From: "Robert Menschel" <[EMAIL PROTECTED]>
Just a quick note that SARE's "specific" rules file has been updated.
This will begin to help catch the recent wave of obfuscating drug
spam.
More rules file updates to follow.
Documentation concerning specific.cf at
http://www.rulesemporium.com/ru
Just a quick note that SARE's "specific" rules file has been updated.
This will begin to help catch the recent wave of obfuscating drug
spam.
More rules file updates to follow.
Documentation concerning specific.cf at
http://www.rulesemporium.com/rules.htm#specific
Bob Menschel
> goals as irrelevant as you explicitly did. I, for one, enjoy the thought
> of
> people working together for goals outside of their own self-interest.
>
>
> So we circle back to the start: you apparently have a utopian user
> community
> that does not have any need to correspond with hotmail us
99_FVGT_DomainDigits.cf
This shows at http://rulesemporium.com/other-rules.htm as being at
http://rulesemporium.com/rules/99_FVGT_DomainDigits.cf. It 404s.
{^_^}
From: Matt Kettler <[EMAIL PROTECTED]>
Subject: Re: How to disable AWL in ~/.user_prefs
Date: Thu, 22 Sep 2005 11:59:47 -0400
> MATSUDA Yoh-ichi wrote:
> > Hello, spamassassiners.
> >
> > I have upgraded SA 3.1.0 im my Debian box, using my scamping patch.
> >
> > Yesterday, the spammer sent me
NFN Smith wrote:
> The problem that we do have is that when we list our domains via
> whitelist_from, then incoming mail with forged From: lines that shows
> one of those domains (typically, the same domain as the addressee) is
> given a free pass.
Please don't use whitelist_from. Ever. For anyth
Bowie Bailey wrote:
X-Spam-Score: 6.87 (**) (required=4)
tests=CLICK_BELOW,EXCUSE_3,FREE_CONSULTATION,MAILTO_TO_REMOVE,
NO_OBLIGATION,ONE_TIME_MAILING,REMOVE_IN_QUOTES,REMOVE_SUBJ,RISK_FREE
I don't see ALL_TRUSTED, so apparently this email originated outside
of your network. Otherwise
My Sincere apologies to cbl - now it shows up here too - I've still
removed it from my list for now - no slur's intended, but that seemed
to be the root cause of my problem here. Until I can figure why it
550'd everything I'm probably wisest leaving it out.
DNS is next on my check list.
Thanks fo
Nigel Frankcom wrote:
> Hi All,
>
> This may be old news, but... anyone using abuseseat.org in their RBL's
> should probably remove it. I had it running here in my main server
> config (so not an SA issue) and it's been 550ing every incoming email.
> A quick check of the domain shows nothing there
Hi All,
This may be old news, but... anyone using abuseseat.org in their RBL's
should probably remove it. I had it running here in my main server
config (so not an SA issue) and it's been 550ing every incoming email.
A quick check of the domain shows nothing there at all.
Please let me know if I'
From: NFN Smith [mailto:[EMAIL PROTECTED]
>
> Bowie Bailey wrote:
>
> >>Is there any way of tracing the behavior, to see what's expected and
> >>how things aren't matching when a message actually comes through?
> >
> >
> > It sounds to me like your setup is working as expected. Mails
> > comin
Bowie Bailey wrote:
Is there any way of tracing the behavior, to see what's expected and
how things aren't matching when a message actually comes through?
It sounds to me like your setup is working as expected. Mails coming
from servers in your trusted_networks list will still be scanned for
Upgrade question 2.64 > 3.1.0
Can anyone shed some light on a basic upgrade question:
I am upgrading from a 2.64 version to 3.10 I have AWL running
(site wide) and am unclear how the upgrade will handle the existing
auto-whitelist.pag file? In fact it looks like by default the new
version
> ... but who not to whitelist?
> >>>
> >>> the small guys. unfortunately, large ISPs like that have power in
> >>> the
> >>> number
> >>> of users they have. in no way do I advocate defending that as a good
> >>> thing,
> >>> but the fact that this gives them an immense amount of power to
On Thursday 22 September 2005 06:57 am, Marko Lerota wrote:
> Matthew Yette <[EMAIL PROTECTED]> writes:
> > I've looked on Google for a while now - I haven't been able to find
> > directions or references to having spamd monitored under daemontools.
