hi
i new here..
can anyone know after i adding new domain for whitelist, how can i me it
active immediately with out stop and start the service.
because when restart , some spam mail already pass throught...
what is the differet betweent service spamassassin restart and service
It looks like DNS is a few versions behind, alas. What I'd love to see
is an RSS feed listing the latest sa-update releases. Or at least an
update version history somehwere easy to find in the SA web pages.
Cheers,
Phil
--
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK
On Thu, 9 Nov 2006 18:43:12 +0800, [EMAIL PROTECTED] wrote:
hi
i new here..
can anyone know after i adding new domain for whitelist, how can i me it
active immediately with out stop and start the service.
because when restart , some spam mail already pass throught...
what is the differet
Am 09.11.2006 um 02:10 schrieb Daryl C. W. O'Shea:
Charlie Clark wrote:
Looks like I'm on top of the resources problem but I am getting
421 delivery errors even though the e-mails are coming through.
This looks very similar to bug 3828 (which is Spamassassin +
Exim). Except this bug
Giampaolo Tomassoni [EMAIL PROTECTED] writes:
From: Rose, Bobby [mailto:[EMAIL PROTECTED]
The last time I checked, the most common reason for spamcop lists is due to
messages being sent
to their spam traps.
Which means they registered to the list: this list mandates a double opt-in
to
Rick Macdougall wrote:
Anders Norrbring wrote:
I have a slight problem.. I thought I'd finally start using sa-learn
to train the Bayes, the catch is that I have Cyrus and its mailboxes
on another server.. I transport the mail via LMTP to Cyrus.
So, is there a smooth way to use sa-learn on
Federico Giannici skrev:
Rick Macdougall wrote:
Anders Norrbring wrote:
I have a slight problem.. I thought I'd finally start using
sa-learn to train the Bayes, the catch is that I have Cyrus and its
mailboxes on another server.. I transport the mail via LMTP to Cyrus.
So, is there a smooth
On Thu, 09 Nov 2006 12:36:08 +0100, Federico Giannici
[EMAIL PROTECTED] wrote:
Rick Macdougall wrote:
Anders Norrbring wrote:
I have a slight problem.. I thought I'd finally start using sa-learn
to train the Bayes, the catch is that I have Cyrus and its mailboxes
on another server.. I
Chris Santerre wrote:
This isn't the best idea for a large ISP, but for companies I see no
problem
rejecting on RBLs when you have a trained administrator.
I agree! Not that I use spamcop as a blacklist, maybe it's better now but
I've seen them blocking mailservers from aol, hotmail and
Blocking mail base soley on the IP address (whether because it is a dynamic address or has at some time in the past sent a mail to a spamtrap) is akin to shooting the postman because yesterday you received an advertisement.
You obviously don't handle a lot of mail volume. If I had to scan every
* On 08/11/06 19:15 -0500, Jean-Paul Natola wrote:
| Hi everyone,
|
| I've tried on apache and SARE and bsd sites to find the documentation on
| installing sa-stats , I have found the the actual sa-stats.pl but I dont
| know how to go about installing it on BSD any guidance would be
D.J. wrote:
Blocking mail base soley on the IP address (whether because it is a
dynamic address or has at some time in the past sent a mail to a
spamtrap) is akin to shooting the postman because yesterday you
received an advertisement.
You obviously don't handle a lot of mail
Kenneth Porter writes:
--On Friday, November 03, 2006 5:43 PM + Justin Mason [EMAIL PROTECTED]
wrote:
there's a rule that matches them in 3.1.x sa-update, fwiw.
I don't see it either. What's the name of the rule?
for what it's worth, it's 'RCVD_FORGED_WROTE'.
Dates on files in
As someone has probably already pointed out... admins use these
lists because they trust their accuracy. If they receive too
many complaints (as we did with a particular DNSBL) you stop
blocking on that list and move to only scoring.
No, you move on to greylisting based on the less
Jim Maul wrote:
I think pretty much everyone understand WHY people use these BLs. This
is not the point. The point is, its not a very good solution.
Why I have to use RBL's at the MTA level is because many providers still
allow direct SMTP.
