.2014 um 13:19 schrieb Nick Edwards:
 how about you get fucked, dictator asswipe your a nobody here so just
 fuck off to your own hole you troll every list you join you act like
 god but your nothing but an offensive troll nobody

 what is your problem?
 i got even a off-list thank you mail in german from the user

 so just shut up if nobody asked you!

 On 11/25/14, Reindl Harald h.rei...@thelounge.net wrote:
 * don't hijack threads
 * don't send unsubscribe to the whole list
 * just unsubscribe yourself

 list-unsubscribe: mailto:users-unsubscr...@spamassassin.apache.org

 the same applies to any other mailing list
 https://www.google.at/#q=how+to+unsubscribe+from+a+mailing+list

 Am 25.11.2014 um 14:31 schrieb Ralf Longwitz:
 Am 25.11.2014 10:41 schrieb Paul Gardiner:

  Hi,
  I drive spamassassin using spampd.

  I've just swapped from using opensuse 13.1 to 13.2. That's taken
  me from spamassassin 3.3.2 to 3.4.0. I have two confusing changes.

  1) The really problematic one is that I no longer see X-Spam-Level
  and X-Spam-Status headers in the processed mail. I do still have
  X-Spam-Checker-Version. I was using status to trigger rejection,
  so now effectively I have no filtering.

  2) The confusing one: I used to have many .cf files in
  /usr/share/spamassassin/. I now have none.

  As you can probably tell, I don't really know much about
  spamassassin. I've to some degree been using it out of
  the box and having it just work. I realise the change could be
  down to opensuse packaging, but I thought someone here might
  know best where the problem lies. (I wondered if perhaps now
  spamassassin requires a cronjob to download and update the
  rules)

  Any advice gratefully received

Re: Facebook subdomain spamming started today

[Nick Edwards]

its quite painstaking but I reluctantly agree with Reindl, if you are
going to post crap like this, post details

On 11/23/14, Benny Pedersen m...@junc.eu wrote:
 No more info in public from me

Re: unsubscribe

[Nick Edwards]

On 11/26/14, Reindl Harald h.rei...@thelounge.net wrote:

 Am 26.11.2014 um 13:30 schrieb Nick Edwards:
 my problem is pompus asswipe dictators like you who interfere where
 not required, and go out of their way to abuse people and speak like
 acid to them it is my aum in life to rid the internet of scum like you

 there was nothing abusive in my response

 * question akes ina wrong way
 * question answered
 * sub thread finished

 *then you* decided as so oftento start your abusive bullshit

 the only guy who acts abusive all the time you face in your mirror and
 so better hire a psychologists because you need seriously help

 centos list BANNED

 so what

 fedora list MODERATED

 not true for many months


oh because you allegedly unsubscribed

 roundcube list MODERATED

 because repsonses like yours in that thread

 dovecot list FINAL WARNING

 from you? *laugh*
archives show the msg from Timo


 apache list FINAL WARNING

 from you? *laugh*

archives show the msg from Guenther


 postfix list BANNED

 active all the time


no, you were banned, but you resubscribed under another account

 says all anyone needs to know about your modus operandi

 and who do you think you are to judge?
 get your head closed boy!

my head LOL, oh look who's talking you paranoid fool, you accused me
and someone else of being the same person, NEWSFLASH  that same
someone else at this very time is rather near you, in Rodenbach
staying with friends, maybe he will pay you a visit LOL



 On 11/26/14, Reindl Harald h.rei...@thelounge.net wrote:

 Am 26.11.2014 um 13:19 schrieb Nick Edwards:
 how about you get fucked, dictator asswipe your a nobody here so just
 fuck off to your own hole you troll every list you join you act like
 god but your nothing but an offensive troll nobody

 what is your problem?
 i got even a off-list thank you mail in german from the user

 so just shut up if nobody asked you!

 On 11/25/14, Reindl Harald h.rei...@thelounge.net wrote:
 * don't hijack threads
 * don't send unsubscribe to the whole list
 * just unsubscribe yourself

 list-unsubscribe: mailto:users-unsubscr...@spamassassin.apache.org

 the same applies to any other mailing list
 https://www.google.at/#q=how+to+unsubscribe+from+a+mailing+list

 Am 25.11.2014 um 14:31 schrieb Ralf Longwitz:
 Am 25.11.2014 10:41 schrieb Paul Gardiner:

   Hi,
   I drive spamassassin using spampd.

