WA9ALS - John wrote:
Today I made a procmail entry like this:
:0 H
* ^X-Spam-Status: Yes
$HOME/mail/caughtspam
Fine. But H is the default and does not need to be specified. But it
won't hurt if you do anyway.
If caughtspam is a single file then you need to make that :0: with a
trailing :
Chris Thielen wrote:
Rules De Jour: An automated way to keep up with the latest rulesets.
http://www.exit0.us/index.php/RulesDeJour
# Get latest SpamAssassin rules. Runs at 4:28AM every day.
28 4 * * * /root/bin/rules_de_jour
If this script becomes
Bart Schaefer wrote:
(Expect to see a lot more spam with the date set 30 days in the past.)
Fortunately those kinds of tricks are easy to check against. In fact
for that particular thing I think there is already a rule for it. So
I can only hope that spammers send mail that way. It would be
Gary Smith wrote:
We did also report 4 emails to them recently (1 was questionable). We're still
waiting a response.
I have gotten automated responses with report numbers in the 109,000
range from every one that I have reported. They came within a couple
of minutes.
Bob
pgp0.pgp
Gary Smith wrote:
I'll have to have my guy check again. It's also possible that it's
beeing sent to his spam bucket now...
Just so you know what to look for, here is a sample response from
Habeas. [I obsfucated my work address. I word wrapped their text.
(They really should use
Chuck Peters wrote:
Can someone explain why HABEAS_SWE -8.0 was allowed to happen?
Robin Lynn Frank wrote:
Shorter answer. Habeus rule is outahere.
And many other people, not just these two, had the same sentiments.
Which really saddens me.
For years I have heard people say we need to do
Fritz Mesedilla wrote:
How come I got this message from spamcop that I am sending spam?
Based on the Mail relay test on abuse.net, I am clean.
The spamcop report on this incident has been marked:
This issue has already been reported as an innocent bystander.
So I am not sure that any other
Petri Koistinen wrote:
I got just another spam advertising URL and started to wonder could
SpamAssassin also check that URL's server against DNSBLs?
Please CC: me, as I not on the list (yet).
This has been discussed, and is one of the features that I personally
would really like to see. Since
Alex Stade wrote:
I run SpamAssassin 2.61 and it catches a lot of spam, but lately, there is
spam getting through that has bare dictionary words in the ASCII part of a
MIME message and all the usual junk in the multimedia part. When reading
these e-mails in Outlook or something like that,
[EMAIL PROTECTED] wrote:
[EMAIL PROTECTED] wrote on 01/03/2004 11:52:41 AM:
Who wrote that? I think you need to double check your quoting
machinery!
Subject: Bug 08378 was submitted by Bob Proulx
Subject: Bob is out Friday/Monday
Subject: TWiki - Registration for BobProulx
Carl R. Friend wrote:
May I make an appeal, on behalf of everyone using FreePort, to re-
think the wisdom of the /\d\d\@/ rule? Thanks for putting up with the
foregoing rant and your patience.
May I suggest that you get some non-spam samples of the above
submitted into the mail corpus used
, etc.
Being as my name is Bob I get a lot of that. :-) Well, I don't
actually. I usually drive the lunch bus and so the mail is going the
other direction. But here are some samples of what I do frequently
get with my name in the subject.
Subject: Bug 08378 was submitted by Bob Proulx
Chris Petersen wrote:
The whitelist part is a misnomer. It's an automatic score adjuster
(white/black-list if you want).
I realize this. Just figure that the name should be more informative.
It evolved into what it is today from being an autowhitelister
previously and the same option and
Peter Kiem wrote:
I am trying to install SpamAssassin via CPAN as I don't want to use Red
Hat's 2.55 RPM.
[...]
I've filed a bug report with ExtUtils::MakeMaker but does anyone have any
ideas how I can proceed?
Yes. Don't install it from CPAN. It is better if your package
manager knows
Martin Radford wrote:
In your scenario, it sounds very much like you're already running
procmail. In this case, the best method is to tell procmail not to
call spamc/spamassassin if mail is from one of those lists.
