Can I setup qmailscanner/qmail so it will copy or send or delete the
message with Spam status=yes header?
yes you can do this but with procmail or maildrop
Rajkumar S wrote:
Zlatko Hristov wrote:
I am trying to setup SA on Qmail gateway/relay server. All the mailboxes
are on Exchange, Qmail
check qmail-scanner-queue.pl whether you have set the spamc_subject
options or remove the -c in spamc_options.
Maxwell
Josh Baird wrote:
I have Spamassassin running with
qmail+vpopmail. I am having troubles getting spamd to tag the subject
of a spam email. Here is the output of
to avoid false posetives (which is at a rate of approx. 0.2% now) I'd like to
whitelist my whole adressbook. My adressbook is changing/growing, so I would
like not to implement it using 500 whitelist_from-configs but put it to a file
and have a single whilelist_fromfile-statement in my local.cf.
Hello list!
I just cant seem to be able to disable AWL with spamassassin.
The rationale behind that is that there is a lot of forged mail around
recently (virii, trojans) that makes its way with a negative AWL
scoring.
So i tried to disable AWL with
On Mon, Nov 10, 2003 at 11:02:43AM +0100, matthias zeichmann wrote:
Hello list!
I just cant seem to be able to disable AWL with spamassassin.
The rationale behind that is that there is a lot of forged mail around
recently (virii, trojans) that makes its way with a negative AWL
scoring.
So, I get this message in my inbox this morning. Unless I'm totally misreading
the headers, it appears that it actually is from oem-cd.biz. A quick google on
the address reveals it to be yet another marketing firm. This one touts
You Can Stop Cold Calling Business Prospects Battling Voice
I installed SpamAssassin as per the documentations available at
thespamassassin.org. I installed all the dependent modules and it
installedfine w/o any error,I checked and verified using the
command listed in the USAGE file i.e.#Mail-SpamAssassin-2.60#
spamassassin -t sample-nonspam.txt
That worked perfectly. Thanks for the
help!
- Original Message -
From:
Maxwell
Ochieng
To: Josh Baird
Cc: [EMAIL PROTECTED]
Sent: Monday, November 10, 2003 2:37
AM
Subject: Re: [SAtalk] Subject
Tagging
check qmail-scanner-queue.pl whether you have set
Lukreme wrote:
On 08 Nov 2003, at 06:46, Terry Milnes wrote:
Some of us though are system administrators and need a solution to
offer to the end users. The typical end user wants to open their
email and see no spam, period.
Since the definition of spam varies from person to person that is
Hi all,
I used spamd/spamc 2.55 with procmail on a Solaris 8 box successfully for
several months. Now I tried to upgrade to spamd / spam 2.60 but now spamd
(one single process!) consumes more than 2 GB of memory. There are only a
few spamd processes running - the problem is not the amount of
At 11:02 AM 11/10/03 +0100, matthias zeichmann wrote:
Meanwhile i suspect an error in my configuration. Is there a way to
check your local.cf for validity?
spamassassin --lint
---
This SF.Net email sponsored by: ApacheCon 2003,
16-19
On Mon, 2003-11-10 at 15:28, Matt Kettler wrote:
At 11:02 AM 11/10/03 +0100, matthias zeichmann wrote:
Meanwhile i suspect an error in my configuration. Is there a way to
check your local.cf for validity
spamassassin --lint
Thanks a lot, there was indeed an error:
On Mon, 2003-11-10 at 11:50, Nick Leverton wrote:
On Mon, Nov 10, 2003 at 11:02:43AM +0100, matthias zeichmann wrote:
Hello list!
I just cant seem to be able to disable AWL with spamassassin.
The rationale behind that is that there is a lot of forged mail around
recently (virii,
I'm having a problem with spamd and logging Here is my startup line
on my mail system running solaris 8:
OPTIONS=-d -a -L --max-children=50
--siteconfigpath=/opt/mail/spamassassin --syslog=local1
I did have it set to use the default facility and it worked for a while
then just stopped after
-Original Message-
From: ian douglas [mailto:[EMAIL PROTECTED]
Sent: Friday, November 07, 2003 5:33 PM
To: Spam Assassin
Subject: RE: [SAtalk] Delete spam mails
SpamAssassin drinking game:
X sips for How can I get SpamAssassin to delete spams?
