Brandon Kuczenski wrote:
> I've seen this question posted a couple times in the mailing list
> archives (from October 2004) but no resolution. The question again:
>
> I'm running SpamAssassin 3.0.2 on FreeBSD 4.10 in spamc/spamd format
> with the '-u spamd' flag. Problem is, all the child proces
I noticed that DNS_FROM_RFC_BOGUSMX appears not to be working with SA 3.0.2 on
our postfix boxes that relay the mails to the final inbox servers - probably
because the envelope sender is not listed in any header yet.
(How) can I
- configure postfix to list the envelope sender in a header or
- ap
Justin Mason wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
It's specifically a problem with perl on *BSD platforms -- there's
a bug open about it, but it's stalled because we don't have any
developers with BSD machines ;)
at least on some platforms (MacOS X) it appears perl's setuid
support
Stewart, John wrote:
>>Use the test point, this should hit one of the SURBL lists,
>>but I forget
>>if it shows up as WS or SC:
>>
>>
>>
>
>For this it only hits SPAMCOP_URI_RBL. Is this normal? (it sounds like it's
>supposed to trigger more, I thought)
>
>
>
No, it's only supposed to hit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
It's specifically a problem with perl on *BSD platforms -- there's
a bug open about it, but it's stalled because we don't have any
developers with BSD machines ;)
at least on some platforms (MacOS X) it appears perl's setuid
support substantially doe
Brandon Kuczenski wrote:
I've seen this question posted a couple times in the mailing list
archives (from October 2004) but no resolution. The question again:
I'm running SpamAssassin 3.0.2 on FreeBSD 4.10 in spamc/spamd format
with the '-u spamd' flag. Problem is, all the child processes are
I've seen this question posted a couple times in the mailing list archives
(from October 2004) but no resolution. The question again:
I'm running SpamAssassin 3.0.2 on FreeBSD 4.10 in spamc/spamd format with
the '-u spamd' flag. Problem is, all the child processes are running as
root:
$ ps a
> Use the test point, this should hit one of the SURBL lists,
> but I forget
> if it shows up as WS or SC:
>
> http://surbl-org-permanent-test-point.com/
For this it only hits SPAMCOP_URI_RBL. Is this normal? (it sounds like it's
supposed to trigger more, I thought)
thanks!
johnS
Paul Fielding wrote:
>Matt Kettler evi-inc.com> writes:
>
>
>
>>Also, make sure your Net::DNS is sufficiently up-to-date so that the
>>URIBL tests (SURBL, etc) can run. Look to make sure you've got some spam
>>hitting URIBL_SC_SURBL, URIBL_WS_SURBL, etc.
>>
>>
>
>
>Any suggestions on testin
Matt Kettler evi-inc.com> writes:
> Also, make sure your Net::DNS is sufficiently up-to-date so that the
> URIBL tests (SURBL, etc) can run. Look to make sure you've got some spam
> hitting URIBL_SC_SURBL, URIBL_WS_SURBL, etc.
Any suggestions on testing that the ability of URIBL tests to run?
M>-Original Message-
M>From: Chris Santerre [mailto:[EMAIL PROTECTED]
M>Sent: 26 April 2005 21:26
M>To: 'martin smith'; Spamassassin
M>Subject: RE: SA config recommendations to block these spammers?
M>
M>
M>Martin, could we get permission to put this in a SARE file?
M>Full credit to you o
>I did write a rule to catch these since a lot of spammers are
>still using
>this trick :-
>
>uri __SpoofPort_URL /(?:\:|\...:)/
>
>uri __OkPort_URL /(?:\:[0-9]|\...:[0-9])/
>
>meta MS_Spoof_Port_URL ((__SpoofPort_URL - __OkPort_URL) > 0)
>
>score MS_Spoof_Port_URL 9
>
>describe MS_Spoof_
Attached is my debug info when running spamassassin -D --lint.
I was logged on as the user so that just to make sure it picked up the correct
user_prefs.
Thanks,
Antonio DeLaCruz
Quoting "Pettit, Paul" <[EMAIL PROTECTED]>:
Antonio DeLaCruz [mailto:[EMAIL PROTECTED] wrote:
=20
Here is my user_prefs
On Tue, Apr 26, 2005 at 03:36:46PM -0400, Michael W Cocke wrote:
> I'm in the middle of rebuilding my mail server from scratch, and I
> just came across a reference to an SA plugin that doesn't seem to be
> available anymore - MSExec. More out of curiousity than anything
> else, what happened to i
the whitelist line actually reads:
whitelist_from [EMAIL PROTECTED]
whitelist_from [EMAIL PROTECTED]
I removed the actual entries to protect the innocent.