For example, my own .procmailrc looks like this:
:0fw:spamassassin.lock
Robin Lynn Frank wrote:
Bob Proulx wrote:
It is better to look at the mailing list tags instead.
[...]
Here is a start at a common set of list tags
which I think would be more suitable for this task.
:0fw:spamassassin.lock
* !^X-BeenThere:
* !^X-Mailing-List:
* !^Mailing-List
Bryan Hoover wrote:
HEADERTAG=From
ADDRESSFILE=/usr/home/bhoover/listreply
Use $MAILDIR here?
ADDRESSFILE=$MAILDIR/listreply
:0i
HEADERTAGVAL=|$FORMAIL -zx$HEADERTAG | tr -d \n | tr -s
* ? grep -i $HEADERTAGVAL $ADDRESSFILE
I like it! Much more efficient than listing all of the
Dragoncrest wrote:
Not sure what to make of this, but for some reason lately I've been
getting some emails getting through with either zero points or very low
points scores that are obvious spam.
What you are observing is natural selection in action. All mail that
is correctly tagged
Theo Van Dinter wrote:
There's been discussion about having to have both the original and
recomputed score over/under the spam/ham autolearn score before it'll
actually autolearn, but we haven't really done anything with that yet.
I think that would be a good modification. Right now there are
skumm wrote:
How and where do i modify the rules relating to html in the message body?
If it is there period i want marked as spam, so I want to change it's
weight to something like 10 if html exists in the message
In the beginning, techies designed spamassassin for themselves and
HTML
Hello Lenny
Lenny Schafer wrote:
To Spamassassin:
I am one of the users of Spamassassin. As with many things in the
free software world it is a team effort and anyone who takes the time
and effort to contribute are part of that team. Which means you often
won't find any particular person who
In the last month my girlfriend and I have been getting a number of
spams which have been addressed To: me and Cc: to her. This seems to
be a new spammer trick. Use not just a database of email addresses
but a database of To: Cc: headers combined in an attempt to get
through people's filters.
Evan Platt wrote:
Josh Endries wrote:
I get a lot of postmaster emails, and I'm trying to whitelist them so
they aren't marked as spam.
How are you calling SpamAssassin? Why not just (assuming you're using
procmail), create a procmail rule?
Agreed. I use something like this.
:0
*
Terry Milnes wrote:
This list seems to be worse than most though, go figure .
More newbies here than elsewhere?
BTW I see the thread stealing more and more lately.
Bob
pgp0.pgp
Description: PGP signature
Brian Ipsen wrote:
Consider the following headers:
Received: from adsl-66-159-202-147.dslextreme.com (HELO andebakken.dk)
(66.159.202.147)
From: michael [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
The spammer uses my own email address as sender to try to inject spam into
my system
For a
For the postfix user who is getting a lot of spam to them from spoofed
them, here is a nice quick howto for configuring postfix to prevent
that and to reject those messages at the MTA level.
http://jimsun.LinxNet.com/misc/postfix-anti-UCE.txt
Rejecting messages from me to me was significant at
A friend found an interesting occurance in his log files. Looking
more closely we have found at least two cases of this. Basically here
is the sequence at the end of this message.
In a nutshell a not too common address got hit from one IP address,
then a few seconds later from another IP
Justin Mason wrote:
Er, Matt, it is the default ;) There's now a use_auto_whitelist
config setting and -a does nothing.
Just noting that the README file in CVS still needs to catch up then.
http://spamassassin.rediris.es/full/2.7x/dist/README
This functionality is off by default, and
Bill Polhemus wrote:
I really would prefer to implement something as complex as SA through the
RPMs on my Red Hat 9 system. So far, they are only up to SA 2.55. That has
worked fine up until recently, when the HTML obfuscation has begun cropping
up. Perhaps 2.60 can fix that.
Any idea when
Dan Doucette (Dano) wrote:
I'm getting an error message in just one of my user's procmail logs. The
error is; 'procmail: Error while writing to caughtspam'
That is really a procmail question not a spamassassin question.
