Hi List.
I am currently running SA2.60 on a RH8 platform, with exim-4.24
All our mail is relayed to Microsoft exchange not my choice via our mail
relay, running the above.
Training for spam is easy using sa-exim-3.1 directory SApermreject/new/
How would I train ham?
I would need to send hams
On Tue, 18 Nov 2003, William Stearns wrote:
anchoring with \b = fast
OK, cool. As I'm doing full domains, I'll change:
uri WLS_URI_1 /0-go.org/i
to
uri WLS_URI_1 /\b0-go.org\b/i
in the next version.
Also escape that '.' so that it's taken as a litteral
Good evening, David,
On Tue, 18 Nov 2003, David B Funk wrote:
On Tue, 18 Nov 2003, William Stearns wrote:
anchoring with \b = fast
OK, cool. As I'm doing full domains, I'll change:
uri WLS_URI_1 /0-go.org/i
to
uri WLS_URI_1 /\b0-go.org\b/i
in the next
In order to allow spam messages to be blocked/deleted instead of being
marked by spamassassin I propose to introduce a simple delete option (-D)
to spamc. This would be very useful for email accounts receiving large
amounts of spam that are never read anyway. The following sendmail alias
Hi all,
I had a fully functioning system running SpamAssassin(daemon) 2.55 Antivir
2.66 Exim 4.12 all on top of SuSE 8.2.
Having many ppieces on SpamAssassin I picked up on the fact that it was good
advice to upgrade and keep apace of the progress being made.
So I
Hi List,
I would like to setup a mistake based training. My idea is to use the
.procmailrc given bellow to sa-learn from all the mail I receive, and not
use the autolearn feature. When I receive mail incorrectly marked as spam or
ham, I will know that it will have also been incorrectly learnt,
Paul Hirschorn wrote:
I have been working on a variety of scenarios of how to handle per user spam
prefs on a mail gateway machine. Through trial and error found a couple of
interesting things. In order to user prefs to be read from SQL I need to
invoke the -u username flag in spamc. I have my
-Original Message-
From: Jacob S.
On Mon, 17 Nov 2003 21:01:24 -0500
Larry Gilson [EMAIL PROTECTED] wrote:
I am running Postfix with SA, Procmail, and Webmin on Red Hat
8.0. I want to move away from RH and am soliciting opinions.
snip
Well, you've heard the
Hi,
I'm using SA 2.60 and i have a problem with a certain mailinglist being
tagged as spam everytime it's recieved.
Everytime mail from the mailinglist has it's own sender-adress, so i can't
sit autwhitelist the sender everytime a mail is recieved.
How can i solve this? This is the stats for
Hi Rikhardur,
-Original Message-
From: [EMAIL PROTECTED]
Since we upgraded to Microsoft Exchange 2000, we´re not getting
the X-Spam-* headers any more.
The Headers begin by the line : Microsoft Mail Internet
Headers Version 2.0 and most useful information has either
been
On Mon, 17 Nov 2003, Justin Mason wrote:
BTW, given that a URI DB cannot use regular expressions, or patterns,
would this really be useful?
It would have the limited use of IDing specific domains that
get repeatedly spamvertised to the point where we (1) notice
them and (2) the spams
Hallo und guten Tag SA-List,
this is the 2th.
when I try :
spamassassin -D --lint
than comes:
Can't locate object method new via package Razor2::Client::Agent
What`s this? Thank you for help.
SA 2.60
Razor 2.36
Hints?
--
Viele Grüße, best regards
Jim Knuth
[EMAIL PROTECTED]
On Tue, 18 Nov 2003, William Stearns wrote:
As a general rule, I'm testing against domains; it's too easy for
spammers use random hostnames more often than they do already. If I try,
won't I just end up with:
uri WLS_URI_1 /^http:.*\b0-go.org\b/i
which puts us
Hello!
