stan wrote:
On Wed, Dec 10, 2003 at 01:22:23AM -0500, Bryan Hoover wrote:
stan wrote:
Yes, I just erviewd the firewall config. It will pass all trafic
originating on the innsied. I see that may not be a good general case, but
it should be OK here (Small home network).
BTW, I
On Wed, 10 Dec 2003, AthlonRob wrote:
Just for SG, try doing a 'sa-learn --dump magic' and see if it
likes what it sees. If you cannot even --dump magic then it's
truly corrupted, no repair, just delete and start fresh.
I got some funky output:
[EMAIL PROTECTED]:~/.spamassassin$
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Bob Apthorpe writes:
Hi,
After spending tireless minutes directing people to the SA-Talk
archives[1], I can't seem to get at them. Does
http://sourceforge.net/mailarchive/forum.php?forum=spamassassin-talk
work, and if not, is there a better place to
Evan Platt wrote:
Josh Endries wrote:
I get a lot of postmaster emails, and I'm trying to whitelist them so
they aren't marked as spam.
How are you calling SpamAssassin? Why not just (assuming you're using
procmail), create a procmail rule?
Agreed. I use something like this.
:0
*
Hi everibody,
I a new user of spamassassin, so I have some
doubts. I installed spamassassin at a server running FreeBSD 4.9 and sendmail. I
want to know how spamassassin works. Exmaple: Should I tell something at
local.cf to spamassassin to work with sendmail? Someone cansend me a
local.cf
Having major problems building SA 2.61. All dependant and optional modules
are installed and up to date.
Make works fine but when I make test:
# Failed test 3 in t/spamd_hup.t at line 35
# t/spamd_hup.t line 35 is: ok (-e $pid_file);
# Failed test 4 in t/spamd_hup.t at line 37
# t/spamd_hup.t
Sorry to reply to myself but I found the problem
I had a tainted directory in my path. I was watching the running processes
during the make test run and noticed that spamd started and died almost
immediately, and I recalled something about 2.61 using taint checks as a
default, so I checked all
SA List,
I am writing for feedback about a new project i would like to start
and would love feedback/help from the excellent community that has been
built here on the SA lists.
What i want to start is a Bayes Corpus Project. I would like to be
able to allow people to submit confirmed ham
I added a few entries in the local.cf
to let all earthlink email come through hopefully but it didnt
work. Here is what is in there:
whitelist_from_rcvd
[EMAIL PROTECTED] earthlink.net
whitelist_from_rcvd
[EMAIL PROTECTED] earthlink.com
Any help on this is appreciated. I know its
What would differentiate the proposed public corpus from the public
corpus at http://www.spamassassin.org/publiccorpus/?
-tom
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Adam Denenberg
Sent: Thursday, December 11, 2003 8:10 AM
To: [EMAIL
At 09:10 AM 12/11/03 -0500, Adam Denenberg wrote:
SA List,
What i want to start is a Bayes Corpus Project. I would like to be
able to allow people to submit confirmed ham and/or spam to a large
bayes corpus repository (or maybe just spam) where people could then
download (or somehow do an
On December 11, 2003 09:10 am, Adam Denenberg wrote:
SA List,
I am writing for feedback about a new project i would like to start
and would love feedback/help from the excellent community that has been
built here on the SA lists.
What i want to start is a Bayes Corpus Project. I would
At 11:48 AM 12/11/03 -0300, Ceva wrote:
I a new user of spamassassin, so I have some doubts. I installed
spamassassin at a server running FreeBSD 4.9 and sendmail. I want to know
how spamassassin works.
Simple.. SA exists as a mail filter.. programs call it, feed it mail, it
runs some rules
Adam Denenberg wrote:
SA List,
What i want to start is a Bayes Corpus Project. I would like to be
able to allow people to submit confirmed ham and/or spam to a large
bayes corpus repository (or maybe just spam) where people could then
download (or somehow do an sa-learn remotely) to an
- Original Message -
From: Billy A. Pumphrey
I know its blocking it there because when I took it down it came through.