Does your syslog and/or maillog say anything interesting? Usually
Rod wrote:
Is it possible to tell SA that mail coming from machine X on local
network is not From local machine ?
-50 LOCAL_RCVD Received from local machine
Where is that rule coming from? I am running 2.60 and just checked
2.55 and I can't find that rule anywhere. A
Jon Gabrielson wrote:
Here is my procmail rule:
:0B
* Content-Type: application|Content-Type: audio
* name=.*.pif|name=.*.scr|name=.*.exe|name=.*.com
/tmp/viruses
Thanks for sharing that. But also a nit. '.' matches any character.
So '.*.' is the same as '.*'. You probably wanted to
Michael W. Cocke wrote:
Just FYI, AOL is doing reverse DNS and won't accept incoming email if
they don't approve of the sending IP address.. as in, they won't
accept messages from my domain because I use dyndns and not a static
IP.
It is probably not that you don't have reverse DNS. It is
Bob Apthorpe wrote:
Richard Ahlquist wrote:
The only gotchyas are how to maintain it. Who decides who is on it
and when they come off.
Balancing anonymity and trust is difficult ...
I prefer the benevolent dictator approach, where I get to choose and
to ignore the dictators of my choice.
Bob Proulx wrote:
Adam D. Barratt wrote:
Bob Proulx wrote:
I assume you found Duncan's backport area? Just making sure.
deb http://people.debian.org/~duncf/debian/ woody main
That only appears to include 2.54.
If you review what changed between 2.54 and 2.55 you will find
Chuck Peters wrote:
I was having a minor problem with spamassassin 2.53 (OSIRUSOFT) and
decided to do a search for backports of Debian stable (Google spamassassin
site:people.debian.org) ...
I assume you found Duncan's backport area? Just making sure.
deb
Adam D. Barratt wrote:
Bob Proulx wrote:
I assume you found Duncan's backport area? Just making sure.
deb http://people.debian.org/~duncf/debian/ woody main
That only appears to include 2.54.
If you review what changed between 2.54 and 2.55 you will find that
there is no functional
Alex J. Avriette wrote:
The MX chewed and chewed and chewed, but eventually OpenBSD's
otherwise fairly stable kernel panicked. I suppose it can be
forgiven for this, as the load was around 30 as it processed many
emails, each one launching its own sa process, which then tried to
read the
Erick Calder wrote:
I'm getting a bunch of mails from MAILER-DAEMONs around the world
complaining mostly that [EMAIL PROTECTED] does not exist.
these are generated by dictionary spammers who are using my e-mail address
for the reply-to header.
Are you sure they are spammers? I am getting
alan premselaar wrote:
Bob Proulx wrote:
I would rather do this all within SA, though, since that is
already hooked into the mail flow.
how do you have SA imeplemented at your site? this sounds like something
that's easily done with MIMEDefang (as a matter of fact, i have a routine in
my
Matt Kettler wrote:
Bob Proulx wrote:
whitelist_from_rcvd [EMAIL PROTECTED] example.com
whitelist_from_rcvd [EMAIL PROTECTED] mymachine.example.com
where mymachine.example.com is some internal machine that spam won't
arrive from, but outbound nonspam will?
Unfortunately there are many
Steve Thomas wrote:
Indii wrote:
My email server is a debian box while my dns server is an MS 2000 server.
Which would i need to setup the reverse dns on and how would i go about
doing this?
This is not something upon which the OS matters. It is out of your
control, unless they delgate
Peter Campion-Bye wrote:
You can see which rbls SA is using by putting a line in your SA config
file such as: 'timelog_path /var/spool/spamassassin' (make sure the
Part of the file will look like this below:
Sweet!
3.000: Starting RBL tests (will wait up to 30 secs before giving up)
Chris Blaise wrote:
I only use DCC but in my experience, I've never heard of it
rating non-spam bulk mail that I or anyone at my company has ever cared
about; it's always been spam. As a result I push the score way up at
10.
Just remember that DCC makes no claims about spaminess of
Please, one posting of the same message is enough.
