jdow wrote:
Methinks there is a candidate meta rule here. SPF passes and it's in
certain of the BLs leads to a higher score than merely being in the BL.
In particular, an SPF (or similar) pass will make RHSBLs
(right-hand-side blacklists, for those following along) more useful.
I mean, if
Jon Dossey wrote:
-Original Message-
Jon Dossey wrote:
Still having problems.
Redhat FC2, sendmail 8.31.1, spamassassin 3.0.1 (with
spamass-milter).
Messages are coming in with scores 5.0 and aren't being tagged.
Ok, I changed the required_hits to required_score (even though
- Original Message -
From: martin smith [EMAIL PROTECTED]
I must have received this spam 12 times or more in the last 24 hours and
even though its listed on the SURBL, spamassassin fails to match it
against
them.
When I submit the spams to spamcop it parses the url everytime.
SURBL
On Friday, March 4, 2005, 3:47:04 PM, martin smith wrote:
I must have received this spam 12 times or more in the last 24 hours and
even though its listed on the SURBL, spamassassin fails to match it against
them.
When I submit the spams to spamcop it parses the url everytime.
SURBL seems to
- Original Message -
From: Bill Landry [EMAIL PROTECTED]
I must have received this spam 12 times or more in the last 24 hours and
even though its listed on the SURBL, spamassassin fails to match it
against
them.
When I submit the spams to spamcop it parses the url everytime.
On Fri, Mar 04, 2005 at 05:10:42PM -0800, Jeff Chan wrote:
The URI is a little unusual, with a missing port number after the
colon:
http://crazyrxl0wprices-MUNGED.com:/
Maybe that syntax is throwing off SA?
Yeah, it does look like a bug somewhere in 3.0.x. 3.1 catches it fine,
fwiw.
On Fri, Mar 04, 2005 at 05:10:42PM -0800, Jeff Chan wrote:
The URI is a little unusual, with a missing port number after the
colon:
http://crazyrxl0wprices-MUNGED.com:/
I can confirm that behaviour here.
http://blocked-domain.com/ is picked up
http://blocked-domain.com:/ is
- Original Message -
From: Jeff Chan [EMAIL PROTECTED]
On Friday, March 4, 2005, 3:47:04 PM, martin smith wrote:
I must have received this spam 12 times or more in the last 24 hours and
even though its listed on the SURBL, spamassassin fails to match it
against
them.
When I
On Fri, Mar 04, 2005 at 05:23:35PM -0800, Jeff Chan wrote:
Given that it's apparently fixed in 3.1 should we make a
bugzilla? Might it be worth reviewing that the expression or
code was specifically fixed to explain this (better) behavior?
Or would that be unnecessary?
I wouldn't bother with
On Fri, 4 Mar 2005, Jeff Chan wrote:
On Friday, March 4, 2005, 5:12:28 PM, Theo Dinter wrote:
On Fri, Mar 04, 2005 at 05:10:42PM -0800, Jeff Chan wrote:
The URI is a little unusual, with a missing port number after the
colon:
http://crazyrxl0wprices-MUNGED.com:/
Maybe that syntax
Kelson wrote:
jdow wrote:
Methinks there is a candidate meta rule here. SPF passes and it's in
certain of the BLs leads to a higher score than merely being in the BL.
In particular, an SPF (or similar) pass will make RHSBLs
(right-hand-side blacklists, for those following along) more useful.
I
On Friday, March 4, 2005, 7:37:45 PM, David Funk wrote:
On Fri, 4 Mar 2005, Jeff Chan wrote:
On Friday, March 4, 2005, 5:12:28 PM, Theo Dinter wrote:
On Fri, Mar 04, 2005 at 05:10:42PM -0800, Jeff Chan wrote:
The URI is a little unusual, with a missing port number after the
colon:
From: Daryl C. W. O'Shea [EMAIL PROTECTED]
Kelson wrote:
jdow wrote:
Methinks there is a candidate meta rule here. SPF passes and it's in
certain of the BLs leads to a higher score than merely being in the BL.
In particular, an SPF (or similar) pass will make RHSBLs
using whitelist_from_rcvd), make a lot of sense to me.
If some mentally deficient spammer has the stupidity to maintain an SPF
record for his spam site that is identified in black lists he probably
should get some additional Brownie Points for his stupidity, eh?
{^_-}
Just came across
Hi Theo,
http://crazyrxl0wprices-MUNGED.com:/
Maybe that syntax is throwing off SA?