I don't have that e-mail anymore, but I'm sure that I will get another one and
will copy and paste the headers.
Thanks,
Antonio DeLaCruz
Quoting
I'm in the middle of rebuilding my mail server from scratch, and I
just came across a reference to an SA plugin that doesn't seem to be
available anymore - MSExec. More out of curiousity than anything
else, what happened to it/the author?
Mike-
--
Mornings: Evolution in action. Only the grumpy
so I need to switch it to something like this?
blacklist_from [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] ...
Thanks,
Antonio DeLaCruz
Quoting Jim Maul <[EMAIL PROTECTED]>:
Martin Hepworth wrote:
Antoni
blacklist (and others like trusted networks) need to have all values
on one line, not
jdow wrote:
>I tend to get spamd errors on some messages that may be related to the
>spam markup. The messages get as far as this bug report and processing
>terminates with no spam markup at all.
>===8<---
> error: Insecure dependency in eval while running setuid at
>/usr/lib/perl5/site_perl/5.8.5
> Antonio DeLaCruz [mailto:[EMAIL PROTECTED] wrote:
>
> Here is my user_prefs file:
>
> # SpamAssassin config file for version 3.0
>
[snip]
>
> whitelist_from address.com
>
Is this a typo or what is actually in the user_pref file? Seems odd and may
be related if it isn't a typo.
> Start
Matt Kettler wrote:
trusted_networks does need to be on one line, but black/whitelist
commands don't.
trusted_networks (and internal_networks) can actually be on multiple
lines too... it uses the same config code as the black/whitelist options.
Daryl
Antonio DeLaCruz wrote:
>Here is my user_prefs file:
>
>
>
First, delete the following lines. They are syntax errors.
>subject_tag *SPAM*
>
>use_terse_report0
>
>
>
Next, run spamassassin --lint and fix any other things it complains
about. the --lint should just r
Martin Hepworth wrote:
> Antoni
>
> blacklist (and others like trusted networks) need to have all values
> on one line, not multiple declarations AFAIK
Martin, blacklist_from, like whitelist_from, does NOT require all values
to be on one line. Take a look at WS's old sa-blacklist.cf for an examp
Joe Kletch wrote:
>
> Thinking I should check the auto white-list I looked for the tools on
> my FreeBSD 5.3 box running SA 3.02 and no tools exist. Nothing in the
> ports tree--so I loaded the RPM port and then set to load the RPM
> Package, however it complained about a bunch of missing dependen
Martin Hepworth wrote:
Antoni
blacklist (and others like trusted networks) need to have all values on
one line, not multiple declarations AFAIK
--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300
Antonio DeLaCruz wrote:
Here is my user_prefs file:
# SpamAssassin
Antoni
blacklist (and others like trusted networks) need to have all values on
one line, not multiple declarations AFAIK
--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300
Antonio DeLaCruz wrote:
Here is my user_prefs file:
# SpamAssassin config file for versio
Joe Kletch <[EMAIL PROTECTED]> wrote on 04/26/2005
10:31:43 AM:
[snip]
>
> On another server or two I have disabled the auto white-list. Is this
> acceptable practice? Now that I am into this I recall seeing this
issue
> before and thus decided to disable it. Comments on this practice?
>
> J
On Apr 26, 2005, at 10:46 AM, Matt Kettler wrote:
Joe Kletch wrote:
On Apr 26, 2005, at 10:13 AM, Matt Kettler wrote:
Off color Jokes are rampant in this organization from the CEO down.
I'm sure the auto-learn dbs are quite confused. I'll probably raise
the threshold and keep requesting header of
Here is my user_prefs file:
# SpamAssassin config file for version 3.0
# How many hits before a message is considered spam.
required_score 3.5
# Whether to change the subject of suspected spam
rewrite_header subject *SPAM*
# Text to prepend to subject if rewrite_subjec
Daryl C. W. O'Shea wrote:
Robert Brooks wrote:
the url has a : but no port so it doesn't get checked properly by the
URIDNSBL code, think there's a bugzilla to fix this, but I can't locate
it at the moment.
bug 4191... it's fixed in 3.0.3.
that's the one. I applied the patch and have just recheck
Joe Kletch wrote:
>
> On Apr 26, 2005, at 10:13 AM, Matt Kettler wrote:
>
>>
>
> Off color Jokes are rampant in this organization from the CEO down.
