I am testing spamassassin on a test server at the moment but I am looking at
deploying it onto a machine with 128 meg of ram in the future.
The new rules have cut down the amount of spam overnight considerably.
At the moment it is only serving 3 e-mail accounts and traffic is not too
bad.
The end
This was covered only yesterday... please search before you post!
Rubin
On Tue, 2003-12-23 at 03:47, Ian Duncalf wrote:
I am testing spamassassin on a test server at the moment but I am looking at
deploying it onto a machine with 128 meg of ram in the future.
The new rules have cut down the
Howdy All,
I want to feed ham into sa-learn every night. However when I get the
ham i'm going to have a bunch more received headers and extra Microsoft
SMTP headers because of the way it's going to be send to me. What's the
downside to learning ham with these extra headers?
I know I can use
Hi again Sam
[snip and paste...reordering your original post]
So to restate the second part of my original request,
Is there a method to modify the score as a function
of the number of hits of the same rule?
Easier to answer this way. Sorry, I wasn't feeling wordy yesterday and
thought the
At 07:52 AM 12/23/2003, Tim B wrote:
I want to feed ham into sa-learn every night. However when I get the ham
i'm going to have a bunch more received headers and extra Microsoft SMTP
headers because of the way it's going to be send to me. What's the
downside to learning ham with these extra
Hi all!
When running sa-learn --spam --mbox Spam sa-learn replies with that:
Use of uninitialized value in numeric gt () at
/usr/lib/perl5/5.6.1/i386-linux/DB_File.pm line 270.
Use of uninitialized value in numeric gt () at
/usr/lib/perl5/5.6.1/i386-linux/DB_File.pm line 270.
Use of uninitialized
Spamassassins,
I installed spamassassin yesterday so be gentle!
I'm just wondering why I get a 30 second delay in spamd ...
Dec 23 14:57:53 iris spamd[3909]: debug: Razor2 results: spam? 0
highest cf score: 0
Dec 23 14:57:53 iris spamd[3909]: debug: DCC is not available: dccproc
not found
Dec
At 10:52 AM 12/23/2003, Frank M. Cook wrote:
I'm having a problem with blank messages. Sometimes the source only shows
a return path. I think it may be a spamassassin issue. I'm using
winspamc and the guys on their forum suggested the problem might be caused
by checking messages that have
-Original Message-
From: Muhannad Tamemi [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 23, 2003 10:42 AM
To: Yackley, Matt
Cc: [EMAIL PROTECTED]
Subject: RE: [SAtalk] could not locate your pod2man program
dear all hi again ,
kindly note i installed and configured
--On Tuesday, December 23, 2003 10:52 AM -0500 Frank M. Cook
[EMAIL PROTECTED] wrote:
I'm having a problem with blank messages. Sometimes the source only
shows a return path. I think it may be a spamassassin issue. I'm using
winspamc and the guys on their forum suggested the problem might
Hi,
I am havingthesame problem with winspamc. I
changed my script tocheck every return of winspamc against something like
"if size = 0 then send "input_message" instead of "temp_file"". That sends the
message unchecked instead of completely empty. But I doubt it has something do
to with
if you are using the spamassassin milter, you can specify that ip or
network to bypass spam assassin.
Dennis
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Theo
Van Dinter
Sent: Friday, December 19, 2003 8:38 PM
To: Ricki
Cc: [EMAIL PROTECTED]
Subject:
Hello.
Can someone tell me if, using SA 2.61, the
NJABL test for dialup dnsbl.njabl.org is correct
or should we be using dynablock.njabl.org?
Instead of this:
header RCVD_IN_NJABL_DIALUP eval:check_rbl('njabl-notfirsthop',
'dnsbl.njabl.org.', '127.0.0.3')
describe RCVD_IN_NJABL_DIALUP
Hello.
Can someone tell me if, using SA 2.61, the
NJABL test for dialup dnsbl.njabl.org is correct
or should we be using dynablock.njabl.org?
