Panagiotis Christias writes:
> On 8/11/06, DAve <[EMAIL PROTECTED]> wrote:
> > DAve wrote:
> > > Panagiotis Christias wrote:
> > >> On 8/11/06, Theo Van Dinter <[EMAIL PROTECTED]> wrote:
> > >>> FWIW, the format sa-update expects is the standard format from sha1sum.
> > >>> Does FreeBSD have a sha
jdow writes:
> From: "Jim Maul" <[EMAIL PROTECTED]>
>
> > Bowie Bailey wrote:
> >
> >> It doesn't really matter to me who supports which pieces as long as
> >> they all work.
> >>
> >> Someone may be able to fix sa-update so that it can take over from
> >> RDJ, but as of now, that is not possib
Any reason why this config failed?
According to Mail::SpamAssassin::Plugin::AutoLearnThreshold it is a
valid config.
# spamassassin --lint
[11919] warn: config: failed to parse line, skipping:
bayes_auto_learn_threshold_nonspam 0.1
[11919] warn: config: failed to parse line, skipping:
bayes_a
Hi,
Beast wrote:
Any reason why this config failed?
According to Mail::SpamAssassin::Plugin::AutoLearnThreshold it is a
valid config.
# spamassassin --lint
[11919] warn: config: failed to parse line, skipping:
bayes_auto_learn_threshold_nonspam 0.1
[11919] warn: config: failed to parse line,
Hello
I use spamassassin3.1 with simscan1.2 on
qmail.
I want my mailserver to deny some messages which
are spam using sa-learn. So I typed as below;
sa-learn --spam /path/badmails/
Learned tokens from 6 message(s) (6 message(s)
examined)
Despite I learnt to my server as spam with the
a
Anthony Peacock wrote:
Hi,
Beast wrote:
Any reason why this config failed?
According to Mail::SpamAssassin::Plugin::AutoLearnThreshold it is a
valid config.
# spamassassin --lint
[11919] warn: config: failed to parse line, skipping:
bayes_auto_learn_threshold_nonspam 0.1
[11919] warn: confi
On Fri, 11 Aug 2006 11:49:16 +0300, "Halid Faith"
<[EMAIL PROTECTED]> wrote:
>Hello
>
>I use spamassassin3.1 with simscan1.2 on qmail.
>I want my mailserver to deny some messages which are spam using sa-learn. So I
>typed as below;
>sa-learn --spam /path/badmails/
>
>Learned tokens from 6 message
Beast wrote:
Anthony Peacock wrote:
Hi,
Beast wrote:
Any reason why this config failed?
According to Mail::SpamAssassin::Plugin::AutoLearnThreshold it is a
valid config.
# spamassassin --lint
[11919] warn: config: failed to parse line, skipping:
bayes_auto_learn_threshold_nonspam 0.1
[1191
Hi,
Beast wrote:
Anthony Peacock wrote:
Hi,
Beast wrote:
Any reason why this config failed?
According to Mail::SpamAssassin::Plugin::AutoLearnThreshold it is a
valid config.
# spamassassin --lint
[11919] warn: config: failed to parse line, skipping:
bayes_auto_learn_threshold_nonspam 0.1
On Fri, August 11, 2006 10:46, Anthony Peacock wrote:
> Hi,
>
> Beast wrote:
>> Any reason why this config failed?
>> According to Mail::SpamAssassin::Plugin::AutoLearnThreshold it is a
>> valid config.
>>
>> # spamassassin --lint
>> [11919] warn: config: failed to parse line, skipping:
>> bayes_au
On Fri, August 11, 2006 01:02, Logan Shaw wrote:
> So... is it safe to assume their servers are configured
> incorrectly?
no thay just use another header
fix with my config
change this config to what your mta adds as header
--
Benny#
# this one is from Mark
# needed in sa 3.1.3 to make spf w
Bill Randle wrote:
On Thu, 2006-08-10 at 22:35 -0400, DAve wrote:
DAve wrote:
Panagiotis Christias wrote:
On 8/11/06, Theo Van Dinter <[EMAIL PROTECTED]> wrote:
FWIW, the format sa-update expects is the standard format from sha1sum.
Does FreeBSD have a sha1sum that produces the format that yo
Bret Miller wrote:
Theo Van Dinter wrote:
Going further...
I could see SARE rules offered on many channels though some
reorganization may be required. Channels such as post25,
pre30, header,
body, etc. There are too many rules to have a channel for each but
possibly sets of popular rules
Halid Faith wrote:
>
> I use spamassassin3.1 with simscan1.2 on qmail.