We have in our /etc/mail/spamassassin/local.cf
def_whitelist_from_rcvd [EMAIL PROTECTED] infoland.no
or
whitelist_from_rcvd [EMAIL PROTECTED] infoland.no
We stilll got a lot of spam points from this domain.
Envelope-from: [EMAIL
At 10:33 AM 11/18/03 +, Adam Griffiths wrote:
It seems to me that the autolearn feature is too withstrictive as to which
mails it chooses to autolearn from, where as my plan would autolean from
_all_ the mail I receive, and only require I keep and eye out for any
mistakes, and correct them.
If
At 01:12 AM 11/18/03 +0100, Samuel Murez wrote:
Hello--
Could somebody please take just a minute to tell me how to do this ?
It seems very simple but I've tried many solutions and nothing's working !
I would like one of my users to receive spamassassin template messages in
french, while the
Greetings!
Is there a way to run SpamAssassin as a filter proxy? I'm wondering if I
can configure SpamAssassin to retrieve mail from a pop server and have
my client connect to the SpamAssassin machine to retrieve the filtered
mail?
Thanks,
Rod
At 01:52 PM 11/18/03 +0100, Martin Lyberg wrote:
Can i whitelist the subject in some way, because it seems like this is the
only thing that is common in every letter.
You can do that with a simpleish custom rule and give it a negative score.
header LOCAL_MY_LIST_SUBJECT Subject ~=/\bsome subject
At 02:36 PM 11/18/03 +0100, Jan Erik Skogsholm wrote:
whitelist_from_rcvd [EMAIL PROTECTED] infoland.no
We stilll got a lot of spam points from this domain.
1) don't use def_* commands.. those are explicitly there to distinguish the
default whitelists from yours. Yours
Just found Pop3proxy. Working on installing that now. Sorry about the
previous message. I should have looked around spamassassin.org more.
Rod
---
This SF. Net email is sponsored by: GoToMyPC
GoToMyPC is the fast, easy and secure way to
At 02:25 PM 11/18/03 +0100, Jim Knuth wrote:
Can't locate object method new via package Razor2::Client::Agent
What`s this? Thank you for help.
SA 2.60
Razor 2.36
Hints?
read the docs that came with SA 2.60.. there's a source code patch for
razor that needs to be applied, and is included with
Possibility 1: combine rules. If you can combine 10 tests
into a single
rule,
uri rulename /(?:spammer1|spammer2|s3|s4|s5|s6|s7|s8|s9|s10)\.com/i
then you'll have only 480 rules, not 4800. I don't know if
this will have
any impact, but maybe...
I would love to know if this has any
Has anybody got user rules working in Mysql? I remember a while back
there was an issue that the rule had to be defined in local.cf first
before defining it on a per user level in mysql. I would like users to
be able to define scores for a few certain rules thru a GUI that talks
to the mysql DB,
Hi,
I would like to use SA and MySQL to have the userpref in database.
I already created the DB and the table and put following lines on
local.cf:
user_scores_dsn DBI:mysql:spamassassin:localhost:3306
user_scores_sql_username user
user_scores_sql_password pass
user_scores_sql_table userpref
I
Vitor Renato Alves de Brito wrote:
Hi,
I would like to use SA and MySQL to have the userpref in database.
I already created the DB and the table and put following lines on
local.cf:
I call spamd with -D option (spamd -D) and call spamc with -u option
(spamc -u [EMAIL PROTECTED] spamfile.msg)
I can see the need to correct mis-learns in the bayes database quickly.
However I still do not think the autolearn feature is the best solution to
training spamassassin effectively. Using the autolearn feature one has to
balance aggressive thresholds, which learn more emails, with conservative
-Original Message-
From: Keith C. Ivey [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 18, 2003 10:06 AM
To: [EMAIL PROTECTED]
Subject: RE: Re[2]: [SAtalk] Sanity checking new uri rules?
Chris Santerre [EMAIL PROTECTED] wrote:
Possibility 2: bound the rules. I noted
would be looked up as www.stearns.org or stearns.org.)