Instead of this:
header RCVD_IN_NJABL_DIALUP eval:check_rbl('njabl-notfirsthop',
'dnsbl.njabl.org.', '127.0.0.3')
describe RCVD_IN_NJABL_DIALUP
if a second message came in before the first was totally processed, a
second scanning request could be made. would that cause a problem?
I defintitely have this and it doesn't cause any problem, since spamd
spawns n (changeable via spamd -m n)) chield processes that allow
parallel processing.
The
Dear all,
I have install SpamAssassin 2.61 and using spamd/spamc with mysql to store
user_pref,
I have store some custom rule for different user in mysql
but at debug log it show
Failed to parse line in SpamAssassin configuration, skipping: header
TEST_SPAM
Do anyone experience this problem ?
At 02:50 PM 12/12/2003, Dan Tappin wrote:
Here is a custom rule for a PayPal spoof virus that is going around. I
can't get this to trigger a hit in SA. I have linted my
rules and my config files are being loaded properly.
Dan,
Can you post your rule?
I would like to see what you did.
--
How can I process messages from our exchange server as spam? I have a
whole bunch of messages that I have collected, that I would like to scan
that have come through our SA filter recently. Most of them have a
bunch of random words that were inserted at the end of the message.
Does anyone have
- Original Message -
From: Mike Grau [EMAIL PROTECTED]
Can someone tell me if, using SA 2.61, the
NJABL test for dialup dnsbl.njabl.org is correct
or should we be using dynablock.njabl.org?
You can use either or both. This from a recent update message from NJABL:
For anyone
-Original Message-
From: Timothy Donahue [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 23, 2003 12:36 PM
To: [EMAIL PROTECTED]
Subject: [SAtalk] sa-learn from Exchange 2000
How can I process messages from our exchange server as spam?
I have a whole bunch of messages that I
i found this
http://www.dnsbl.njabl.org/use.html
but also note this comment
Our dnsbl can also be used to tag potential spam messages (letting
individual users decide what action to take) using Spamassassin. After
you have Spamassassin properly installed, add the following to your
local.cf,
Try this recent thread:
http://marc.theaimsgroup.com/?t=107208359200023r=1w=2
From: Greg Webster
Sent: Tuesday, December 23, 2003 12:05 PM
To: [EMAIL PROTECTED]
Subject: [SAtalk] Single image spams with random info
We're getting a TON of these, all of similar format.
htmlbody
Hello list!
Can someone show me a rule for detecting an empty subject line?
I've searched and tried just about everythign under the sun.
thanks
George
---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or
Have you tried:
header BLANK_SUBJECT Subject =~ /^$/
That should do it.
Brian
-Original Message-
From: George [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 23, 2003 4:14 PM
To: [EMAIL PROTECTED]
Subject: [SAtalk] no content in the subject
Hello list!
Can someone show
At 04:13 PM 12/23/2003, George wrote:
Can someone show me a rule for detecting an empty subject line?
I've searched and tried just about everythign under the sun.
header LOCAL_EMPTY_SUBJECT Subject !~ /\w/
Of course, that will merely detect a subject with no alphanumerics or
underscores. A
The script worked great... Now if only I could figure out how to block
these stupid emails...
Is there a way to look for a phrase like Banned CD or Free Cable
that has those stupid fake HTML tags in the middle of words?
I have tried body checks (which get fooled by those stupid tags as far
as I
I do this here using fetchmail.
I created public folders on the Exchange system for people to drop Spam, Ham
and False-Positives into.
Create three aliases on your gateway that point to sa-learn, for sendmail
these will work
spamforget: |/usr/local/bin/sa-learn --no-rebuild --forget
On Tue, Dec 23, 2003 at 01:13:46PM -0800, George
carved this out of pure phosphors:
Hello list!
Can someone show me a rule for detecting an empty subject line?
