I built individual escaped and non escaped body tests for every non letter/number symbol on my keyboard and threw an email with every symbol in it, at them. This was the result:works with and without /! " $ % ' , - : ; = @ ] _ ` { } ~works only with /# ( ) * + . / ? [ \ ^ |The surprise is that
On Mittwoch, 26. April 2006 22:51 Matt Kettler wrote:
That said, you pretty much have to do this for your outbound
mailservers because several LARGE ISPs will not accept mail from
hosts with no RDNS. This includes AOL and Comcast off the top of my
head. If you want to be able to email users at
I have
SpamAssassin version 3.0.2
running on Perl version 5.8.5
-
This is my current local.cf
auto_whitelist_factor 0.5
use_auto_whitelist 1
use_bayes 1
auto_learn 1
auto_learn_threshold_nonspam 1.5
auto_learn_threshold_spam 10
dns_available yes
Matt Kettler wrote:
Al Danks wrote:
Matt Kettler mkettler at evi-inc.com writes:
Try a rule something like this:
L_FROM_STRING header From =~ /$string/
It appears that the rule is also hitting senders with the string following a .
I.e. From =~ /$com/ hits
comalksdfl.net
Michael Monnerie wrote:
On Mittwoch, 26. April 2006 22:51 Matt Kettler wrote:
That said, you pretty much have to do this for your outbound
mailservers because several LARGE ISPs will not accept mail from
hosts with no RDNS. This includes AOL and Comcast off the top of my
head. If you want
Andrew wrote:
Matt Kettler wrote:
Al Danks wrote:
Matt Kettler mkettler at evi-inc.com writes:
Try a rule something like this:
L_FROM_STRING header From =~ /$string/
It appears that the rule is also hitting senders with the string
following a .
I.e. From =~ /$com/ hits
I have been fight one specific type of spam coming through for several
days now. None of the rules I have put in place are stopping the spam
coming through. It is stock type scam. Main one I have seen is about
IKMA. The content type of the message is image/gif. The actual name of
the file
Dan wrote:
I built individual escaped and non escaped body tests for every non
letter/number symbol on my keyboard and threw an email with every
symbol in it, at them. This was the result:
works with and without /
! $ % ' , - : ; = @ ] _ ` { } ~
works only with /
# ( ) * + . / ? [ \
Ronald I. Nutter wrote:
I have been fight one specific type of spam coming through for several
days now. None of the rules I have put in place are stopping the spam
coming through. It is stock type scam. Main one I have seen is about
IKMA. The content type of the message is image/gif. The
I have added most of the rule sets from rulesemporium.com as well as
adding several of my own. I update the rules from sare about once a
month. I am on perl 5.8. I have the files downloaded for the latest
SA. Once I can get the students sent home for the summer, I should be
able to get the
I'm running SA 3.1.1 on my Cobalt RaQ 4 and have been having expiration
troubles. A mail message comes in, and as part of the process, the
auto_expire runs (it seems) - it frequently times out though, leaving
the half finished expire file out there (which then results in grumpy
customers
Ronald I. Nutter wrote:
I have added most of the rule sets from rulesemporium.com as well as
adding several of my own. I update the rules from sare about once a
month.
You mentioned having most of the rulesemporium.com rulesets. Do you have
Doc's 70_sare_stocks.cf? That's the one that will
Peter Marshall wrote:
I have
SpamAssassin version 3.0.2
Warning: SpamAssassin 3.0.2 is vulnerable to a remotely exploitable DoS
attack. Unless you're using a distro port that has backported fixes,
upgrade soon.
Regardless of DoSes, I'd suggest upgrading to 3.1.1, as that version has
a working
On Thu, Apr 27, 2006 at 09:58:40AM -0400, Matt Kettler wrote:
Ronald I. Nutter wrote:
I have added most of the rule sets from rulesemporium.com as well as
adding several of my own. I update the rules from sare about once a
month.
You mentioned having most of the rulesemporium.com
Here is the version of 70_sare_stocks.cf -
# Version: 01.00.17
# Created: 2005-12-18
# Modified: 2006-04-14
Ron
Ron Nutter [EMAIL PROTECTED]
Network Infrastructure Security Manager
Information
Igor Chudov wrote:
On Thu, Apr 27, 2006 at 09:58:40AM -0400, Matt Kettler wrote:
Ronald I. Nutter wrote:
I have added most of the rule sets from rulesemporium.com as well as
adding several of my own. I update the rules from sare about once a
month.