The parser in the Bayes routine (tokenize_line in Bayes.pm)
creates 'UD:'
lookup tokens for each component of the domain name. So for the above
example, it would create:
UD:www.stearns.org
UD:stearns.org
UD:org
*snip*
won't I just end up with:
uri WLS_URI_1 /^http:.*\b0-go.org\b/i
Regex confusion on my part! '\b' is bounding, but I thought that meant bound
by space??? wouldn't this above regex _NOT_ hit :
http://stuff.0-go.org/stuff
Isn't it looking for:
http://stuff. 0-go.org
I'm
Exactly, but I think that Yackley, Matt found a part of why this happends. It
appears that if the incoming email is treated by SA, then sent to a exchange
5.5 server and then via RPC to Exchange 2000, this header and standards rape
will occur on the 2000 server.
Nobody knows why this happends
At 01:30 PM 11/18/03 -0200, Vitor Renato Alves de Brito wrote:
I call spamd with -D option (spamd -D) and call spamc with -u option
(spamc -u [EMAIL PROTECTED] spamfile.msg) but SA does not read
preferences from the database.
What I am doing wrong?
you need to call spamd with -q if you want to
I use a MySQl database to get the userpref, when it scans an e-mail u
creates a new database connection for each mail. Is there a way to keep the
connection open to speed up the process.
Mvg,
Wiebren Braakman
---
This SF. Net email is
Yeah -- another factor as well -- there's a bug in 2.60 that
if you specify that you trust the whitelisted network, it'll
miss that whitelist entry.
Do you have the Bugzilla ID for this? I have been searching the Bzilla
db but can not find this bug listed. I presume since you mention this
Good morning, Chris,
On Tue, 18 Nov 2003, Chris Santerre wrote:
won't I just end up with:
uri WLS_URI_1 /^http:.*\b0-go.org\b/i
Regex confusion on my part! '\b' is bounding, but I thought that meant bound
by space??? wouldn't this above regex _NOT_ hit :
Try the Spamd script for SuSE at
http://devel-home.kde.org/~kmail/unsupported/spamd
This script allows for start/stop/restart/status under init.d
(the header says written for 8.0 but it works like a champ under 9.0 pro
too)
Todd
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL
--On Tuesday, November 18, 2003 1:52 PM +0100 Martin Lyberg
[EMAIL PROTECTED] wrote:
X-Spam-Report:
* 0.3 NO_REAL_NAME From: does not include a real name
* 0.2 PLING_QUERY Subject has exclamation mark and question mark
* 2.7 SUBJ_ILLEGAL_CHARS Subject contains too many
Just a bit more info regarding my distro of choice (Debian, of course):
Debian's package dependancy management system is indeed quite cool.
However the true advantage is simply that Debian packagers make really
good packages. You can basically 'apt-get install package' and expect
everything to
--On Tuesday, November 18, 2003 10:44 AM +0100 Øystein Halvorsen
[EMAIL PROTECTED] wrote:
In order to allow spam messages to be blocked/deleted instead of being
marked by spamassassin I propose to introduce a simple delete option (-D)
to spamc. This would be very useful for email accounts
Hello,
Lately on several e-mails from the list, I've been seeing an error message
in my Pine mail program that says:
[Error: Formatting error: Non-hexadecimal character in QP encoding]
More importantly, the message is *truncated* in the display.
Oddly enough, when I quote the message to
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of [EMAIL PROTECTED]
Sent: Tuesday, November 18, 2003 9:40 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: [SAtalk] SA and Microsoft Mail Internet Headers
Exactly, but I think that
Adam Denenberg Sent: Tuesday, November 18, 2003 10:18 AM
Has anybody got user rules working in Mysql?
