Re: ruleset for antidrug.cf
On Tue, 2005-07-19 at 21:34, Matt Kettler wrote: > Ramprasad A Padmanabhan wrote: > > Hi list, > >Our servers are frequently getting spam mails with taablets , or > > ta.blets in the subject. > > > > I run rules_du_jour regularly, I am surprised there is no ruleset for > > catching this kind of subjects > >/\bta+\.?b(let)?s\b/ > > > > Has someone already a ruleset for this > > One problem with the above regex.. it will match "tablets" or "tabs" in an > un-obfuscated form. > I think that is ok in the subject. subject with tablets even un obfuscated still deserves a score around 1 Thanks Ram -- Netcore Solutions Pvt. Ltd. Website: http://www.netcore.co.in Spamtraps: http://cleanmail.netcore.co.in/directory.html --
Bayes poisoning ?
Hi We are using Spamassassin + Postfix + Mailscanner on our SMTP servers. Of late I have noticed that a lot of ham mails are getting a high BAYES score. I have overriden bayes with lower scores in order to avoid false postives ( and possibly mail loss ) How do I de-poison the bayes database, and are there any ways to avoid bayes poisoning ? Thanks Ram -- Netcore Solutions Pvt. Ltd. Website: http://www.netcore.co.in Spamtraps: http://cleanmail.netcore.co.in/directory.html --
Bayes is a cpu hog ?
Hi all, I am using Spamassassin on our SMTP servers with almost 2 mails an hour. The problem is the machine is almost always heavily loaded. Spamassassin takes a lot of time and I think the Bayes checking / learning is the real cpu hog ? Also I feel bayes is no good for a server like ours , we process mails for different customers , so bayesian learning for one customer has little sense for the other. I would like to completely disable bayes , can someone provide some inputs on this. Thanks Ram -- Netcore Solutions Pvt. Ltd. Website: http://www.netcore.co.in Spamtraps: http://cleanmail.netcore.co.in/directory.html --
Re: ANNOUNCE: SpamAssassin 3.1.0-rc1 release candidate available!
When I build the rpm from the spec file ( on fedora core 3 ) the spamassassin-tools rpm is not created. Was it not a part of SA. Thanks Ram On Sat, 2005-08-13 at 06:44, Justin Mason wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > *** THIS IS A RELEASE CANDIDATE ONLY, NOT THE FINAL 3.1.0 RELEASE *** > > SpamAssassin 3.1.0-rc1 is released! SpamAssassin 3.1.0 is a major update. > SpamAssassin is a mail filter which uses advanced statistical and > heuristic tests to identify spam (also known as unsolicited bulk email). > > This is a release candidate, and NOT the general availability release (yet.) > We think it's pretty rock solid, however. ;) > > Highlights of the release > - - > > - - Apache preforking algorithm adopted; number of spamd child processes is > now > scaled, according to demand. This provides better VM behaviour when not > under peak load. > > - - added PostgreSQL, MySQL 4.1+, and local SDBM file Bayes storage modules. > SQL > storage is now recommended for Bayes, instead of DB_File. NDBM_File support > has been dropped due to a major bug in that module. > > - - detect legitimate SMTP AUTH submission, to avoid false positives on > Dynablock-style rules. > > - - new plugins: DomainKeys (off by default), MIMEHeader: a new plugin to > perform > tests against header in internal MIME structure, ReplaceTags: plugin by > Felix > Bauer to support fuzzy text matching, WhiteListSubject: plugin added to > support user whitelists by Subject header. > > - - Razor: disable Razor2 support by default per our policy, since the > service is not free for non-personal use. It's trivial to reenable. > > - - DCC: disable DCC for similar reasons, due to new license terms. > > - - Net::DNS bug: high load caused answer packets to be mixed up and > delivered as > answers to the wrong request, causing false positives. worked around. > > - - DNSBL lookups and other DNS operations are now more efficient, by using a > custom single-socket event-based model instead of Net::DNS. > > Downloading > - --- > > Pick it up from: > > http://people.apache.org/~jm/devel/Mail-SpamAssassin-3.1.0-rc1.tar.gz > http://people.apache.org/~jm/devel/Mail-SpamAssassin-3.1.0-rc1.tar.bz2 > http://people.apache.org/~jm/devel/Mail-SpamAssassin-3.1.0-rc1.zip > > md5sum: > > c41126e515eacc5480d6d44498d5b99d Mail-SpamAssassin-3.1.0-rc1.tar.bz2 > 196a22f1a9d27792d8388fbc6f1b522f Mail-SpamAssassin-3.1.0-rc1.tar.gz > 1763521a992ebd45c46ca1dcab586474 Mail-SpamAssassin-3.1.0-rc1.zip > > sha1sum: > > 17145041222d607d1591eb5cffdff80fdd55cd6c > Mail-SpamAssassin-3.1.0-rc1.tar.bz2 > 904c9b67498ec456c674545c15d0c4f89950a9da Mail-SpamAssassin-3.1.0-rc1.tar.gz > f6d5d50abc70a4cedde3bc50715848aba1c3a4e4 Mail-SpamAssassin-3.1.0-rc1.zip > > The release files also have a .asc accompanying them. The file serves > as an external GPG signature for the given release file. The signing > key is available via the wwwkeys.pgp.net key server, as well as > http://spamassassin.apache.org/released/GPG-SIGNING-KEY > > The key information is: > > pub 1024D/265FA05B 2003-06-09 SpamAssassin Signing Key <[EMAIL PROTECTED]> > Key fingerprint = 26C9 00A4 6DD4 0CD5 AD24 F6D7 DEE0 1987 265F A05B > > Important installation notes > - > > - - see the INSTALL and UPGRADE files in the