> I want my mailserver to deny some messages which are spam using
> sa-learn. So I typed as below;
> sa-learn --spam /path/badmails/
>
> Learned tokens from 6 message(s) (6 message(s) examined)
>
> Despite I learnt to my ser
DAve wrote:
>
> I have it working fine here, about 20 lines of /bin/sh and and I can
> turn out any number of rule sets, even a channel per SARE rule.
>
> I'm willing to publish the channels if there is interest in them. I
> still believe packages or sets of popular rules would be good.
> Alterna
Bowie Bailey wrote:
DAve wrote:
I have it working fine here, about 20 lines of /bin/sh and and I can
turn out any number of rule sets, even a channel per SARE rule.
I'm willing to publish the channels if there is interest in them. I
still believe packages or sets of popular rules would be good.
> >> Theo Van Dinter wrote:
>
> >> Going further...
> >>
> >> I could see SARE rules offered on many channels though some
> >> reorganization may be required. Channels such as post25,
> >> pre30, header,
> >> body, etc. There are too many rules to have a channel for each but
> >> possibly sets of
On Fri, 11 Aug 2006, Justin Mason wrote:
jdow writes:
Nor does it make sense to use a tool, even if supplied with SpamAssassin,
that is broken for performing updates.
what's the "broken" part?
Well, this may not qualify as broken, but I would say it's an
undesirable behavior that, upon su
> On Fri, 11 Aug 2006, Justin Mason wrote:
> > jdow writes:
>
> >> Nor does it make sense to use a tool, even if supplied
> with SpamAssassin,
> >> that is broken for performing updates.
>
> > what's the "broken" part?
>
> Well, this may not qualify as broken, but I would say it's an
> undesirable
Can anyone tell me what the aim of this SPAM is?
Am I meant to buy stuff via MSN Messenger or something?
IF i understand a piece of spam i can more effectively stop it!
Any ideas greatfully received!
Ben
Received: from [127.0.0.1] by arkbb.co.uk with SMTP (HELO server.)
(ArGoSoft Mail Server
Title: RE: sa-update vs RDJ
>> If the SARE guys are interested in this project, maybe they could come
>> up with a list of the most commonly downloaded rulesets.
>They are oddly silent on the subject so far...
We're listening :)
RDJ and SAupdate are really seperate from SARE. How
Bret Miller writes:
> > On Fri, 11 Aug 2006, Justin Mason wrote:
> > > jdow writes:
> >
> > >> Nor does it make sense to use a tool, even if supplied
> > with SpamAssassin,
> > >> that is broken for performing updates.
> >
> > > what's the "broken" part?
> >
> > Well, this may not qualify as broke
> Bret Miller writes:
> > > On Fri, 11 Aug 2006, Justin Mason wrote:
> > > > jdow writes:
> > >
> > > >> Nor does it make sense to use a tool, even if supplied
> > > with SpamAssassin,
> > > >> that is broken for performing updates.
> > >
> > > > what's the "broken" part?
> > >
> > > Well, this may
On Fri, Aug 11, 2006 at 10:14:46AM -0500, Logan Shaw wrote:
> What happens if the new set is broken? There's no easy way
> to revert to the last known good state.
sa-update lint checks the new files in a separate temp area before
installing them into the real directory. Only if lint succeeds
(wh
I got one of these from someone pretending to be a chick in Israel.
I just knew it wasn't legit but I played along.
It's someone or a group of someones trying to scam money off lonely nerds.
They soften you up with sweet talk and naked pics then try and get you to
send them money so they ca
Title: RE: sa-update vs RDJ
>
> If the SARE guys are interested in this project, maybe they could come
> up with a list of the most commonly downloaded rulesets.
For the month of Aug to date
1 /rules/70_sare_random.cf
2 /rules/70_sare_adult.cf
3 /rules/99_sare_fraud_
On Fri, Aug 11, 2006 at 11:42:57AM -0400, Chris Santerre wrote:
> > If the SARE guys are interested in this project, maybe they could come
> > up with a list of the most commonly downloaded rulesets.
>
> For the month of Aug to date
>
> 1 /rules/70_sare_random.cf
> 2 /rules/70_sare_ad
> On Fri, Aug 11, 2006 at 10:14:46AM -0500, Logan Shaw wrote:
> > What happens if the new set is broken? There's no easy way
> > to revert to the last known good state.
>
> sa-update lint checks the new files in a separate temp area before
> installing them into the real directory. Only if lint s
I received/responded to this privately before it was also sent to the list, so
paraphrasing below...
