Re: Importance of SMTP gateway reverse lookup domain?

On Wed, 15 Mar 2006, Stewart, John wrote: > Also, and this is perhaps a bigger issue, if we were to set up a seperate > SMTP server for only outgoing mail (and not incoming), would it be an issue > if this outgoing SMTP server is not in the MX records for the artesyncp.com > domain. > > So, for ex

blacklist not working

I have configured SA on my hosting account through Cpanel. I've set up about 20 blacklist settings. It's supposed to blacklist according to certain IP addresses. Problem is - none of them are actually getting blocked! The spams are still streaming in by the dozens from China and elsewhere. M

Re: headers creeping into message body after upgrade to 3.1.1

On Wed, 15 Mar 2006, Theo Van Dinter wrote: > The problem is caused by a specific feature that was added into > SpamAssassin in 3.1.1 -- namely that we'll use the same line endings that the > original message uses (LF vs CRLF). spamass-milter relied on the previous > behavior (always use LF), whi

Re: HTML Validator

On Wed, Mar 15, 2006 at 09:58:52PM -0700, Philip Prindeville wrote: > Ok, does anyone have *recent* statistical analysis (i.e. not almost a > year old) > on this? It could be that the people using this "boneheaded" construct have > realized the error of their ways, and stopped doing it. Unfortuna

Re: HTML Validator

Theo Van Dinter wrote: >On Wed, Mar 15, 2006 at 08:40:51PM -0700, Philip Prindeville wrote: > > >>Does anyone have a way of doing a statistical analysis of ham that contains >>http(s?):// as the beginning of the anchor text? >> >> > >So for the second time today: > >http://issues.apache.org/

Re: HTML Validator

On Wed, Mar 15, 2006 at 08:40:51PM -0700, Philip Prindeville wrote: > Does anyone have a way of doing a statistical analysis of ham that contains > http(s?):// as the beginning of the anchor text? So for the second time today: http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4255 -- Random

Re: HTML Validator

Craig Morrison wrote: >Philip Prindeville wrote: > > >>I'm wondering what would be involved in putting in an HTML parser >>that could call various rules to check things, like the case of: >> >>http://www.foo.com/xyzzy";>http://www.bar.com/aardvark >> >>where the link disagrees with the text betw

Re: HTML Validator

Philip Prindeville wrote: I'm wondering what would be involved in putting in an HTML parser that could call various rules to check things, like the case of: http://www.foo.com/xyzzy";>http://www.bar.com/aardvark where the link disagrees with the text between the anchor tags (yeah, you could lim

Re: HTML Validator

On Wed, Mar 15, 2006 at 08:13:48PM -0700, Philip Prindeville wrote: > I'm wondering what would be involved in putting in an HTML parser > that could call various rules to check things, like the case of: Well, you wouldn't "call various rules", you'd look for a behavior while parsing and flag it fo

Re: HTML Validator

Kenneth Porter wrote: >On Friday, March 10, 2006 9:43 PM -0700 Philip Prindeville ><[EMAIL PROTECTED]> wrote: > > > >>Do you mean: >> >>http://validator.w3.org/source/ >> >> > >I thought that was just a web form-based validator. I'll have to look at it >to see if the validator can be run o

Re: headers creeping into message body after upgrade to 3.1.1

Theo Van Dinter wrote: On Thu, Mar 16, 2006 at 01:19:59PM +1100, Carl Brewer wrote: Previously, the milter could assume that folding was going to happen via "\n\t", but now it's "\r\n\t". Does this mean that a change is needed in spamass-milter or spamassassin? It seems odd that this started w

Re: headers creeping into message body after upgrade to 3.1.1

On Thu, Mar 16, 2006 at 01:19:59PM +1100, Carl Brewer wrote: > >Previously, the milter could assume that folding was going to happen via > >"\n\t", but now it's "\r\n\t". > > Does this mean that a change is needed in spamass-milter or > spamassassin? It seems odd that this started with 3.1.1 but

Re: headers creeping into message body after upgrade to 3.1.1

Theo Van Dinter wrote: On Wed, Mar 15, 2006 at 04:31:24PM -0500, Paul Stavrides wrote: The problem is an extra an extra "0D" in the X-Spam-Checker-Version line, such that I see an "...0D 0D 0A 09..." by the time I look at the headers in Windows. The line is getting munged when it is getting wr