Michael W. Cocke wrote:
Has anyone who uses DCC had problems with it stopping this mailing
list?
DCC does not stop any mail. It only lists email which other people
received thereby rendering a ruling on the bulk aspect of it. All
you know is
Simon Byrnand wrote:
Why would anyone submit the SA list to DCC ? The only people receiving the
SA list should be people who subscribed to it, and would have no reason to
go submitting it to DCC, so I don't follow your reasoning...
I don't know how to make this sound less quib than just by
Ian Douglas wrote:
Daniel Carrera wrote:
Like wise we can go on with more consonants:
score MY_CONSONANT_4 0.15
score MY_CONSONANT_5 0.30
score MY_CONSONANT_6 0.60
score MY_CONSONANT_7 1.20
score MY_CONSONANT_8 2.40
Dumb question from a rules newb: does
Pat Traynor wrote:
If this is a clueless newbie question, please just give me a few mild
slaps.
I agree with the other comment that this is a procmail question. But
since you asked...
:0
* ^Subject.*lueberry*|\
[EMAIL PROTECTED]|\
^Subject.*Business directory addition request*|\
Rick Beebe wrote:
I'd like to appeal to the SA collective to change the name of the
PENIS_ENLARGE tests to something a little more innocuous. Apparently
some people find it offensive to see it in their email.
I think almost everyone who responded missed the real problem here.
And quite
Matt Kettler wrote:
However, I'm not sure what version of perl redhat 6.2 has.. It might be
below the minimum requirements of SA..
(5.005 is supported last I heard, but may not be supported soon as the
developers are having a hard time making code that runs under 5.005 and
modern
Please don't thread steal. You replied to an existing thread of
conversation and changed the subject line. That is impolite. Now
your message right in the middle of Martin Bene's thread about
Learning from forwarded mail. How are they related? Many people
won't even read your message because
Aaron wrote:
When I reply, it goes to the from address, which is the person who
sent it. I have to type in the list address by hand (I know... How
sad is that?) I use Outlook 2003 beta ...
Since Outlook is missing list reply functionality you might find it
easier to do a group followup to
Cassandra Lynette Brockett wrote:
All I was mentioning was that 6.2 was the most stable of rhat I've
used.
Of the Red Hat releases 6.2 was the best they ever had.
debian, though there has not been setup a method to get spamassassin current
for stable or testing, so it has less accessibility
Jay Levitt wrote:
Somehow, the spammers have correlated my two entirely unrelated domains.
Anyone else seen this?
It does not surprise me. It would be easy to do. Look at the MX
records for those addresses and correlate any that have the same mail
exchanger.
Bob
pgp0.pgp
Description:
Nick Marino [EMAIL PROTECTED] [2003-01-13 01:49:25 -0600]:
From: Bob Proulx [EMAIL PROTECTED]
Hello Nick
I am sending this in the hopes that it will be taken constructively
and not as an attempt at abuse. Perhaps these references will be of
use. Shrug. Conversational quoting
Theo Van Dinter [EMAIL PROTECTED] [2003-01-09 15:02:25 -0500]:
Stats since 2002-12-09
Scores: 0.7 19 45
Total Messages: 4213
SA Caught : 4102(97.4 %)
Razor Caught : 3237(76.8 %)
Razor Not SA : 1 (0.0 %)
Razor Cause SA: 87 (2.1 %)
Very nice.
I checked my
Adrian 'Dagurashibanipal' von Bidder [EMAIL PROTECTED] [2002-12-30 23:33:43
+0100]:
From RFC 2822:
month-name = Jan / Feb / Mar / Apr /
May / Jun / Jul / Aug /
Sep / Oct / Nov / Dec
Apparently
Matt Kettler [EMAIL PROTECTED] [2002-12-16 16:24:21 -0500]:
3) In fact, if you can avoid it, don't ever use a simple whitelist_from,
and always use a whitelist_from_rcvd whenever possible. This closes a LOT
of loopholes like the one you found here.
