-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Theo Van Dinter writes:
On Thu, May 19, 2005 at 11:35:01PM -0400, Eric Wood wrote:
Your correct. It's the only spamassassin-3x rpm I could find on the net at:
http://dag.wieers.com/home-made/apt/
I'd just build it yourself. Docs are on the
Hi,
so first the general infos, which i should be sure to note:
Well... i run a qmail mailserver with qmailqueue-patch, vpopmail and
qmail-scanner which scans for viruses and even yet for spam with
spamassassin invoking through spamd. The thing is, for each mailaddress
i fetch the emails from a
Hi,
I use the line below to educate my spamassassin.: (run by each user by cron)
**sa-learn --spam /home/$USER/.Maildir/.ReportSpam/* --showdots
What I would like to now i if this reports to any internetserver. Why I
ask if due to the -L (-local) switch). I do not wish to report to a
server
On Thu, May 19, 2005 at 10:15:41PM -0700, [EMAIL PROTECTED] wrote:
Hello list,
in several posts I have noticed people refer to a caching nameserver.
What exactly is that?
It's a nameserver without local zone information except for
root-hints and, perhaps, localhost.
Would BIND 9.3.1
Hi
yes Bind will become a caching only name server if you don;t have any
local zone files to lookup. Basically think of it as a proxy with
memory. It will remember previous look ups so it won't ask it's
resolvers again (unless the timeout value on the record has been reached).
--
Martin
Jake
have a look at the output of spamassassin -D --lint mailmessage. You
might be trusting the secondary MX or it might be bypassing you SA
system altogether.
--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300
Jake Colman wrote:
If my sendmail server is
Kenneth
here's what I use do just that - code originally from someone else.
mangled slightly by me..
--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300
Kenneth Porter wrote:
I'd like to knock together a utility for invoking SA against messages in
an IMAP
On 2005-05-19 22:15:41 -0700, [EMAIL PROTECTED] wrote:
in several posts I have noticed people refer to a caching nameserver.
What exactly is that? Would BIND 9.3.1 qualify? Any advice would be
http://www.google.com/search?q=caching+nameserver
HTH. HAND.
--
My Dl360 with dual 1.266ghz CPU's, 2GB of RAM, and dual 18GB mirrored scsi
drives can only scan a message in 4-5 seconds. At least that was my scan
time with a completely default setup, running spamd/spamass-milter, SA
3.0.1, RedHat FC2, and sendmail 8.13.1. I haven't checked in a while
in several posts I have noticed people refer to a caching nameserver.
What exactly is that? Would BIND 9.3.1 qualify? Any advice would be
greatly appreciated.
yes Bind will become a caching only name server if you don;t have any
local zone files to lookup. Basically think of it as a
email builder wrote:
in several posts I have noticed people refer to a caching nameserver.
What exactly is that? Would BIND 9.3.1 qualify? Any advice would be
greatly appreciated.
yes Bind will become a caching only name server if you don;t have any
local zone files to lookup.
am i right in thinking that messages which are spam but have attracted
low baysian scores should be sa-learn't appropriately. and messages
which arent spam but have attracted (this is where i start to get a
little confused) high baysian scores or just high SA scores (ie more
than the spam
I've been running quite a lot of sare rules on a site-wide SA
installation for a month or two now. I've been keeping a fairly close
eye on it, and there have been few false positives generally.
But today I noticed that several e-mails are hitting both
SARE_CHARSET_W1251 and SARE_FROM_CHAR_W1251.
in several posts I have noticed people refer to a caching nameserver.
What exactly is that?
It's a nameserver without local zone information except for
root-hints and, perhaps, localhost.
Would BIND 9.3.1 qualify?
Yes.
Both of our mail servers are also DNS boxes with real zones. Is there
On 5/20/2005 11:52 AM +0200, [EMAIL PROTECTED] wrote:
Both of our mail servers are also DNS boxes with real zones. Is there
any way
for BIND to act both as a normal DNS server for domains and also a caching
nameserver?
Yes, read the BIND documentation.
Niek
http://cr.yp.to/djbdns.html
simple, small, fast.
--
Mirko Steiner
Gesotec Soft- und Hardware GmbH
Hilpertstr. 35
D-64295 Darmstadt
Tel: +49 (6151) 66 777 50
Fax: +49 (6151) 66 777 59
http://www.gesotec.de
Chris Lear wrote:
But today I noticed that several e-mails are hitting both
SARE_CHARSET_W1251 and SARE_FROM_CHAR_W1251. These are ham, sent from
(one specific address in) Ukraine to a Ukrainian in England, written in
English.