Re: sa-update and channels

On Thu, Mar 16, 2006 at 12:26:32AM +0100, Michael Monnerie wrote: > > A channel is essentially a set of rules published by some > > organization, which is accessed and downloaded via dns/http.  ie: > > Would that be a possible replacement for RulesDuJour? I love that > script, but not having to i

Re: AWL growing too large

Michael, > This line right here tells me that you are NOT using MySQL for you AWL db. Oops, my bad. Bayes is on SQL, AWL is obviously not. Still, is the complaint warranted or am I expecting too much from a bdb-based awl? Mark

Re: AWL growing too large

Mark Martinec wrote: > Matt Kettler wrote: >> in the /tools directory of the tarball is a script called >> "check_whitelist". If you run check-whitelist --clean, it will run >> through the current user's AWL and purge any AWL entries which have only >> been seen once. > > $ check_whitelist --clean

Re: AWL growing too large

Matt Kettler wrote: > in the /tools directory of the tarball is a script called > "check_whitelist". If you run check-whitelist --clean, it will run > through the current user's AWL and purge any AWL entries which have only > been seen once. $ check_whitelist --clean Out of memory during request

Re: sa-update and channels

On Mittwoch, 15. März 2006 19:32 Theo Van Dinter wrote: > A channel is essentially a set of rules published by some > organization, which is accessed and downloaded via dns/http.  ie: Would that be a possible replacement for RulesDuJour? I love that script, but not having to install something ext

Re: AWL growing too large

jdow wrote: > > OK, when the storage structure of the tarball based package you want > changes how do you extirpate the old and insert the new without the > rather depressingly familiar dual SpamAssassin install? (Not that the > package systems like RPM always get it right. They do better than mo

Bypassing spam filtering for SASL authenticated users.

Hi there! My system runs sasl. So far my content filtering is associated to the smtp transport in master.cf and scans everything that comes from outside. I would like to not filter emails sent by SASL authenticated users. Any ideas? Xavier. -- Xavier Sudre Homepage: http://xavier.sudre.fr/

Re: Received-SPF header.

[EMAIL PROTECTED] wrote: Xavier Sudre wrote: I read that an SPF aware smtp server should introduce the Received-SPF header in the email headers. There are patches for Postfix to support SPF... for example: http://www.ipnet6.org/postfix/spf/ Thanks. I am using the perl script Postfix-Policyd

Re: AWL growing too large

From: "Matt Kettler" <[EMAIL PROTECTED]> mouss wrote: Matt Kettler a écrit : AFAIK, *VERY* few distro packages contain anything from tools. That said, I personally wonder why anyone would use a distro package for something that updates are often time-sensitive. (ie: SpamAssassin, clamav, et

Re: First timer

Expertsites, Inc. wrote: > - Original Message - > From: Ascensionwow > To: users@spamassassin.apache.org > Sent: Wednesday, March 15, 2006 8:10 AM > Subject: First timer > > Bear with me, as it has been 7 years since I've used a mailing list like > this. > > My question is very simple, a

Re: First timer

- Original Message - From: Ascensionwow To: users@spamassassin.apache.org Sent: Wednesday, March 15, 2006 8:10 AM Subject: First timer Bear with me, as it has been 7 years since I've used a mailing list like this. My question is very simple, and yet I can't seem to find an answer on it.

Re: AWL growing too large

mouss wrote: > Matt Kettler a écrit : >> >> AFAIK, *VERY* few distro packages contain anything from tools. >> >> That said, I personally wonder why anyone would use a distro package for >> something that updates are often time-sensitive. (ie: SpamAssassin, clamav, >> etc). >> > > While I try to a

Re: headers creeping into message body after upgrade to 3.1.1

On Wed, Mar 15, 2006 at 04:31:24PM -0500, Paul Stavrides wrote: > The problem is an extra an extra "0D" in the X-Spam-Checker-Version > line, such that I see an "...0D 0D 0A 09..." by the time I look at the > headers in Windows. The line is getting munged when it is getting > wrapped. Interestin

