Re: Rule-sets
Ron, On Thu, Apr 07, 2005 at 10:23:24AM +0100, Ron McKeating wrote: Thanks to all of you who replied about the job offer spams. Could anybody point at the best site for the latest rulesets and an explanation of what each one does. The main site for rules is generally http://www.rulesemporium.com/, and spefically the http://www.rulesemporium.com/rules.htm page. They have descriptions for what they do. You'll also find more on http://www.exit0.us/, including the RulesDuJour script at http://www.exit0.us/index.php?pagename=RulesDuJour that will automatically check for new rules for you. I can send you the current RulesDuJour settings I am using, if you like, assuming you are not already using it. You should check it yourself and make sure you are happy with the rules yourself, though. I still find that there are some spam messages that don't seem to be covered by rules, so end up writing my own. I'm no expert, but basic rule-writing isn't that hard if you can write regular expressions. Matthew -- Matthew Newton [EMAIL PROTECTED] UNIX and e-mail Systems Administrator, Network Support Section, Computer Centre, University of Leicester, Leicester LE1 7RH, United Kingdom
Re: Rule-sets
On Thu, 2005-04-07 at 10:53 +0100, Matthew Newton wrote: Ron, On Thu, Apr 07, 2005 at 10:23:24AM +0100, Ron McKeating wrote: Thanks to all of you who replied about the job offer spams. Could anybody point at the best site for the latest rulesets and an explanation of what each one does. The main site for rules is generally http://www.rulesemporium.com/, and spefically the http://www.rulesemporium.com/rules.htm page. They have descriptions for what they do. You'll also find more on http://www.exit0.us/, including the RulesDuJour script at http://www.exit0.us/index.php?pagename=RulesDuJour that will automatically check for new rules for you. I can send you the current RulesDuJour settings I am using, if you like, assuming you are not already using it. You should check it yourself and make sure you are happy with the rules yourself, though. I still find that there are some spam messages that don't seem to be covered by rules, so end up writing my own. I'm no expert, but basic rule-writing isn't that hard if you can write regular expressions. Matthew Thanks to all the replied, we have rules_du_jour and I am now getting an idea of how it works. I suppose the obvious question is has anybody written a good howto on writing your own rules. And if so where is it? Ron -- Ron McKeating Senior IT Services Specialist Computing Services Loughborough University 01509 222329
Re: Rule-sets
On Thu, Apr 07, 2005 at 11:00:52AM +0100, Ron McKeating wrote: On Thu, 2005-04-07 at 10:53 +0100, Matthew Newton wrote: Ron, On Thu, Apr 07, 2005 at 10:23:24AM +0100, Ron McKeating wrote: Thanks to all of you who replied about the job offer spams. Could anybody point at the best site for the latest rulesets and an explanation of what each one does. The main site for rules is generally http://www.rulesemporium.com/, and spefically the http://www.rulesemporium.com/rules.htm page. They have descriptions for what they do. You'll also find more on http://www.exit0.us/, including the RulesDuJour script at http://www.exit0.us/index.php?pagename=RulesDuJour that will automatically check for new rules for you. I can send you the current RulesDuJour settings I am using, if you like, assuming you are not already using it. You should check it yourself and make sure you are happy with the rules yourself, though. I still find that there are some spam messages that don't seem to be covered by rules, so end up writing my own. I'm no expert, but basic rule-writing isn't that hard if you can write regular expressions. Matthew Thanks to all the replied, we have rules_du_jour and I am now getting an idea of how it works. I suppose the obvious question is has anybody written a good howto on writing your own rules. And if so where is it? http://wiki.apache.org/spamassassin/WritingRules is good. Remember to run spamassassin --lint before restarting SA to make sure you haven't made any errors. I usually score my rules with 0.1 first to see how messages are hitting them, and then increase after a few days. http://www.exit0.us/index.php?pagename=RulesBasics may also be useful. The most confusing thing I originally found was the difference between body, rawbody and raw. The exit0.us page above seems to explain that fairly well. Matthew -- Matthew Newton [EMAIL PROTECTED] UNIX and e-mail Systems Administrator, Network Support Section, Computer Centre, University of Leicester, Leicester LE1 7RH, United Kingdom
RE: Rule-sets
Thanks to all the replied, we have rules_du_jour and I am now getting an idea of how it works. I suppose the obvious question is has anybody written a good howto on writing your own rules. And if so where is it? You probably also want to learn more about regular expressions too. There Was a lot of stuff that I didn't know before I started doing this. In particular, useful things like back chaining and forward referencing are useful to understand. I wish I could tell you I had found a good site or book about it, but I haven't. If you do find one, would you let me know? HTH R --- This email from dns has been validated by dnsMSS Managed Email Security and is free from all known viruses. For further information contact [EMAIL PROTECTED]