The scoring is such that the e-mail gets a score of 3.333 PLUS 4.0 - so
* Mirko Steiner [EMAIL PROTECTED] [2005-05-20 09:31]:
Fri, 20 May 2005 09:10:37 CEST:53653: spamassassin: don't scan as
RELAYCLIENT implies this was sent by a local user
Mirko,
yepp. Your question might find better answers in the qmail-scanner
mailing list.
In the FAQ [1] I find (Q18):
If
* John Wilcock wrote (05/20/05 10:51):
Chris Lear wrote:
But today I noticed that several e-mails are hitting both
SARE_CHARSET_W1251 and SARE_FROM_CHAR_W1251. These are ham, sent from
(one specific address in) Ukraine to a Ukrainian in England, written in
English.
The scoring is such that
[EMAIL PROTECTED] wrote:
I would like to be removed from this distrubtion list, anyone have an idea
how to do that?
Yes in the headers:
[EMAIL PROTECTED]
--
Thanks,
James
Chris Lear wrote:
They're in my header0.cf from sare/rules du jour. And in header.cf with
a lower score as well. Have I got the wrong files?
Methinks you have an old header0.cf that is no longer being updated -
these rules aren't in the current header0 on rulesemporium.com.
And in any case you
* John Wilcock wrote (05/20/05 12:15):
Chris Lear wrote:
They're in my header0.cf from sare/rules du jour. And in header.cf with
a lower score as well. Have I got the wrong files?
Methinks you have an old header0.cf that is no longer being updated -
these rules aren't in the current
Alex Pleiner wrote:
yepp. Your question might find better answers in the qmail-scanner
mailing list.
wooops, sorry, i thought this is a configuration issue by SA... so i
havn't take a look arround by the other software websites...
thanks a lot!
--
Mirko Steiner
Gesotec Soft- und Hardware GmbH
Hi,
I'm setting up SpamAssassin by following the instructions on this
website,
http://www.firstpr.com.au/web-mail/Postfix-SA-Anomy-Maildrop/
http://www.firstpr.com.au/web-mail/Postfix-SA-Anomy-Maildrop/
Has anyone used the instructions on this website and setup SpamAssassin
successfully?
My
On Friday 20 May 2005 01:15, [EMAIL PROTECTED] wrote:
Hello list,
in several posts I have noticed people refer to a caching
nameserver. What exactly is that? Would BIND 9.3.1 qualify? Any
advice would be greatly appreciated.
Regards,
Devin
On my systems, there is an 'nscd'.
Is this not a
--On Friday, May 20, 2005 9:07 AM -0400 Jennifer Lai [EMAIL PROTECTED]
wrote:
I'm setting up SpamAssassin by following the instructions on this
website,
http://www.firstpr.com.au/web-mail/Postfix-SA-Anomy-Maildrop/
http://www.firstpr.com.au/web-mail/Postfix-SA-Anomy-Maildrop/
You're using
nscd is a Solaris daemon (perhaps other OSs as well) that caches
gethostbynam()/gethostbyaddr() lookups (and others of that ilk), but not all of
the DNS lookups that SpamAssassin uses (I think SpamAssassin may specifically
bypass some of those by use Net::DNS directly instead of the built-in OS
2) is there a way to test a Bind server to make sure it is in fact caching
its lookups?
dig(1) - Linux man page ... dig (domain information groper) is a flexible
tool for interrogating DNS name servers.
http://www.die.net/doc/linux/man/man1/dig.1.html
Hello Chris, John,
Friday, May 20, 2005, 3:47:55 AM, you wrote:
I can re-score these rules (or remove sare_header0, which will lower the
scores anyway), but I have 2 questions:
- Is this a slightly unfair double-scoring?
- Are there any other similar rules I should worry about, given that
Along those same lines, is the message limit of 250K with or without
attachments?
Steven
-Original Message-
From: Matt Kettler [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 19, 2005 3:56 PM
To: Jim Maul
Cc: Ingo Reinhart; users@spamassassin.apache.org
Subject: Re: sa-learn and big
I'd like to write a custom rule that would allow e-mail in from users that have an attachment with a weird in house extension like foo.bar . How would I do this?