Re: First timer

SpamAssassin itself does not delete email; all it does is perform certain tests on email messages that are passed through the program, and based on the outcome of such tests, assign a numerical score to the message. You can use things such as procmail, your email client (or I believe amavis as wel

Re: First timer

  Best regards,Tom & Denise--Expertsites, Inc. Phone: 480-272-6063, Toll-Free: 800-355-9770Fax: 480-272-6051, Toll-Free: 877-355-9770   Expertsites LoanStar.netPhone: 480-272-6063, Toll-Free: 800-355-9770Fax: 480-272-6051, Toll-Free: 877-355-9770   EXPERTSITES and EXPERTSITES LOANSTAR.NET are

Re: 3.1.1 Upgrade Problems

On Wed, Mar 15, 2006 at 02:02:43PM -0800, Jason Self wrote: > I fed sample-spam.txt into SpamAssassin at the command line. It > correctly added things such as these into the message: > > X-Spam-Flag: YES > X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on bluehome.net > X-Spam-Level:

Re: 3.1.1 Upgrade Problems

OK; All of the earlier stuff has been deleted along with: rm -fr /Library/Perl/5.8.7/darwin-2level/auto/Mail/SpamAssassin rm -fr /Library/Perl/5.8.7/Mail/SpamAssassin rm -fr /Library/Perl/5.8.7/Mail/SpamAssassin/Plugin/SpamCop.pm rm -fr /Library/Perl/5.8.7/Mail/SpamAssassin/SpamdForkScaling.pm rm

RE: AWL growing too large

I do as well. I usually take the RH SRPM, replace the source file, update the spec and then build. In most cases, it's up to date. In the case of SA I just use CPAN. It seems to work well for our organization. Gary Wayne Smith > -Original Message- > From: mouss [mailto:[EMAIL PROTECT

Re: AWL growing too large

Matt Kettler a écrit : > > > AFAIK, *VERY* few distro packages contain anything from tools. > > That said, I personally wonder why anyone would use a distro package for > something that updates are often time-sensitive. (ie: SpamAssassin, clamav, > etc). > While I try to avoid pre-packaged bi

Re: headers creeping into message body after upgrade to 3.1.1

Paul Stavrides wrote: Felicity, Thanks for the tips. We too are having the problem of headers creeping into out received e-mail. Difference here is that our setup is a Linux front end to MSExchange. So we run SA site-wide and use Milter to keep the crap out of Exchange. Works like

Re: AWL growing too large

jdow wrote: > From: "Matt Kettler" <[EMAIL PROTECTED]> > >> Jim Smith wrote: >>> I've got some clients with auto-whitelist files in their >>> /home/USER/.spamassassin directory that are over 20 megs. Is there a >>> ceiling >>> to these AWL files and a way to adjust that ceiling? I think 20 megs is

Re: headers creeping into message body after upgrade to 3.1.1

On Thu, Mar 16, 2006 at 08:29:29AM +1100, Carl Brewer wrote: > >Is this reproducable with spamassassin or spamc/spamd from a commandline? > > I'm not sure, how would I test it? Something similar to "spamassassin < file_with_message" or "spamc < file_with_message" if you want to test spamd. --

Re: headers creeping into message body after upgrade to 3.1.1

Title: Header1 Felicity,   Thanks for the tips.    We too are having the problem of headers creeping into out received e-mail.  Difference here is that our setup is a Linux front end to MSExchange.  So we run SA site-wide and use Milter to keep the crap out of Exchange.  Works like a c

Re: HREF based rule idea...

Jay Lee wrote: > Has any thought been given to creating a rule that looks for "forged" > links? Here's one I got today in a phishing scam: > > href="http://www.createtokill-clan.de/onlineshop/catalog/images/admin/chase.com/index.htm";> > > > http://www.chase.com/verification.asp > > So how ha

Re: headers creeping into message body after upgrade to 3.1.1

Theo Van Dinter wrote: On Wed, Mar 15, 2006 at 06:47:58PM +1100, Carl Brewer wrote: X-Spam-Status: No, score=-4.4 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham version=3.1.1 X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on rollcage2.bl.echidna.id.au It looks li

RE: AWL growing too large

We use a MySQL backend (partly because we have multiple front end servers). This has worked well as we have a cronjob that runs a script and purges several awl entries that fall into a certain criteria. This works well to keep the database small, tidy and fast. Gary Wayne Smith > -Original

