Tim Rosmus wrote:
> I've been running multiple in/out servers using Bayes and the local
> Bayes DB storage on the local machine[s]. Now I am moving Bayes
> to a site wide SQL setup. My question is on the sa-learn backup/
> restore from DB to SQL...
>
> Should I backup/restore all local machine
I've been running multiple in/out servers using Bayes and the local
Bayes DB storage on the local machine[s]. Now I am moving Bayes
to a site wide SQL setup. My question is on the sa-learn backup/
restore from DB to SQL...
Should I backup/restore all local machine Bayes DB's to the central
SQL
FuzzyOCR - visit the wiki plugins page. It helps.
{^_^}
- Original Message -
From: "Robert S" <[EMAIL PROTECTED]>
I have been getting a large number of messages which are not being
blocked by SA. Typically they contain a bitmapped text message with
things like "THIS ONE JUST STARTED
We went through the process of changing from a V2 BDB to a
V3 DBD then -> MySQL.
When running the tests side by side, old system with new we
see some substantial inconsistencies between the bayes scoring…
Any ideas why ? There are obviously fewer tokens now
than before the sync, bu
I have been getting a large number of messages which are not being
blocked by SA. Typically they contain a bitmapped text message with
things like "THIS ONE JUST STARTED TRADING" or "CRITICAL INVESTOR
ALERT FOR ...". Below this there are several paragraphs of
meaningless sentences and there is a
> Steve Thomas wrote:
>
>>/htt(?:p|ps):\/\/.*?\/.*\.com$/i
>>
>
> Why not /https?:\/\/.*?\/.*\.com$/i
Because I always forget that the question mark can be used that way, and
if I can't seem to remember it, nobody else gets to use it! That's why. :)
Nice catch.
Steve "atrophying perl skills" Tho
On Wed, 13 Sep 2006, jdow wrote:
> >> > [http://spamassassin.apache.org/tests_3_1_x.html]
> >>
> >> Those are the only descriptions we have for the rules.
> >
> > A suggestion: one wiki page for each rule where the description is too
> > short to be clear, on which the rule's meaning and rationa
On Wed, 13 Sep 2006, jdow wrote:
> > A suggestion: one wiki page for each rule where the description is too
> > short to be clear, on which the rule's meaning and rationale is
> > explained in whatever level of detail is considered adequate and
> > clear.
>
> Thank you for volunteering to do it,
On 13 Sep 2006 [EMAIL PROTECTED] wrote:
> the other way round - it is very easy to create a php that offers
> an exe for download So jut scoring direct .exe links might
> cause the bad guys to produce "better" download links
True. As I said in an earlier post, scoring on bare executable URIs
Visit Wiki. Look for ClamAVPlugin. To save you some effort:
http://wiki.apache.org/spamassassin/ClamAVPlugin
This uses ClamAV as a scanner for virus laden email.
SpamAssassin NEVER blocks email. You probably can, however, setup a
simple filter for .exe etc in your MDA. You certainly can do it wi
From: "Jonathan Allen" <[EMAIL PROTECTED]>
Theo,
There's nothing broken. The message is informational, not an error. (it means
you don't have the DCC plugin loaded which would define that rule, which is
fine if you're not using DCC...)
Thank you for explaining that. I have been trying to w
From: "John D. Hardin" <[EMAIL PROTECTED]>
On Wed, 13 Sep 2006, Bowie Bailey wrote:
L's wrote:
> I want to know is there any document, that for the rules description
> in a simple words?
>
> Since the description generated by "X-Spam-Report:" is too technical.
>
> Does there any document desc
Steve Thomas wrote:
/htt(?:p|ps):\/\/.*?\/.*\.com$/i
Why not /https?:\/\/.*?\/.*\.com$/i
?
>>
>> Bill Randle wrote:
>> > Amavisd-new will also drop attachments with a configurable list
>> > of file extentions, but the question refered to links to exe's,
>> > not actual exe attachments.
>>
>> Good point -- everyone's primed to think of attachments, it seems.
>>
>> Here's a stab at it:
>> .com will, of course, be a challenge.
>
> /htt[p|ps]:\/\/.*?\/.*\.com$/i
Correction! That should be:
/htt(p|ps):\/\/.*?\/.*\.com$/i
and slightly more efficient (doesn't capture backreference):
/htt(?:p|ps):\/\/.*?\/.*\.com$/i
> .com will, of course, be a challenge.
/htt[p|ps]:\/\/.*?\/.*\.com$/i
On Wed, 13 Sep 2006, [iso-8859-1] F?bio Gomes wrote:
> Is there any way to block messages with links to executables like
> *.exe,
> *.com and *.scr?