> I'm sure the auto-learn dbs are quite confused. I'll probably raise
> the threshold and keep requesting header of FPs.
Really, off-color jokes sho
M>-Original Message-
M>From: ROY,RHETT G [mailto:[EMAIL PROTECTED]
M>Sent: 26 April 2005 14:51
M>To: users@spamassassin.apache.org
M>Subject: SA config recommendations to block these spammers?
M>
M>I have two spammers that consistently get messages through to
M>my inbox.
M>Based on the
> URIDNSBL code, think there's a bugzilla to fix this, but I can't locate
> it at the moment.
There is; should be in 3.0.3 when it comes out, I believe.
Loren
The first domain, coolestrxever. com, is part of the group of
taiwantelco/taiwanmedialtd pill pushers, using a new (and false) Beverley
Hills address (the earliest ones actually used the zipcode "90210" and the
address was spoken in an episode of the show).
The second domain, magna
Robert Brooks wrote:
ROY,RHETT G wrote:
I have two spammers that consistently get messages through to my inbox.
Based on the attached, can you make any recommendations for
improvements to
my configuration that will help give these messages a higher score? I'm
calling SA (spamd, 3.0.2) as a content
On Apr 26, 2005, at 10:08 AM, Matt Yackley wrote:
Joe Kletch said:
Reference header text below "3.7 AWL AWL: From: address is in the auto
white-list" why is something in the auto whitelist scoring positive?
Shouldn't this be adding negative points?
Thanks,
Joe Kletch
* 3.7 AWL AWL: From: address i
ROY,RHETT G wrote:
I have two spammers that consistently get messages through to my inbox.
Based on the attached, can you make any recommendations for improvements to
my configuration that will help give these messages a higher score? I'm
calling SA (spamd, 3.0.2) as a content filter from Postfix.
On Apr 26, 2005, at 10:13 AM, Matt Kettler wrote:
Joe Kletch wrote:
Reference header text below "3.7 AWL AWL: From: address is in the auto
white-list" why is something in the auto whitelist scoring positive?
Shouldn't this be adding negative points?
First, despite it's name the AWL's behavior is NO
On Apr 26, 2005, at 10:08 AM, Matt Yackley wrote:
* 3.7 AWL AWL: From: address is in the auto white-list
Hi Joe,
Check out http://wiki.apache.org/spamassassin/AwlWrongWay
Thanks--that makes sense. Fighting false positives for a high-strung
sales organization is quite a challenge these days.
Joe
Matt Yackley wrote:
>J
>
>
>--matt "gonna see if I can post this faster than Matt K."
>
>
>
Damnit!! You beat me to a post in my favorite topic :)
Joe Kletch wrote:
> Reference header text below "3.7 AWL AWL: From: address is in the auto
> white-list" why is something in the auto whitelist scoring positive?
> Shouldn't this be adding negative points?
>
First, despite it's name the AWL's behavior is NOT limited to being a
whitelist.
It's a s
Joe Kletch said:
> Reference header text below "3.7 AWL AWL: From: address is in the auto
> white-list" why is something in the auto whitelist scoring positive?
> Shouldn't this be adding negative points?
>
> Thanks,
>
> Joe Kletch
* 3.7 AWL AWL: From: address is in the auto white-list
Hi Joe,
C
Alex Broens wrote:
99% sure its Critical Path's Messaging Server (http://www.cp.net)
Looks like it to me. Thanks Alex!
Daryl
Reference header text below "3.7 AWL AWL: From: address is in the auto white-list" why is something in the auto whitelist scoring positive? Shouldn't this be adding negative points?
Thanks,
Joe Kletch
---
X-AOL-IP: 205.188.162.5
X-Spam-Prev-Subject: Breakfast menu card
X-Spam-Flag: YES
X-Spam-Ch
Daryl C. W. O'Shea wrote:
Can anyone identify the mail service that generates these authenticated
(login) headers?
Received: from rousalka.dyndns.org (81.64.155.54) by mx.laposte.net
(7.0.028) (authenticated as user.name) id 413489B100C9C1FD for
[EMAIL PROTECTED]; Tue, 28 Sep 2004 21:43:43 +020
Niek <[EMAIL PROTECTED]> wrote on
04/26/2005 03:17:05 AM:
> On 4/26/2005 9:23 AM +0200, Daryl C. W. O'Shea wrote:
> > Can anyone identify the mail service that generates these authenticated
> > (login) headers?