X sips for Unsubscribe me
We all know that a human is far better than a proram at detecting spam.
The computer has to make guesses at it. So to make it harder spammers add
all sorts of junk in that will make it harder for the computer to
recognize. This is while still maintaining some sort of readability for
the
I'm WAY behind in list readings today. So forgive me if this has been said.
But since J.M. has told us that eval rules are boolean, is this idea dead in
the water, or did I miss a post?
Was there talk of maybe testing accum rules for future SA versions? Is that
what this thread is now?
Just
On Mon, 2003-11-10 at 10:58, Chris Santerre wrote:
x sips for every [EMAIL PROTECTED]@ spam you stop.
I don't get spam with that any more. Mine all comes advertising sildenafil citrate. :/
signature.asc
Description: This is a digitally signed message part
On Mon, 10 Nov 2003 10:52:11 -0500 (EST)
Jason [EMAIL PROTECTED] wrote:
(...)
I've had one spammer who just puts a random period in the message and it
doesn't get tagged. Taking out all the periods in the message and it
scored a 10.6 just from the body of the message.
(...)
I've seen things
Upgrade your version of perl to 5.8.x
-Jim
Jim Upwood
System Administrator
Bond, Schoeneck, and King
Syracuse, NY
-Original Message-
From: Margit Meyer [mailto:[EMAIL PROTECTED]
Sent: Monday, November 10, 2003 9:41 AM
To: [EMAIL PROTECTED]
Subject: [SAtalk] spamd consumes huge amounts
On Sat, Nov 08, 2003 at 11:18:46PM -0500, Jack Gostl wrote:
I'm trying to find the token counts. In version 2.55, what is the
equivalent of:
sa-learn --dump magic
there is no direct equivilent, but you can run the check_bayes_db (I
can't even remember what the full name is) script in
I am in need of a rule that will tell SpamAssassin to whitelist all
email traffic which comes from our local Listserv (tm - www.lsoft.com)
lists.
The problem is that messages from the Listserv list have the original
author's email address in the From: line. The Listserv list address is
in a
--On Monday, November 10, 2003 10:52 AM -0500 Jason [EMAIL PROTECTED] wrote:
I've had one spammer who just puts a random period in the message and it
doesn't get tagged. Taking out all the periods in the message and it
scored a 10.6 just from the body of the message.
I think the keyword is
Hi,
On Mon, 10 Nov 2003, Frank Pineau wrote:
So, I get this message in my inbox this morning. Unless I'm totally
misreading the headers, it appears that it actually is from oem-cd.biz.
Nope, it's from an AOL dialup [172.190.115.221]:
$ nslookup 221.115.190.172.dynablock.easynet.nl
I'm still a beginner myself, but I believe that you could use the
whitelist_from_rcvd option.
whitelist_from_rcvd*listserv.tamu.edu
It seems that this would allow any from address so long as the received
headers contained your domain.
Complete information is at
On Mon, 2003-11-10 at 12:01, Evan Platt wrote:
[EMAIL PROTECTED] t0 [EMAIL PROTECTED]
Maybe SA needs to run it once through a leet-speek filter? :-)
--
Frank Pineau
Hey, you know those Roman hackers? Man, were they I III III VII!
signature.asc
Description: This is a digitally signed message
I wanted to allow my users to be able to change there user prefs via the
mysql interface. The problem I am facing is most of my users have 3-6 email
addresses. We have multiple domains so we have [EMAIL PROTECTED]
[EMAIL PROTECTED] [EMAIL PROTECTED] Is there any way to link these
addresses
Guys,
Awesome product!
I've been hiding my email address for years. Also, years ago I turned off
my webmaster@ hostmaster@ and other email addresses because the spam level
was getting insane. Not to mention my global @chipware.net which would
catch everything else.
Now with spamassassin, all
and would be able to work at the ISP level, not the desktop level?
We are currently using Mdaemon 6.8.5 with Spamassassin and it almost
does everything we need, except whitelisting by user name or domain
BEFORE the RBL check. We are using this in front of about 150 domains we
do mail for (mail
Found the problem.. user error.. I thought I had taken the -t option off
of the syslog startup.. So sometime after the first time, when I
manually started syslogd to test this.. I restarted syslogd from the
init script and started running again with the -t option disallowing
connections
Why
We have been using Spamassassin 2.60 since it came out. Prior to that, we
were using SA 2.54. I do have a question regarding sa-learn.