   I've just swapped from using opensuse 13.1 to 13.2. That's
 taken
   me from spamassassin 3.3.2 to 3.4.0. I have two confusing
 changes.

   1) The really problematic one is that I no longer see
 X-Spam-Level
   and X-Spam-Status headers in the processed mail. I do still
 have
   X-Spam-Checker-Version. I was using status to trigger
 rejection,
   so now effectively I have no filtering.

   2) The confusing one: I used to have many .cf files in
   /usr/share/spamassassin/. I now have none.

   As you can probably tell, I don't really know much about
   spamassassin. I've to some degree been using it out of
   the box and having it just work. I realise the change could be
   down to opensuse packaging, but I thought someone here might
   know best where the problem lies. (I wondered if perhaps now
   spamassassin requires a cronjob to download and update the
   rules)

   Any advice gratefully received

Re: unsubscribe

[Nick Edwards]

On 11/26/14, Reindl Harald h.rei...@thelounge.net wrote:



 fedora list MODERATED

 not true for many months

 oh because you allegedly unsubscribed

 bullshit - fedora devel active all the time
 https://lists.fedoraproject.org/pipermail/devel/2014-November/thread.html


dont mix words reindl im talking about fedora users and you bloody well know it

Re: unsubscribe

[Nick Edwards]

google reindl and his email address  he copped nothing he has not
dished out to others for years, now he plays innocent, thankfully
google does not lie, or hide.


On 11/27/14, John Hardin jhar...@impsec.org wrote:
 On Wed, 26 Nov 2014, Anthony Cartmell wrote:

 How about you take your own advice. On any of my lists that diatribe
 would

Re: unsubscribe

[Nick Edwards]

all people have to do is google you,

then they will know the truth about what  nasty bit of work you really
are and how you attack people all the time, that and all those list
bannings and moderations should make them realize who they are really
dealing with.


On 11/27/14, Reindl Harald h.rei...@thelounge.net wrote:

 Am 26.11.2014 um 23:42 schrieb Nick Edwards:
 On 11/26/14, Reindl Harald h.rei...@thelounge.net wrote:

 fedora list MODERATED

 not true for many months

 oh because you allegedly unsubscribed

 bullshit - fedora devel active all the time
 https://lists.fedoraproject.org/pipermail/devel/2014-November/thread.html

 dont mix words reindl im talking about fedora users and you bloody well
 know it

 be precise or shut up *AND IN GENERAL* the past and other lists don#t
 matter *AT ALL* and so creep out of my sight at all

 what about stop acting like a child?

 * i did nothing wrong in my reply caused you again
to start your vendetta

 * even if - you are *not* in the position of a judge - *period*

 * whatever you criticize i did *never* act in any way like
a asshole as you do here *because* even if i don't find
always nice enough words i *never* attack a person because
of the person - *you do*

 so creep away and care about your own stuff
 what i do and say is *clearly* not your stuff - nowhere

 you are a nobody in context of playing judge

Re: half-OT: please remove spam-markers from subjects

[Nick Edwards]

jdebert, (since im not reply to the bully troll)

he doesnt learn, worried about flame wars but kicks off by calling
other people smart asses, just ignore him, most of the rest of the
internet  has done for a while



On 10/1/14, Reindl Harald h.rei...@thelounge.net wrote:

 Am 30.09.2014 um 18:12 schrieb jdebert:
 On Mon, 29 Sep 2014 19:19:10 +0200
 Reindl Harald h.rei...@thelounge.net wrote:

 Am 29.09.2014 um 19:14 schrieb Nels Lindquist:
 On 9/29/2014 10:54 AM, Reindl Harald wrote:

 please remove markers like [SPAM] if a mesage was flagged before
 reply - they lead often that a message goes to junk- instead the
 list-folder :-)

 Please teach your users to filter on the List-ID: header rather than
 Subject: for this list.  The issue can be entirely avoided without
 requiring everyone else in the world to alter their behaviour

 the [SPAM] marker comes *before* all other sieve-filters
 otherwise it would not catch faked From-Headers

 it's not a big deal but i see that mistake sometimes
 also in business communication - not real good