On Fri, Aug 11, 2006 at 08:45:43AM -0700, Bret Miller wrote:
> But adding the option to archive will make at least some people more
> comfortable with running sa-update. So I added the bz ticket. W
Bret Miller wrote:
Bret Miller writes:
On Fri, 11 Aug 2006, Justin Mason wrote:
jdow writes:
Nor does it make sense to use a tool, even if supplied
with SpamAssassin,
that is broken for performing updates.
what's the "broken" part?
Well, this may not qualify as broken, but I would say it's
Title: RE: sa-update vs RDJ
> -Original Message-
> From: Theo Van Dinter [mailto:[EMAIL PROTECTED]]
> Sent: Friday, August 11, 2006 11:45 AM
> To: Chris Santerre
> Cc: users@spamassassin.apache.org
> Subject: Re: sa-update vs RDJ
>
>
> On Fri, Aug 11, 2006 at 11:42:57AM -0400, Chri
On Fri, Aug 11, 2006 at 11:56:00AM -0400, DAve wrote:
> I think a status report would be a good option as well. SA already asks
> you for your admins email address at install time. Sending a report of
> what happened during the sa-update process would be very, very valuable.
Hrm. I'd say feel f
Theo Van Dinter wrote:
On Fri, Aug 11, 2006 at 11:42:57AM -0400, Chris Santerre wrote:
If the SARE guys are interested in this project, maybe they could come
up with a list of the most commonly downloaded rulesets.
For the month of Aug to date
1 /rules/70_sare_random.cf
2 /rule
Title: RE: [ot] Re: HTML-tests good or bad?
> -Original Message-
> From: John Rudd [mailto:[EMAIL PROTECTED]]
> Sent: Friday, August 11, 2006 12:50 AM
> To: jdow
> Cc: users@spamassassin.apache.org
> Subject: Re: [ot] Re: HTML-tests good or bad?
>
>
>
> On Aug 10, 2006, at 8:42 PM
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
hi,
< ... adjusting tin-foil hat and asbestos shorts ...>
since i actually asked a simple question early on (~ "can we use
sa-update rather than RDJ to pull SARE rules ...") in the interminable
"SA vs RDJ" thread ;-) , and, afaict, it's still un
Title: RE: Word Doc spam
> -Original Message-
> From: Rob Poe [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, August 10, 2006 5:40 PM
> To: Kenneth Porter; users@spamassassin.apache.org
> Subject: Re: Word Doc spam
>
>
> I got one of these too...
>
> >>> Kenneth Porter <[EMAIL PROTEC
Chris Santerre wrote:
-Original Message-
From: Rob Poe [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 10, 2006 5:40 PM
To: Kenneth Porter; users@spamassassin.apache.org
Subject: Re: Word Doc spam
I got one of these too...
Kenneth Porter <[EMAIL PROTECTED]> 8/8/2006 8:07 AM >>>
-
Title: RE: breaking out: thinking abt the 'sa-update *VS* rdj' thread ...
> from a user's perspective, all this is confusing/confounding. as a
> user, i want to see/use one mechanism for rules.
From an SA admin, it makes perfect sense. :)
>
> currently, it all "smells" like a bunch o'
Words by Chris Santerre [Fri, Aug 11, 2006 at 12:12:41PM -0400]:
>
>
...
> >
> > I'd always thought that it would be nice for the Open Office
> > people to
> > create a simple command-line utility to convert Word files to
> > plain text
> > for spam checking. Or it could strip any macros for
Title: RE: Word Doc spam
>
> Are there other subjects, or just these two:
> Bill Summary - Invoice #.
> August Payment Summary, Invoice #.
I'm only seeing those 2. But you can't really right a rue for just that without major FPs. Going to have to meta with another sign.
--Chris
Theo Van Dinter wrote:
On Fri, Aug 11, 2006 at 11:56:00AM -0400, DAve wrote:
I think a status report would be a good option as well. SA already asks
you for your admins email address at install time. Sending a report of
what happened during the sa-update process would be very, very valuable.
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
hi chris,
Chris Santerre wrote, On 8/11/06 9:26 AM:
>> from a user's perspective, all this is confusing/confounding. as a
>> user, i want to see/use one mechanism for rules.
>
> From an SA admin, it makes perfect sense. :)
well, given that i'm
> < ... adjusting tin-foil hat and asbestos shorts ...>
>
> since i actually asked a simple question early on (~ "can we use
> sa-update rather than RDJ to pull SARE rules ...") in the interminable
> "SA vs RDJ" thread ;-) , and, afaict, it's still unanswered,
> i'll "opine".
>
> a recent thread c
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
hi bret,
> Amen.
well, that, at least, makes two of us ;-)
...
> Keeping the environment simpler and similar tasks done in a consistent
> manner is really essential in a lot of business environments.