SA does not block e-mail, it only identifies mail as ham or spam, something
else in your system must be doing the blocking!
Frederic Tarasevicius
Internet
On 11 Dec 2003 08:11:43 +0200, [EMAIL PROTECTED] writes:
Getting back on topic, the problem with a stepwise normalization of
the message is that you sort of assume that transformations are
applied consistently and mechanically. What would be really neat would
be to have an automaton which
Helloo.
FP Notice.
FP forwarded to me this morning on an ebay Bid Confirmed notice.
BigEvilList_133 contains pics.ebaystatic.com which is in the source of
the bid confirmed emails from ebay auctions. It pushed it to 8.34; we
tag at 7.0. Other custom rules contributed 0.7 to the score,
well ham is very site dependant (point taken especially with security
reasons), so i dont think sending ham will really be something that can
be accomplished very easily so i think sticking to spam only would be
best. By only sending spam, i would hope to achieve a large spam corpus
that someone
After upgrading to 2.61, we re-enabled the DYNABLOCK RBL checks. They
still seem to hit on emails that I do not believe should be matching
DYNABLOCK IP's. Here are a few headers they hit on:
cgiemail email
---
Received: (from [EMAIL PROTECTED])
by lexiconn.serverhost.net (8.11.6/8.11.6)
I know this has been discussed before and many people said to use bayes for
this but it'd really be nice to have an Automatic IP Blacklist for SA.
AWL takes this too far as spammers just use random e-mail address in the
from.
Bayes takes everything into consideration and does too much for what I
How do I tell what has been tagged as spam?
Thank You
Billy Pumphrey
-Original Message-
From: Fred [mailto:[EMAIL PROTECTED]
Sent: Thursday, December 11, 2003 9:49 AM
To: Billy A. Pumphrey; [EMAIL PROTECTED]
Subject: Re: [SAtalk] Problem getting mail from earthlink
- Original
I'm about to start training sa with spam and ham. Is it a good or bad idea
to use spam which has already been detected by sa's non-trained tests, or is
that a waste of time? Should I only train it with spam which is currently
managing to slip through?
--
Graham Borland
-Original Message-
From: Scott A Crosby
Sent: Thursday, December 11, 2003 6:49 AM
[...]
The major catch with this particular implementation is that it cannot
deal with nondeterministic transformations. What this means is that
any consequent for a substitute rule must be a single
Hello,
I am out the door on my way to work but we need a rule for a new IE exploit
just released,
Visit this page, the exploit is harmless but to the spoofer, it's man's best
friend.
http://www.zapthedingbat.com/security/ex01/vun1.htm
I think this should be put in the next SA release!!
I have noticed that many SPAM emails, end with seversl lines of gibberish,
such as:
lvwpdfobv qkviylqr qlmwacbc hpimhdty
mdmrkb lvivhdc xovwul wpcxeqj
lhaxomaje vrucjj ybxegs
Has anyone developed a rule that can detect this sort of thing? Perhaps a
check for n
What I want to do is skip an message that originates from our domain...
I have the following in the /etc/procmailrcfile:
:0:
* [EMAIL PROTECTED]
${DEFAULT}
# From system.rose-hulman.edu
:0:
* [EMAIL PROTECTED]
${DEFAULT}
#
This seems to work most of the time we when certain messages have
How do you get mass-check to use your local custom rules in local.cf and
other .cf files?
TIA
Dan
---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up for IBM's
Free
On Thu, 11 Dec 2003 07:31:10 -0800, Gary Funck [EMAIL PROTECTED] writes:
The major catch with this particular implementation is that it cannot
deal with nondeterministic transformations. What this means is that
any consequent for a substitute rule must be a single character. ( '4
- for'
On Thu, 11 Dec 2003 09:49:48 -0600, Larry Starr [EMAIL PROTECTED] writes:
I have noticed that many SPAM emails, end with seversl lines of gibberish,
such as:
lvwpdfobv qkviylqr qlmwacbc hpimhdty
mdmrkb lvivhdc xovwul wpcxeqj
lhaxomaje vrucjj ybxegs
Has anyone
Help!