> > Specifically where I would find how to create
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --- Forwarded Message
> Date:Thu, 22 Sep 2005 21:18:49 +0200
> From:Gadi Evron <[EMAIL PROTECTED]>
> Subject: Call to Arms: Rita Scams
>
> Good evening.
>
> This is a notice from MWP, the malicious websites and phishing research
> & o
Hi Michael,
> First, open cpan by just entering:
> cpan
> Then, type in the command as written above:
> i Net::DNS
>
> This will display the version. Or, in order not to bother around with
> that, just install the newest version:
>
> cpan -i Net::DNS
thanks, it works. My version indeed seems t
Shwetar (sent by Nabble.com) wrote:
Argument "1 (Only if you have installed pyzor)" isn't numeric in numeric eq
(==) at /usr/share/perl5/Mail/SpamAssassin/Conf/Parser.pm line 578.
Argument "1score BAYES_99 15.000" isn't numeric in numeric eq (==) at
/usr/share/perl5/Mail/SpamAssassin/Conf/Pars
Shwetar (sent by Nabble.com) wrote:
> Hi all,
>
> I am a newbie to SA... but the place where I am workin at wants me to
> help eliminate spam for them. I have been trying this for the past 6
> months... but cant figure out what I am missin out on...
> PLEASE HELP PLEASE HELP PLEASE HELP!
>
> when
On Thursday 22 September 2005 1:38 pm, Justin Mason wrote:
> also, run "spamassassin -V", "type spamassassin", and "spamassassin -D
> --lint", to verify that the correct version of SpamAssassin is being run.
> "lock_method flock" is indeed spelled correctly for 3.1.0, but the
> --lint check is fail
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
also, run "spamassassin -V", "type spamassassin", and "spamassassin -D
- --lint", to verify that the correct version of SpamAssassin is being run.
"lock_method flock" is indeed spelled correctly for 3.1.0, but the
- --lint check is failing it.
- --j.
Hi all,
I am a newbie to SA... but the place where I am workin at wants me to help eliminate spam for them. I have been trying this for the past 6 months... but cant figure out what I am missin out on...
PLEASE HELP PLEASE HELP PLEASE HELP!
when I run spamassassin --lint I get the foll. output..
On Thursday 22 September 2005 12:18 pm, Justin Mason wrote:
> Bowie Bailey writes:
> > From: Dimitri Yioulos [mailto:[EMAIL PROTECTED]
> >
> > > On Thursday 22 September 2005 9:17 am, Bowie Bailey wrote:
> > > > From: Dimitri Yioulos [mailto:[EMAIL PROTECTED]
> > > >
> > > > > As I understand it. D
Markus Eskola wrote:
Where your log go?, maybe you don't have logging enabled. Try '-s
/var/log/spamd.log'
Logging should be handled by deamontools aswell better check the
log/run script under the supervise directory.
/markus
From:
http://spamassassin.apache.org/full/3.1.x/dist/doc/spamd.h
Korchmenuk Nickolay wrote:
> Hi
>
> I've upgrate spamass to ver. 3.1.0(from ports)
> And I have next lines in maillog now:
>
> Sep 22 17:35:56 raider spamd[97816]: spamd: setuid to root succeeded
> Sep 22 17:35:56 raider spamd[97816]: spamd: still running as root: user
> not specified with -u, no
abuse.rfc-ignorant.org
dsn.rfc-ignorant.org
At least from my experience, while the rfc-ignorant.org lists are great in
theory, they cause enough problems with end users that they're not worth it.
The last ISP I worked at used them (the sys admin was the walking definition
of a BOFH), and as t
Alex Pleiner wrote:
* Nathanael Hoyle <[EMAIL PROTECTED]> [2005-09-21 22:48]:
Look at other rbl's, consider some or all of:
abuse.rfc-ignorant.org
dsn.rfc-ignorant.org
list.dsbl.org
sbl-xbl.spamhaus.org
opm.blitzed.org
Please note that sbl-xbl.spamhaus.org includes opm.blitzed.org.