 I do not see any subject lines in this thread with [SPAM] in them. I
 rarely see them in this list at all. (I suspect people are aware it can
 cause some poorer filtering implementations to delete them.)

 so what - this was a new thread  to not hijack others

 Perhaps you need to look closer to home for this problem?

 for sure not if it appears in the middle of subjects

 Meantime, it is highly recommended that, if someone subscribes to a
 list about spam, one MUST make an exception to their filtering rules as
 previously mentioned. It's also very sensible. It is ridiculous to
 insist that people talking about spam stop using the word spam

 the SA list has a -100 score

 that won't change the fact that it is in general a bad
 attitude not look at the subject of a mail someone
 writes, but so be it until another flamewar starts
 because some smart asses need to reply to a hint
 wich needs no repsonse at all and was intended to
 just point out a common mistake

Re: half-OT: please remove spam-markers from subjects

[Nick Edwards]

thats funny, I could have sworn I replied and addressed to jdebert,
oh lookie, so I did, you just cant help yourself fool, I think we know
who the paranoid delusional stalker is reindl, get help, but no one
here is qualified to give you the help you need, and might i remind
you again dumb fuck, I was on this list a long time before you showed
up here, so check hte definition of stalk, you fruitcake, I warned you
what would happen if you contact me again, what happens now is your
own doing skitzo boy.


On 10/3/14, Reindl Harald h.rei...@thelounge.net wrote:

 Am 03.10.2014 um 12:56 schrieb Nick Edwards:
 jdebert, (since im not reply to the bully troll)

 he doesnt learn, worried about flame wars but kicks off by calling
 other people smart asses, just ignore him, most of the rest of the
 internet  has done for a while

 creep away damned stalker - nobody asked you and the only smart
 ass here is you - what was that with don't write me again and
 I wont have any need to abuse you back below and how did you
 treat roundcube developers and continue to abuse against me days
 later each time you are bored and seek posts from me?

 Nick Edwards | 26 Sep 18:01 2014
 http://comments.gmane.org/gmane.mail.roundcube.user/4500

  Weitergeleitete Nachricht 
 Betreff: Re: [RCU] Time for new HTML Editor
 Datum: Tue, 30 Sep 2014 21:14:43 +1000
 Von: Nick Edwards nick.z.edwa...@gmail.com
 An: Reindl Harald h.rei...@thelounge.net

 you hate how im talking to you? good! now you know what it felt like
 by all those newbies you belittle and bully, maybe you will think
 twice about bullying them and coming over as a fucking dictator again
 huh but probably not, nutters like you never learn.

 so you fuck off and dont write me again, and I wont have any need to
 abuse you back.

 starting now, so if you want no contact you better fucking not reply

 On 10/1/14, Reindl Harald h.rei...@thelounge.net wrote:
 Am 30.09.2014 um 18:12 schrieb jdebert:
 On Mon, 29 Sep 2014 19:19:10 +0200
 Reindl Harald h.rei...@thelounge.net wrote:

 Am 29.09.2014 um 19:14 schrieb Nels Lindquist:
 On 9/29/2014 10:54 AM, Reindl Harald wrote:

 please remove markers like [SPAM] if a mesage was flagged before
 reply - they lead often that a message goes to junk- instead the
 list-folder :-)

 Please teach your users to filter on the List-ID: header rather than
 Subject: for this list.  The issue can be entirely avoided without
 requiring everyone else in the world to alter their behaviour

 the [SPAM] marker comes *before* all other sieve-filters
 otherwise it would not catch faked From-Headers

 it's not a big deal but i see that mistake sometimes
 also in business communication - not real good

 I do not see any subject lines in this thread with [SPAM] in them. I
 rarely see them in this list at all. (I suspect people are aware it can
 cause some poorer filtering implementations to delete them.)

 so what - this was a new thread  to not hijack others

 Perhaps you need to look closer to home for this problem?

 for sure not if it appears in the middle of subjects

 Meantime, it is highly recommended that, if someone subscribes to a
 list about spam, one MUST make an exception to their filtering rules as
 previously mentioned. It's also very sensible. It is ridiculous to
 insist that people talking about spam stop using the word spam

 the SA list has a -100 score

 that won't change the fact that it is in general a bad
 attitude not look at the subject of a mail someone
 writes, but so be it until another flamewar starts
 because some smart asses need to reply to a hint
 wich needs no repsonse at all and was intended to
 just point out a common mistake

