Rick Measham wrote:
Marc Perkel wrote:
... I do front end spam filtering for about 500 domains.
> ... I'm wondering if I
make enough money suing spammers I could give my services away for
free just to get the spam to sue for.
Someone tell me if I'm nuts?
To be completely cynical, you're
Marc Perkel wrote:
... I do front
end spam filtering for about 500 domains.
> ... I'm wondering if I
make enough money suing spammers I could give my services away for free
just to get the spam to sue for.
Someone tell me if I'm nuts?
To be completely cynical, you're nuts.
If you're in th
> Any SA/Qmail?
Not much - I've found the "sam" module (in CVS) in the horde project
(horde.org) works fairly well for my configuration.
The next best thing is to hack webuserprefs (see other post) to suite
your needs, it's not too hard.
Good luck,
Josh
Theo Van Dinter wrote:
However, I don't really think we need to have SA doing this. IMO, if
spammers have to resort to obfuscating their domains in such a way that
people need to actively copy/paste/edit/copy/paste to get to their site...
If that's the theory, then why bother with SA at all? S
Kai Schaetzl wrote:
What's there to "invent"? The point is that these need to be identified as
URI. So, convert to URI and then lookup in SURBL.
Why bother with the lookup? Any mail that has something that looks
enough like an obfuscated URL that we'd want to look it up should ring
alarm bell
> -Original Message-
> From: Bart Schaefer [mailto:[EMAIL PROTECTED]
> Sent: Friday, May 12, 2006 5:54 PM
> To: users@spamassassin.apache.org
> Subject: Re: So, when do we start handling [dot] in a URI
>
> On 5/12/06, Kai Schaetzl <[EMAIL PROTECTED]> wrote:
> > Bart Schaefer wrote on Fri,
If it works, let me know ... and let me know the name of your lawyer :-)
Cuz, I'd jump on that bandwagon in a heart beat...
On May 12, 2006, at 18:37, Marc Perkel wrote:
So - has anyone here actually sued a spammer? I'm seriously
considering it. I hooked up with a lawyer today who specialize
So - has anyone here actually sued a spammer? I'm seriously considering
it. I hooked up with a lawyer today who specializes in it and I do front
end spam filtering for about 500 domains. I'm wondering, is there any
reason why I should not sue spammers if I can do it? I'm wondering if I
make eno
From: "John Rudd" <[EMAIL PROTECTED]>
On May 12, 2006, at 15:53, Bart Schaefer wrote:
On 5/12/06, Kai Schaetzl <[EMAIL PROTECTED]> wrote:
Bart Schaefer wrote on Fri, 12 May 2006 07:34:05 -0700:
> So now that the spammers are using our own defenses against us, you
> suggest that we should inv
On May 12, 2006, at 15:53, Bart Schaefer wrote:
On 5/12/06, Kai Schaetzl <[EMAIL PROTECTED]> wrote:
Bart Schaefer wrote on Fri, 12 May 2006 07:34:05 -0700:
> So now that the spammers are using our own defenses against us, you
> suggest that we should invent the technology to defeat those
def
From: "Bart Schaefer" <[EMAIL PROTECTED]>
On 5/12/06, Kai Schaetzl <[EMAIL PROTECTED]> wrote:
Bart Schaefer wrote on Fri, 12 May 2006 07:34:05 -0700:
> So now that the spammers are using our own defenses against us, you
> suggest that we should invent the technology to defeat those defenses?
W
On 5/12/06, Kai Schaetzl <[EMAIL PROTECTED]> wrote:
Bart Schaefer wrote on Fri, 12 May 2006 07:34:05 -0700:
> So now that the spammers are using our own defenses against us, you
> suggest that we should invent the technology to defeat those defenses?
What's there to "invent"? The point is that
From: "Kai Schaetzl" <[EMAIL PROTECTED]>
Theo Van Dinter wrote on Thu, 11 May 2006 13:49:11 -0400:
fwiw, the 8-bit characters ought to be encoded in base64 or quoted-printable.
then the rule wouldn't hit.
I just found the same problem here with a whole bunch of messages coming from
the same
Kai Schaetzl wrote:
The subject line hitting in the case of our customer was:
Bewerbung für INS-2006-05-4, "MODEL´S GESUCHT!!!"
I can identify only one character that is outside the ASCII range.