Accor
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Bowie Bailey writes:
> From: Dimitri Yioulos [mailto:[EMAIL PROTECTED]
> >
> > On Thursday 22 September 2005 9:17 am, Bowie Bailey wrote:
> > > From: Dimitri Yioulos [mailto:[EMAIL PROTECTED]
> > >
> > > > As I understand it. DCC is no longer free, u
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Marko Lerota wrote:
> Matthew Yette <[EMAIL PROTECTED]> writes:
>
>> Based on my settings (3.0.4), this is my line in the spamd.run
>> file:
>>
>> exec /usr/bin/spamd -d -c -q -m5 -H -u qscand 2>&1
>>
>> I'm also not getting any errors with that -d l
MATSUDA Yoh-ichi wrote:
> Hello, spamassassiners.
>
> I have upgraded SA 3.1.0 im my Debian box, using my scamping patch.
>
> Yesterday, the spammer sent me a tricky spam.
> The spammer wrote my mail address at "From:" field in the spam.
> SA's AWL has been confused.
Are you sure? Did you actual
Matthew Yette <[EMAIL PROTECTED]> writes:
> Based on my settings (3.0.4), this is my line in the spamd.run file:
>
> exec /usr/bin/spamd -d -c -q -m5 -H -u qscand 2>&1
>
> I'm also not getting any errors with that -d left in...
Where your log go?, maybe you don't have logging enabled.
Try '-s /va
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Matthew Yette wrote:
>
>
> On 9/22/05 9:39 AM, "Marko Lerota" <[EMAIL PROTECTED]>
> wrote:
>
>> Markus Eskola <[EMAIL PROTECTED]> writes:
>>
>>> Skip the -d for daemonize makes damontools think that the spamd
>>> process has died and tries to restart
Hi
I've upgrate spamass to ver. 3.1.0(from ports)
And I have next lines in maillog now:
Sep 22 17:35:56 raider spamd[97816]: spamd: setuid to root succeeded
Sep 22 17:35:56 raider spamd[97816]: spamd: still running as root: user
not specified with -u, not found, or set to root, falling back to
From: Dimitri Yioulos [mailto:[EMAIL PROTECTED]
>
> On Thursday 22 September 2005 9:17 am, Bowie Bailey wrote:
> > From: Dimitri Yioulos [mailto:[EMAIL PROTECTED]
> >
> > > As I understand it. DCC is no longer free, under some
> > > circumstances, and is therefore disabled by default in 3.1.0. I
On 9/22/05 9:39 AM, "Marko Lerota" <[EMAIL PROTECTED]> wrote:
> Markus Eskola <[EMAIL PROTECTED]> writes:
>
>>
>> Skip the -d for daemonize makes damontools think that the spamd
>> process has died and tries to restart it. All you'll get is a log full
>> of binding errors
>>
>> /Markus
>
> From: email builder [mailto:[EMAIL PROTECTED]
>
> Can someone remind me if I am correct in my recollection that SORBS
comes
> enabled by default for use in contributing to SA scores?
>
> Thanks a lot
There are RCVD_IN_SORBS_* rules in 20_dnsbl_tests.cf for each of the
various SORBS lists. The
Markus Eskola <[EMAIL PROTECTED]> writes:
>
> Skip the -d for daemonize makes damontools think that the spamd
> process has died and tries to restart it. All you'll get is a log full
> of binding errors
>
> /Markus
So thats [EMAIL PROTECTED]@#!, You make my day brighter, THANKS!!!
And if som
i am looking for a way to modify my subject line so that the spam assassin
hits show in the subjectline but since i am useing amavisd-new i think it
has to occure in the amavisd.conf file.
has any one got this working before
thanks in advance for any suggestions
config is
amavisd-new-2.3.3 (2
On Thursday 22 September 2005 9:17 am, Bowie Bailey wrote:
> From: Dimitri Yioulos [mailto:[EMAIL PROTECTED]
>
> > As I understand it. DCC is no longer free, under some circumstances,
> > and is therefore disabled by default in 3.1.0. I guess you have to
> > manually enable it (although I don't kn
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Marko Lerota wrote:
> Matthew Yette <[EMAIL PROTECTED]> writes:
>
>> I've looked on Google for a while now - I haven't been able to
>> find directions or references to having spamd monitored under
>> daemontools. Specifically where I would find how t
From: Dimitri Yioulos [mailto:[EMAIL PROTECTED]
>
> As I understand it. DCC is no longer free, under some circumstances,
> and is therefore disabled by default in 3.1.0. I guess you have to
> manually enable it (although I don't know how - can someone tell us
> how, please?).