Re: USER_IN_DEF_DKIM_WL -7.5

[Nick Edwards]

Dont pay too much attention to reindl, he is a well known internet
troll, and highly abusive to those who disagree with him, hes been
kicked off or moderated on so many lists now, most folks have lost
count, and most folks ignore him, the stain is best treated as a
stain, washed away with good rules :-)


On 9/21/14, RW rwmailli...@googlemail.com wrote:
 On Sat, 20 Sep 2014 15:48:05 +0200
 Reindl Harald wrote:

 http://www.antivirushelptool.com/spamassassin/header/USER_IN_DEF_DKIM_WL
 that's too much and gives even a message on systems where
 BAYES_99 and BAYES_999 would reach 8.0 a negative score

 Do you have any evidence for it being too much? It seems about right
 to me.

 If you have an actual problem I'd suggest you use unwhitelist_from_dkim
 locally and report the domain so it can be considered for delisting.

 The dkim default whitelist contains domains that send a lot of
 autogenerated and bulk mail, but have a very low probabilty of sending
 spam.

Re: uribl problem

[Nick Edwards]

Hi Karsten,

On 12/1/13, Karsten Bräckelmann guent...@rudersport.de wrote:
 On Fri, 2013-11-29 at 13:30 +1000, Nick Edwards wrote:
 Hi, have a problem with our internal uribl

 urirhsblINT_URI uri.int.lan. A
 bodyINT_URI eval:check_uridnsbl('INT_URI')
 describeINT_URI Contains a URI listed in internal URIBL
 tflags  INT_URI net
 score   INT_URI 3

 That's correct.


Thanks

 this rule performs lookups if in normal text of body, however, i we
 have inside html if does not lookup. eg

 hi see example.org  looks up example.org
 but
 hi see a href=http://example.org;example.net/a
 it will lookup example.net, not example.org

 How do you tell SA does not lookup the domain in the HTML anchor href?


I ran debug and viewed the scrollback (see below)

 The general SA method of verifying which domains are queried for, is to
 have a look at the debug output. In your case, you can also check your
 local DNSBL's logs.

   spamassassin -D uridnsbl   msg


Ahh ok, this produces output I missed in the 2000 lines of normal
debug output, it turns out it is seeing that host/domain for a lookup,
however in my case that prompted me to ask this question, it was not
looking up the domain in question because as your suggested debug
output easily shows, that domain is in a skip list, which explains why
it was not looking up.

Is there an easy way to say ignore this host/domain in a skip list? or
disable skip list altogether? closest I can find is skip rbl checks.


 To see more of the URIDNSBL plugin activity, including which DNSBLs are
 queried and what domains are looked up, you can use e.g.

   spamassassin -D   msg  21 | grep URI-DNSBL

 To limit that to your local DNSBL, grep for DNSBL:uri.int.lan.


right, added that to my cheats list :)


 Note: The absence of a rule match for the second domain in the Report
 header is NOT an indicator of a missing query. If more than one domain
 is listed in the DNSBL, the urirhsbl rule will still be triggered once
 only, showing one domain, not all listed domains:

   X-Spam-Report:
 *  3.0 INT_URI Contains a URI listed in internal URIBL
 *  [URIs: example.net]

 Despite the plural in the automatically added detail, it does list one
 domain only. Probably a bug in the URIDNSBL plugin, though might also be
 intended.

 Since the DNSBL lookups are asynchronous, it is likely undefined which
 listed domain will trigger the rule to hit and be reported, influenced
 by lookup time and the order they are parsed from the message.



Awesome, thank you.

uribl problem

[Nick Edwards]

Hi, have a problem with our internal uribl

urirhsblINT_URI uri.int.lan. A
bodyINT_URI eval:check_uridnsbl('INT_URI')
describeINT_URI Contains a URI listed in internal URIBL
tflags  INT_URI net
score   INT_URI 3


this rule performs lookups if in normal text of body, however, i we
have inside html if does not lookup. eg

hi see example.org  looks up example.org
but
hi see a href=http://example.org;example.net/a
it will lookup example.net, not example.org
 is this correct or do I need some other lookup method in local.cf ?

thanks