Re: AWL growing too large

From: "Matt Kettler" <[EMAIL PROTECTED]> Jim Smith wrote: I've got some clients with auto-whitelist files in their /home/USER/.spamassassin directory that are over 20 megs. Is there a ceiling to these AWL files and a way to adjust that ceiling? I think 20 megs is rather large for clients with 2

Re: AWL growing too large

mouss wrote: you mean the size of the berkeley db? yes, this may be larger than needed. but this shouldn't be a problem. ... unless it means that your users are coming far too close to their $HOME disk quota for it to be useful. (20M quota + 10M AWL file + lots of incoming spam = lots of ann

Re: AWL growing too large

Jim Smith a écrit : > I got the same results. I ran check_whitelist --clean and after lots of > scrolling names and the appearance of cleaning, the file size is the same as > it was to start. Other suggestions to try? Thx. > you mean the size of the berkeley db? yes, this may be larger than neede

Re: How to deal with these spams?

Jeff Peng a écrit : > Hello,lists, > > Some spammers use SMTP bounce to send lots of spams to our systems.For > example,they send spams to some mail servers which are lost for antispam > mechanism (They may send to the uncorrect users on those mail > servers).Surely,these spams are faked with h

Re: Importance of SMTP gateway reverse lookup domain?

Stewart, John a écrit : > We've got an outgoing SMTP gateway of bratwurst.heurikon.com (heurikon.com > being an old domain name, and I've never bothered with trying to update the > domain for all of our infrastructure machines), but our outgoing domain on > our emails is artesyncp.com (and that may

Re: 3.1.1 Upgrade Problems

On Wed, Mar 15, 2006 at 12:44:55PM -0800, Jason Self wrote: > /Library/Perl/5.8.1/Mail/SpamAssassin > /Library/Perl/5.8.1/Mail/SpamAssassin.pm > /Library/Perl/5.8.7/Mail/SpamAssassin > /Library/Perl/5.8.7/Mail/SpamAssassin.pm Ok, you have multiple versions of SA installed. Make sure to also remov

Re: 3.1.1 Upgrade Problems

OK; I ran find / -iname "*spamassassin*" to locate all of the SpamAssassin components. The following were deleted. Now I'm going to re-attempt to install 3.1.1. I'll let you know what happens. /Library/Perl/5.8.1/darwin-thread-multi-2level/auto/Mail/SpamAssassin /Library/Perl/5.8.1/Mail/SpamAssass

SA timeout and mailfilter

Hi I'm having some troubles on a high-traffic MTA. The mailserver runs sendmail and maildrop, configured to scan messages during the local delivery, using spamc, against a different server running spamd. I wish to have all local mail scanned, but if there is a problem with SA, or SA is taking too

Using whitelist_from_rcvd with multiple relay domains

After receiving a large volume of phishing messages, in this case with a forged ebay sender, I have been looking at my whitelist entries. I have a number of wildcard entries i.e. whitelist_from [EMAIL PROTECTED] This one was an easy fix, since all of the messages, that I could identify came f

Tasks run as root in SpamAssassin 3.1.0

Hello, I run a SpamAssassin installation where we run spamd system-wide under a dedicated account, and users filter their mail with spamc. When we upgraded to 3.1.0, we noticed that a spamd process always runs as root now. I found the rationale for this at

Re: SUBJ_ILLEGAL_CHARS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Philip Prindeville wrote: [snip] > I mean it's not X.400, right? ;-) Thank the Gods... C. - -- Craig McLeanhttp://fukka.co.uk [EMAIL PROTECTED] Where the fun never starts Powered by FreeBSD, and GIN! -BEGIN PGP SIGNATU

Re: 3.1.1 Upgrade Problems

On Wed, Mar 15, 2006 at 06:27:10PM +, Justin Mason wrote: > actually, the warnings in Node.pm give me an idea. Could it be something > to do with the new code that fixes CRLF-vs-LF line-ending issues -- Jason, > what OS/filesystems are you using? I don't see how line endings would be involved

Re: sa-update and channels

On Wed, Mar 15, 2006 at 06:43:12PM +0100, Cedric Foll wrote: > what is "channel" in sa-updates ? A channel is essentially a set of rules published by some organization, which is accessed and downloaded via dns/http. ie: sa-update checks (by default) updates.spamassassin.org to see if any updates

Re: 3.1.1 Upgrade Problems

Using OS X Server 10.3.9. Filesystem is journaled HFS+. On 3/15/06, Justin Mason <[EMAIL PROTECTED]> wrote: > actually, the warnings in Node.pm give me an idea. Could it be something > to do with the new code that fixes CRLF-vs-LF line-ending issues -- Jason, > what OS/filesystems are you using?

