On Sat, 17 Jan 2004, Martin Radford wrote:
> At Sat Jan 17 13:53:50 2004, Carl R. Friend wrote:
>
> > The version in my case is 2.60 with a custom ruleset of my own
> > called 20040105_00. 2.60 handles this image-spam. Here's the
> > header generated from a
On Sat, 17 Jan 2004, snowchyld wrote:
> how does one go about setting up an SMTPReject wrt SA ?
> are there docs for sendmail/exim/qmail etc ?
>
> i would love to 5xx say spam above certain threshold with a rude message ^_^
For Sendmail, take a look at spamass-milter. Unfortunately, you
w
On Fri, 16 Jan 2004 [EMAIL PROTECTED] wrote:
> Sorry I don't know the product version as I didn't install this, but it's
> one of the more recent releases.
The headers will tell you:
X-Spam-Checker-Version: SpamAssassin 2.60-crf_2.60_20040105_00
(1.212-2003-09-23-exp) on scanner.e
On Wed, 14 Jan 2004, Luca Spiller wrote:
> Today I recieved an email from my ISP - the subject was "Special
> Announcement: A Thank You Gift From Freeserve!" so as you can guess Spam
> Assassin thought it was spam (I could not be bothered to whitelist it
> before now so thatÂ’s why). Spam Assass
On Tue, 13 Jan 2004, Dallas L. Engelken wrote:
> okay, so i did... i see no reason to use these rules, unless this
> becomes a common tactic.
>
> OVERALL SPAM HAM S/O SCORE NAME
> 10970 6083 48870.555 0.000.00 (all messages)
> 220
On Mon, 12 Jan 2004, Carl Chipman wrote:
> What do most people who write new SA rules set their threshold too? I had
> set it around 3.0 for our company, but the false positive rate was very
> high. I was looking at some of the big-evil stuff and noticed that many of
> the scores were 3.0 by
On Sat, 10 Jan 2004, Andrew Cranson wrote:
> See
> http://www.mail-archive.com/[EMAIL PROTECTED]/msg03016.html
> * http://nyx.ilk.com/qsspam/
>
> There is a mention of a delete_mail_threshold. I have been trying to
> implement that via mySQL but it doesn't appear to be doing anything. Is
> the
On Sat, 10 Jan 2004, Andrew Cranson wrote:
> What per-user preferences are supported by the mysql integration? Just the
> basics like required_hits and white/blacklisting, or is it possible to
> support more? Thanks.
The per-user configurability capabilities of the MySQL interface
go well b
Greetings fellow spam assassins!
I'd like to take a moment of your time and gripe about a certain
rule that seems to be causing some grief to the users at the Ocean
State FreeNet (osfn.org) -- FROM_ENDS_IN_NUMS.
Our system runs on a package known as FreePort, and that package
dictates ho
On Wed, 31 Dec 2003, Russell H. wrote:
> I'm running the latest release (2.61) on FreeBSD with the standard
> sendmail+procmail config using spamc/spamd and it seems that user_prefs
> are not working. I've tried setting up whitelists/blacklists and played
> with the threshold value but it only
On Wed, 24 Dec 2003, Wendel, Jesse wrote:
> Okay - well, I followed your suggestion and gave it a shot.
> Below is the entire /etc/rc.d/init.d/spamassassin file as
> modified - SPAMDOPTIONS="-d -c -a -m5 -H -i 0.0.0.0" -
> after which I restarted the service.
>
> It still isn't working.
On Fri, 19 Dec 2003, Justin Mason wrote:
> http://osdir.com/Article198.phtml
>
> Editor's Choice for Best Application (Top 5 environments):
>
> Email: SpamAssassin (Double Winner)
Well done, gentlemen! {hoists glass}
++
On Fri, 19 Dec 2003, Christopher X. Candreva wrote:
> A Spam got through SA last night, with two things I hadn't seen before - Yet
> another form of a %RANDOM variable that isn't replaced by a value:
>
> Subject: Re: %RND_UC_CHAR[2-8], he inadvertently turned
That's a "ratware misfire". T
On 14 Dec 2003, Rubin Bennett wrote:
> The spammers are getting smarter about Bayes... this one sneaked through
> SA 2.6, a well trained Bayes database, and the BigEvil rules with a
> score of 1.0 out of 5.
The body of the spam in question was more than 80% Bayes-
poison. It's not surprisi
On Fri, 12 Dec 2003, Raquel Rice wrote:
> I've tried several times to run spamc from a site-wide procmailrc.
> It just hangs. This is what I have in the /etc/procmailrc:
>
> :0fw
> * < 256000
> | spamc
>
> and I've made certain to have started spamd.
You don't say how
On Mon, 8 Dec 2003, Justin Mason wrote:
> A good test to catch this would be the use of "too many" TD tags;
> it's pretty simple to spot that way. I don't think we have one
> yet, though, since this is still a very rare pattern.