100% agreed. and re: "the environment",
Beast wrote:
Any reason why this config failed?
According to Mail::SpamAssassin::Plugin::AutoLearnThreshold it is a
valid config.
Is the plugin loaded? If not it won't be there to parse these lines.
Loren
Richard <[EMAIL PROTECTED]> wrote on 08/11/2006
11:11:00 AM:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: RIPEMD160
>
> hi,
>
> < ... adjusting tin-foil hat and asbestos shorts ...>
>
Breaking out flamethrower. :-)
> a recent thread comment "from SARE"
is the trigger here:
>
> "RDJ
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
hi andy,
> Breaking out flamethrower. :-)
heh.
> The official SA rules are meant to be used by all users. SARE on the
> other hand is "Here's the rules we have, go ahead and pick and choose what
> you'd like to use. If anything"
true.
From: "Logan Shaw" <[EMAIL PROTECTED]>
On Fri, 11 Aug 2006, Justin Mason wrote:
jdow writes:
Nor does it make sense to use a tool, even if supplied with SpamAssassin,
that is broken for performing updates.
what's the "broken" part?
Well, this may not qualify as broken, but I would say i
From: "Justin Mason" <[EMAIL PROTECTED]>
jdow writes:
From: "Jim Maul" <[EMAIL PROTECTED]>
> Bowie Bailey wrote:
>
>> It doesn't really matter to me who supports which pieces as long as
>> they all work.
>>
>> Someone may be able to fix sa-update so that it can take over from
>> RDJ, but a
From: "Justin Mason" <[EMAIL PROTECTED]>
Panagiotis Christias writes:
On 8/11/06, DAve <[EMAIL PROTECTED]> wrote:
> DAve wrote:
> > Panagiotis Christias wrote:
> >> On 8/11/06, Theo Van Dinter <[EMAIL PROTECTED]> wrote:
> >>> FWIW, the format sa-update expects is the standard format from sha1su
jdow writes:
> From: "Justin Mason" <[EMAIL PROTECTED]>
> > Panagiotis Christias writes:
> >> On 8/11/06, DAve <[EMAIL PROTECTED]> wrote:
> >> > DAve wrote:
> >> > > Panagiotis Christias wrote:
> >> > >> On 8/11/06, Theo Van Dinter <[EMAIL PROTECTED]> wrote:
> >> > >>> FWIW, the format sa-update e
--On Wednesday, August 09, 2006 3:54 PM -0500 Logan Shaw
<[EMAIL PROTECTED]> wrote:
This is purely a philosophical argument, but something seems
wrong about the idea of using a package manager to manage
volatile data files in /var.
The problem is not the use of the package manager but the pla
--On Wednesday, August 09, 2006 7:33 PM -0700 jdow <[EMAIL PROTECTED]>
wrote:
For about a femto-second, perhaps. There is too much YMMV
involved with the SARE rule sets to make it practical as
an rpm solution.
True, this is the real problem with packaging SARE: There's no clear
separation of
Are you guys getting hit pretty hard today? I don't have exact numbers but I
see more activity than
normal.
No harder than usual since July 1. On that date, almost like a switch was
flipped, spam to my accounts here dropped about 50%. I've been wondering
about it. 250-300+ per day went down to 100 to 180 per day.
Now, as for ssh attacks and other port "activity" it's been pretty bad
lately. (WTF is on
wrote:
Are you guys getting hit pretty hard today? I don't have exact numbers but I
see more activity than
normal.
We've been getting hammered off and on the past three weeks. I've seen a
large increase in dictionary attacks (nah nah nah milter-ahead) and
forms-phishing. Now t
On Fri, 11 Aug 2006, Kenneth Porter wrote:
> --On Wednesday, August 09, 2006 7:33 PM -0700 jdow <[EMAIL PROTECTED]>
> wrote:
>
> > For about a femto-second, perhaps. There is too much YMMV
> > involved with the SARE rule sets to make it practical as
> > an rpm solution.
>
> True, this is the re
Title: RE: breaking out: thinking abt the 'sa-update *VS* rdj' thread ...
> and, the OTHER project in this discussion -- SARE -- leaning
> on your own
> argument, is pointedly NOT undertaking to use/conform to sa's
> 'official' tools & capabilities -- namely, sa-update as a delivery
> mechan
Hi list,
I'm using spamassassin with qmail-rocks + qmai-scanner + clamav and I'm
having >too many< cases with messages classified with SA:0(?/?)
I read the FAQ and there I get this explanation:
>>> Why do some messages get tagged with "SA:0(?/?)" instead of
numbers?.