Yeah, it does look like a bug somewhere in 3.0.x. 3.1 catches it fine,
fwiw.
3.0:
debug: URIDNSBL: domains to query:
3.1:
debug: uridnsbl: domains to query: crazyrxl0wprices.com
Any ETA on 3.1 ?
Thanks,
On Saturday, March 5, 2005, 2:07:22 AM, Raymond Dijkxhoorn wrote:
http://crazyrxl0wprices-MUNGED.com:/
Maybe that syntax is throwing off SA?
Yeah, it does look like a bug somewhere in 3.0.x. 3.1 catches it fine,
fwiw.
3.0:
debug: URIDNSBL: domains to query:
3.1:
debug: uridnsbl:
I am trying to seed the autowhitelist with ham spam and found the
learn_with_whitelist option in PerMsgLearner. A patch to sa-learn to
expose this internal option as a command line option is below.
Question: is this a good or a dangerous idea?
Thanks,
Barrie
'sync'= \$synconly,
Hi everyone, this my very first post, as this is my first attempt at
setting up SpamAssassin... so here's the situation :
The server is a Mandrake 10.1, i run postfix, have mysql (4.0.20)
installed, the perl version is 5.8.5. I've downloaded SA from the site,
but as i wanted it to be
You have no or little mastery of computers even though you read email
with emacs rmail. Spamassassin headers are appearing on your messages.
How do you setup things if you have no or only very little mastery of
making dotfiles?...
Spamassassin instructional information around the web makes use of
|-Original Message-
|From: Theo Van Dinter [mailto:[EMAIL PROTECTED]
|Sent: 05 March 2005 01:27
|To: SpamAssassin Users
|Subject: Re: [SPAM-TAG] SURBL missing this spam
|
|On Fri, Mar 04, 2005 at 05:23:35PM -0800, Jeff Chan wrote:
| Given that it's apparently fixed in 3.1 should we make a
|-Original Message-
|From: martin smith [mailto:[EMAIL PROTECTED]
|Sent: 05 March 2005 11:41
|To: Spamassassin
|Subject: RE: [SPAM-TAG] SURBL missing this spam
|
|Is there a uri rule we could use to catch e.g. .com: or .uk:
|in the mean time untill 3.1 becomes available, there is a
|
|uri SpoofPort_URL /.*\:.*|.*\...:.*/ score SpoofPort_URL 1
|
Ok MK2 that one could FP on genuine URLs with a port specified
uri SpoofPort_URL /.*\:.*|.*\...:.*/
score SpoofPort_URL 1
uri OkPort_URL
/.*\:|.*\...:./|/.*\:\/.*|.*\...:.\/.*/
score OkPort_URL -1
On Saturday 05 March 2005 14:49, martin smith wrote:
|uri SpoofPort_URL /.*\:.*|.*\...:.*/ score SpoofPort_URL 1
Ok MK2 that one could FP on genuine URLs with a port specified
uri SpoofPort_URL /.*\:.*|.*\...:.*/
score SpoofPort_URL 1
uri OkPort_URL
|-Original Message-
|From: Duncan Hill [mailto:[EMAIL PROTECTED]
|Sent: 05 March 2005 15:02
|To: users@spamassassin.apache.org
|Subject: Re: [SPAM-TAG] SURBL missing this spam
|
|On Saturday 05 March 2005 14:49, martin smith wrote:
| |uri SpoofPort_URL /.*\:.*|.*\...:.*/ score
Duncan,
As written your rule only checks for a ':' immediately before a '/'.
But at least one valid use of the colon is http://[EMAIL PROTECTED]:host, which
is defined as part of the stardard HTTP protocol.
Paul Shupak
[EMAIL PROTECTED]
Hello,
- mailx [command line] mail is processed 5x faster than mail sent
using pine.
we're using Gentoo.
software versions:
mail-filter/spamassassin-ruledujour-20050106
mail-filter/spamassassin-3.0.2-r1
mail-client/pine-4.62
some of local.cf:
trusted_networks 192.168/16 127/8
Hi everyone...
So far, SpamAssassin is running ok... now I want to eliminate the spam
from the users mailboxes. here's the deal :
A mail server, serving several domains : domain_a.com, domain_b.com,
domain_c.com etc...
for the moment, domain_a and domain_b are filtered, but if everything
runs
At 12:36 PM 3/5/2005, Rob Fantini wrote:
Hello,
- mailx [command line] mail is processed 5x faster than mail sent using
pine.