We are running running SA 2.6 with Postfix. in Mandrake 9.2. This
server acts as a spam filter that forwards mail to an actual mail server
on another machine. Everything works well (filtering, tagging and
forwarding) except for one thing - every sender of email to us gets a
copy of
On Wed, 2003-12-10 at 23:38, David B Funk wrote:
Just try completely removing those bayes_toks bayes_seen files
and do a 'sa-learn --rebuild'. It should take that bayes_journal file
and use its data to create a new database.
Good to go, I think...
[EMAIL PROTECTED]:~/.spamassassin$ rm
http://www.wot.no-ip.com/cgi-bin/detoken.pl
Most of the gibberish I see is encoded tracking information. I plugged
in my domain name to the little script thingy, saved the .cf file, and
it catches 'em like crazy.
-tom
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL
Are you sure the earthlink servers don't have another name prepended?
eg mail server name = mail1.earthlink.com, therefore it would be
[EMAIL PROTECTED]
tm.
Billy A. Pumphrey wrote:
I added a few entries in the local.cf to let all earthlink email come
through hopefully but it didnt work.
At 10:04 AM 12/11/2003, Rob Mangiafico wrote:
After upgrading to 2.61, we re-enabled the DYNABLOCK RBL checks. They
still seem to hit on emails that I do not believe should be matching
DYNABLOCK IP's. Here are a few headers they hit on:
snip
Email thru our server from home PC:
---
Received: from
At 10:57 AM 12/11/2003, Smart,Dan wrote:
How do you get mass-check to use your local custom rules in local.cf and
other .cf files?
I usually run mass check from within the masses sub-dir of an unzipped SA
tarball directory. It will automatically use ../rules/*.cf instead of
At 10:21 AM 12/11/2003, Graham Borland wrote:
I'm about to start training sa with spam and ham. Is it a good or bad idea
to use spam which has already been detected by sa's non-trained tests, or is
that a waste of time? Should I only train it with spam which is currently
managing to slip through?
Hmmm, Jennifer was hosting her excellent rules at
http://spamhammers.nxtek.net, but the site appears to be inaccessible right
now. You can also fine them at
http://www.merchantsoverseas.com/wwwroot/gorilla/sa_rules.htm, listed as:
popcorn.cf, backhair.cf, and weeds.cf. There may be a combined
--On Thursday, December 11, 2003 9:22 AM -0500 Billy A. Pumphrey
[EMAIL PROTECTED] wrote:
Any help on this is appreciated. I know its blocking it there because
when I took it down it came through. I do not know how to look at
anything on spamassassin either, I'm new to it. So some tips on
One implementation might be to convert the rewrite rules into an
equivalent flex description, and let flex generate the automaton in
C. Compile the C, and build a Perl binding to it.
Scott replied:
I considered that and did a prototype (which was useful for
performance estimates and
I'm having trouble with a newly installed server.
OpenBSD 3.4 GENERIC#0 i386
amavisd-new latest stable
clamav latest stable
SA 2.61
Net::DNS 0.42
amavisd is running chroot'ed
/usr/local/libdata/perl5/site_perl/i386-openbsd/Net/DNS/RR/.pm
exists on the system.
Not all mails will trigger the
I'm trying to do the mass-check corpus cleanup.
I'm assuming that the mass-check-results-to-mbox, mboxget, and
extract-message-from-mbox are used to help in this process.
Can someone tell me how to run these? Is there anything that needs to be
passed?