>>> SpamAssassins "spam
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Chris Santerre wrote, On 8/11/06 11:51 AM:
>> and, the OTHER project in this discussion -- SARE -- leaning
>> on your own
>> argument, is pointedly NOT undertaking to use/conform to sa's
>> 'official' tools & capabilities -- namely, sa-update as
> >>> Nor does it make sense to use a tool, even if supplied
> with SpamAssassin,
> >>> that is broken for performing updates.
> >
> >> what's the "broken" part?
> >
> > Well, this may not qualify as broken, but I would say it's an
> > undesirable behavior that, upon successful download of the new
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
oops.
s/i did not say "SARE is rules"./i did not say "SARE is delivery"./
On 8/11/06 Richard wrote:
> i did not say "SARE is rules".
- --
/"\
\ / ASCII Ribbon Campaign
X against HTML email, vCards
/ \ & micro$oft attachments
[GPG] OpenM
Chris Santerre wrote:
We write rules, not delivery systems. You can print out the rulesets
from our webpage, and retype them into your system if you like. You can
have someone encrypt ROT13, RAR, ZIP, and send you the torrent link. How
you get your rules is your choice.
It looks like SARE r
Chris Santerre wrote:
and, the OTHER project in this discussion -- SARE -- leaning
on your own
argument, is pointedly NOT undertaking to use/conform to sa's
'official' tools & capabilities -- namely, sa-update as a delivery
mechanism.
I don't see how I can make this any clearer
SARE is r
On Thu, Aug 10, 2006 at 06:27:59PM -0400, Theo Van Dinter wrote:
> Gah! I just found that sha1sum.pl is in MANIFEST.SKIP for some reason.
> WTF?
FWIW, I just put build/md5sum.pl and build/sha1sum.pl back in MANIFEST so
they'll be included in the tarball for 3.1.5 and beyond. :)
--
Randomly G
| From: jdow [mailto:[EMAIL PROTECTED]
|
| - Original Message -
| From: "Daryl C. W. O'Shea" <[EMAIL PROTECTED]>
| To:
| Sent: Thursday, August 10, 2006 16:00
| Subject: [ot] Re: HTML-tests good or bad?
|
|
| > jdow wrote:
| >> From: "John Rudd" <[EMAIL PROTECTED]>
| >>>
| >>> On Aug 9,
From: "Kurt Buff" <[EMAIL PROTECTED]>
| From: jdow [mailto:[EMAIL PROTECTED]
|
| - Original Message -
| From: "Daryl C. W. O'Shea" <[EMAIL PROTECTED]>
| To:
| Sent: Thursday, August 10, 2006 16:00
| Subject: [ot] Re: HTML-tests good or bad?
|
|
| > jdow wrote:
| >> From: "John Rudd
From: "Bret Miller" <[EMAIL PROTECTED]>
>>> Nor does it make sense to use a tool, even if supplied
with SpamAssassin,
>>> that is broken for performing updates.
>
>> what's the "broken" part?
>
> Well, this may not qualify as broken, but I would say it's an
> undesirable behavior that, upon
> -Original Message-
> From: jdow [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, August 09, 2006 7:33 PM
> Gary Funck wrote:
> > Has anyone considered also supplying new rules in the
> > form of rpm's available via a yum-compatible repository?
> > It'd be nice to have the usual versioning an
http://www3.2cah.com/spam/sa_slowhtml.txt
I got inundated with messages similar to this today. The average scan
time here for these is 25+ seconds when the box is under _low_ load.
My guess is that it has to do with the number of URLs.
Any thoughts on this?
--
Craig
Just a quick note. I am from Genutrust.com. We do not harvest any
information, nor do we send spam email. If your user was on our list, it is
because she subscribed through one of our partners. It is very easy to
unsubscribe at genutrust.com/trust . It would be impossible to get all the
informatio
> On Aug 10, 2006, at 8:42 PM, jdow wrote:
>
> >I skipped step three.
> >{+_+}This will haunt me forever, right?
Not at all, we're not that kind of people.
Mind you, we have been known to have a _little_ fun now and then,
so if it's not too much trouble, would you please supply -
The name
From: "Bill Horne" <[EMAIL PROTECTED]>
On Aug 10, 2006, at 8:42 PM, jdow wrote:
>I skipped step three.
>{+_+}This will haunt me forever, right?
Not at all, we're not that kind of people.
Mind you, we have been known to have a _little_ fun now and then,
so if it's not too much trouble, w
I see this statement every so often, and frankly, I don't buy it.
If I sign up for a product registration with one of your partners, it
should not be my burden to be sure your partners don't use it for spam
and don't give it to you for spam (and, yes, it's still spam in that
situation). I
74 matches
Mail list logo