It seems that the numbers I receive from sa-learn just don't add up. See
below for an example. I have a cron job that runs once a day that will run
Hi,
I have 2 questions related to SA 2.60:
1) At the moment spam is only tagged! How can I define that those
tagges spam messages are delivered to one of my other mail boxes? Then I
could check out that POP only at the weekend or so!
2) I would like to untag mails that include certain keywords.
Paul Hirschorn wrote:
I wanted to allow my users to be able to change there user prefs via the
mysql interface. The problem I am facing is most of my users have 3-6 email
addresses.
Sure there is...
I have multiple email accounts but only one user in mysql that each
account uses. This is
--On Monday, November 10, 2003 7:05 PM +0100 Volker [EMAIL PROTECTED]
wrote:
At the moment spam is only tagged! How can I define that those
tagges spam messages are delivered to one of my other mail boxes? Then I
could check out that POP only at the weekend or so!
Not with SpamAssassin.
Question about where spamassassin gets the UID for creation of the
.spamassassin dir and the .lock files in there.. They are being created
with the UID of 32766.. This is causing unlock issues since they can't
be deleted... Where is this UID coming from? can it be changed?
See-ya
Mitch
Saw a few of these come through last week. Guess I need a rule upgrade to catch this?
--- the forwarded message follows ---
---BeginMessage---
Title: The money was subsidized to nothing when I made up a stupid sentence.
The Rock's biggest devotee has got to be
Hello Volker,
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Volker
Sent: Monday, November 10, 2003 12:06 PM
To: [EMAIL PROTECTED]
Subject: [SAtalk] How to make SA store SPAM in special mailbox?
Hi,
I have 2 questions related to SA 2.60:
You might look at www.ima.com -- They have Windows and Linux versions of
their servers. I'm using the Linux version for my ISP, and it has some
excellent features for integrating spamassissin and other options
(blacklists, whitelists, authenticated SMTP)
--jenni
On Mon, 10 Nov 2003, Andy
The usefulness of these rules came in handy today, thanks!
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Colin A. Bartlett
Sent: Wednesday, November 05, 2003 9:49 AM
To: Chris Santerre; [EMAIL PROTECTED]
Subject: [SAtalk] [RD] spam sentences
[this is
Simple solution
1.Spamassassins reads in the message
2. It then stores the original message in two variables
3. In the second variable remove all punctuation, spaces, special encoded
characters, foreign language characters, html including html comments, and
other methods used for obscufaction.
4.
Saw a few of these come through last week. Guess I need a
rule upgrade to catch this?
--- the forwarded message follows ---
This is the spammer trick of saying the email is from you, to you. So it got
Whitelisted. Here is _A_ solution. I believe the newest version of SA also
solves
Lyle Evans said:
At 10:52 AM 11/10/03, Jason wrote:
...
I was thinking today wouldn't it be better to just ignore all the
periods,
commas, and what have you in the text? Inside SA we could just drop
those
and then search the message from that.
I've had one spammer who just puts a random
Sorry for replying to my own message, but that should have read:
http://sandgnat.com/cmos/cmos.jsp?sourceRules=body+CUM+/\bcum\b/
(http, not https)
Chris Thielen said:
Lyle Evans said:
At 10:52 AM 11/10/03, Jason wrote:
...
I was thinking today wouldn't it be better to just ignore all the
Lyle Evans Sent: Monday, November 10, 2003 2:51 PM
Yes I am being hit hard by he same type of spam.
I too am getting them. My SPAM_SENTENCE rules are catching all of these
messages from this spammer. I was getting FN's from these messages so I
added these rules which catch all of the weird
Mike Kuentz Sent: Monday, November 10, 2003 2:46 PM
The usefulness of these rules came in handy today, thanks!
I got a plethora of these emails this weekend and today, too. Looks like
that spammer ratcheted up his operations. I had to change the rules to
remove the double ' and characters. I
We have been using Spamassassin 2.60 since it came out. Prior to that, we
were using SA 2.54. I do have a question regarding sa-learn.