Re: 3.1.1 Upgrade Problems

Theo Van Dinter writes: > On Wed, Mar 15, 2006 at 09:29:26AM -0800, Jason Self wrote: > > After upgrading to SpamAssassin 3.1.1 via CPAN, I've noticed that > > various headers such as X-Spam-Level and X-Spam-Status no longer > > appear in any messages. > > > > spamassassin --lint produces no erro

Re: 3.1.1 Upgrade Problems

On Wed, Mar 15, 2006 at 09:29:26AM -0800, Jason Self wrote: > After upgrading to SpamAssassin 3.1.1 via CPAN, I've noticed that > various headers such as X-Spam-Level and X-Spam-Status no longer > appear in any messages. > > spamassassin --lint produces no errors (no output at all, actually.) > >

Re: First timer

Ascensionwow wrote: > I checked and my hosting company said EXIM. Does that make sense? When I > look in cpanelX I can see there's a path to sendmail though. So maybe > sendmail is the right answer? Regardless, they said the MTA software is > EXIM. Hope that helps. Exim can invoke procmail but does

Please help me tweak SA

I have a VPS hosted at powervps The Plan is LINUX PLESK POWER-1, 256Mb (burstable to 1Go), 10Gb space I'm currently allowed to configure spamassassin per server or per mailbox. I would like the following; I want to be a spam-filtering gateway for one of my

RE: AWL growing too large

I got the same results. I ran check_whitelist --clean and after lots of scrolling names and the appearance of cleaning, the file size is the same as it was to start. Other suggestions to try? Thx. Jim Smith > -Original Message- > From: Bowie Bailey [mailto:[EMAIL PROTECTED] > Sent: Wedn

sa-update and channels

Hi, what is "channel" in sa-updates ? What are the channel available ? Where can we found information about update rules processes included in 3.1.1 ? BTW find for all the great work done on spamassassin ! Regards.

Re: How to deal with these spams?

Ideally, the administrators of those systems should fix their mailservers to eliminate misdirected bounces. To quote SpamCop, "Configure your software to either reject messages during delivery or accept them permanently. Do not let your software make choices about delivery after it has accepted a

3.1.1 Upgrade Problems

After upgrading to SpamAssassin 3.1.1 via CPAN, I've noticed that various headers such as X-Spam-Level and X-Spam-Status no longer appear in any messages. spamassassin --lint produces no errors (no output at all, actually.) SpamAssassin is invoked via Procmail. I turned on logging and found this

How to deal with these spams?

Hello,lists, Some spammers use SMTP bounce to send lots of spams to our systems.For example,they send spams to some mail servers which are lost for antispam mechanism (They may send to the uncorrect users on those mail servers).Surely,these spams are faked with header,whose return-path are fack

RE: AWL growing too large

Matt Kettler wrote: > Jim Smith wrote: > > I've got some clients with auto-whitelist files in their > > /home/USER/.spamassassin directory that are over 20 megs. Is there > > a ceiling to these AWL files and a way to adjust that ceiling? I > > think 20 megs is rather large for clients with 25 meg l

Re: HREF based rule idea...

On Wed, Mar 15, 2006 at 11:51:56AM -0500, Jay Lee wrote: > Has any thought been given to creating a rule that looks for "forged" > links? Here's one I got today in a phishing scam: > > So how hard would it be to create a rule that triggers if the href > (http://www.createtokill-clan.de...) does

Re: Any windows users try the new Active Perl with SA?

On Tuesday, March 14, 2006 at 8:43:13 PM, [EMAIL PROTECTED] confabulated: > Hi, > I am wondering if anyone running Windows and SA has tried the new > ActivePerl with 3.1.1? Been using 5.8.7.815 with 3.1 since 815 first came out. Haven't had any issues thus far. I'm probably going to upgrade

HREF based rule idea...