Dan
| -Original Message-
|
Email thru our server from home PC:
---
Received: from fico (ct-nrwch-cuda1-xxx.nwchct.adelphia.net
[68.170.14x.4x])
by lexiconn.serverhost.net (8.11.6/8.11.6) with ESMTP id
hBB0Wcp23535
for [EMAIL PROTECTED]; Wed, 10 Dec 2003 19:32:38 -0500
From: LexiConn [EMAIL
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wednesday 10 December 2003 10:53, Bret Miller wrote:
I am pulling my example off the following url.
http://www.merchantsoverseas.com/wwwroot/gorilla/bigevil.cf
I have setup the following rule in my user_prefs file.
uri EVILLIST_2
At 11:52 AM 12/11/2003, Rob Mangiafico wrote:
ok, this one makes sense. I guess dynablock will hit on anyone who emails
from their mail program and has the smtp server set to their hosted server
instead of the ISP's mailserver. Will probably hit on very high % of hams
as well, since most people
At 11:46 AM 12/11/2003, Per olof Ljungmark wrote:
amavisd is running chroot'ed
/usr/local/libdata/perl5/site_perl/i386-openbsd/Net/DNS/RR/.pm exists
on the system.
But does it exist relative to the root of the chroot?
---
This SF.net
--On Thursday, December 11, 2003 2:46 PM -0300 Ceva
[EMAIL PROTECTED] wrote:
Thanks for your help. One last doubt. As I understod, sendmail (
procmail )calls spamassassin, but this is done automatic whem a start
spamassassin? Or I must make some configuration on sendmail?
Nope, you need to
On Thu, 11 Dec 2003, Matt Kettler wrote:
At 11:52 AM 12/11/2003, Rob Mangiafico wrote:
ok, this one makes sense. I guess dynablock will hit on anyone who emails
from their mail program and has the smtp server set to their hosted server
instead of the ISP's mailserver. Will probably hit on very
Matt Kettler wrote:
At 11:46 AM 12/11/2003, Per olof Ljungmark wrote:
amavisd is running chroot'ed
/usr/local/libdata/perl5/site_perl/i386-openbsd/Net/DNS/RR/.pm
exists on the system.
But does it exist relative to the root of the chroot?
No, but OTOH none of the Perl stuff does.
The
Isn't dynablock off line as of 12/1/3??
---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up for IBM's
Free Linux Tutorials. Learn everything from the bash shell to sys
On Wed, 10 Dec 2003 09:35:22 -0800
Dimitar Haralanov [EMAIL PROTECTED] wrote:
Hi, I was trying to find any information on batching messages
with
spamc and could not find anything so I am asking the list:
Is it possible to batch multiple files with spamc? In other
Hi to all,
i write to know if some one have thinked a solution for the problem of the
definition of the tests inside the mysql database, becouse i have the same
problem. I have to define the rules in the local.cf too and after i can
override the score in the database.
Thanks to all,
Bye,
I got a false positive this morning, where it looks like the main
culprit was bad information in SORBS and RJABL. The sender is a local
Earthlink customer.
Any idea on how to get the SORBS RJABL databases fixed?
* *
Received: from sdn-ap-015dcwashp0233.dialsprint.net ([63.188.144.233]
[ Cc: to the detoken rules maintainer ]
On Thu, 2003-12-11 at 17:17, Tom Meunier wrote:
http://www.wot.no-ip.com/cgi-bin/detoken.pl
Most of the gibberish I see is encoded tracking information. I plugged
in my domain name to the little script thingy, saved the .cf file, and
it catches 'em
Bill Landry said:
Hmmm, Jennifer was hosting her excellent rules at
http://spamhammers.nxtek.net, but the site appears to be inaccessible
right
now. You can also fine them at
Jennifer moved her rulesets to:
http://www.emtinc.net/spamhammers.htm
--
Chris Thielen
Easily generate
Anyone think of trying to do this yet? Hijacking ims and routing them
through SA... I get way too many spam ims every day.
---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.
--On Thursday, December 11, 2003 12:52 PM -0500 Jonathan Vanasco
[EMAIL PROTECTED] wrote:
Anyone think of trying to do this yet? Hijacking ims and routing them
through SA... I get way too many spam ims every day.
Yahoo IM? AOL IM? ICQ IM? MSN IM?