It seems that the numbers I receive from sa-learn just don't add up. See
below for an example. I have a cron job that runs once a day that will run
I have been informed that all my mail is being flagged by
Spamassassin (as shown below with a message I sent out).
X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on
mailspool2.panix.com
X-Spam-Status: Yes, hits=5.1 required=5.0 tests=FORGED_MUA_EUDORA,
Learned from 304 message(s) (30419 message(s) examined)
Learned from 253 message(s) (30430 message(s) examined)
Learned from 301 message(s) (30452 message(s) examined)
I bet you are seeing some spam re-learning after it has fallen off of
the expiry backend.
so the line:
Learned from 253
My question is how to report a *mailbox* of spam to razor2. I just added
razor2 to my configuration and wanted to contribute.
I currently receive spam into my mail reader (Forte Agent) and they get
moved to a SPAM folder based on the header tags. I periodically visit that
SPAM folder and
-Original Message-
From: Bill Larson [mailto:[EMAIL PROTECTED]
Sent: Monday, November 10, 2003 2:47 PM
To: [EMAIL PROTECTED]
Subject: Re: [SAtalk] Is punctuation really needed? (fwd)
Simple solution
Not so simple :)
1.Spamassassins reads in the message
2. It then stores
Using RedHat 9 and SA 2.60 installed from RPMS, I found the source for
the sa-stats.pl perl script on the SA site. When I try to run it after
verifying the config settings, I keep getting all zeros for my report.
The report is generating, but the figures are not there. Any ideas what
is going on?
Ken Bass wrote:
My question is how to report a *mailbox* of spam to razor2. I just
added razor2 to my configuration and wanted to contribute.
...
I then call 'sa-learn --mbox --spam' on the input file
If I understand correctly, this means that at this point you have the
messages in their
Yeah RCVD_IN_DYNABLOCK etc. is annoying, and it is a bug, that is
scheduled to be fixed in version 2.7 (the last time I looked)
In the meantime maybe notify whoever informed you that spamassassin has
a bug (# 2537 dialup dnsbl's don't skip first hop). They can add
score RCVD_IN_DYNABLOCK 0
What's the lowest spam threshold value you are managing to get away with
(without false positives) ?
--
Rick
Kitty5 NewMedia http://Kitty5.com
POV-Ray News Resources http://Povray.co.uk
TEL : +44 (01270) 501101 - ICQ : 15776037
PGP Public Key
Here are bits of the EUDORA rules you're hitting:
20_ratware.cf:meta FORGED_MUA_EUDORA(__EUDORA_MUA
!__EUDORA_MSGID !__UNUSABLE_MSGID !__HAS_X_LOOP
!__HAS_X_MAILING_LIST !__MAC_EUDORA_MUA !__PALM_EUDORA_MUA
!__OLD_EUDORA1 !(__OLD_EUDORA2 !__ANY_QUALCOMM_MUA))
At 04:36 PM 11/10/2003, Bob Rosenberg wrote:
I have a number of gripes about this.
1) I only get 5 points not 5.1 when I add them together.
One word.. rounding.. The report only displays the rule score down to the
nearest tenth of a point, however the rules are scored down further in
On Mon, Nov 10, 2003 at 03:24:46PM -0800, Tomas Hood wrote:
What do I do about this problem??
did you read the instructions (ala, make sure you have DB_File installed
and run sa-learn --import)?
those look like DB-related issues.
--
Randomly Generated Tagline:
Before his State of the Union
This is the spammer trick of saying the email is from you, to
you. So it got Whitelisted. Here is _A_ solution. I believe
the newest version of SA also solves this:
snip
Actually, if you'd checked the SA headers, you'd notice that AWL didn't
seem to come into play here. It just didn't hit
I was running a very effective version 2.54 of SpamAssassin on Linux with
procmail. I have it using spamd. I upgraded today to 2.60. I did the
three makes - and restarted spamd. Things went well for a short while, then
my server bogged down to a grinding halt. Now I see I need to add the
At 04:14 PM 11/10/2003, you wrote:
What's the lowest spam threshold value you are managing to get away with
(without false positives) ?
There's always FP's at pretty much any threshold that's no absurdly high
(ie, 1.0).
