On Tue, 14 Dec 2004, Clarke Brunt wrote:
it seems to me that a 'fail' result is a perfectly good reason to reject
a message outright, which is what I do (without it even being passed to
SpamAssassin).
How many users do you have? Do none of them have vanity addresses?
Tony.
--
f.a.n.finch
On Tue, 14 Dec 2004, Matt Kettler stated:
At 06:27 PM 12/14/2004, Nix wrote:
dig doesn't use the local nameserver unless you're looking up a name
there: it queries remote nameservers directly.
No it does not. By default, dig uses the nameservers in
resolv.conf. Check your dig output sometime.
From: Clarke Brunt [EMAIL PROTECTED]
jdow wrote:
Even more to the point SPF is NOT a reason to accept or reject mail.
All it does is verify the domain from which it originated. That is a
tool for SCORING spam not for outright elimination of messages that
have bad SPF records and
From: Kevin W. Gagel [EMAIL PROTECTED]
From: jdow [EMAIL PROTECTED]
From: Clarke Brunt [EMAIL PROTECTED]
Jonathan Nichols wrote:
---snip---
Even more to the point SPF is NOT a reason to accept or
reject mail. All it does is verify the domain from which
it originated. That is a
From: David B Funk [EMAIL PROTECTED]
On Tue, 14 Dec 2004, Andy Norris wrote:
In that case, this leads to another question -- how, then, to reliably
whitelist eBay? I would imagine they are a big target of forgers? I
tried
def_whitelist_from_rcvd [EMAIL PROTECTED] ebay.com
but
From: David B Funk [EMAIL PROTECTED]
On Tue, 14 Dec 2004, jdow wrote:
Of course, for the spamassassin lists I found something like what I did
in procmail is best:
---9---
:0 fw: spamassassin.lock
* 25
* !^List-Id: .*(spamassassin\.apache.\org)
| /usr/bin/spamc -t 150
I just upgraded to 3.0.1 and I periodically see this in my logs:
Dec 15 03:05:14 prime spamd[57032]: Use of uninitialized value in numeric
lt () at
/usr/local/lib/perl5/site_perl/5.6.1/Mail/SpamAssassin/Plugin/SPF.pm line
204, GEN49 line 333.
Dec 15 03:05:14 prime spamd[57032]: Use of
At 11:55 PM 12/13/2004 -0500, Peter Matulis wrote:
Hi, I have heard that SPF is controversial among mail administrators. Why
is that?
I think mostly because people view it as a general purpose anti-spam tool.
With such a perspective, it's easy to poke holes in and declare it useless.
Spammers
Hi
We are running a Exchange 5.5 and Exchange 2003 mixed mode environment.
Since introducing Exchange 2003 servers we do not get any message
headers from the spamassassin relay sent to users on the Exchange 2003
box.
ive seen other people experiencing this but my question is if Exchange
2003 is
[Sorry I'm not replying to the original mail, I seem to have missed it]
At 12/14/2004 10:01 AM +, someone wrote:
Hi, I have heard that SPF is controversial among mail administrators. Why
is that? How many
people use it (on this mailing list)?
My main beef is that SPF breaks forwarding
Ronan wrote:
I actually never knew about this until i was having a hoke around...
anyway cant get it to run..
./sa-stats.pl -l /var/log/syslog -H -T 5 -u
Error in option spec: top|T:25
Error in option spec: SCALAR(0x4c9a68)
bash-2.03$
i presume this is to do with the per user count but it even
We're getting hit with a lot of emails with blank subject lines and blank
contents. Could be some kind of address verification robot. Is SA supposed
to filter these? If not, does anyone have some custom rules that would do
it?
My theory is this is the result of some newbie spammer that doesn't
From: Matt Kettler [EMAIL PROTECTED]
At 11:55 PM 12/13/2004 -0500, Peter Matulis wrote:
ie: jdow wrote:
The chief thing SPF does is clutter up name server traffic to prove
something of little or no use when scoring spam.
A true argument, but utterly missing the point, unfortunately.
Jan
Exchange is stripping the headers off. No doubt theres a stting buried
somewhere where you can tell it not to, but I have seen this problem
before in Ex-2000 (for passing emails to a folder dor sa-learn to pick
up). Never found a solution, but then I'm not an exchange admin/user
D.W.T.Baines wrote:
Hello Ronan,
We use sa-stats.pl here but I haven't seen that error even when running
it with exactly the same args as shown below. I wonder if the problem
could be related to the version of perl or of Getopt::Long you are
using. We are using perl 5.8, not sure off hand what
Hii
I am using Spamassassin with URI, Razor and DCC checks to catch spams.
After implementing URI checks my life had became easier. But ever since
the SURBLs and URI checks became popular means of trapping spams the
spammers have devised a ne way to send their mails in.
