on 1/18/05 6:12 PM, MIKE YRABEDRA at [EMAIL PROTECTED] wrote:
What is a good script that folks are using to generate SA stats off a mail
log?
I am mainly looking for one that reports on the rulesets that are catching
the spam too. I don't think sa-stats.pl does that?
On Mon, 17 Jan 2005, Thomas Arend wrote:
With network test enabled bayes scores lower. This is a problem when the
network test don't fire when the spammer uses a new server. Therefore I have
raised the bayes scores for bayes_99. I seldom get bayes_90 so I didn't raise
the scores for bayes_90.
On Tue, 18 Jan 2005, MIKE YRABEDRA wrote:
on 1/18/05 6:12 PM, MIKE YRABEDRA at [EMAIL PROTECTED] wrote:
What is a good script that folks are using to generate SA stats off a mail
log?
I am mainly looking for one that reports on the rulesets that are catching
the spam too. I don't
At 08:37 PM 1/18/2005, [EMAIL PROTECTED] wrote:
BTW, it looks like bayes_90 has been deprecated. When I run a lint on my
local.cf, I get:
warning: score set for non-existent rule BAYES_90
Yes, several of the old ranges in 2.64 no longer exist.. For 3.x they
changed the ranging a bit, creating
I seem to remember there was a problem or design feature where something
like Net::DNS was using about 4 file handles per URL that it looked up.
Must have been about 250 URLs in that spam, at a guess.
Personally, I'd be inclined to submit a bug. :-)
Loren
- Original Message -
3.0.2 is better than 3.0.1 in this regard, so the first thing I'd do is
upgrade.
That may not be a complete solution, so if you are using spamd, I'd
set ---max_con_per_child to something reasonably low, like 20..50 or so.
There are still a couple of things that can eat memory and already have
Are you referring to whats in the spamd line? Currently it is m10
Hmm I thought that was max con per child, so where do I edit that value?
Thanks
Robert
3.0.2 is better than 3.0.1 in this regard, so the first thing I'd do is
upgrade.
That may not be a complete solution, so if you are using
Thanks for the response. Yes it is:
--max-conn-per-child=number
I set it to 20. Will see how it works. Default is 200. Thanks again for
the help. I will look into the upgrade to 3.0.2.
Thanks again!
Robert
-m10 is 10 max children. In 3.x each child gets reused more than once
before it is
I'm having a problem getting spamd to work properly as any other user but
root. I have it running as user spamd which I have created. I was originally
getting create errors for user_prefs for /root. I set my procmailrc file to
DROPPRIVS=yes and that cleared that as I had created a /home/spamd
From [EMAIL PROTECTED] Tue Jan 18 15:55:21 2005
Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm
Precedence: bulk
...
From: Matt Kettler [EMAIL PROTECTED]
...
No listing in any blacklists:
http://www.dnsstuff.com/tools/ip4r.ch?ip=164.109.26.27
I don't know about digex, but
I've had spam making it through SA 3.02 with the X-Antiabuse headers in
the mail. Anyone have any ideas on how to prevent minus scores on those
rule hits?
--JM
--
[EMAIL PROTECTED]
http://blogs.galaxycow.com/vermyndax
Because this E mail address is transmission exclusive use, message it
does
I recently upgraded from version 2 to 3 and my
performance has gone to pot. It may just be that I need a much stronger
computer for this version but I suspect it may be doing a lot of RBL
checking. In version 2, I had all net checking turned off in
local.cf. I think something is being
At 08:22 PM 1.18.2005 -0500, MIKE YRABEDRA wrote:
on 1/18/05 6:12 PM, MIKE YRABEDRA at [EMAIL PROTECTED] wrote:
What is a good script that folks are using to generate SA stats off a mail
log?