I will be adding that to my email security tool this week.
http://www.impsec.org/email-tools/procmail-security.html
--
John Hardin KA7OHZ
SM, and others:
> Both milters are being maintained and are similar in reliability.
> dk-milter is not fading in oblivion as there are more domains signing
> with DomainKeys than DKIM.
Usage of dk-milter may not be fading, but the interest in fixing standing bugs
seems to be lost (contrary to dki
Bill Randle wrote:
Amavisd-new will also drop attachments with a configurable list
of file extentions, but the question refered to links to exe's,
not actual exe attachments.
Good point -- everyone's primed to think of attachments, it seems.
Here's a stab at it: set up a URI rule.
uri E
> At 11:10 AM Wednesday, 9/13/2006, Michel Vaillancourt wrote -=>
>>Fábio Gomes wrote:
>> > Hi list,
>> >
>> > Is there any way to block messages with
>> links to executables like *.exe,
>> > *.com and *.scr?
>> >
>>
>> If you are using Postfix as your MTA, this isn't hard to do at
>
I didn't mean removing EXE attachments, but blocking/high scoring messages
with links to executables in its body.
Is it possible?
BTW, I'm using qmail.
Regards,
Fábio Gomes
Em Quarta 13 Setembro 2006 15:34, Ed Kasky escreveu:
> At 11:10 AM Wednesday, 9/13/2006, Michel Vaillancourt wrote -=>
>
At 11:10 AM Wednesday, 9/13/2006, Michel Vaillancourt wrote -=>
Fábio Gomes wrote:
> Hi list,
>
> Is there any way to block messages with
links to executables like *.exe,
> *.com and *.scr?
>
> Best Regards,
> Fábio Gomes
If you are using Postfix as your MTA, this isn
At 11:09 AM 9/13/2006, you wrote:
Hi list,
Is there any way to block messages with links to
executables like *.exe,
*.com and *.scr?
Not with SpamAssassin, but possibly with whatever MUA you have.
Fábio Gomes wrote:
> Hi list,
>
> Is there any way to block messages with links to executables like
> *.exe,
> *.com and *.scr?
>
> Best Regards,
> Fábio Gomes
If you are using Postfix as your MTA, this isn't hard to do at all.
--
-- Michel Vaillancourt
Hi list,
Is there any way to block messages with links to executables like
*.exe,
*.com and *.scr?
Best Regards,
Fábio Gomes
"You can't always get what you want" - Rolling Stones :-)
Clay
>>> On 9/13/2006 at 12:08 PM, in message
<[EMAIL PROTECTED]>,
benthere-nine <[EMAIL PROTECTED]> wrote:
"I can't complain but sometimes I still do." - Joe
Walsh
No one ever said the Bayes scan would be perfect, but
that's what we w
Theo Van Dinter writes:
> On Wed, Sep 13, 2006 at 09:08:02AM -0700, benthere-nine wrote:
> > No one ever said the Bayes scan would be perfect, but
> > that's what we want.
>
> Patches welcome. ;)
One thing I was thinking of was plugins to supplement Bayes with other
forms of machine learning alg
On Wed, Sep 13, 2006 at 09:08:02AM -0700, benthere-nine wrote:
> No one ever said the Bayes scan would be perfect, but
> that's what we want.
Patches welcome. ;)
--
Randomly Generated Tagline:
"Brevity is the soul of wit..." - Hamlet
pgpMGfSIGkYkA.pgp
Description: PGP signature
"I can't complain but sometimes I still do." - Joe
Walsh
Our SA 3.1.4 server's running great. The Bayes scan
is set to auto-learn and is running fine. According
to sa-learn --dump magic, we have
73352 non-token data: nspam
8453 non-token data: nham
220226 non-token data: ntokens
To my knowl
John D. Hardin wrote:
> On Wed, 13 Sep 2006, Bowie Bailey wrote:
>
> > L's wrote:
> > > I want to know is there any document, that for the rules
> > > description in a simple words?
> > >
> > > Since the description generated by "X-Spam-Report:" is too
> > > technical.
> > >
> > > Does there a
Man, I wish I'd tried asking my question here a LONG time ago. You guys have
been so helpful! Thanks a ton! You rock!
--
View this message in context:
http://www.nabble.com/Rule-help-needed-tf2260084.html#a6287909
Sent from the SpamAssassin - Users forum at Nabble.com.
On Wed, Sep 13, 2006 at 04:14:41PM +0100, Beginner wrote:
> That sounds reasonable. I'll create a file (whitelist.cf) for
> manually whitelisting senders. Am I right in thinking that I will
> need to HUP SA after each edit?
Yes.
> provides. The would also have the same security problem with thi
Thanks for your VERY helpful input. That's exactly the kind of stuff they
don't tend to cover in a general overview of how to write rules, and exactly
the kind of stuff I need to know.