So all the botnets can send their garbage
-Original Message-
From: Odhiambo WASHINGTON [mailto:[EMAIL PROTECTED]
Sent: Thursday, November 09, 2006 9:30 AM
To: Jean-Paul Natola
Cc: users@spamassassin.apache.org
Subject: Re: SA-STATS on BSD
* On 08/11/06 19:15 -0500, Jean-Paul Natola wrote:
| Hi everyone,
|
| I've tried on
Anyone? Any Clue?
Thanks
itdelany wrote:
Hi :)
My setup is Postfix-SpamAssassin-Amavis. I noticed this behavior:
If i receive spam messages to unknown users at my site, for example:
[EMAIL PROTECTED] - Mail is sent to quarantine
if I send a regular email to [EMAIL PROTECTED] i
hello,
Sometimes, I get the following errors :
[2006-11-09 17:42:54] Unexpected error in pipe to external programs.
Please check that all helper programs are
installed and in the correct path.
(Pipe Command /usr/bin/giftopnm -, Pipe exit
code 139
itdelany wrote:
Anyone? Any Clue?
...
Is the content filter happening before postfix MTA can check if the
recipient exists ?
You're asking in the wrong place. SpamAssassin doesn't determine when
it's run. Amavis makes that decision. And Postfix determines when
Amavis runs.
The Amavis
Charlie Clark wrote:
Am 09.11.2006 um 02:10 schrieb Daryl C. W. O'Shea:
Charlie Clark wrote:
Looks like I'm on top of the resources problem but I am getting 421
delivery errors even though the e-mails are coming through. This
looks very similar to bug 3828 (which is Spamassassin + Exim).
On Thu, Nov 09, 2006 at 01:22:12PM -0500, Daryl C. W. O'Shea wrote:
Theo, what's the procedure to push out 3.1.x updates?
I posted this a while ago:
http://wiki.apache.org/spamassassin/ManualRuleUpdates
It's even linked in from the Development Information link. :)
Theo Van Dinter wrote:
On Thu, Nov 09, 2006 at 01:22:12PM -0500, Daryl C. W. O'Shea wrote:
Theo, what's the procedure to push out 3.1.x updates?
I posted this a while ago:
http://wiki.apache.org/spamassassin/ManualRuleUpdates
It's even linked in from the Development Information link. :)
I have a lot of those af well, but compared to the amount of hits I have on
FUZZY_OCR it's nothing.
There is a new release of FuzzyOcr today - I will be taking a look at that
very soon... maybe you should too? :)
- Nicolai
-Original Message-
From: Pascal Maes [mailto:[EMAIL PROTECTED]
Am 09.11.2006 um 19:27 schrieb Daryl C. W. O'Shea:
If your one and only child is busy doing an expire it can't scan
messages too.
ah, so I could increase the number of children running to do this?
The strange thing is these errors never occurred before last
week and having just
Daryl C. W. O'Shea writes:
Theo Van Dinter wrote:
On Thu, Nov 09, 2006 at 01:22:12PM -0500, Daryl C. W. O'Shea wrote:
Theo, what's the procedure to push out 3.1.x updates?
I posted this a while ago:
http://wiki.apache.org/spamassassin/ManualRuleUpdates
It's even linked in from
K Anand wrote:
Also, with that much mail coming in at the same time, there could be
contention for bayes locks. You might try adding
bayes_learn_to_journal 1 to your local.cf, and see if that helps. This
will cause learning to be done into a journal file which periodically
gets merged into
my system had a high cpu load with spamassassin with network tests , dcc
+ razor and fuzzy_ocr
because off this, we are considering disable razor or dcc from tests...
but we have doubt about which is better: disable razor or dcc?
any recomendations??
On Mon, 2006-11-06 at 23:55 -0800, Derek Harding wrote:
Anyone dumb enough to block outright on the spamcop BL deserves whatever
they don't get.
Sorry for the delay. I need to apologise for the short temperedness of
my response. I should have tempered my response and been more helpful.
My
Charlie Clark wrote:
Am 09.11.2006 um 19:27 schrieb Daryl C. W. O'Shea:
If your one and only child is busy doing an expire it can't scan
messages too.
ah, so I could increase the number of children running to do this?