Has any thought been given to creating a rule that looks for "forged" links? Here's one I got today in a phishing scam: http://www.createtokill-clan.de/onlineshop/catalog/images/admin/chase.com/index.htm";> http://www.chase.com/verification.asp So how hard would it be to create a rule that tr

Re: I get different results each time SA is called (repost)

On Mittwoch, 15. März 2006 14:00 Jens Benecke wrote: > Is there a way to tell SA to log DNS lookup errors? I don't know, but what about logging in your DNS server? Look there... mfg zmi -- // Michael Monnerie, Ing.BSc --- it-management Michael Monnerie // http://zmi.at Tel: 0660/415

Re: First timer

I checked and my hosting company said EXIM. Does that make sense? When I look in cpanelX I can see there's a path to sendmail though. So maybe sendmail is the right answer? Regardless, they said the MTA software is EXIM. Hope that helps. On 3/15/06, James E. Pratt <[EMAIL PROTECTED]> wrote: H

Re: SUBJ_ILLEGAL_CHARS

On Wed, Mar 15, 2006 at 03:29:45PM -, Randal, Phil wrote: > > Can You please point which RFC is this and what exactly 'QP > > encoding' means. > http://www.faqs.org/rfcs/rfc2822.html > Refer to Section 3.2.2 for information on quoted-pairs. QP in this case does not mean "quoted pairs", it mea

RE: SUBJ_ILLEGAL_CHARS

And http://www.faqs.org/rfcs/rfc2047.html Cheers, Phil Phil Randal Network Engineer Herefordshire Council Hereford, UK > -Original Message- > From: Craig Morrison [mailto:[EMAIL PROTECTED] > Sent: 15 March 2006 15:31 > To: users@spamassassin.apache.org > Subject: Re: SUBJ_IL

RE: Importance of SMTP gateway reverse lookup domain?

It shouldn't be a problem as long as the outgoing SMTP host has a valid domain name and the machine name also resolves. So if the machine name is blah.yourdomain.com you should still have an "A" record for it in your DNS. Without it many mail applications will reject the email at the MTA level (I

Importance of SMTP gateway reverse lookup domain?

We've got an outgoing SMTP gateway of bratwurst.heurikon.com (heurikon.com being an old domain name, and I've never bothered with trying to update the domain for all of our infrastructure machines), but our outgoing domain on our emails is artesyncp.com (and that may change soon as well). I'm won

RE: SUBJ_ILLEGAL_CHARS

http://www.faqs.org/rfcs/rfc2822.html Refer to Section 3.2.2 for information on quoted-pairs. Cheers, Phil Phil Randal Network Engineer Herefordshire Council Hereford, UK > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: 15 March 2006 15:22 > To:

Re: headers creeping into message body after upgrade to 3.1.1

On Wed, Mar 15, 2006 at 06:47:58PM +1100, Carl Brewer wrote: > X-Spam-Status: No, score=-4.4 required=5.0 tests=ALL_TRUSTED,BAYES_00 > > autolearn=ham version=3.1.1 > X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on > rollcage2.bl.echidna.id.au > > It looks like sometime

SPAM: Real Big Phish

Title: SPAM: Real Big Phish I got the standard new phish warning about phish. I've snipped some of the body. I'm posting this standard one, because it is EXTREMELY well done. The site: http://dragon.centavision.co.kr/login/chase/index.htm Seems to be very well copied. For some reason I can se

Re: SUBJ_ILLEGAL_CHARS

Милен Панков wrote: Matt Kettler написа: Note that SUBJ_ILLEGAL_CHARS is NOT concerned with what language or character set is used. It is concerned about it not being encoded properly. Per RFC specifications, all characters in email-headers that aren't in the normal ascii ranges must be QP en

RE: First timer

If you use Procmail, after your spamassassin runs and marks up the headers, use this, changing MAXSPAM value to whatever you want. --- MAXSPAM=7 :0 * ^X-Spam-Status: Yes, hits=\/[0-9\.]+ { :0: * $ -${MAXSPAM}^0 * $ ${MATCH}^0 $HOME/spam :0: $HOME/maybespam }

RE: Any windows users try the new Active Perl with SA?