Hmm... Which version of SA supports
Duncan Findlay [EMAIL PROTECTED] [2002-12-12 23:57:48 -0500]:
On Thu, Dec 12, 2002 at 09:56:23PM -0500, Matt Kettler wrote:
If you really want people to reply on-list your should add a Reply-To
header that contains [EMAIL PROTECTED] to your
outbound messages. Note this is not Reply-To
Eric Whiting [EMAIL PROTECTED] [2002-12-07 14:21:24 -0700]:
Scott Serr wrote:
Got a Maxtor RMA.
I'm thinking I'd like to try the Seagates next
Sorry to hear the news. I guess I need to get a backup in place for my
maxtor.
It is easy to bash the drive you have that has failed. But
Here's the latest in nigerian scam mutations. This one only scored a 3.0
(SA 2.43).
And yet another variation. At least it is different than the ones I
usually see.
Bob
From [EMAIL PROTECTED] Wed Nov 27 08:30:48 2002
Return-Path: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
Received:
Justin Mason [EMAIL PROTECTED] [2002-11-24 14:56:16 +]:
has anyone seen DNSBL lookups in SpamAssassin returning bizarre
results, like real IP addresses being returned instead
of the usual 127.0.0.n?
Verystrange. Never seen that.
I've just received a report of this, and it strikes me as
Ross Vandegrift [EMAIL PROTECTED] [2002-11-18 22:03:39 -0500]:
Whoa. GPG/PGP signitures used to carry a -50 or so! What's the line of
thinking here? I've never once recieved a signed piece of spam that was
signed. OTOH, I've recieved lots of real signed mail. Has this rule been
exploited?
Eric Sandeen [EMAIL PROTECTED] [2002-11-10 09:46:03 -0600]:
Hi, I see that spamassassin -d will remove markup from a single message,
but is there a good way to remove spamassassin markup from an entire
mbox?
formail -s spamassassin -d mailbox-tagged mailbox-untagged
And to take an entire
Andreas Lund [EMAIL PROTECTED] [2002-11-08 14:52:08 +0100]:
I've come across a pretty serious problem, but I'm not sure if SA or
qmail-scanner is to blame. The problem is that messages (incorrectly) tagged
as spam gets their MIME headers broken somehow. The end result is that the
MIME stuff
[EMAIL PROTECTED] [EMAIL PROTECTED] [2002-11-08 16:56:06 -0800]:
I'm currently running SpamAssassin 2.43 + Razor 2.20 + Postfix 1.1.11 and
having some issues regarding base64 encoded mail. SA doesn't seem to be
handling this mail properly as it is leaving the message body in an encoded
Thomas Nyman [EMAIL PROTECTED] [2002-11-07 19:59:27 +0100]:
As far as I can tell Spamassassin uses RBL?s by default. Is there anyway I
can check and see if SA does RBL checks??
Run a message through spamassassin with -Dt and see if it uses the
checks in the header.
| spamassassin -Dt
If
Martin Radford [EMAIL PROTECTED] [2002-11-02 20:27:54 +]:
At Sat Nov 2 19:31:56 2002, Christian Salzer wrote:
Just wondering, why SA-Talk mails, which contains quoted spam are
reported to razor?
People auto-reporting to Razor based solely on the SA score, rather
than actually
Jan Korger [EMAIL PROTECTED] [2002-11-02 22:04:49 +0100]:
Anyway, the spam that Bob forwarded was going to be marked
as spam no matter how you handled the SA headers! He said it was
assigned a score of 42.5 when he originally received it. 42.5.
He said so, but this must have included
John covici [EMAIL PROTECTED] [2002-10-29 06:38:32 -0500]:
Do you know what the no such file or directory refers to which I got
when I tried spamassassin -r -D ?
It would help if you shared the error message you are seeing with the
list. Otherwise the best anyone could say is that you are
Did you read the original article? He claims to be _more_ accurate than
SA while still doing header-content-only tests (not DNSbl). Of course, I
don't know whether that includes blocking IP ranges with a private list.