I count two: The ü in für and the ´ in MODEL´S, which is different from
the ASCII single quote
Bart Schaefer wrote on Fri, 12 May 2006 07:34:05 -0700:
> So now that the spammers are using our own defenses against us, you
> suggest that we should invent the technology to defeat those defenses?
What's there to "invent"? The point is that these need to be identified as
URI. So, convert to U
Theo Van Dinter wrote on Thu, 11 May 2006 13:49:11 -0400:
> fwiw, the 8-bit characters ought to be encoded in base64 or quoted-printable.
> then the rule wouldn't hit.
I just found the same problem here with a whole bunch of messages coming from
the same source. It seems the rule hits on *one*
Jo wrote on Fri, 12 May 2006 16:41:38 +0200:
> punt, puntje, bolleke, bolletje, point, Punkt, punto, punkto. With 6000
> languages worldwide that's a lot of possible variations...
Not really, since most of that spam is in English and they rely on "common
knowledge", e.g. that "[dot]" means ".".
Christian Reiter wrote:
Hi Patrick!
is there any WebGUI for training and managing Spamassassin
like DSPAM uses one?
May Maia Mailguard could help you:
http://www.renaissoft.com/maia/
Or MailWatch if you use MailScanner/SA.
http://mailwatch.sourceforge.net/
Ken A
Any SA/Qmail?
regar
R.Brown wrote:
> Hello,
>
> Running: SA 3.1.1 on Mac OS-X
>
> This is a newbie problem!
> I've got permissions problems with my SA setup that I'm unable to sort
> out. Here is how I'm running it with spamd as the user.
>
> root 359 0.0 0.744724 11740 ?? Ss 12:42PM 0:02.14
> /
I got flak for top posting one day. I went over to the archives and
found out that I did not top post but apparently when he received the
email it was missing some header and it was "miss filed" in his email
client.
The person sent me two paragraphs of ranting about top posting... As
you did,
On Fri, 12 May 2006 11:47:33 -0700, "jdow" <[EMAIL PROTECTED]> wrote:
>From: "Jo" <[EMAIL PROTECTED]>
>
>> Bret Miller wrote:
>>> Seems spammers have taken up to doing what many of us have in posting
>>> e-mail addresses, putting [dot] instead of the . in the URL and telling
>>> people to replace
From: "Jo" <[EMAIL PROTECTED]>
Bret Miller wrote:
Seems spammers have taken up to doing what many of us have in posting
e-mail addresses, putting [dot] instead of the . in the URL and telling
people to replace it like this:
Welcome!
[E]rectile
[D]ysfunction?
We can help! Our site: ochhorfand
From: "Steven Stern" <[EMAIL PROTECTED]>
Please don't top post and reply to the list. Thanks.
Please don't be anal retentive, Steve. You're human. You can adapt.
Or should I start advocating side posting?
{^_^}
>From my understanding the whitelist entry should contain and address then the
domain
whitelist_from_rcvd [EMAIL PROTECTED] cecinfo.org
-Original Message-
From: Robert Fitzpatrick [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 10, 2006 9:13 AM
To: users@spamassassin.apache.org
Subject:
Hello,
Running: SA 3.1.1 on Mac OS-X
This is a newbie problem!
I've got permissions problems with my SA setup that I'm unable to
sort out. Here is how I'm running it with spamd as the user.
root 359 0.0 0.744724 11740 ?? Ss 12:42PM
0:02.14 /usr/bin/spamd -u spamd -d -r
> >3) Find out how much free memory you have without spamd running. ...
> >4) Divide the free memory by your answer from 2. That should give you a
> > good rough-estimate number to work with.
> As an alternative to the above, you can calculate an approximate upper
> limit for "m" by taking the res
>From RFC2821 (http://www.faqs.org/rfcs/rfc2821.html)
6.1 Reliable Delivery and Replies by Email
When the receiver-SMTP accepts a piece of mail (by sending a "250 OK"
message in response to DATA), it is accepting responsibility for
delivering or relaying the message. It must take this r
At 12:04 PM 05/10/2006, you wrote:
Jean-Paul Natola wrote:
>
> spamd -m
>
> and what would be an ideal number to set it ?
>
> I came in this morning , got a bunch of those swap message , and
my VM is at
> 86% right now
As Chris S already said, there's no hard-fast rule here. However,
here
David Baron wrote:
1. Depends on some PERL packages: libarchive-tar-perl, libio-zlib-perl. Debian
also should depend on libwww-perl
Did you file a bug report?