> I am wondering if anyone running Windows and SA has tried the new > ActivePerl with 3.1.1? SA 3.11 lints fine on Windows XP with ActivePerl 5.8.8.816. The only thing that concerns me about this build is how the CGPSA integration tool will handle the change in line endings, \r\n now on Windows in

Re: SUBJ_ILLEGAL_CHARS

> Can You please point which RFC is this and what exactly 'QP encoding' means. Someone else can doubtless point to the RFC, but as an example, your name in the From address is encoded in Quoted Printable encoding. I've added some spaces to it below so that your mail client doesn't turn it back in

First Timer - Part 2

Oh sorry. I forgot to include what I'm using. I can't tell you much about what sorter I'm using, because frankly, I don't know anything about that stuff   *^_^*What I can tell you is that I'm using Cpanelx and I'm accessing my spamfolder through Neomail. As for what mail sorter I'm using, I have no

Re: AWL growing too large

Jim Smith wrote: > I've got some clients with auto-whitelist files in their > /home/USER/.spamassassin directory that are over 20 megs. Is there a ceiling > to these AWL files and a way to adjust that ceiling? I think 20 megs is > rather large for clients with 25 meg limits. If it needs to be 20+ m

Re: SUBJ_ILLEGAL_CHARS

Matt Kettler написа: Note that SUBJ_ILLEGAL_CHARS is NOT concerned with what language or character set is used. It is concerned about it not being encoded properly. Per RFC specifications, all characters in email-headers that aren't in the normal ascii ranges must be QP encoded. This rule is ess

Re: First timer

> My question is whether i can have SpamAssassin automatically delete certain Spam emails over a certain rating? Nope. All SA will do is classify the mail for you. In fact, it won't even "route the spam to a spam box". This is something an outside program is doing, perhaps procmail. That same

Re: First timer

Ascensionwow wrote: Bear with me, as it has been 7 years since I've used a mailing list like this. My question is very simple, and yet I can't seem to find an answer on it. I have SpamAssassin sending emails flagged as spam to an email box setup as my "spam folder." This allows me to double ch

Re: First timer

Ascensionwow wrote: Bear with me, as it has been 7 years since I've used a mailing list like this. My question is very simple, and yet I can't seem to find an answer on it. I have SpamAssassin sending emails flagged as spam to an email box setup as my "spam folder." This allows me to double c

First timer

Bear with me, as it has been 7 years since I've used a mailing list like this.My question is very simple, and yet I can't seem to find an answer on it.I have SpamAssassin sending emails flagged as spam to an email box setup as my "spam folder." This allows me to double check that nothing legit is n

RE: Any windows users try the new Active Perl with SA?

> I am wondering if anyone running Windows and SA has tried the new > ActivePerl with 3.1.1? Figures... I just checked the version the other day and (finally) upgraded to the 815 version. Guess I'll re-do it today and try the next one. Bret

AWL growing too large

I've got some clients with auto-whitelist files in their /home/USER/.spamassassin directory that are over 20 megs. Is there a ceiling to these AWL files and a way to adjust that ceiling? I think 20 megs is rather large for clients with 25 meg limits. If it needs to be 20+ megs to work well, I'll ne

I get different results each time SA is called (repost)

Hello, I am using SA 3.0.3 on Debian Sarge with Postfix and amavisd-new. So far Spamassassin is filtering just about everything with very few exceptions. However, since about a week ago, I'm getting a few false negatives (ie. nondetected spam) every day and when I retest them with the same setting

Re: Drug email keeps getting thru

Something's not right there - the URL mentioned in the spam (deolich-MANGLED.com without the -MANGLED bit) should have hit on both the SURBL.org and URIBL.com blacklists, yet I don't see hits for either in the tests that were flagged for this spam - you only have "BAYES_40,FM_NO_STYLE,HTML_80_90,HT

Re: headers creeping into message body after upgrade to 3.1.1

> Since I upgraded, I'm seeing bits of the X-Spam-Header message > in my mail bodies, like this : The latest version changed things to make life on Windows systems better. Instead of always using a \n for a line ending, it looks at the kind of line ending it got on the first line of the input file