I've got an experimental abstracted simple "word counter"
as
On Sun, 7 Dec 2003, Richard Bewley wrote:
> Hmm, it looks as though this would be the problem:
>
> debug: is Net::DNS::Resolver available? no
> debug: is DNS available? 0
Yup. If you're trying to run a DNS-based RBL, that'll
stop you in your tracks.
> Now, the next question, how do I go
On Wed, 3 Dec 2003, Damien Kemens - Friendly Computers wrote:
> I'm having some troubles configuring local.cf to check to a custom rbl. It
> worked for a time, but then something. nothing that I'm aware of, changed.
> And now it is not working. The rbl is still in the same location, and the
>
On Thu, 4 Dec 2003, jenni baier wrote:
> For example, I get a few "Stock Pick" spams that reference legitimate
> quote sites... they don't necessarily want you to respond directly to
> them, they just want you to buy their stock.
The answer, in this case, is to isolate the portion of the
On Wed, 3 Dec 2003, Scott Harris wrote:
> Ahh, the great editor debate :-)
"Why are we hiding from the police, daddy?"
"Because we use vi, son, and they use emacs."
Disclaimer: The above is not my creation. I pilfered it from
somewhere. I forget where. I wasn't even there. You
On Wed, 3 Dec 2003, Jennifer Wheeler wrote:
> > Idan Lerer said:
> > > I would like to block spammer that sends me emails with mail from
> > > [EMAIL PROTECTED]
> >
> > > header LOCAL_SAPM_FROM_WALLA ALL =~ /\abcd.\w{0,[EMAIL PROTECTED]/i
> >
> > Idan,
> >
> > quote the dot "\.":
> > heade
On Mon, 1 Dec 2003, Obantec Support wrote:
> RH8.0 with SA2.60 installed as sitewide.
>
> Procmailrc is handling spam for all users and creates
> ~/.spamassassin/user_prefs ok.
>
> Now 1 customer has decided he does not like spam filtered emails (cannot
> please all).
>
> tried |/usr/bin/spa
On 27 Nov 2003, John Horne wrote:
> The mailhub is a Sun Solaris 9 ultra 10 with perl 5.8.0. Generally no
> problems with the new version except that I just cannot seem to get the
> usual SA logging to occur which states how long it took to spam check
> the message, etc. I have set the syslog.c
On Fri, 21 Nov 2003, Jeremy Dold wrote:
> Does someone want to respond to this guy and point out the obvious?
> http://www.infoworld.com/article/03/11/14/45FEspam_1.html?s=tc
I haven't been able to properly ascertain the author's various
connections to commercial ventures, but in this inst
On Sat, 22 Nov 2003, Richard Bewley wrote:
> I want to add BNBL (bl.blueshore.net) to my DNSBL checks in SpamAssassin,
> can I just add something like this to 20_dnsbl_tests.cf
>
> header RCVD_IN_BNBLeval:check_rbl('bnbl', 'bl.blueshore.net.')
> describe RCVD_IN_BNBL Recei
On Tue, 18 Nov 2003, Larry Gilson wrote:
> Most of you guys can get over my head quickly.
Read, learn, and exceed us. :-)
> This sounds a lot like the squidGuard blacklist implementation. You start
> with a base text file - one each for domains, urls, and regex. It is up to
> each the a
On Tue, 18 Nov 2003, William Stearns wrote:
> As a general rule, I'm testing against domains; it's too easy for
> spammers use random hostnames more often than they do already. If I try,
> won't I just end up with:
>
> uri WLS_URI_1 /^http:.*\b0-go.org\b/i
>
> which puts u
On Mon, 17 Nov 2003, Justin Mason wrote:
> BTW, given that a URI DB cannot use regular expressions, or patterns,
> would this really be useful?
It would have the limited use of IDing specific domains that
get repeatedly "spamvertised" to the point where we (1) notice
them and (2) the spams
On Sat, 15 Nov 2003, Rick [Kitty5] wrote:
> Is it possible to put the spam score in the subject?
Yes. A quick read of the FM ((friendly|fine) manual) shows:
subject_tag STRING ...(default: *SPAM*)
Text added to the "Subject:" line of mails that are
On Sat, 15 Nov 2003, David B Funk wrote:
> On Fri, 14 Nov 2003, Carl R. Friend wrote:
>
> >For the assembled group -- is it possible to do a DB lookup,
> > either in an eval() or some other mechanism, in a "uri" rule?
> > If we could do a DB look
On Fri, 14 Nov 2003, William Stearns wrote:
> Good day, all,
G'day.