MK == Matt Kettler [EMAIL PROTECTED] writes:
MK Jake Colman wrote:
If my sendmail server is down, a backup MX in a different domain catches
all
my email. When my sendmail server comes back up, the backup MX dumps all
the
mail it's been holding for me. It seems that all the
- Original Message -
From: Joe Zitnik
I'd like to write a custom rule that would allow e-mail in from users that
have an attachment
with a weird in house extension like foo.bar . How would I do this?
How about delivering it before spamassassin sees it in procmail?:
:0
*
Dec 16 08:23 bogus-virus-warnings.cf.20041218-0453
103635 Dec 17 10:44 bogus-virus-warnings.cf.20050103-0436
104973 Jan 2 05:22 bogus-virus-warnings.cf.20050114-0501
105986 Jan 13 18:43 bogus-virus-warnings.cf.20050520-0903
Since it seems to be just a history of the script changes can I delete
all
I try never to admit this, but we have spamassassin running on a windows box with a third party app. Users send e-mails with .bar attachments. Some are getting hit as spam because of content. I'd like a rule that says if you have a .bar extension on an attachment, let me in.
Steven Manross wrote:
Along those same lines, is the message limit of 250K with or without
attachments?
That's raw message size, including attachments, encoding, and everything else.
Spamc isn't even aware of attachments, so it just looks at the whole message
size.
Kenneth Porter wrote:
website,
http://www.firstpr.com.au/web-mail/Postfix-SA-Anomy-Maildrop/
http://www.firstpr.com.au/web-mail/Postfix-SA-Anomy-Maildrop/
I'm setting up SpamAssassin by following the instructions on this
You're using FC2, which is RPM-based, so use the SpamAssassin RPM to
Joe Zitnik wrote:
I'd like to write a custom rule that would allow e-mail in from users
that have an attachment with a weird in house extension like foo.bar .
How would I do this?
You'd need to use a full rule, as body and rawbody won't be able to see the mime
section headers.
You'll want to
On Fri, May 20, 2005 at 12:08:05AM -0700, Justin Mason wrote:
It might make sense to turn some of those optional-but-recommended
dependencies into requirements, in packages for platforms where
apt-get-style systems are available; if the user doesn't have to
do additional work to get them, then
Jake Colman wrote:
MK == Matt Kettler [EMAIL PROTECTED] writes:
MK Jake Colman wrote:
If my sendmail server is down, a backup MX in a different domain
catches all
my email. When my sendmail server comes back up, the backup MX dumps
all the
mail it's been holding for me.
Martin Hepworth wrote:
Jake
have a look at the output of spamassassin -D --lint mailmessage. You
might be trusting the secondary MX or it might be bypassing you SA
system altogether.
SpamAssassin's concept of trust has nothing to do with it.
There's no X-Spam-* headers, so SA is being
Should local
whitelists go into /etc/mail/spamassassin/local.cf
or
/etc/MailScanner/rules/spam.whitelist.rules
?
Is one more
effective than the other?
thanks
E-mail correspondence to and from this address may be subject to the
North Carolina Public Records Law and may be disclosed to
Let me explain this system, since it might be relevant to the discussion.
This is a simple home-based network server that is processing mail for its
own domain. This domain (jnc.com) is known to the world and all email sent
to [EMAIL PROTECTED] is delivered to the sendmail running on my box.
A couple of further questions. I was looking through your howto on the spamassassin site, and didn't see any info on full type rules. So where I would normally put header, body, etc, I'd put full, correct? Is there some way I could eliminate the /Content-Disposition: attachment;.{0,30} portion of
Joe Zitnik wrote:
A couple of further questions. I was looking through your howto on the
spamassassin site, and didn't see any info on full type rules. So where
I would normally put header, body, etc, I'd put full, correct?
Yes.
full is a rule type that examines the full message text. I
Thomas Deaton wrote:
Should local whitelists go into /etc/mail/spamassassin/local.cf
or /etc/MailScanner/rules/spam.whitelist.rules
?
Is one more effective than the other?
They operate differently, and in general the MailScanner level whitelist
(spam.whitelist.rules) is better than using SA's
- Original Message -
From: [EMAIL PROTECTED]
Yes. 0.34 is necessary for SpamAssassin 3.0.
two questions:
1. What breaks in SA when using Net::NDS version 0.31 ?
Nothing should break. The INSTALL file states that spamassassin will
silently skip certain tests if/when a particular
47 matches
Mail list logo