I haven't seen a IM spam in.. MONTHS. AOL,
On Thu, 11 Dec 2003, Matt Kettler wrote:
At 11:52 AM 12/11/2003, Rob Mangiafico wrote:
ok, this one makes sense. I guess dynablock will hit on anyone who emails
from their mail program and has the smtp server set to their hosted server
instead of the ISP's mailserver. Will probably hit on
At 12:06 PM 12/11/2003, Rob Mangiafico wrote:
ok. For example, we are a web host, and I often email from my home PC on a
cable modem utilizing the mailserver of our own dedicated server in our
datacenter. If I do that, my email trips the dynablock check in SA. The
header you mentioned before was
Their database isn't wrong, as the IP is listed as being in a dialup
range, which would appear to be accurate by my guess. I would think that
the default rulesets are setup in such a way that it wouldn't catch that
sort of hit, since they did relay through the ISP's server, perhaps
someone
Greets everyone-
I was just recently updating some rules and I ran spamassassin --lint as
per the instructions. This was the first time I had ever run it and got
the following errors:
Failed to run FROM_AND_TO_SAME SpamAssassin test, skipping:
(Can't locate object method
AOL IM
Maybe its an ichat only thing -- because everyone i know running iChat
gets 10+ AOL IM spams a day. I'm averaging 15.
On Dec 11, 2003, at 1:00 PM, Evan Platt wrote:
--On Thursday, December 11, 2003 12:52 PM -0500 Jonathan Vanasco
[EMAIL PROTECTED] wrote:
Anyone think of trying to do
At 12:42 PM 12/11/2003, Chris Barnes wrote:
I got a false positive this morning, where it looks like the main
culprit was bad information in SORBS and RJABL. The sender is a local
Earthlink customer.
Any idea on how to get the SORBS RJABL databases fixed?
Those lists that fired off are dial-up
On Thu, 11 Dec 2003 08:42:16 -0800, Gary Funck [EMAIL PROTECTED] writes:
One implementation might be to convert the rewrite rules into an
equivalent flex description, and let flex generate the automaton in
C. Compile the C, and build a Perl binding to it.
Scott replied:
I
Fred wrote:
Hello,
I am out the door on my way to work but we need a rule for a new IE exploit
just released,
Visit this page, the exploit is harmless but to the spoofer, it's man's best
friend.
http://www.zapthedingbat.com/security/ex01/vun1.htm
I think this should be put in the next SA
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Rob Mangiafico writes:
Email thru our server from home PC:
---
Received: from fico (ct-nrwch-cuda1-xxx.nwchct.adelphia.net
[68.170.14x.4x])
by lexiconn.serverhost.net (8.11.6/8.11.6) with ESMTP id
hBB0Wcp23535
for [EMAIL
[ Cc: to the detoken rules maintainer ]
However, seems there are issues with the full-address detoken rules and
SA 2.61 (using Perl v5.8.0). Any ideas?
# spamassassin --lint
Failed to compile body SpamAssassin tests, skipping:
(Bareword ALL not allowed while strict subs in use at
At 01:12 PM 12/11/2003, Aaron Levitt wrote:
Greets everyone-
Um, your SA install appears to be badly corrupted, or based on some VERY
ancient version (older than 2.43).
Re-install from scratch.
check_for_from_to_equivalence appears to be no part of SA 2.43, 2.44,
2.50, 2.52, 2.53, 2.54, 2.55,
On December 10, 2003 12:35 pm, Dimitar Haralanov wrote:
Hi, I was trying to find any information on batching messages with
spamc and could not find anything so I am asking the list:
Is it possible to batch multiple files with spamc? In other words
instead of redirecting messages
Yep, I found it in the source of 2.31 in the 20_head_tests.cf. I
somehow still had the older cf after I upgraded to 2.52. I copied the
head_tests.cf from the 2.52 source in place of the old one and
everything seems to be groovy now.
Thanks for the quick response!
-=Aaron
-Original
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ivar Snaaijer writes:
Fred wrote:
Hello,
I am out the door on my way to work but we need a rule for a new IE exploit
just released,
Visit this page, the exploit is harmless but to the spoofer, it's man's best
friend.