You could, running at least 2 children if you've got the resources to
Rejaine Monteiro wrote:
my system had a high cpu load with spamassassin with network tests ,
dcc + razor and fuzzy_ocr
because off this, we are considering disable razor or dcc from
tests...
but we have doubt about which is better: disable razor or dcc?
any recomendations??
If the
Am 09.11.2006 um 20:35 schrieb Daryl C. W. O'Shea:
Charlie Clark wrote:
Am 09.11.2006 um 19:27 schrieb Daryl C. W. O'Shea:
If your one and only child is busy doing an expire it can't scan
messages too.
ah, so I could increase the number of children running to do this?
You could,
my system had a high cpu load with spamassassin with network tests , dcc
+ razor and fuzzy_ocr
because off this, we are considering disable razor or dcc from tests...
but we have doubt about which is better: disable razor or dcc?
Isn't it better to disable fuzzy, instead?
Razor and DCC
We had that problem in the past until we started using the access list in
sendmail to filter out servers that were just hitting us with spam all the
time. I still go through our logs daily and add to it as needed. The
reduction in load on the server was very dramatic. Since our server is a
I was getting a lot of those too until I installed the libungif-tools
RPM (RedHat 9 and RedHat EL 3)
-Original Message-
From: Pascal Maes [mailto:[EMAIL PROTECTED]
Sent: 9. november 2006 18:32
To: users@spamassassin.apache.org
Subject: FuzzyOcr : pipe errors
hello,
Sometimes, I get
i just upgraded spamassassin 3.1.0 to 3.1.7 ( Rh9 ) and seem to be
getting an extra line-break in the Content-Type header.
outlook apparently sees the semi-colon as a LF and doesn't render
the email correctly. evolution sees it as a semi colon and every-
thing works fine.
always in the
Mark Merchant wrote:
i just upgraded spamassassin 3.1.0 to 3.1.7 ( Rh9 ) and seem to be
getting an extra line-break in the Content-Type header.
outlook apparently sees the semi-colon as a LF and doesn't render
the email correctly. evolution sees it as a semi colon and every-
thing works fine.
On Thu, Nov 09, 2006 at 02:57:23PM -0500, Jason Little wrote:
We had that problem in the past until we started using the access list in
sendmail to filter out servers that were just hitting us with spam all the
time. I still go through our logs daily and add to it as needed. The
reduction
I hope I don't get bashed as it seems like this should be common knowledge,
but with the significant increase in spam I need to PROVE to management that
SA is still doing a good job- (and that I'm doing mine)
I see that spamstats as well as sa-stats both read/process/parse/examine
only maillog
Hello,
Why BAYES_99 have only the score 3.5 while 5.0 is required to
identify a mail
as spam? I think this rule should have a score about 5.1 (or
anything greater
than 5.0).
Because it's baye_99 not bayes_100.
ie: it's not 100% accurate.
FWIW, I increased my bayes 95 and 99 rules
Steve Ingraham wrote:
I have already decreased the Bayes_50_Body rule from 5.0 to 2.5. I
don't want to decrease the scores with every Bayes rule because I think
I will start seeing some true spam delivered because it did not score
high.
Any ideas?
Don't screw with the bayes scoring that
On Thursday 09 November 2006 22:14, Steve Ingraham took the opportunity to
say:
Ok, I have a question on these Bayes rules related to false positives.
It appears that many of my users are having legitimate emails scored in
the 8 to 9 range. These emails are scoring high basically because
On Thursday 09 November 2006 22:14, Steve Ingraham took the opportunity
to
say:
Ok, I have a question on these Bayes rules related to false positives.
It appears that many of my users are having legitimate emails scored
in
the 8 to 9 range. These emails are scoring high basically because
On Thu, 9 Nov 2006, Daryl C. W. O'Shea wrote:
Steve Ingraham wrote:
I have already decreased the Bayes_50_Body rule from 5.0 to 2.5. I
don't want to decrease the scores with every Bayes rule because I think
I will start seeing some true spam delivered because it did not score
high.