RE: Rule-sets
Thanks to all the replied, we have rules_du_jour and I am now getting an idea of how it works. I suppose the obvious question is has anybody written a good howto on writing your own rules. And if so where is it? Ron see this page: http://www.rulesemporium.com/links.htm I need to add more. Chris Santerre System Admin and SARE Ninja http://www.rulesemporium.com
RE: Rule-sets
On Thu, 2005-04-07 at 12:27 +0100, Gray, Richard wrote: Thanks to all the replied, we have rules_du_jour and I am now getting an idea of how it works. I suppose the obvious question is has anybody written a good howto on writing your own rules. And if so where is it? You probably also want to learn more about regular expressions too. There Was a lot of stuff that I didn't know before I started doing this. In particular, useful things like back chaining and forward referencing are useful to understand. I wish I could tell you I had found a good site or book about it, but I haven't. If you do find one, would you let me know? I use mastering regular expressions by O'Reilly Ron HTH R --- This email from dns has been validated by dnsMSS Managed Email Security and is free from all known viruses. For further information contact [EMAIL PROTECTED] -- Ron McKeating Senior IT Services Specialist Computing Services Loughborough University 01509 222329
RE: Rule-sets
From: Ron McKeating [mailto:[EMAIL PROTECTED] On Thu, 2005-04-07 at 12:27 +0100, Gray, Richard wrote: Thanks to all the replied, we have rules_du_jour and I am now getting an idea of how it works. I suppose the obvious question is has anybody written a good howto on writing your own rules. And if so where is it? You probably also want to learn more about regular expressions too. There Was a lot of stuff that I didn't know before I started doing this. In particular, useful things like back chaining and forward referencing are useful to understand. I wish I could tell you I had found a good site or book about it, but I haven't. If you do find one, would you let me know? I use mastering regular expressions by O'Reilly Seconded. Excellent book. Mastering Regular Expressions by Jeffrey E.F. Friedl Published by O'Reilly I found it when I was learning Perl. It has lots of generic RE stuff as well as a whole chapter (100 pages) on Perl specifics. Bowie
RE: Rule-sets
-Original Message- From: Bowie Bailey [mailto:[EMAIL PROTECTED] Sent: Thursday, April 07, 2005 10:44 AM Cc: users@spamassassin.apache.org Subject: RE: Rule-sets From: Ron McKeating [mailto:[EMAIL PROTECTED] On Thu, 2005-04-07 at 12:27 +0100, Gray, Richard wrote: Thanks to all the replied, we have rules_du_jour and I am now getting an idea of how it works. I suppose the obvious question is has anybody written a good howto on writing your own rules. And if so where is it? You probably also want to learn more about regular expressions too. There Was a lot of stuff that I didn't know before I started doing this. In particular, useful things like back chaining and forward referencing are useful to understand. I wish I could tell you I had found a good site or book about it, but I haven't. If you do find one, would you let me know? I use mastering regular expressions by O'Reilly Seconded. Excellent book. Mastering Regular Expressions by Jeffrey E.F. Friedl Published by O'Reilly I found it when I was learning Perl. It has lots of generic RE stuff as well as a whole chapter (100 pages) on Perl specifics. Most of my Perl knowledge comes from Theo's random signitures! ;) --Chris (Larry who?)
RE: Rule-sets
On Thu, 7 Apr 2005 12:27:58 +0100, Gray, Richard wrote You probably also want to learn more about regular expressions too. There Was a lot of stuff that I didn't know before I started doing this. In particular, useful things like back chaining and forward referencing are useful to understand. I wish I could tell you I had found a good site or book about it, but I haven't. If you do find one, would you let me know? The best I've found so far is the section on regular expressions in _Programming Perl_. But that's an awfully thick book to buy just for that. ;)
Re: Rule Sets
At 08:29 AM 10/27/2004 -0500, you wrote: Knowing that the more rules sets you add, the longer it takes to scan a message, what rule sets do you recommend? I have found several sites with sure sets such as The Rules Emporium and the SA wiki but I am certain I do not need every rule set from those sites. For what little it's worth, this is my general advice on improving hit rations (covers add-on modules and rulesets). Bear in mind this is just my advice, and I'd really suggest trying things out one-at-a-time so you know how well each works for you: 1) Make sure you have Net::DNS installed, this is an optional perl module, but it allows the RBLs and SURBL checks to run. (If you run spamassassin --lint -D you can watch SA test for DNS functionality.) 2) I've grown to like DCC quite a bit, but never trust it entirely. It does FP, but this is rarely a problem if you don't jack the score up. 3) Same goes for Razor. Just make sure it's 2.61 or better. 4) I really like the Random rules from rulesemporium.com. Not very high hit rate, but very good S/O on these. 5) feed your bayes DB as much fresh meat as you can (if you can). For those with 2.6x versions I add antidrug, backhair and surbl to my recommendations, but 3.0 comes with these.