What is the safest way to resolve this 2.61 install error? Can I safely use
--force? What is the purpose of perllocal.pod?
[EMAIL PROTECTED] i386]# rpm -Uvh --test spama*.rpm perl-Mail*
Preparing...### [100%]
file
I used to get spams with the native Aol messenger, got trillian and
haven't had a problem (I checked only allow buddies in my list to send
me messages, this seems to have solved the problem, the same goes for
ICQ, don't use yahoo or msn, so can't help you there.
Thanks,
James
-Original
I can tell ya were SA would be wonderful... is on cell phones. The amount
of spam pouring into our corporate cell phones makes the email/text
messaging virtually unusable. And I get complaints about it all the time
because the message indicators are always one and it takes forever to weed
At 01:12 PM 12/11/2003, Aaron Levitt wrote:
Greets everyone-
Digging a bit more, I unpacked some ancient tarballs for my collection.
You're using parts of code from SA version 2.31, or older, not SA 2.55.
The code you're getting errors on exists in versions 1.5, 2.0, 2.01,
2.10,2.11, 2.20,
on 12/11/03 1:08 PM, Jonathan Vanasco at [EMAIL PROTECTED]
wrote:
Maybe its an ichat only thing -- because everyone i know running iChat
gets 10+ AOL IM spams a day. I'm averaging 15.
I have not gotten a single one. Guess I am lucky :-)
On Dec 11, 2003 at 13:05, Ryan Moore wrote:
Their database isn't wrong, as the IP is listed as being in a dialup
range, which would appear to be accurate by my guess. I would think that
Okay, it seems to me that blocking because someone is in a dynablock
is the same class as blocking because the
On Thu, 11 Dec 2003, Aaron Levitt wrote:
[...]
check_for_content_type_just_html and check_for_bad_dialup_ips. I
verified that the PerMsgStatus was loaded, but I'm not sure where to go
from here. This is running SA 2.5x.
Any suggestions would be greatly appreciated!
did you updating
On Thu, 11 Dec 2003, Evan Platt wrote:
I haven't seen a IM spam in.. MONTHS. AOL, MSN, Yahoo OR ICQ.
I hadn't gotten any in a while, but I got about 6 AOL IM spams yesterday.
==
Chris Candreva -- [EMAIL PROTECTED] -- (914) 967-7816
It'll need to be a little more general than that. The way I read the
vulnerability, any non-printing character will cause the bug, not just %01.
Also, it doesn't have to immediately precede the @ - anywhere before the @
will do.
For example - I don't have an ASCII chart handy, but suppose %03 is
This may be redundant to the existing rule:
2.4 HTTP_ESCAPED_HOST URI: Uses %-escapes inside a URL's hostname
-Original Message-
From: Larry Gilson [mailto:[EMAIL PROTECTED]
Sent: Thursday, December 11, 2003 11:47 AM
To: 'Fred'; Spamassassin-Talk (E-mail)
Subject: RE: [SAtalk]
At 02:16 PM 12/11/2003, Satya wrote:
Okay, it seems to me that blocking because someone is in a dynablock
is the same class as blocking because the email comes from .ru or East
Asia or is in the wrong langauge. I guess I'll just start blocking all
email from Earthlink (I don't know anyone there),
On December 11, 2003 06:00 pm, Dan Tappin wrote:
After setting-up spamassassin, RTFM and monitoring the list I am still very
confused about the correct way to set-up and run spamassassin with bays
(sa-learn).
The basics:
I am running Post.Office as a MTA on OS X client 10.2.8. Post.Office
On Thu, 11 Dec 2003, Dan Tappin wrote:
[...]
bayes_auto_expire 1
bayes_learn_to_journal 0
My maillog still shows 'permission denied' errors on the /var/root/.spamassassin
folder. When I run sa-learn (as root) my bayes
files are created in /var/root/.spamassassin/ but as user root?