I have seen a lot of claims that filter brand X is accurate at a some
Bart Schaefer [EMAIL PROTECTED] [2002-10-29 12:27:58 -0800]:
Who else is using the Bayesian classifier from the current 2.50-cvs? What
kind of results is it giving you?
[...]
Not bad, but not as good as I'd hoped.
I don't have any good data such as you have collected. But so far I
am
Kaushik Mallick [EMAIL PROTECTED] [2002-10-24 16:11:33 -0600]:
htmldiv style='background-color:'DIVSorry, I am not sure why the
body of my last post didn't show, so I am repeating this./DIV
DIVnbsp;/DIV
It is probably because you are posting messages to a public list as
HTML. That is not
Aram Mirzadeh [EMAIL PROTECTED] [2002-10-13 11:59:01 -0400]:
I have a piece of SPAM that is jumping from 0.8 to 5.0 and back to 0.8
each time I ran a (-t) test without any modifications to my pref file.
The offending rules that change are: X_OSIRU_SPAMWARE_SITE to
X_OSIRU_SPAM_SRC and
matt [EMAIL PROTECTED] [2002-10-11 17:06:00 -0400]:
Really short spams are something SA alone isn't very good at. Fortunately
systems like Razor are wonderful at them, and the DNS blacklists help too:
While Razor is great still someone must get the spam first. Which is
unfortunate. DNS
Arie Slob [EMAIL PROTECTED] [2002-10-10 02:36:27 +0200]:
Got this spam today:
[...]
You May Be closer (maybe hours away) To 'Financial' 'Freedom'
If you needed '$24,000' in 24 Hours
'Click' 'Here'
[...]
As you can see, several phrases are enclosed in ' '
Unfortunately that is also a
Danita Zanre [EMAIL PROTECTED] [2002-09-27 10:10:04 -0600]:
As a totally off-topic aside - am I the only female who posts to this list?
The last time I posted about a month ago someone referred to me as he -
so I'm feeling very geeky g.
Does mistaken identity have anything to do with being
PS I know my English isn't good, but... negative score added, can
you really say that? Adding something negative... hmmm...
Yes, that is perfectly legitimate. It is a math / accounting thing.
You get a paycheck for $100. You get a bill for $20. You add them
up. Some of the additions are
I have been getting a lot of audio (Klez virus) files lately. There
is not enough for SA to grip onto right now. Perhaps something like
the following?
body XWAV_IN_BODY /Content-Type:\s*audio\/x-wav/i
describe XWAV_IN_BODY x-wav audio in body of mail
score XWAV_IN_BODY
http://www.spamassassin.org
Is anyone besides me having problems getting to the site?
What site is that one? Isn't this site on sourceforge the official
home page?
http://spamassassin.sourceforge.net/
Bob
msg07622/pgp0.pgp
Description: PGP signature
Question:
Is this the correct way to code it?
# Whitelist and blacklist addresses are now file-glob-style patterns, so
# [EMAIL PROTECTED], *@isp.com, or *.domain.net will all work.
whitelist_from *@freelotto.com
whitelist_from *@luckysurf.com
That looks correct to me and matches
1) the /etc/init.d/spamassassin script never seems to get launched on
startup
is there something else needed?
Yes. There needs to be a symlink to the appropriate run level
directory of /etc/rc.d/rc2.d/S90spamassassin or similar. On RH
systems that is usually placed by the 'chkconfig'
Rossz Vamos-Wentworth wrote:
Can someone send me a start/stop script for placement in /etc/init.d
that works with SuSE 7.3?
Since I am unfamiliar with SpamAssassin, I would prefer not writing
this myself and potentially screwing up my mail system. Any
assistance would be appreciated.
Hope nobody that admins domains etc. is dumping without looking at teh
messages. My VeriSign Renewal notice got nailed as spam.
The default config for a long time, now in 60_whitelist.cf, has had
the following.
whitelist_from [EMAIL PROTECTED]
What address was your renewal from? Same or
D wrote:
and whitelist all the forged spam.
I hate whitelists, unless they're based on unforgeable data (eg valid
GPG signature).