I am mainly looking for one that reports on the rulesets that are catching
the spam too. I don't
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Determines which domains are vhosted at a given IP address.
e.g. xanexMUNGED.com, at 200.139.97.122, gives:
http://whois.webhosting.info/200.139.97.122
200.139.97.122 - IP hosts 27 Total Domains ...
Showing 1 - 27 out of 27
Domain Name
This tool has been abused is known (and blocked) by many spammers
(unfortunately).
Paul Shupak
P.S. It is still always worth a try though.
On Tue, Jan 18, 2005 at 08:27:50PM -0800, Justin Mason wrote:
Determines which domains are vhosted at a given IP address.
Not very reliable though. They get most of the 400+ that work is
hosting on 1 IP, 0 of the 80+ on 3 other IPs, and only 2 of the 10+
I have on my personal server.
--
I got a spam for an Acura dealer in Houston Tx from them.
They are not going to get ANY mail into my mailbox as a result.
The tone of their mail also indicated that they are arrogant pieces
of dog droppings. If Digex appears in the email they are boosted
to a rather high number. They are NOT well
At 10:48 PM 1/18/2005, Vermyndax wrote:
I've had spam making it through SA 3.02 with the X-Antiabuse headers in
the mail. Anyone have any ideas on how to prevent minus scores on those
rule hits?
Care to be specific about which rule hit's you're talking about? AFAIK SA
does not have any rules
At 12:10 AM 1/19/2005, jdow wrote:
I got a spam for an Acura dealer in Houston Tx from them.
They are not going to get ANY mail into my mailbox as a result.
The tone of their mail also indicated that they are arrogant pieces
of dog droppings. If Digex appears in the email they are boosted
to a
--On Tuesday, January 18, 2005 11:38 PM -0500 Theo Van Dinter
[EMAIL PROTECTED] wrote:
Not very reliable though. They get most of the 400+ that work is
hosting on 1 IP, 0 of the 80+ on 3 other IPs, and only 2 of the 10+
I have on my personal server.
Check out the latest ntop (http://ntop.org).
Using debug (spamd -D) i've found it takes a long time on URIDNSBL:
this is during startup:
debug: plugin: loading Mail::SpamAssassin::Plugin::URIDNSBL from @INC
debug: plugin: registered
Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x8a10224)
debug: plugin: loading
List:
I am not sure if this is the proper place for this question, so let me
apologize in advance and the put on my asbestos underwear
Is there any way to load more than just scores from SQL? Or flush
blacklists/whitelists from the prefs?
I am running SA inside of MimeDefang (MD). I have
And now Verison is sending out spam to get people to join verison.com.
They are going into my black list at the procmail level ASAP except for
a VERY few verison addresses.
{`,'}A pissed off Joanne.
- Original Message -
From: Martin Hepworth [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Robert
theres a patch (well two actually) that help for 3.01 and 3.02 here
http://bugzilla.spamassassin.org/show_bug.cgi?id=3983
does alot of what the 3.10 will do - limits spawning of new processes.
--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300
[EMAIL
Frank
you got a local cachine name server on the machine? That helps.
I also turn off alot of the pure RBL's and only use the URIRBL's by
adding this to my local.cf
# don't do all the RBL's just spamhause XBL
score __RCVD_IN_NJABL 0.0
score RCVD_IN_NJABL_DUL 0.0
score RCVD_IN_NJABL_MULTI 0.0
At 05:55 AM 1.19.2005 -0500, Mike Yrabedra wrote:
Jack,
Thanks for the info. Where would I get this version of the script? Will it
work on a regular spamd log?
Mike:
Yes, it works on a spamd log. In fact, I re-direct all spamd info to
/var/log/spamd.log and run the script against that pure
At 10:44 PM 1/18/2005, List Mail User wrote:
I don't know about digex, but dnsstuff.com is listed in SPEWS level 1
and level 2, completewhois.org and whois.rfc-ignnorant.org. BTW. I personally
don't trust anyone with a disconnected telephone number, and they seem to
probe my own address
Not sure how this will work itself out (or how old this story is) but it's
probably worth noting and keeping an eye on...