Unfortunately SpamAssassin is pretty hobbled on a Cpanel account on a shared
server. I contacted the help desk t
On Wed, 13 Sep 2006, Bowie Bailey wrote:
> L's wrote:
> > I want to know is there any document, that for the rules description
> > in a simple words?
> >
> > Since the description generated by "X-Spam-Report:" is too technical.
> >
> > Does there any document description easier to read than:
> >
On 13 Sep 2006 at 10:50, Theo Van Dinter wrote:
> If you want something specifically always whitelisted, yes, it needs
> a whitelist_* config somewhere. If user prefs are disabled, it would
> need to be in a site-wide config file, though not necessarily local.cf
> (*.cf is fine).
That sounds rea
L's wrote:
> I want to know is there any document, that for the rules description
> in a simple words?
>
> Since the description generated by "X-Spam-Report:" is too technical.
>
> Does there any document description easier to read than:
> [http://spamassassin.apache.org/tests_3_1_x.html]
Those
On Wed, Sep 13, 2006 at 03:42:12PM +0100, Dermot Paikkos wrote:
> Does that mean the only way to whitelist senders is manually via the
> local.cf as I have disabled user_prefers? If so, what would be the
If you want something specifically always whitelisted, yes, it needs
a whitelist_* config so
On 13 Sep 2006 at 10:21, Matt Kettler wrote:
> Beginner wrote:
> >
> I hope that 3.0.3 version is the one that Debian patched to fix the
> two security holes that exist in the original 3.0.3. (AFAIK Debian did
> backport the fixes, and made a 3.0.3-x release)
>
> See: http://wiki.apache.org/spa
Beginner wrote:
> Hi,
>
> === SyS Stuff
> SpamAssassin version 3.0.3
> running on Perl version 5.8.4
>
> Exim 4.2, on Debian 3.1, sitewide config.
>
I hope that 3.0.3 version is the one that Debian patched to fix the two
security holes that exist in the original 3.0.3. (AFAIK Debian d
Hi,
=== SyS Stuff
SpamAssassin version 3.0.3
running on Perl version 5.8.4
Exim 4.2, on Debian 3.1, sitewide config.
/usr/sbin/spamd --nouser-config --max-children 6 --helper-home-
dir=/var/spool/spamassassin/ --username=nobody -d --
pidfile=/usr/local/run/spamd.pid
=
On Wed, Sep 13, 2006 at 12:44:47PM +0100, Jonathan Allen wrote:
> I'm running 3.1.5 in FC2 and have a broken dependency. Any ideas how to
> fix it ?
>meta test DIGEST_MULTIPLE has undefined dependency 'DCC_CHECK'
There's nothing broken. The message is informational, not an error. (it means
y
Theo,
> There's nothing broken. The message is informational, not an error. (it means
> you don't have the DCC plugin loaded which would define that rule, which is
> fine if you're not using DCC...)
Thank you for explaining that. I have been trying to work out why some
spams made it through SA
Hi All,
I'm running 3.1.5 in FC2 and have a broken dependency. Any ideas how to
fix it ?
meta test DIGEST_MULTIPLE has undefined dependency 'DCC_CHECK'
Jonathan
Might be a corrupted database. Try moving it and start with a clean one. If the lint succeeds it is your bayes db.
-Sietse
From: RamprasadSent: Wed 13-Sep-06 13:25To: spamassassin-usersSubject: spamassassin --lint just hangs
I find that
spamassassin -D --lint sometimes just hangs.
the outp
I find that
spamassassin -D --lint sometimes just hangs.
the output goes
.
..
[28316] dbg: bayes: tie-ing to DB file
R/W /var/spool/MailScanner/spamassassin/bayes_toks
[28316] dbg: bayes: tie-ing to DB file
R/W /var/spool/MailScanner/spamassassin/bayes_seen
[28316] dbg: bayes: found
> -Original Message-
> From: Tim Litwiller [mailto:[EMAIL PROTECTED] On Behalf Of
> Tim Litwiller
> Sent: Tuesday, September 12, 2006 11:38 PM
> To: SpamAssassin Users List
> Subject: Re: Anyone get the Sa coach outlook plugin to work?
>
>
> on a related note: How do you make spamd list
AFAIK it's currently residing at http://zmi.at/x/70_zmi_german.cf
- Jeremy
<[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> what is the current home of the ZMI (german) ruleset?
>
> Wolfgang Hamann
I want to know is there any document, that for the rules description in a
simple words?
Since the description generated by "X-Spam-Report:" is too technical.
Does there any document description easier to read than:
[http://spamassassin.apache.org/tests_3_1_x.html]
--
View this message in conte
48 matches
Mail list logo