I've searched and tried just about everythign under the sun.
header EMPTYSUBJECT Subject =~ ^$
describe EMPTYSUBJECT Empty
Jennifer's Backhair rules. Google for backhair.cf.
Rubin
On Tue, 2003-12-23 at 16:48, Timothy Donahue wrote:
The script worked great... Now if only I could figure out how to block
these stupid emails...
Is there a way to look for a phrase like Banned CD or Free Cable
that has those
On Tue, 23 Dec 2003, Greg Webster wrote:
We're getting a TON of these, all of similar format.
htmlbody
center!--2rdxveiyf7a8--a
href=http://www.mdv678.com?rid=1098;!--srz4f4qaLBUw--img
src=http://www.whosout.com/c2.gif; border=0/a/center
/html/body
The '2rdxveiyf7a8' and 'srz4f4qaLBUw'
--On Tuesday, December 23, 2003 5:56 PM -0500 Rubin Bennett
[EMAIL PROTECTED] wrote:
Jennifer's Backhair rules.
That sentence could be taken the wrong way... :)
Evan
---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an
Matt Kettler wrote:
At 07:52 AM 12/23/2003, Tim B wrote:
I want to feed ham into sa-learn every night. However when I get the
ham i'm going to have a bunch more received headers and extra
Microsoft SMTP headers because of the way it's going to be send to
me. What's the downside to learning
Philip Ross [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
I am trying to move some SpamAssassin 2.60 databases from a Red Hat 7.1
machine to a Debian Woody machine running SpamAssassin 2.61.
What is my best route for moving the databases from the Red Hat machine to
the Debian one?
On Tue, Dec 23, 2003 at 02:19:21PM -0700, Anthony Martinez
carved this out of pure phosphors:
On Tue, Dec 23, 2003 at 01:13:46PM -0800, George
carved this out of pure phosphors:
Hello list!
Can someone show me a rule for detecting an empty subject line?
I've searched and tried just
The ruleset name _was_ her idea 8^)
I can see that my post could seem a little odd taken out of context, so
let me clarify:
Jenn's Backhair *ruleset* will help with the bogus html tags. I know
nothing about Jenn's backhair.
I must confess that I do, however, occasionally find myself pondering
Hi Everyone,
I have SpamAssassin up and running both in test and in production. In production,
everything is fine. In test, not so much. I originally thought Test was broken just
since the changes I made yesterday, but the deeper I look, it appears test has been
broken all along.
Red
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tuesday 23 December 2003 17:26, Wendel, Jesse wrote:
And then today, when I went back through all of my maillog's on the test
box, spamd has never worked except for mail coming from the test box itself.
Anything coming from outside is NOT
-Original Message-
From: Douglas Kirkland [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 23, 2003 6:42 PM
To: [EMAIL PROTECTED]
Subject: Re: [SAtalk] SpamAssassin only working on 127.0.0.1 not on
external mail
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tuesday 23
I've noticed the same thing in my logs; no matter where spamc was run
from, the entry in the spam servers' logs shows a connecting address of
of 127.0.0.1
I have to believe this is a quirk in the internal processing of spamd?
Rubin
On Tue, 2003-12-23 at 22:00, Wendel, Jesse wrote:
On Sat, 2003-12-20 at 11:11, Jeff Koch wrote:
Hi,
We've been burned a few times by spammers getting into our servers to send
out spam. Does anyone know (or can provide a reference) for how SA could be
integrated into qmail to examine outgoing emails?
Thanks.
Modify your tcp.smtp
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tuesday 23 December 2003 19:00, Wendel, Jesse wrote:
Yes - except that when I look at the logs from my production server, which
you can see in my original email, they're also serving up emails from
127.0.0.1 - but the email is coming from
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tuesday 23 December 2003 14:50, Shane Wegner wrote:
I currently have spamd set up to maintain separate
configuration data for each [EMAIL PROTECTED] on the system via
spamd running as its own user with the following options.
-d -u spamd -x
42 matches
Mail list logo