Hello!
In my server config i use per-user config including bayes. With Horde's
IMP possible make per-user learn span. All fine, but also i want use
system-wide bayes for detect spam based on user and system bayes both.
Is this possible with SA 3.1.0?
I have received some spam messages and Spamassassin has assigned the tests
correctly, for example it found BODY_ENHANCEMENT, BODY_ENHANCEMENT2 and
GUARANTEED_100_PERCENT, but still the score that the messages got was 2.2.
I don't want to decrease the default level of 5 because sometimes I get
On Thu, Nov 10, 2005 at 04:08:56PM +0100, nick wrote:
Rejecting the mail after DATA?
Spamassassin runs behind my MTA, if the sender passes blacklist checks
and any other obvious no-nos, it's then passed to spamassassin which
NEVER discards email, but places them in a spam folder.
On Thu, 10 Nov 2005 20:02:46 -0700
James Lay [EMAIL PROTECTED] wrote:
Here's the rule:
body GATEWAY_001 /tripod\.com/i
score 5
describe match tripod.com
Here's the result:
Nov 9 13:42:03 gateway spamd[17880]: spamd: result: . -2
I am running Spamassassin version 2.60 on a Redhat 8.0 mail server.
I have a couple of addresses that I would like to remove from the AWL but when
I have tried:
spamassassin --remove-addr-from-whitelist=addr
The process appears to run forever, with no effect. Well, almost no effect, I
Does anyone have any rules to squash the recent spate of stock alert
spam that I've been seeing? The messages are coming from multiple
sources, although some can be traced back to IPs belonging to
kornet.net. There are no URLs in the message body. Bayes is probably
the best bet, but on my global
Bill Randle wrote:
Does anyone have any rules to squash the recent spate of stock alert
spam that I've been seeing? The messages are coming from multiple
sources, although some can be traced back to IPs belonging to
kornet.net. There are no URLs in the message body. Bayes is probably
the best
Bill Randle wrote:
Does anyone have any rules to squash the recent spate of stock alert
spam that I've been seeing? The messages are coming from multiple
sources, although some can be traced back to IPs belonging to
kornet.net. There are no URLs in the message body. Bayes is probably
the
We are getting a lot of spam mail from countries outside of the US. Anyone
have a list of what country domain extensions are fairly Ok to block? We
don't have a lot of users whoreceive mail from outside the US. We'd like to
cut down onspam/spoof/virus messages.
Currently I am blocking all
Jerry wrote:
Anyone have a list of what country domain extensions are fairly Ok to
block?
There's a politically charged question.
FWIW, most spam still comes from the US.
--
Matthew.van.Eerde (at) hbinc.com 805.964.4554 x902
Hispanic Business Inc./HireDiversity.com
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
hi,
Anyone have a list of what country domain extensions are fairly Ok to
block?
There's a politically charged question.
FWIW, most spam still comes from the US.
imho, it's not an issue of where most spam comes from, nor is it a
Jerry wrote:
We are getting a lot of spam mail from countries outside of the US.
Anyone have a list of what country domain extensions are fairly Ok to
block? We don't have a lot of users whoreceive mail from outside the
US. We'd like to cut down onspam/spoof/virus messages.
Currently I
Also, Is there a special rule to detect messages like the one below?
Yeah, it's called a virus scanner. That's a mytob variant virus message.
My virus scanner cleans the attachment, but still get people emailing and
calling about their accounts when they receive these messages.
Marc Perkel wrote:
Getting messages like this. Just upgraded to 3.10. Is this coming from SA?
Spam detection software, running on the system pascal.ctyme.com, has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't
We are getting a lot of spam mail from countries outside of the US. Anyone
have a list of what country domain extensions are fairly Ok to block? We
don't have a lot of users whoreceive mail from outside the US. We'd like to
cut down onspam/spoof/virus messages.
Currently I am
Jerry wrote:
Also, Is there a special rule to detect messages like the one below?
Yeah, it's called a virus scanner. That's a mytob variant virus message.
My virus scanner cleans the attachment, but still get people emailing
and calling about their accounts when they receive these
Matt Kettler wrote:
Marc Perkel wrote:
Getting messages like this. Just upgraded to 3.10. Is this coming from SA?
Spam detection software, running on the system "pascal.ctyme.com", has
identified this incoming email as possible spam. The original message
has been attached to
[EMAIL PROTECTED] wrote:
The following email to me gets through by their spoofing my IP even
though
it clearly comes from somewhere else. I remember someone mentioning a
trusted_networks-like setting that used something like a
apparently_received_from name or something similar. How do I
I currently am using SA 3.1.0 with ClamAV 0.87.1 and Qmail-scanner 1.25st.
I use SQL for my bayes as well as my user scores preferences databases. When
testing the whitelist_from preference, mail comes through just fine and is
recognized to be part of that preference and is scored accordingly.
[EMAIL PROTECTED] wrote:
Living in a country outside the US (realistically, all countries
inthe world, with just one exception, are outside the US) I must say
that I get spam from many places ... including said united states.