You mentioned having
This is probably in a doc .. but since oyu suggesed it .. maybe you
coupld possible point me to the doc :)
How do I upgrade spamassain .. and can I do it on my production
mailserver during the day ... (of course I will probably have to shut
off the service .. but .. it is not working that
I upgraded and installed a lot of SA rules. (although I suspect that
bayes still is not working for some reason. more later)
I have a lot of unix mail folders with ham (personal messages,
business messages, some mailing list stuff, etc).
I would like to somehow test run spamassassin on thsm and
Peter Marshall wrote:
This is probably in a doc .. but since oyu suggesed it .. maybe you
coupld possible point me to the doc :)
How do I upgrade spamassain .. and can I do it on my production
mailserver during the day ... (of course I will probably have to shut
off the service .. but ..
Peter Marshall wrote:
This is probably in a doc .. but since oyu suggesed it .. maybe you
coupld possible point me to the doc :)
How do I upgrade spamassain .. and can I do it on my production
mailserver during the day ... (of course I will probably have to shut
off the service .. but ..
I checked and did find 2 spamd files. One was in /usr/bin with the
latest install date. The other one was in /etc/rc.d/init.d with the
older install date. I backed up the older files and replaced the ones
that are in the init.d directory with the ones from the /usr/bin
directory. (replaced the
On Thu, Apr 27, 2006 at 09:51:39AM -0500, Igor Chudov wrote:
How would I run SA on a unix style mailbox to filter spams only?
It's not exactly clear what you're trying to do, but you could do something
like:
spamassassin --mbox file1 file1.out
for the spamassassin script to run over all the
Tracey Gates wrote:
I checked and did find 2 spamd files. One was in /usr/bin with the
latest install date. The other one was in /etc/rc.d/init.d with the
older install date. I backed up the older files and replaced the ones
that are in the init.d directory with the ones from the /usr/bin
Tracey Gates wrote:
I checked and did find 2 spamd files. One was in /usr/bin with the
latest install date. The other one was in /etc/rc.d/init.d with the
older install date.
ACCK
/etc/rc.d/init.d is your INIT SCRIPTS! It should NEVER contain binaries or
ordinary programs. Just
Tracey Gates wrote:
OK. Sorry, I'm a novice at all of this admin stuff. I replaced the old
files back and restarted spamd again. I did a find for spamd and here
is my results:
[EMAIL PROTECTED] /]# find ./ -name spamd
find: ./proc/9832/fd: No such file or directory
./etc/rc.d/init.d/spamd
On Apr 21, 2006, at 12:50 PM, Michael Monnerie wrote:
The other idea I have is to disable SA support in amavis, and just use
it for the virus checks, and call SA directly. I'm not sure this would
why not teach your log analyzer to understand amavisd-new's log
format, too?
Hello to all,
How can I change my e-mail on list ?
-Mensagem original-
De: .rp [mailto:[EMAIL PROTECTED]
Enviada em: quinta-feira, 27 de abril de 2006 16:18
Para: spamassassin-users@incubator.apache.org
Assunto: old option from 2.84
hi,
In the procmailrc I had
First I assume you mean 2.64. There never was a 2.84...
.rp wrote:
hi,
In the procmailrc I had
/usr/bin/spamassassin -a
I just updated to SA3.1.1 and my log got full of error messages about invalid
option.
Is the '-a' just gone or has it been replaced?
The man spamassasin was
I had to restart CGPSA and it picked up the new version of 3.1.1. I
hope now that it will catch the spam emails better that I have been
having problems with. :-)
Tracey Gates
Lead Developer
[EMAIL PROTECTED]
1350 South Boulder, Third Floor / Tulsa, OK 74119-3203
Phone 918-663-0991 / Fax
Marcos Manhanes wrote:
Hello to all,
How can I change my e-mail on list ?
Read the headers of any message posted to the list.
This list, along with many others, uses the RFC standardized method of
advertising list management features through the list-help and
list-unsubscribe headers.
Be
On Wed, Apr 26, 2006 at 05:32:45PM -0400, Joe Flowers wrote:
Any educated guesses on when 3.1.2 will be released?
I was hoping to get it out this month, but I think it'll probably be next
early month before it's all ready to go.
Any word on whether or not it includes a fix for bug #4590?
Will Nordmeyer wrote:
I added the following fields to local.cf
# Enable the Bayes system
use_bayes 1
bayes_file_mode 0777
bayes_path /etc/mail/spamassassin/bayes/bayes
But it seems that everybody's local bayes system continues to be run.
Did you run spamassassin --lint? Perhaps
On Donnerstag, 27. April 2006 14:53 Matt Kettler wrote:
I do agree.. it's not 100% safe.. However, it is also not safe to
have a server with no RDNS, because many won't take your mail..