Take a look at the
Matthew Yette wrote:
I've looked on Google for a while now - I haven't been able to find
directions or references to having spamd monitored under daemontools.
Specifically where I would find how to create the supervise directory for
spamd.
Has anyone successfully done this?
Matt
See if this h
Matthew Yette <[EMAIL PROTECTED]> writes:
> I've looked on Google for a while now - I haven't been able to find
> directions or references to having spamd monitored under daemontools.
> Specifically where I would find how to create the supervise directory for
> spamd.
>
> Has anyone successfully d
On Thu, 22 Sep 2005 01:27:53 -0400
"Daryl C. W. O'Shea" <[EMAIL PROTECTED]> wrote:
> James Lay wrote:
> > Just saw this...anything I can check to debug this? spammassass -D
> > --lint looks good.
> >
> > 15:53:38 homebox spamd[965]: prefork: child states: BI
> >
> > 15:53:38 homebox spamd[965]
I've looked on Google for a while now - I haven't been able to find
directions or references to having spamd monitored under daemontools.
Specifically where I would find how to create the supervise directory for
spamd.
Has anyone successfully done this?
Matt
--
Matthew Yette
Senior Engineer (N
On Mittwoch, 21. September 2005 19:34 Florian Effenberger wrote:
> > Go into CPAN and issue:
> > i Net::DNS
>
> sorry, but how would I go into CPAN? Perl -MCPAN leads to a command
> line, but nothing comes out...
First, open cpan by just entering:
cpan
Then, type in the command as written above:
i
Problem is solved after i downgrade MySQL 4.1.14 to MySQL 4.0.26
> May be that help you for answer..
> make test TEST_VERBOSE=1 TEST_FILES="./t/bayessql.t"
> PERL_DL_NONLAZY=1 /usr/local/bin/perl5.6.1
> "-MExtUtils::Command::MM" "-e" "test_harness(1, 'blib/lib',
> 'blib/arch')" ./t/bayessql.t
>
On Thursday 22 September 2005 1:48 am, Beast wrote:
> After upgrading from 3.0.4 to 3.1.0, I've receive this folowing warning:
> root]# spamassassin --lint
> [28678] warn: config: failed to parse, now a plugin, skipping:
> ok_languages all
> [28678] warn: config: failed to parse line, skipping: use
On Thu, 22 Sep 2005, Beast wrote:
> [28678] warn: config: failed to parse, now a plugin, skipping: ok_languages
> all
> [28678] warn: config: failed to parse line, skipping: use_dcc 0
> [28678] warn: config: failed to parse line, skipping: use_razor2 0
> [28678] warn: lint: 2 issues detected, plea
So far so good.
I have given this rule a score of 1.
4 is classified as spam and 2 is filtered into a MaybeSpam folder.
I have implemented the rule to allow blank/Mike/Michael
> From: "Mike Spamassassin" <[EMAIL PROTECTED]>
>
>>I have seen a rule to identify that the "From" address does not have
* Nathanael Hoyle <[EMAIL PROTECTED]> [2005-09-21 22:48]:
> Look at other rbl's, consider some or all of:
> abuse.rfc-ignorant.org
> dsn.rfc-ignorant.org
> list.dsbl.org
> sbl-xbl.spamhaus.org
> opm.blitzed.org
Please note that sbl-xbl.spamhaus.org includes opm.blitzed.org.
According to http://ww
> I tried that too. Still getting the error. Is there another setting
> required to get this to work ?
You are on 2.64. Different syntax.
rewrite_subject [***SPAM***]
Or the like.
Loren
On Sep 21, 2005, at 11:17 PM, email builder wrote:
... but who not to whitelist?
the small guys. unfortunately, large ISPs like that have power in
the
number
of users they have. in no way do I advocate defending that as a good
thing,
but the fact that this gives them an immense amount of
I have few installations of spamassassin on FreeBSD. Yesterday
I upgraded one of them from ver 3.0.4 to 3.1.0, and now this
new version doesn't run as vpopmail user. So when I run
spamd -c -d -v -u vpopmail, owner is root, not vpopmail, so
It can't write user_prefs in vpopmail home dir.
I upg
54 matches
Mail list logo