The Higher Regional Court now has ruled that blocking email by content is
unlawful as it is considered confidential in German law. Blocking is only
allowed when, say, a viral
Hi,
there is a pretty good summary linked within the article :
http://www.heise.de/english/newsticker/news/55210
This decision deals with filtering the email of a person who had left the
university and tried to stay in contact with his former co-workers. The
universitiy did not want thjis, and
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Wednesday, January 19, 2005 9:06 AM
To: Kang, Joseph S.
Cc: users@spamassassin.apache.org
Subject: Re: German court rules e-mail blocking 'illegal'.
As far as i understood this is that mails must
get
LOL FWIW, the site mentioned in my original post is still UP!!
After reading what verizon wireless did with the bluetooth cell phones(1),
I've pretty much given up hope that ANYONE in upper managment of any verizon
company has a clue!
--Chris
(1)
From [EMAIL PROTECTED] Wed Jan 19 06:57:31 2005
Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm
..
Subject: Re: (was Re: DIGEX) dnsreports.com/dnsstuff.com
A message (from [EMAIL PROTECTED]) was received at 19 Jan 2005
14:21:48 +.
The following addresses had delivery problems:
-Original Message-
From: MIKE YRABEDRA [mailto:[EMAIL PROTECTED]
Sent: Tuesday, January 18, 2005 8:22 PM
To: SATalk
Subject: Re: A good stats script?
on 1/18/05 6:12 PM, MIKE YRABEDRA at [EMAIL PROTECTED] wrote:
What is a good script that folks are using to generate SA
stats
I had the same thought when initially setting up our system. Our
university has pretty strict rules regarding content-filtering. I got
around it by having SA tag spam (using X-Spam-Status, no subject
re-write), then a procmail in each users folder autmagically puts these
into a Spam-folder.
This is my first post here, and liable to be a doozie!
Running SA 3.0.2 with Sendmail 8.12.11,
hooked in with spamass-milter 0.2.0, all under Solaris 9. I also
have SPF-Milter installed from spf.pobox.com. SPF is the first milter,
SA is the second
in the sendmail.cf file.
Sendmail running only
Leonard
know issue with sa 3.0x and spamc/spamd. Will ne Fixed with 3.10
work around is lower number of children allowed or apply following patches..
http://bugzilla.spamassassin.org/show_bug.cgi?id=3983
--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300
[EMAIL
Joe K. wrote:
Anyone know enough German (or is German) who can translate the
ruling that's linked in the above article?
As I am lacking the time for a full translation: the core of the
ruling is that the university had, under German law, no right to
block all mail originating from or sent to a
Hi,
in an ISP setting there seem to be two cases where machines other than the
official
mail server send mails FROM a local address
- valid clients who send mails from their local system to the mailserver (and
authenticate in
one way or another to do so)
- spammers who believe that a forged
Cant see what Im doing wrong.
I ran spamd like:
spamd -x -d -r /var/run/spamassassin.pid
--socketpath=/var/run/spamassassin.sock --sql-config
OR
spamd -d -r /var/run/spamassassin.pid
--socketpath=/var/run/spamassassin.sock --sql-config
spamc -x -c -U /var/run/spamassassin.sock -u
Put your rules in /etc/mail/spamassassin
they wont get written over
From: [EMAIL PROTECTED]
Date: Wed, 19 Jan 2005 13:57:30 -0600
To: users@spamassassin.apache.org
Subject: newbie question about adding rules
I am looking at adding some rulesets from SARE and we are
At 02:57 PM 1/19/2005, [EMAIL PROTECTED] wrote:
I am looking at adding some rulesets from SARE and we are planning on
putting them in the /usr/share/spamassassin directory (I know they get
overwritten when upgrading...). I don't see anywhere that spamassassin is
calling the sets in that
41 matches
Mail list logo