On that idea I have been wondering if it might be possible to add
signing by the mailer list manager. Majordomo, mailman, etc. could
sign the message that it
But does that make me (the sender) a spammer?
It's far too common to equate sender sent a message I consider junkmail
with sender should therefore be prevented from sending mail to anyone I
can manage to stop him from sending mail to.
Isn't that the premise behind ORBS (open relay
SPAM is a registered trademark of Hormel Foods, LLC, for luncheon meat.
Didn't they have a press release a few months ago that stated that it didn't
really bother them that UCE was being called spam?
That is right, spam, not SPAM. They have a legal need to protect
their trademark or they
Well, if you're autoreporting, I would agree. But we're agreeing that
you shouldn't autoreport. What we're disagreeing about is whether you
should report the spam after you verify that the message is in fact spam.
Ah... Somewhere along the way I took a turn into the weeds. Thanks
for
and it adds the message as spam for people who aren't
fortunate enough to use SA but use Razor instead.
But... If they wanted to use SA they would use SA. Since they are
not using SA when it is available to them but are using Razor it leads
me to believe that they do not want to use it.
I'm curious as to how one might limit the number of simultaneous
spamassassin processes.
This is one idea that surfaced while reading your question. I am sure
there are better ones.
I run spamassassin as a procmail filter.
If you are using the typical .procmailrc rule to pipe through to
So, then, if I'm supposed to only use spamassassin -r to manually report
spam, how in heaven's name do I use Razor, in conjunction with SA, to
check for spam?
If you have razor installed then spamassassin will automatically
detect that and use it. If it is not installed then it won't.
But... If they wanted to use SA they would use SA. Since they are
You assume that people using SA or Razor do so by choice and/or are
technically savvy enough to set them up.
By choice, yes. Your point about technically savvy is interesting
since I think both SA and Razor have similar
You know, I'm suprised at how little spam gets sent through mailing
lists.
You are not subscribed to the right lists! At least half of my spam
comes to me by way of mailing lists. May I direct you to a few such
as bug-gnu-utils@gnu, or skywagons@airbase1, etc. I will say that
sourceforge
So, reviewing the README file with SpamAssassin, I put the following in my
.forward:
|IFS=' ' exec /usr/bin/procmail -f- || exit 75 #harold
You're missing the double-quotes. Put those in the file and you
should be fine. They were not quoting text to put in the file. Those
quotes
are the scores listed on the tests-page up to date?
The SUBJ_ALL_CAPS is scored -0.054.
This means that all caps subjects are a sign of trustworthiness !?
Only at a very small level. Basically the new (small) values say that
subject all caps has no strong indication at all of the message
My server is a Cobalt Raq4. I have several users who have .forward files in
their user directory. I have noticed that mails sent using .forward files
are NOT passed through SA.
I don't know anything about Cobalt Raq4. But let's say you are
typical and are using procmail as the local mail
yep, I've just added that for 2.1devel. *just* missed the 2.0
release ;)
It's ok, you can release it in 2.00.01 ;^).
Just a nit but leading zeros in version numbers are not desirable.
Make that 2.0.1. Whole numbers separated by dots make automated
processing by autorpm and dpkg and
I am using spamassassin site wide with qmail-scanner. I was wondering if it
is possible to defer the mail, instead of delivering or bouncing the mail?
Does anyone do this? Is it recommended?
If you deferred it now, that would mean that it would resend the
message again in a few (30?)
Use letters for the second part.
2.a.7.
2.b.12
Just to be different. Everybody already uses numbers ... so mundane.
And so standard and usable by a large audience of people and
programs. If you want people to use the programs then things should
not be difficult just to be different.
Just
jm wierd. for 3 months, nobody but spammers sent HTML-only mail, now
jm everyone's doing it :( Better mod the score downwards...
cewatts Is the really high HTML-only score a GA-created one? WOW, is
cewatts that high.
jm yeah, goes to show how effective it was, until all these other
jm mails
1 - 100 of 101 matches
Mail list logo