distribution. > > Summary of major changes since 3.0.x > - > > - - Apache preforking algorithm adopted; number of spamd child processes is > now > scaled, according to demand. This provides better VM behaviour when not > under peak load. > > - - Inclusion of sa-update script which will allow for updates of rules and > scores in between code releases. > > - - added PostgreSQL, MySQL 4.1+, and local SDBM file Bayes storage modules. > SQL > storage is now recommended for Bayes, instead of DB_File. NDBM_File support > has been dropped due to a major bug in that module. > > - - detect legitimate SMTP AUTH submission, to avoid false positives on > Dynablock-style rules. > > - - new Advance Fee Fraud (419 scam) rules. > > - - removed use of the Storable module, due to several reported hangs on SMP > Linux machines. > > - - Converted several rule/engine components into Plugins such as: > AccessDB, AWL, Pyzor, Razor2, DCC, Bayes AutoLearn Determination, etc. > > - - new plugins: DomainKeys (off by default), MIMEHeader: a new plugin to > perform > tests against header in internal MIME structure, ReplaceTags: plugin by > Felix > Bauer to support fuzzy text matching, WhiteListSubject: plugin added to > support user whitelists by Subject header. > > - - TextCat language guesser moved to a plugin. (This means "ok_languages" > is no longer part of the core engine by default.) > > - - Razor: disable Razor2 support by default per our policy, since the > service is not free for non-persona
Re: ANNOUNCE: SpamAssassin 3.1.0-rc1 release candidate available!
On Tue, 2005-08-16 at 05:31, jdow wrote: > From: "Kenneth Porter" <[EMAIL PROTECTED]> > > > --On Saturday, August 13, 2005 6:58 PM -0400 Theo Van Dinter > > <[EMAIL PROTECTED]> wrote: > > > >> On Sat, Aug 13, 2005 at 03:07:14PM +0530, Ramprasad A Padmanabhan wrote: > >>> When I build the rpm from the spec file ( on fedora core 3 ) the > >>> spamassassin-tools rpm is not created. Was it not a part of SA. > >> > >> The tools RPM was deprecated. There was very little in there that wasn't > >> development related, which is better taken out of SVN or the tarball, > >> so ... > > > > I'd recommend adding an Obsoletes tag for the deprecated subpackage, then. > > Otherwise the 3.0.4 subpackage gets orphaned and blocks updating of the > > surviving subpackages. > > What sub-packages that a CPAN style update won't catch? > CPAN style updates are not good for System Adminstrators , who find it easier to create rpm, scp to all the machines and run rpm -Uvh for all. Especially when you have more than 7-8 machines to manage Ram
Re: Pharamcudical list of words in a table
On Sun, 2005-09-04 at 03:20, wolfgang wrote: > In an older episode (Saturday, 3. September 2005 19:51), Ilan Aisic wrote: > > > It would be very difficult to write rules that would detect spam > > disguised like this in an HTML table. > > I think the SARE obfu rules catch quite a few of those, see > http://www.rulesemporium.com/rules.htm#obfu > Does this cf 70_sare_obfu.cf file work with SA 2.64 as well Thanks Ram
Managing a personal SURBL list
Hi all, We are running spamassassin 3.1 with Mailscanner. The SURBL checks are very efficient in catching spams ( without risk of FP's). Sometimes we get a lot of spam with URI's not listed in SURBL's , probably because they are too specific to our domain / locality. To make sure that these spams too get caught .. we plan to run our own SURBL list. Whats the best way of achieving this ? Any inputs ? Thanks Ram
bayes on tmpfs
Hi, We run spamassassin on our Mailservers that receive close to 20k mails per hour. The problem is SA takes too long especially for the bayesian checks I am thinking of moving the BAYES DB to a tmpfs partition. What are the pros and cons ? I could write a cron to just copy the bayes to a harddisk partition for recovery in case of a reboot. The only concern is that there would be too much of memory consumed because bayes by itself also caches a lot in the memory Thanks Ram
user wise preferences from database
Hi, I want to use Spamassassin with Postfix-Mailscanner or Postfix-amavisd for an ISP level spam filter. All users are virtual, and I would like to give the users full control for setting their rulesets For eg, A user must be able to set his own scores for the DRUGS_ERECTILE or DCC_CHECKS. ( say he works in a pharmacy ) Since there may be several thousands of users and most users would not make custom settings ( though in theory they can ); it is not practical to have users home directories. Ideally I should be able to get the prefernces from a database or ldap per user Is this possible ? Can someone point me some links to how this can be done Thanks Ram -- Netcore Solutions Pvt. Ltd. Website: http://www.netcore.co.in Spamtraps: http://cleanmail.netcore.co.in/directory.html --
ruleset for antidrug.cf
Hi list, Our servers are frequently getting spam mails with taablets , or ta.blets in the subject. I run rules_du_jour regularly, I am surprised there is no ruleset for catching this kind of subjects /\bta+\.?b(let)?s\b/ Has someone already a ruleset for this Thanks Ram -- Netcore Solutions Pvt. Ltd. Website: http://www.netcore.co.in Spamtraps: http://cleanmail.netcore.co.in/directory.html --