> My first attempt to do URI rules is at
> http://www.stearns.org/sa-blacklist/sa-blacklist.2003111402.uri.cf
My, that's a big list. And a whole lot of regexes
> Would someone be willing to just take a qui
On Fri, 14 Nov 2003, Charles Gregory wrote:
> I got a spam today that just missed being spam by a few fractions of a
> point. The "Click here" URL was:
> http://biz.yahoo.com/prnews/031112/lnw017_1.html
We've gotten several hundred of those at ny PPOE in the
past few days. It's a stand
On Tue, 11 Nov 2003, Lukreme wrote:
> > uri YAHOO_REDIR /srd.yahoo.com\/drst\/.*\*http:/
>
> Quick (stupid) question. What is the best place to add rules where
> they will not get "blown away" via an upgrade?
Give a go at putting it in /etc/mail/spamassassin/local.cf --
that's where I
Greetings Assassins!
I've got a silly question that can be answered with a simple "Yes"
or "No" (or a "go sod off you stupid git", although I hope it won't
come to _that_).
Is it possible for an eval() test to return a value to be used as
the ultimate score for a given test? To wit, I w
On Wed, 5 Nov 2003, Chris Santerre wrote:
> > http://www.angelfire.com/space/netcensus/ispassassin.html
>
> Its crap like this article that keep ISPs from even telling users
> they have the ability to use SA!!! I've seen major ISPs never tell
> there customers unless they ask for some antispam
On Sun, 2 Nov 2003, Ihsan Dogan wrote:
> I'm using Spamassassin 2.55 with spamd/spamc. I started spamd
> with this options: -u nobody --user-config -c
> The users on this system, starting spamc from their .procmailrc.
>
> My problem is, that something is changing the permissions of
> ~/.spamassas
> Jeffrey Schilperoord wrote:
> > What is the easyest way to change the 5.0 spampoints to a higher level ?
>
> in your /etc/mail/spamassassin/local.cf file add/change the line
> required_hits 5 to whatever you want it to be.
Be careful changing that one if you're running spamd -- it's a
site-
John writes:
> I have been running spamassassin 2.55 for some time (am about to go to
> 2.60).
Do. 2.60 fixes quite a few things, shuts down now-long-gone
RBLs, improves scoring, and (even though I was originally a
skeptic) performs well enough (sans Bayes).
> Everything has been working
Adam Denenberg asks:
> Does anybody have any comments or feedback on using SA with perl 5.8
> on solaris 9 running 64 bit? Or maybe 2.8 running perl 64 bit?
I've got SA (2.60) running on a Sun Ultra-1, in 64-bit mode on
Solaris 2.8, and don't see any problems. The Perl version I'm usin
Forrest Aldrich asks:
> This new virus appears to generate many (random?) subjects, so it's getting
> difficult to narrow down.
>
> Has anyone filters for Spamassassin that will correctly identify this
> virus? I'd like to score this one high so they are rejected (via
> spamass-milter)...
Hello,
> >I added a section to the main page of the wiki www.exito.us :)
> >One can't repeat this enough, it is NOT a good idea to automatically delete
> >emails marked spam. Then again, it isn't a good idea to date your cousin,
> >but some people never learn!
OK, I'll have to admit I darn
Gentlemen (and ladies),
> Chris Santerre writes:
> > I'm just curious as to something that was hinted on before. Will future SA
> > versions allow users to write other evaltest files like .cf files now?
> Yeah, it's definitely on the cards -- we have to do something like this.
Oh, *please*
Doug Roberts pleads:
> We just set up shop at a co-lo, started firing off mails to customers that
> requested to download our product (a spamassassin-based filter, ironically)
> and discovered that we are the proud owners of part of a class C that has
> been blocked because the previous owne
Michael Clark writes:
> Would a rule that adds points for no pingable web site for a domain
> be useful? If spam comes in from [EMAIL PROTECTED], could
> http://www.example.com be tested? If you get a 404 or no response,
> give the message a couple points. Just an idea, Mike
Probably not
Greetings.
I'm new to this list, but not to SpamAssassin, and have a query
regarding some of the newer types of spam I'm beginning to see at a
small ISP I donate time to.
Specifically, I'm talking about the kind of spam that shows up as
an HTML link to a HREFed image and *very* little el
Theewara asks:
> I use spamassassin with sendmail. Can spamassassin log host that =
> send spam mail in simple format? For example:
>
> Aug 10 18:20:05 abc spamd[29713]: identified spam (7.1/5.0) from =
> [EMAIL PROTECTED]
Yes. If you're using spamd you can specify syslog() style
logg
Joshua Graham asks:
> Mail from one of my domains (suckycentral.com) keeps getting marked as
> spam due to the fact that SA insists it contains words of an adult nature.
> Even if it's a blank message.
>
> Is there anyway I can remove the word suck from "adult list" so my mail
> won't keep get
47 matches
Mail list logo