Recently some of the spams
On Wednesday, December 15, 2004, 2:37:57 AM, Rakesh Rakesh wrote:
So the question is how do we tackle this scenario. Either we blacklist
free hosting sites like geocities.com in SURBL and get false positives,
or we make a humble request to these free webhosting companies to stop
new
currently i'm using procmailrc to start spamd since i have
a couple users who dont want their mails checked by SA, now
i'm looking into spamass-milter.
Is their a option within the milter api to exclude certain users from SA
or is their another workaround to do so ?
many thanks
matt
I use Suse Openexchange as our mail server and I have amavis installed
for virus scanning and spamassassin.
I have a problem where when people send mail using SMTP Auth
spamassassin penalises them because they are sending from a dynamic IP
address etc...
Currently I am having to whitelist their
So the question is how do we tackle this scenario. Either we blacklist
free hosting sites like geocities.com in SURBL and get false positives,
or
...So how do we tackle this ?
My experience with Geocities is that:
(1) It often takes them one or two full business days to get a kiddie pron
Hi
On Mon, Dec 13, 2004 at 04:43:28PM -0800, jdow wrote:
I've seen another variant about by Matthew Newton that makes a bunch of
rules for both subject and body separately. I generally don't do this as
the body rules will match the subject line, so there's really no need,
other than as a
[EMAIL PROTECTED] wrote:
currently i'm using procmailrc to start spamd since i have
a couple users who dont want their mails checked by SA, now
i'm looking into spamass-milter.
Is their a option within the milter api to exclude certain users from SA
or is their another workaround to do so ?
Rob McEwen wrote:
Final thought:
If these additional avenues don't produce results with a few weeks, I am
going to send ALL of my clients an e-mail explaining the situation to them
and telling them:
Geocities cannot seem to police their kiddie pron spamming to a reasonable
extent and, therefore,
Does anyone know how I could write a rule based on an attachment size?
I'm getting a lot of spams with this specific file attached. It's
always named differently, the the size is exactly the same each time.
--pat--
--
Pat Traynor
[EMAIL PROTECTED]
I use SA as a border gateway to Exchange 5.5, 2000, and 2003 servers in
a dozen or so locations. I have no problem with headers or any other
aspect of spamassassin. Exchange does not strip headers, however
Outlook and Outlook Express do!
But...
Are you using your 5.5 server as an SMTP
I am running Exchange 2003 with a FreeBSD box running SA as the front end relay
and I am getting all my headers. If I right click on the message on outlook and
click Options it has all the scores and everything in there. It also worked
fine with Exchange 2k.
I didn't do anything special to
-Original Message-
From: Rakesh [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 15, 2004 5:38 AM
To: users@spamassassin.apache.org
Subject: A change in tact
Hii
I am using Spamassassin with URI, Razor and DCC checks to catch spams.
After implementing URI checks my life had became
On Wed, 15 Dec 2004, Rakesh wrote:
I think for the four or five large free website providers, a hook could be
added to spamassassin -r that reports them specifically (although spamcop
already does this, they'll only be advised of the actual site if you're
using a full-blown spamcop account, not
At 09:33 AM 12/15/2004, Pat Traynor wrote:
Does anyone know how I could write a rule based on an attachment size?
I'm getting a lot of spams with this specific file attached. It's
always named differently, the the size is exactly the same each time.
Not easily. You could probably write a plugin
At 03:24 AM 12/15/2004, Max Paperno wrote:
At 12/15/2004 03:13 AM -0500, Matt Kettler wrote:
Of course, there's other arguments too.. Redirectors, forwarding
services, etc, but these have their solutions. (Hint: SPF at each stage,
and when you remail, use a return path that points at your own
At 04:05 AM 12/15/2004, jdow wrote:
From: Matt Kettler [EMAIL PROTECTED]
At 11:55 PM 12/13/2004 -0500, Peter Matulis wrote:
ie: jdow wrote:
The chief thing SPF does is clutter up name server traffic to prove
something of little or no use when scoring spam.
A true argument, but utterly
I now use SA 2.64 with lots of custom rules, most of them from SARE.
I've read in a post here (can't find the posting) that in SA 3.x some of
the custom rules are included. Whcih rules are included and which should
I continue using i SA 3.x?
//kim
On Wed, Dec 15, 2004 at 11:40:43AM -0500, Matt Kettler wrote:
Not easily. You could probably write a plugin to do it, but most of the SA
code tries fairly hard to remove attachments from the message before
feeding it to the rules.
A plugin could do it rather trivially. There's no way using
Pat Traynor wrote:
Does anyone know how I could write a rule based on an attachment size?
I'm getting a lot of spams with this specific file attached. It's
always named differently, the the size is exactly the same each time.