GH
At 12:04 PM 05/10/2006, you wrote:
Jean-Paul Natola wrote:
>
> spamd -m
>
> and what would be an ideal number to set it ?
>
> I came in this morning , got a bunch of those swap message , and
my VM is at
> 86% right now
As Chris S already said, there's no hard-fast rule here. However,
here
David Baron wrote:
Did you file a bug report?
No, I did not. If Debian maintainers are responsible for this, I will.
Hm, who sets up the dependencies if not them?
> Easy
enough. Poster says that this is no longer a problem in 3.1.1 and that the
site is simply off line for now so I will wa
I posted a whitelist_from_rcvd usage issue the other day and someone
quickly opened my eyes to notice the message didn't have a from address,
the log showed 'from=<>'. These people are asking that I whitelist their
mail servers. I understand whitelist_from_rcvd uses two parameters, the
first being
> -Original Message-
> From: Theo Van Dinter [mailto:[EMAIL PROTECTED]
> Sent: Friday, May 12, 2006 10:17
> To: users@spamassassin.apache.org
> Subject: Re: So, when do we start handling [dot] in a URI
>
> On Fri, May 12, 2006 at 10:12:40AM -0500, Dallas L. Engelken wrote:
> > well, i don
Christian Reiter wrote:
Hi Patrick!
is there any WebGUI for training and managing Spamassassin
like DSPAM uses one?
May Maia Mailguard could help you:
http://www.renaissoft.com/maia/
Or MailWatch if you use MailScanner/SA.
http://mailwatch.sourceforge.net/
Ken A
Kind Regards
Yes, but...
Spamassassin isn't scoring high enough to block these emails, and our
users expect it to.
I think it's worth doing the obvious substitutions for [dot] and (dot)
in uribl tests.
If the unmunged domain scores in uribls we're going to want to block it
anyway. And if we're not whitelist
On Fri, May 12, 2006 at 10:12:40AM -0500, Dallas L. Engelken wrote:
> well, i dont consider them FPs, because i'm not writing any rules around
> it. its just so get_uri_list() picks them up as uris, and checks them
> against rhsbls.
Except the reason you don't want to change $_ in that loop is b
On Tuesday, May 9th 2006 at 18:07 -0400, quoth Aaron Boyles:
=>How do I take myself off this mailing list?
=>
=>-Javin
=>
From: "Dr. Bryan Bledsoe" <[EMAIL PROTECTED]>
To: "prehospitalcare List Member"? <[EMAIL PROTECTED]>
Subject: [prehospitalcare] How To Remove Yourself From The List
Date: Sat,
> -Original Message-
> From: Theo Van Dinter [mailto:[EMAIL PROTECTED]
> Sent: Friday, May 12, 2006 10:08
> To: users@spamassassin.apache.org
> Subject: Re: So, when do we start handling [dot] in a URI
>
> On Fri, May 12, 2006 at 09:58:55AM -0500, Dallas L. Engelken wrote:
> > as a quick
On Fri, May 12, 2006 at 09:58:55AM -0500, Dallas L. Engelken wrote:
> as a quick workaround (in PerMsgStatus.pm), i have been using this since
> mid-march when i started seeing the (dot) and [dot] munging. i realize
> the NOTE in M::SA::PMS says not to alter $_, but it was the fastest way
> to so
> -Original Message-
> From: Bret Miller [mailto:[EMAIL PROTECTED]
> Sent: Friday, May 12, 2006 08:59
> To: users@spamassassin.apache.org
> Subject: So, when do we start handling [dot] in a URI
>
> Seems spammers have taken up to doing what many of us have in
> posting e-mail addresses,
Friday 12 May 2006 16:38m Theo Van Dinter wrote:
> However, I don't really think we need to have SA doing this. IMO, if
> spammers have to resort to obfuscating their domains in such a way that
> people need to actively copy/paste/edit/copy/paste to get to their site...
They already ofuscate thei
There are the remains of WebUserPrefs at webuserprefs.sourceforge.net.
I'm looking for someone interested in taking it over and getting it working
with modern SA builds. Unfortunately I haven't had time to continue it.
--
Benjamin Story, CCNA CCDA
Network Administrator
Dot Foods, Inc
www.dotf
That looks good - do you know of any distribution that installs it by
default?
Christian Reiter wrote:
Hi Patrick!
is there any WebGUI for training and managing Spamassassin
like DSPAM uses one?