At 06:03 PM 12/11/2003, [EMAIL PROTECTED] wrote:
For example - I don't have an ASCII chart handy, but suppose %03 is also
non-printable -
a href=
http://[EMAIL PROTECTED]/exploit
/format/c
Read this or risk legal action!!!/a
Um.. the exploit doesn't work if the character is escaped with a %.. it
If one had the capability to do so, would it not be more efficient to
use the domain list in an RHSBL? Granted that it uses a net lookup, but
if you secondary the zone on a localhost DNS server, I would think that
it would make it a lot easier for people to keep the file updated..
Don't get me
FYI: Solved.
This is the only rule that failes for me:
rawbody W_B64_HALL =~ /Z3VlbnRoZXJAcnVkZXJzcG9ydC5kZQ/
describe W_B64_H Listwashing token found in head - Base64
score W_B64_H 1.0
I just have been informed that this little bug has been fixed. The rule
should read:
header
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello Douglas,
Thursday, December 11, 2003, 8:58:29 AM, you wrote:
DK Ok, now is there any way in the user_prefs file to turn on or off
a
DK block of rules? For example, the rules that are in the
10_local.cf
DK file on the site files.
There's no
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello Graham,
Thursday, December 11, 2003, 7:21:52 AM, you wrote:
GB I'm about to start training sa with spam and ham. Is it a good or
bad idea
GB to use spam which has already been detected by sa's non-trained
tests, or is
GB that a waste of time?
At 02:46 PM 12/11/03 -0300, Ceva wrote:
Thanks for your help. One last doubt. As I understod, sendmail (
procmail )calls spamassassin, but this is done automatic whem a start
spamassassin? Or I must make some configuration on sendmail?
You must configure your mail tools (ie: sendmail) to call SA.
Updated regex from my friend:
uri CUSTOM_IE_URL_SPOOF /\x01\s*\@|\#01\s*\@|\%01\s*\@/
He missed the %01 encoding.
-Original Message-
From: Ivar Snaaijer [mailto:[EMAIL PROTECTED]
Sent: Thursday, December 11, 2003 12:13 PM
To: [EMAIL PROTECTED]
Subject: Re: [SAtalk] Need
The default is for spamd to spawn multiple processes. The -m flag is used
to limit the max number of processes that will be spawned.
Brian
-Original Message-
From: Pedro Sam [mailto:[EMAIL PROTECTED]
Sent: Thursday, December 11, 2003 1:29 PM
To: [EMAIL PROTECTED]
Subject: Re: [SAtalk]
On Thu, 11 Dec 2003 09:02:06 -0800, Evan Platt [EMAIL PROTECTED]
posted to spamassassin-talk:
--On Thursday, December 11, 2003 2:46 PM -0300 Ceva
[EMAIL PROTECTED] wrote:
Thanks for your help. One last doubt. As I understod, sendmail (
procmail )calls spamassassin, but this is done
On Thu, 11 Dec 2003 09:10:29 -0500, Adam Denenberg [EMAIL PROTECTED]
posted to spamassassin-talk:
What i want to start is a Bayes Corpus Project. I would like to be
able to allow people to submit confirmed ham and/or spam to a large
bayes corpus repository (or maybe just spam) where
[EMAIL PROTECTED] wrote:
For many of these, one can observe that the user name in the From:
header often also occurs in the Subject line. This could be a useful
rule pattern, although there are bound to be false positives, so the
score should be rather low.
I don't know off-hand if there is
I have tracked down an issue with my SA installation that has been reported by others
on the list.
Basically large messages (one with multiple attachments in this case) being hung up by
SA. I just tried to send a 1 MB e-mail with
multiple message and pdf attachments. SA sat there for over 6
On Thu, 11 Dec 2003 10:50:16 -0500, Mitchell Baker
[EMAIL PROTECTED] posted to spamassassin-talk:
What I want to do is skip an message that originates from our domain...
I have the following in the /etc/procmailrcfile:
:0:
* [EMAIL PROTECTED]
${DEFAULT}
# From system.rose-hulman.edu
96 matches
Mail list logo