--pat--
What kind of contents are there in the attachment ? Are they
On Tue, 14 Dec 2004, jdow wrote:
Why not configure your MTA to relay mail ONLY on encrypted authenticated
sessions, and deliver locally (after some anti-spam checks) on plain
sessions, all this done at port 25?
Setup an alternative mailer port for your machine on a different port
Yes, after much struggle, the wiki is back on line.
First and foremost, I'd like to thank Matt and infotex.com for hosting
the site. Chris Santerre also has my thanks for acting as a go-between
to get me in touch with Matt. They really stepped up to the plate as far
as I'm conserned. They have
On Wed, Dec 15, 2004 at 12:48:19PM -0500, Dan Mahoney, System Admin wrote:
prime# perl -MCPAN -e shell
prime# grep VERSION /usr/local/lib/perl5/site_perl/5.6.1/Mail/SPF/Query.pm
$VERSION = 1.997;
So I'm a little baffled.
Perhaps you have multiple versions installed that SA is finding? I
Hi,
The file size of the bayes database on a server is becoming large :
bayes_seen is 160 MB and bayes_toks is 8 MB. This mail server processes
around 3 mails a day, as a relay.
I did not configure any bayes_expiry_max_db_size, so it should be set to
default (15), and the only
On Wed, 15 Dec 2004, Theo Van Dinter wrote:
On Wed, Dec 15, 2004 at 12:48:19PM -0500, Dan Mahoney, System Admin wrote:
prime# perl -MCPAN -e shell
prime# grep VERSION /usr/local/lib/perl5/site_perl/5.6.1/Mail/SPF/Query.pm
$VERSION = 1.997;
So I'm a little baffled.
Perhaps you have multiple
On Wed, 15 Dec 2004 18:12:06 +, Gavin Pearce [EMAIL PROTECTED] wrote:
We have presently upgraded the server that we run SA on
Dual Operton 2.2Ghz
2GB DDR Memory
SCSI U320 Raid5 Array
Running
Freebsd 5.3
Qmail
Spammassassin 3.01 - Standard conf
And we have had nothing but
Hi,
The file size of the bayes database on a server is becoming really large :
bayes_seen is 160 MB and bayes_toks is 8 MB. This mail server processes around
3 mails a day, as a relay.
I did not configure any bayes_expiry_max_db_size, so it should be set to default
(15), and the only
-Original Message-
From: Kim Leandersson [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 15, 2004 11:36 AM
To: users@spamassassin.apache.org
Subject: Custom rules in SA 3.x
I now use SA 2.64 with lots of custom rules, most of them from SARE.
I've read in a post here (can't
On Wed, 15 Dec 2004 [EMAIL PROTECTED] wrote:
currently i'm using procmailrc to start spamd since i have
a couple users who dont want their mails checked by SA, now
i'm looking into spamass-milter.
Is their a option within the milter api to exclude certain users from SA
or is their another
For various reasons Loren and I must use the per user scores and rules.
I'm noticing that it is using my rules. But it is refusing to use my
scores. What might be wrong with the setup?
{^_^}
On Wed, 15 Dec 2004, Christopher X. Candreva wrote:
On Tue, 14 Dec 2004, jdow wrote:
Why not configure your MTA to relay mail ONLY on encrypted authenticated
sessions, and deliver locally (after some anti-spam checks) on plain
sessions, all this done at port 25?
[snip..]
Actually,
Does anyone have a good yum update repository to upgrade SA to 3.x (from
2.63)?
Is an update like that recommended?
--
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Chris Barnes AOL IM: CNBarnes
[EMAIL PROTECTED]Yahoo IM: chrisnbarnes
--On Wednesday, December 15, 2004 3:11 PM -0600 Chris Barnes
[EMAIL PROTECTED] wrote:
Does anyone have a good yum update repository to upgrade SA to 3.x (from
2.63)?
Is an update like that recommended?
I haven't used Red Hat's SA packages for some time. Just grab the tarball
from the SA site
Rob MacGregor wrote:
On Wed, 15 Dec 2004 18:12:06 +, Gavin Pearce [EMAIL PROTECTED] wrote:
We have presently upgraded the server that we run SA on
Dual Operton 2.2Ghz
2GB DDR Memory
SCSI U320 Raid5 Array
Running
Freebsd 5.3
Qmail
Spammassassin 3.01 - Standard conf
And we have had nothing
Kenneth Porter [EMAIL PROTECTED] wrote:
I haven't used Red Hat's SA packages for some time. Just grab the
tarball from the SA site and rebuild it into an RPM with the command
line provided on the download page. I've been using that from RH7.2
through FC2, now with SA 3.0. (Have to get around
49 matches
Mail list logo