> >
> >
> > Received: from rousalka.dyndns.org (81.64.155.54) by mx.laposte.net
>
Hello, RHETT.
Are you correctly install Mail::SPF::Query ?
Do you use Postfix sender verification realtime callback?
I recommend to increase RCVD_IN_BL_SPAMCOP_NET to 4 or something...
Legitimate sources usually don't fall into this list.
You wrote 26 апреля 2005 г., 17:51:15:
> I have two spamm
I have two spammers that consistently get messages through to my inbox.
Based on the attached, can you make any recommendations for improvements to
my configuration that will help give these messages a higher score? I'm
calling SA (spamd, 3.0.2) as a content filter from Postfix.
Thanks,
Rhett Roy
Hello, Mike.
Do you limit the maximum size of messages to be scanned?
For reduce receiving of 100% spam messages use the Exim sender
verification; then if you are
use exiscan and it can, do reject messages from zombie computers with
bogus HELO, like HELO 123.123.123.123 or HELO
123-123-123.virtua.
On 4/26/2005 9:23 AM +0200, Daryl C. W. O'Shea wrote:
Can anyone identify the mail service that generates these authenticated
(login) headers?
Received: from rousalka.dyndns.org (81.64.155.54) by mx.laposte.net
(7.0.028) (authenticated as user.name) id 413489B100C9C1FD for
[EMAIL PROTECTED]; Tu
On 4/14/05, J Thomas Hancock <[EMAIL PROTECTED]> wrote:
> I am having one heck of a time getting Bayes working with SpamAssassin.
>
> I am using postfix 2.2.2 and SA 3.00.2. Postfix is being ran as the user
> postfix. SA is being ran as postdrop.
>
> The following is the output from the syslog.
Can anyone identify the mail service that generates these authenticated
(login) headers?
Received: from rousalka.dyndns.org (81.64.155.54) by mx.laposte.net
(7.0.028) (authenticated as user.name) id 413489B100C9C1FD for
[EMAIL PROTECTED]; Tue, 28 Sep 2004 21:43:43 +0200
mx.laposte.net helos as
Hello Robert,
Monday, April 25, 2005, 8:47:28 AM, you wrote:
>> Subject: rawlex repliccas esp. for you ashtray
RB> are they being rude about me, or just suggesting where I should but the
RB> repliccas ;-)
RB> on a more serious not we need something like (?:o|aw) in the rolex rules.
I hadn't s
On Tue, Apr 26, 2005 at 12:22:35AM -0400, Steven W. Orr wrote:
> I'm looking into converting to using SQL and I saw the conversion of the
> bayes data but nothing for the autowhitelist. Anyone?
tools/convert_awl_dbm_to_sql
Michael
pgpNw0HVHpcPD.pgp
Description: PGP signature
I tend to get spamd errors on some messages that may be related to the
spam markup. The messages get as far as this bug report and processing
terminates with no spam markup at all.
===8<---
error: Insecure dependency in eval while running setuid at
/usr/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/
I'm looking into converting to using SQL and I saw the conversion of the
bayes data but nothing for the autowhitelist. Anyone?
TIA
--
Time flies like the wind. Fruit flies like a banana. Stranger things have .0.
happened but none stranger than this. Does your driver's license say Organ ..0
Donor
Dan Simmons wrote:
SURBL, and Razor 2 truly tore this message up on my system. All based on
a URI being present.
(score=9.931, required 5,BAYES_01 -1.52, HTML_70_80 0.10,
HTML_FONTCOLOR_BLUE 0.10, HTML_FONTCOLOR_UNKNOWN 0.10,
HTML_FONTCOLOR_UNSAFE 0.10, HTML_MESSAGE 0.10,HTTP_ESCA
SURBLs will catch these because of:
> href="http://ukbyfzovkfmz.net&saaplurfngdush5utq4x%2Erancejknfl%2Ecom/";>C8lick
> her9e for our pi1ll of the day s5pecial!
http://www.surbl.org/
Jeff C.
--
Jeff Chan
mailto:[EMAIL PROTECTED]
http://www.surbl.org/
=_010402050705060707060009
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
=_010402050705060707060009
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: 7Bit
=_010402050705060707060009--
58 matches
Mail list logo