Yes, I have. I had that going for testing for a while. You need to enable an
option in local.cf to allow user rules but when you do, it works fine --
even with mysql. I disabled it after I was
On Mon, 17 Nov 2003 19:19:00 -0800, Robert Menschel [EMAIL PROTECTED] writes:
Possibility 1: combine rules. If you can combine 10 tests into a single
rule,
uri rulename /(?:spammer1|spammer2|s3|s4|s5|s6|s7|s8|s9|s10)\.com/i
then you'll have only 480 rules, not 4800. I don't know if this
Gr33t1n6s @nd $alu+at:ons!
I'm trying to match on vaigra obfu'ed like this: Via#289;ra. SA sends
the HTML through HTML::Entities::decode_entities which (on my system at
least) translates #289; to a unicode character. It gets written out as
the 2-byte sequence: \xC4\xA1.
My question is, how do
On Mon, 17 Nov 2003 13:22:49 -0500 (EST), William Stearns [EMAIL PROTECTED] writes:
So if I read you correctly, adding 4800 rules essentially triples
the cpu time needed to process a given message or collection of messages.
Are there ways to improve the performance of the
On Tue, 2003-11-18 at 08:18, Chris Thielen wrote:
Just a bit more info regarding my distro of choice (Debian, of course):
Debian's package dependancy management system is indeed quite cool.
However the true advantage is simply that Debian packagers make really
good packages. You can
Hallo und guten Abend Matt,
danke für die Email, die Du am 18.11.2003 um 15:17 schriebst - you wrote:
At 02:25 PM 11/18/03 +0100, Jim Knuth wrote:
Can't locate object method new via package Razor2::Client::Agent
What`s this? Thank you for help.
SA 2.60
Razor 2.36
Hints?
read the docs that
Came in late on this, but we saw the header raping when our front-end spam server
sent to 5.5 and then to a 2K public folder. The problem went away when it pointed
directly to the 2K server.
Mike
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of
Actually, it looks as though it is constantly failing on like 385 of
SATest.pm! Anyone run into this before?
- Original Message -
From: Josh Kropf
To: [EMAIL PROTECTED]
Sent: Monday, November 17, 2003 8:32 PM
Subject: [SAtalk] Install test fails repeadedly
I am attempting to install
Robert wrote:
|Hello Kurt,
Howdy.
|Monday, November 17, 2003, 11:03:24 AM, you wrote:
|
|KB I've just put up 2.60 on FreeBSD, and consider myself a bit of a
|KB newb, but I've been reading the man page for spamassassin,
|and found
|KB a section on spamtrapping. We've got 40 or so addresses of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Luka Z. Gerzic writes:
hi there spamhaters :)
i just have quick note for spamd startup scripts. All scripts
for latest 2.60 (dunno about 2.60) have exit 0 at the end of
script. This can produce some confusion if script is started
from another
we have spamassassin running our mail server.
i have a friend who is getting a pile of spam to his account at a different
isp (the local telco).
he wants to know if i can do anything about his spam
i have some notion that we should be able to run spamassassin and a script
on a cron to poke
Matt Kettler wrote:
At 01:12 AM 11/18/03 +0100, Samuel Murez wrote:
Hello--
Could somebody please take just a minute to tell me how to do this ?
It seems very simple but I've tried many solutions and nothing's
working !
I would like one of my users to receive spamassassin template
I know this has been brought up before, but as I read the posts, my
questions still aren't answered...
If they are using the open source SA, why can't I download the source to
their program? You can't tell me they haven't modified it.
This just doesn't seem right...
I installed a copy of their
have 3 viable choices: FreeBSD, Debian, and Slackware. I want a free OS so
I don't want to use SuSE, Mandrake, or the like. Nothing against the
slack is a good distro
---
This SF.net email is sponsored by: SF.net Giveback Program.
Does
I sometimes get a blank message and the entire contents is something
like I got today:
From Tue Nov 18 13:48:10 2003
X-UIDL: (RO!dA!nL3!4bA!
I admit I don't know what a X-UIDL is or how to determine the meaning
of this contents of (RO!dA!nL3!4bA!.