Yes, I just had configured a server today which happens to receive mail
from some Austrian government and
Marc Dufresne wrote:
I am using Freebsd 5.4 with Mailscanner-4.52.2-1. I have always encountered
this when bayes approaches nspam of arounf 2500. It just locks.
I have had this problem on numerous occassions. My bayes database will not
learn anymore than 2165 nspam. It seems to be stuck
First, I assume you mean they work with \ not /. / won't escape things, \ will. Oops, yes Also, your test results are not quite the same as the perl regex docs, but close. This is why I'm doing this. Everything I've read says "use standard rules" but says nothing about exceptions, which are
Ok, I changed the tagging slightly, and I can confirm that it is still happening and that the tagging is on my end:===From: Court of Appeal Distribution
[EMAIL PROTECTED]To: [EMAIL PROTECTED]Subject: ***SPAM*** Court of
From: Igor Chudov [EMAIL PROTECTED]
On Thu, Apr 27, 2006 at 09:58:40AM -0400, Matt Kettler wrote:
Ronald I. Nutter wrote:
I have added most of the rule sets from rulesemporium.com as well as
adding several of my own. I update the rules from sare about once a
month.
You mentioned having
Thanks Theo. That'll be good then.
I saw your plea on the Dev list to get another version out this month, so I've
been kinda holding off on the upgrades. I'll try to fend off the users until
mid-May then.
Thank you!
Yes, as Steve said, you guys rock!!!
Joe
-Original Message-
From:
Is it going through the SpamAssassin tests exactly once or is there a
chance it goes through twice?
{^_^}
- Original Message -
From: Paul Dulaba [EMAIL PROTECTED]
Ok, I changed the tagging slightly, and I can confirm that it is still
happening and that the tagging is on my end:
From: Jim Maul [EMAIL PROTECTED]
Tracey Gates wrote:
I checked and did find 2 spamd files. One was in /usr/bin with the
latest install date. The other one was in /etc/rc.d/init.d with the
older install date. I backed up the older files and replaced the ones
that are in the init.d directory
I've confirmed that meta's within meta's within meta's work well:body __testA /\ba/ibody __testB /\bb/ibody __testC /\bc/ibody __testD /\bd/ibody __testE /\be/ibody __testF /\bf/ibody __testG /\bg/ibody __testH /\bh/ibody __testI /\bi/ibody __testJ /\bj/ibody __testK /\bk/ibody __testL /\bl/imeta
From: Dan Patnode [EMAIL PROTECTED]
I've confirmed that meta's within meta's within meta's work well:
body __testA /\ba/i
body __testB /\bb/i
body __testC /\bc/i
body __testD /\bd/i
body __testE /\be/i
body __testF /\bf/i
body __testG /\bg/i
body __testH /\bh/i
body __testI /\bi/i
body __testJ
Dan Patnode wrote:
I've confirmed that meta's within meta's within meta's work well:
body __testA /\ba/i
snip
but, combined with neutralized (__) tests, the score line doesn't show
which individual tests were triggered:
X-SpamAssassin: score=3.0
Is 0.001 a low enough score to be considered to be zero?
I'm building a very precise configuration so any variations create
headaches, but if I can't find any alternatives, I may have to.
You can run the message through spamassassin -tD. The debug output
will
include the full list of
Guys, today I got a flow of new type of spam, this new email has some sort
of gif or image inside that contains like a letter or some letters...
Hasanybody seens this and know how to block it?
Dan wrote:
Is 0.001 a low enough score to be considered to be zero?
I'm building a very precise configuration so any variations create
headaches, but if I can't find any alternatives, I may have to.
You can run the message through spamassassin -tD. The debug output will
include the full
On Fri, Apr 28, 2006 at 12:37:40AM -0400, Matt Kettler wrote:
do such detailed analysis on live email... If you really must do it
live, the 0.001 score seems to be your best option.
If you really really wanted it in the headers, you could open a BZ ticket
requesting an enhancement to create a
Anton Krall wrote:
Guys, today I got a flow of new type of spam, this new email has some sort
of gif or image inside that contains like a letter or some letters...
Hasanybody seens this and know how to block it?
I've seen two variants of this. One doing stock pump-and-dump scams, one
doing
It is only passing once.On 4/27/06, jdow [EMAIL PROTECTED] wrote:
Is it going through the SpamAssassin tests exactly once or is there achance it goes through twice?{^_^}- Original Message -From: Paul Dulaba [EMAIL PROTECTED]
Ok, I changed the tagging slightly, and I can confirm that it is
49 matches
Mail list logo