However, I have yet to notice any significant amount of FP's at 5.0..
On Mon, 10 Nov 2003, Chris Barnes wrote:
I am in need of a rule that will tell SpamAssassin to whitelist all
email traffic which comes from our local Listserv (tm - www.lsoft.com)
lists.
The problem is that messages from the Listserv list have the original
author's email address in the
On 10 Nov 2003, at 07:33, Terry Milnes wrote:
The typical user is capable of making toast in his electric toaster,
but when it comes to the overwhelming complexities involved in
operating a computer he is totally lost. He will become extremely
agitated when he looses the *REALLY IMPORTANT*
On 10 Nov 2003, at 01:32, peter pilsl wrote:
to avoid false posetives (which is at a rate of approx. 0.2% now) I'd
like to
whitelist my whole adressbook. My adressbook is changing/growing, so I
would
like not to implement it using 500 whitelist_from-configs but put it
to a file
and have a
Note that #1 would have acted the way naïve users (nothing personal, Bob) expect it
to, if the SA developers accept
http://bugzilla.spamassassin.org/show_bug.cgi?id=2607. Others
http://bugzilla.spamassassin.org/show_bug.cgi?id=2659
http://bugzilla.spamassassin.org/show_bug.cgi?id=2498 will
At 09:47 AM 11/10/2003, matthias zeichmann wrote:
is it possible that this messes up other behaviour of SA?
That type of error is unlikely to cause problems with other lines, but it
is possible.
Usually the ones that kill half your local.cf are missing terminators for
regexes.
Several people recommended formail -s spamassassin -r mbox_full_of_spam.
Thanks. While this works I don't like that it does not provide status from
its invocation of sa-learn such as 'Learned from 10 message(s) 13 message(s)
examined)'. I ended up calling sa-learn --mbox first, then the above
At 03:00 PM 11/10/2003, Chris Santerre wrote:
This is the spammer trick of saying the email is from you, to you. So it got
Whitelisted.
No it did not Chris.. Read The Fine List of rules it matched.. no
WHITELIST_* or AWL rules match this.
X-Spam-Tests:
Chris Santerre [EMAIL PROTECTED] wrote:
-Original Message-
From: Bill Larson [mailto:[EMAIL PROTECTED]
1.Spamassassins reads in the message
2. It then stores the original message in two variables
3. In the second variable remove all punctuation, spaces,
special encoded
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ken Bass writes:
So I guess my original question turns into a request, can spamassassin be
changed so that '-r' option accepts an mbox file and it iterates over the
messages to submit them. Or could sa-learn be changed so that it becomes the
top
Ken Bass wrote:
Since the messages are received post spamassassin processing
they contain all the spamassassin stuff (marked-up-and put-in-an-attachment
version). My understanding was that sa-learn is smart enough to ignore all
its marked up stuff. I hope that it true even when it is given the
Ken Bass wrote:
Several people recommended formail -s spamassassin -r mbox_full_of_spam.
Oops, sorry to have done the same (I didn't see this message when I
wrote my reply)...
---
This SF.Net email sponsored by: ApacheCon 2003,
16-19
--On Monday, November 10, 2003 8:20 PM -0500 Matt Kettler
[EMAIL PROTECTED] wrote:
It did however use a trick to avoid the standard FROM_AND_TO_SAME so your
rule can help out by adding some score.. However, 104.1 is a bit
excessive, since there's no white list to over-ride. (Bret is smart and
Ah.sadly we have winblows here and outhouse so spam will get modified as
i forward it. i do have several unused mailboxes which fill with spam quite
a bit and i tried to submit a mailbox full which i checked to be all spam to
razor and it seemed to work, with a few perl errors here and there
Hi Peeps,
Fresh popcorn if you would like some. I had one come through today
(which I actually had anticipated, just had to figure out how to write
the rule.) If you use this set, I'd update. It catches quite a lot more
in the tag.
http://spamhammers.nxtek.net
Weeds update in the works, but
Hello readers,
I've googled around but I've failed to find anything that resembles
what our mail gateway has suddenly started experiencing: the nightly
sa-learn --rebuild --force-expire stuck forever (shows with 'D' state
in 'ps auxw' - uninterruptible IO wait) and using _huge_ amounts of
75 matches
Mail list logo