Anyone else get messages like this? Were they
Can someone point me to some good rules to catch most Chinese, Korean, etc
spam? We're talking non-ASCII characters, which show up in most mailers
here as a bunch of question marks...
thanks!
James Smallacombe PlantageNet, Inc. CEO and Janitor
[EMAIL PROTECTED]
On Tue, 2003-11-18 at 13:55, Samuel Murez wrote:
...
Thanks for anwering ! I was really puzzled by this. So there's no way to get
french messages for one user and english for all other users ?
--sam
...
Are you calling SA from .procmailrc? Try setting LANG=fr there.
--
Jack Coates, Lyris
Larry Gilson wrote:
And your $0.02 is appreciated! Most of what you write is also consistent
with my research. However, I am pleasantly surprised to hear that the
security updates are timely. Most articles just indicate that Debian
updates, in general, are slow. So it is nice to hear that
On Tue, 2003-11-18 at 14:11, J. Burton wrote:
we have spamassassin running our mail server.
i have a friend who is getting a pile of spam to his account at a different
isp (the local telco).
he wants to know if i can do anything about his spam
i have some notion that we should be able
I wonder if the multiple-string rule would run faster with a sorted list.
A regexp where all the substrings start with ca should fail quickly.
If there is no mixing of the first letter of the alphabet in a regexp,
only 1/26th of lines would have to test beyond the first character (if
these names
I have been noticing that the eye-readable text for most spam bears no
resemblance to the Reply-To where they are normally random characters, the
length of the Reply-To my be a combination factor to help differentiate it.
I wonder how good a spam sign it might be to calculate the correlation
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
David A. Roth writes:
I sometimes get a blank message and the entire contents is something
like I got today:
From Tue Nov 18 13:48:10 2003
X-UIDL: (RO!dA!nL3!4bA!
I admit I don't know what a X-UIDL is or how to determine the meaning
of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Samuel Murez writes:
Matt Kettler wrote:
At 01:12 AM 11/18/03 +0100, Samuel Murez wrote:
Hello--
Could somebody please take just a minute to tell me how to do this ?
It seems very simple but I've tried many solutions and nothing's
working !
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[EMAIL PROTECTED] writes:
Can someone point me to some good rules to catch most Chinese, Korean, etc
spam? We're talking non-ASCII characters, which show up in most mailers
here as a bunch of question marks...
Setting ok_locales should help...
At 04:54 PM 11/18/2003, Upwood, Jim wrote:
If they are using the open source SA, why can't I download the source to
their program?
The license of SA is not GPL, it's artistic/GPL dual licensing..
There are certain kinds of derived closed-source allowed under the artistic
license half, and they
I think Mike is right.
Now that I have set $sa_tag_level_deflt to 0 I can see the spamassassin headers.
From the postfix-amavaisdnew-spamassassin-clamav setup it goes directly to a win2k
exchange server.
I guess it is the with 5.5 that causes this removal of headers.
Cheers,
fritz
On Tue, 18 Nov 2003, Chris Santerre wrote:
uri WLS_URI_1 /^http:.*\b0-go.org\b/i
Regex confusion on my part! '\b' is bounding, but I thought that meant bound
by space??? wouldn't this above regex _NOT_ hit :
http://stuff.0-go.org/stuff
Isn't it looking for:
http://stuff. 0-go.org
On Tue, 18 Nov 2003, Charles Gregory wrote:
Hello,
Lately on several e-mails from the list, I've been seeing an error message
in my Pine mail program that says:
[Error: Formatting error: Non-hexadecimal character in QP encoding]
More importantly, the message is *truncated* in the
On Tue, 18 Nov 2003, Øystein Halvorsen wrote:
Our only MTA for externally received email is sendmail, which again
forwards user emails to an internal exchange server. In fact, we have
tried this out, and it works quite nicely (at least our local users are
delighted). In order to make spamc
69 matches
Mail list logo