Why wouldn't just everybody - in every country - block mails from
Heres an intelligent html coder
I viewed the source of the code because I
was curious as to how these words flew right through my SA ,
You will note that if turned into plain
text , he used a bunch of tables and cells to produce the following;
From: Firoz Granger
Matthew.van.Eerde wrote:
Elmer Kogan /isn't/
s/Elmer Kogan/Alma Cogan/ (sorry)
--
Matthew.van.Eerde (at) hbinc.com 805.964.4554 x902
Hispanic Business Inc./HireDiversity.com Software Engineer
On Fri, 11 Nov 2005, [EMAIL PROTECTED] wrote:
But even if (say) Ptomania was barred by the UN from ever doing business with
any other country; if logs going back ten years conclusively showed that every
email ever received from Ptomania was demonstratibly spam or viral; if there
was evidence
Jean-Paul Natola wrote:
Here’s an intelligent html coder
I viewed the source of the code because I was curious as to how these
words flew right through my SA ,
You will note that if turned into plain text , he used a bunch of
tables and cells to produce the following;
Try this
Good afternoon, all,
On Fri, 11 Nov 2005, OpenMacNews wrote:
Anyone have a list of what country domain extensions are fairly Ok to
block?
There's a politically charged question.
FWIW, most spam still comes from the US.
imho, it's not an issue of where most spam comes from, nor is it a
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Here's another way to look at the issue. Lets say that you knew
that a state/county/province in your own country had an inordinately low
signal/attack ratio. Would you ban that region?
1st, afaik, there are no IP block lists by
Hello,
I've looked around and could not find this answer. How does one change the
temp directory that spamd uses? I see it using /tmp on our debian sarge
server using a debian spamassassin 3.0.3-2 version.
I would like to change it to /var/tmp which on our system is a much faster
SCSI raid
User for SpamAssassin Mail List wrote:
I've looked around and could not find this answer. How does one
change the temp directory that spamd uses? I see it using /tmp on our
debian sarge server using a debian spamassassin 3.0.3-2 version.
I would like to change it to /var/tmp which on our
But spamd changes users id each time it's used this would not work to well
would it?
Ken
On Fri, 11 Nov 2005 [EMAIL PROTECTED] wrote:
User for SpamAssassin Mail List wrote:
I've looked around and could not find this answer. How does one
change the temp directory that spamd uses? I see
User for SpamAssassin Mail List wrote:
But spamd changes users id each time it's used this would not work to
well would it?
I don't know if $ENV{TMPDIR} is queried once on startup, or at every user
change... maybe the source would reveal that information...
Could you symlink /tmp to /var/tmp
[EMAIL PROTECTED] wrote:
User for SpamAssassin Mail List wrote:
I've looked around and could not find this answer. How does one
change the temp directory that spamd uses? I see it using /tmp on our
debian sarge server using a debian spamassassin 3.0.3-2 version.
I would like to change it to
User for SpamAssassin Mail List wrote:
But spamd changes users id each time it's used this would not work to well
would it?
spamd changes userid's with setuid, not logon. It shouldn't get a whole new
environment, just new privileges and mapping for ~.
Thus the TMPDIR from the original
Backing up about a light year here, and ignoring all philosophical arguments,
I'll offer my list of _scored_ (not blocked) countries. This is, of course,
specific to our situation:
CN TW RU UA BR
I use the RelayCountry plugin for this, and assign it a rather low score. It
DOES help.
Pierre
I upgraded to 3.1.0, and now spamassasin is putting its headers before all
others, even Received: lines...
X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on sasami.anime.net
X-Spam-Status: No, score=0.0 required=5.0 tests=AWL autolearn=disabled
version=3.1.0
X-Spam-Level:
Dan Hollis wrote:
I upgraded to 3.1.0, and now spamassasin is putting its headers
before all
others, even Received: lines...
X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on
sasami.anime.net X-Spam-Status: No, score=0.0 required=5.0 tests=AWL
autolearn=disabled
Herb Martin HerbM at learnquick.com writes:
Clarification: .49 is Ok in every report I have seen about
problems with .50-52 -- it is the recommended retreat position,
and that (0.49) is working for me after trouble with a later
version.
Loren
--
Herb
I found same
but still getting this:
Spam detection software, running on the system pascal.ctyme.com, has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Marc Perkel writes:
but still getting this:
Spam detection software, running on the system pascal.ctyme.com, has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't
Justin Mason wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Marc Perkel writes:
but still getting this:
Spam detection software, running on the system pascal.ctyme.com, has
identified this incoming email as possible spam. The original message
has been attached to this so you can view
Marc Perkel wrote:
but still getting this:
Spam detection software, running on the system pascal.ctyme.com, has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have
On Wed, 2005-11-09 at 23:47 +0100, Raymond Dijkxhoorn wrote:
Hi!
A slightly earlier one got a much lower score with:
Umm... I don't see any SARE rules in there. The fact is, SARE isn't
terribly effective against these 1-column drug spams. The only SARE hit
I got was
Hi, I am looking at
setting up a new linux box dedicated to spamassassin via amavisd. I am
wondering what the best distro is to do this on, is there a particular distro
you guys can recommend? I am not looking for an out-of-the-box solution,
but one that spam cleaning is almost native to!
Hello list,
http://zmi.at/x/70_zmi_german.cf
contains the newest rules to catch german SPAM. Also available
automagically via rules du jour name ZMI_GERMAN
Also documented here:
http://wiki.apache.org/spamassassin/CustomRulesets
Please report your german SPAM with full headers to [EMAIL
43 matches
Mail list logo