May Maia Mailguard could help you:
http://www.renaissoft.com/maia/
Kind Regards
Bret Miller wrote:
Seems spammers have taken up to doing what many of us have in posting
e-mail addresses, putting [dot] instead of the . in the URL and telling
people to replace it like this:
Welcome!
[E]rectile
[D]ysfunction?
We can help! Our site: ochhorfando[dot]com ;) Don't forget to repl
On Fri, May 12, 2006 at 07:34:05AM -0700, Bart Schaefer wrote:
> So now that the spammers are using our own defenses against us, you
> suggest that we should invent the technology to defeat those defenses?
> And *then* what happens?
I haven't tried it, but always thought that detecting the straigh
On 5/12/06, Bret Miller <[EMAIL PROTECTED]> wrote:
Seems spammers have taken up to doing what many of us have in posting
e-mail addresses, putting [dot] instead of the . in the URL and telling
people to replace it
Gosh, exactly what "regular" people have been doing on web sites and
in news/list
Seems spammers have taken up to doing what many of us have in posting
e-mail addresses, putting [dot] instead of the . in the URL and telling
people to replace it like this:
Welcome!
[E]rectile
[D]ysfunction?
We can help! Our site: ochhorfando[dot]com ;) Don't forget to replace
"[dot]" to "."
S
Hi Patrick!
> is there any WebGUI for training and managing Spamassassin
> like DSPAM uses one?
May Maia Mailguard could help you:
http://www.renaissoft.com/maia/
Kind Regards
Christian Reiter
PerCom-Soft Handels
Sorry for not replying to all, forgot.
Thank you for the help! Someday ill remember it!
on 5/12/06 8:53 AM, Steven Stern at [EMAIL PROTECTED] wrote:
> [EMAIL PROTECTED] wrote:
>> Doh, no...can you point me in the direction of how to do that?
>>
>>
>>
>> on 5/12/06 8:23 AM, Steven Stern at
[EMAIL PROTECTED] wrote:
> Doh, no...can you point me in the direction of how to do that?
>
>
>
> on 5/12/06 8:23 AM, Steven Stern at [EMAIL PROTECTED] wrote:
>
>> [EMAIL PROTECTED] wrote:
>>> Ok, fair enough...i downloaded and ran
>>>
>>> rpmbuild -tb Mail-SpamAssassin-3.1.1.tar.gz
>>>
>>> As
[EMAIL PROTECTED] wrote:
> Ok, fair enough...i downloaded and ran
>
> rpmbuild -tb Mail-SpamAssassin-3.1.1.tar.gz
>
> As descibed on the site. I don't see any changes in the version number, is
> there more I have to do ?
>
>
That just creates the RPM files in /usr/src/redhat/RPMS. Did you inst
Ok, fair enough...i downloaded and ran
rpmbuild -tb Mail-SpamAssassin-3.1.1.tar.gz
As descibed on the site. I don't see any changes in the version number, is
there more I have to do ?
on 5/11/06 12:41 PM, Daryl C. W. O'Shea at [EMAIL PROTECTED] wrote:
> The Help Guy wrote:
>> hello all:
>>
> Received: from bzq-88-155-227-248.red.bezeqint.net ([88.155.227.248])
> by marvin.thomasmurray.com with smtp (Exim 4.54)
Why are you receiving stuff directly from someone else's dialup without
giving it a few points? (At least I assume it is dialup/dsl, given the form
of host name.)
Ah. I see
Hi Folks,
is there any WebGUI for training and managing Spamassassin like DSPAM uses
one?
Anyone got any Links for me? ;)
Thanks in Advantage,
Patrick Baeumel
!DSPAM:44644bb7176961003417215!
I run a fairly uncompromising spamassassin, which rejects mail scoring
5.5 or above (and in my own mailbox, I treat anything scoring over 0 as
suspect). I find that almost all false negatives that slip through are
the result of a not-perfectly-trained site-wide bayes database
[Basically, I train it
Hello Thomas,
Wednesday, May 10, 2006, 1:19:34 PM, you wrote:
TG> Hi List!
TG>
TG> I'm runing a debian mailserver with qmail 1.03, vpopmail and kaspersky
TG> anti-virus smtp-scanner 5.5.3.
TG>
TG> Now i wanted to add the latest spamassassin to filter the spam which grows
TG> up to 500 mai
56 matches
Mail list logo