Your difference in time is 1.1 second vs 5.8 seconds. Is that always
consistent over a large set of emails?
I can see from your results you've got network checks
At 06:18 AM 3/5/2005, Stephane Parenton wrote:
Checking if your kit is complete...
Looks good
Writing Makefile for Mail::SpamAssassin
then the installation runs through this :
warning: description for HIDE_WIN_STATUS is over 50 chars
warning: description for EXCUSE_24 is over 50 chars
warning:
At 05:53 AM 3/5/2005, Barrie Slaymaker wrote:
I am trying to seed the autowhitelist with ham spam and found the
learn_with_whitelist option in PerMsgLearner. A patch to sa-learn to
expose this internal option as a command line option is below.
Question: is this a good or a dangerous idea?
Hello Don,
You are correct. SpamAssassin is an open source project which
performs rather specific and technical functions, and in order for it
to work correctly it needs people with rather specific and technical
knowledge to apply it.
If you do not have the minimum technical knowledge required
On 3/4/2005 1:57 PM, Rob McEwen (PowerView Systems) wrote:
Quinlan: Any technique that tries to identify good mail without
authentication backing it up, or some form of personalized training. It
worked well for a while, but it's definitely not an effective technique
today.
I kind of disagree
Matt Kettler wrote:
Personaly, I find this dangerous. I strongly disagree with the
practice of seeding the AWL.. You really shouldn't have to, nor want
to.
Would you mind explaining why you find this to be dangerous?
- Barrie
Don Saklad wrote:
You have no or little mastery of computers even though you read email
with emacs rmail. Spamassassin headers are appearing on your messages.
How are those spamassassin headers showing up in your messages?
Someone must have configured it for you. If not you then your ISP is
It's kind of an arrogant argument about not using something more
advanced than your knowledge. It did not stop a lot of people from
exploring things more advanced than their knowledge including young
aficionados of computers themselves. There are a lot of areas of
interest and knowledge. One can
You appear to be a 'user'. This is not a 'user' mailing list. It is for
system admins and developer types who install or configure spamassassin on
their servers at a system level. You should be talking with your system
administrator who installed SA rather than abusing this list.
-Original
I think you are confused! What people are saying here is, this is a
mailing list for the _administration_ and _installation_ of
SpamAssassin. If you have any specific issues pertaining to the above
then welcome! Other wise, if these headers are added by your ISP or some
mail relay along the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi all,
I would like to throw out a request for admins that are using, have tried or
want to
use MS Exchage public folders to gather messages that will be fed back to
sa-learn.
Background:
Since there are not many (any?) good ways to retrieve
On Sat, 5 Mar 2005, Bob Proulx wrote:
Don Saklad wrote:
Spamassassin instructional information around the web makes use of
jargon and arcane references that make it a research project for
people with no or little mastery just to get through the instructional
information !
SpamAssassin
I'm running spamc/spamd 3.0.2 in Debian. I have Bayesian tests turned on,
and network tests off.
Lately a lot of spam has been getting through to my mailbox. SA's false
negative rate used to be about 1%; now it's about 50%. Looking at the
headers for the spam that's getting through, I see that
David B Funk wrote:
This particular one has been killfiled all over Usenet for over
a decade and so has turned to mailing lists.
A quick Google or Usenet search will reveal it for what it is. ;)
Wow. I have been living a sheltered life of late and have blissfully
missed him. Google does
Andrew Schulman wrote:
I'm running spamc/spamd 3.0.2 in Debian. I have Bayesian tests turned on,
and network tests off.
I am running a similar system. But with network tests turned on. The
network tests such as SURBL[1] are huge factors in increasing spam
classification accuracy for me.
At very least, try this test with 3 consecutive mails per client to
get some feel of varriance in network lookup times.
I ran the tests you suggested and sure enough it
averages about the same for pine and mailx mails to be processed.
Is there a way to disable spamassassin from processing
--On Saturday, March 05, 2005 19:53:14 +0100 Stephane Parenton
[EMAIL PROTECTED] wrote:
Hi everyone...
So far, SpamAssassin is running ok... now I want to eliminate the spam
from the users mailboxes. here's the deal :
A mail server, serving several domains : domain_a.com, domain_b.com,
On Saturday 05 March 2005 1:21 pm, Andrew Schulman wrote:
I understand that the individual test scores are fed through a neural
network to derive the final score. So it seems that this network has
started to behave badly.
You misunderstand. The neural network (or whatever they're using
45 matches
Mail list logo