Any
Jean-Paul Natola wrote:
I hope I don't get bashed as it seems like this should be common knowledge,
but with the significant increase in spam I need to PROVE to management that
SA is still doing a good job- (and that I'm doing mine)
Turn it off for an hour? g
If you divert spam on a
Hi All,
First off, running SpamAssassin version 3.1.3 (backports.org), running
on Perl version 5.8.4 thru amavisd-new-2.4 on debian sarge.
I have two directories where there are SA rulesets:
/usr/share/spamassassin/
/var/lib/spamassassin/3.001003/updates_spamassassin_org/
These contain files
On Fri, Nov 10, 2006 at 11:31:05AM +1300, Simon wrote:
- How do i confirm that SA is using the rulesets from sa-update?
spamassassin --lint -D
- If i want to put in some custom ones... where is the best to do this?
/etc/mail/spamassassin
- Do i put any custom stuff in one file and get it to
Steve Ingraham wrote:
I have already decreased the Bayes_50_Body rule from 5.0 to 2.5. I
don't want to decrease the scores with every Bayes rule because I
think
I will start seeing some true spam delivered because it did not score
high.
Any ideas?
Daryl wrote:
Don't screw with the bayes
On 11/10/06, Theo Van Dinter [EMAIL PROTECTED] wrote:
On Fri, Nov 10, 2006 at 11:31:05AM +1300, Simon wrote:
- How do i confirm that SA is using the rulesets from sa-update?
spamassassin --lint -D
- If i want to put in some custom ones... where is the best to do this?
/etc/mail/spamassassin
I know some of you out there use Postfix and I have a quick question
that is a little off topic so I will apologize in advance and beg
forgiveness.
I was just wondering how in Postfix that someone could add a header
indicating the IP address of the connecting host. I'm asking for someone
I'm
Jean-Paul Natola
Network Administrator
Information Technology
Family Care International
588 Broadway Suite 503
New York, NY 10012
Phone:212-941-5300 xt 36
Fax: 212-941-5563
Mailto: [EMAIL PROTECTED]
From: Kris Deugau [mailto:[EMAIL PROTECTED]
On Thu, 9 Nov 2006, Chris wrote:
Does anyone besides myself report phishing to them? Off and on for
the past four or five months reports to them bounce back, some
with odd reasons, such as the below:
A message that you sent could not be delivered to one or more of its
recipients. This is a
On Thursday 09 November 2006 7:51 pm, John D. Hardin wrote:
On Thu, 9 Nov 2006, Chris wrote:
Does anyone besides myself report phishing to them? Off and on for
the past four or five months reports to them bounce back, some
with odd reasons, such as the below:
This one has me pretty
Dear all,
We will use Mozilla mail/Junk box to training the spamassassin daily, but
found that when fetch some mis-ham-ed emails to retrain spamassasin (useing
---forget ), spamassassin will show 0 messages learned (from N messages). Is
it meaned that the spamassassin can't find related email
On Thu, 9 Nov 2006, Pascal Maes wrote:
hello,
Sometimes, I get the following errors :
[2006-11-09 17:42:54] Unexpected error in pipe to external programs.
Please check that all helper programs are
installed and in the correct path.
(Pipe
- Original Message -
From: Matt Kettler [EMAIL PROTECTED]
Also, with that much mail coming in at the same time, there could be
contention for bayes locks. You might try adding
bayes_learn_to_journal 1 to your local.cf, and see if that helps. This
will cause learning to be done into
On Fri, Nov 10, 2006 at 12:21:12PM +1300, Simon wrote:
You can put it in any files you want. /etc/mail/spamassassin/*.cf is read
last.
Cool - so to build a custom rule to block emails with a subject:
It's Johnny :)
[...]
I create a file /etc/mail/spamassassin/custom_sa_rules
On 11/10/06, Theo Van Dinter [EMAIL PROTECTED] wrote:
On Fri, Nov 10, 2006 at 12:21:12PM +1300, Simon wrote:
You can put it in any files you want. /etc/mail/spamassassin/*.cf is read
last.
Cool - so to build a custom rule to block emails with a subject:
It's Johnny :)
[...]
I create a
At 07:05 PM 11/8/2006 -0800, Kenneth Porter wrote:
My manufacturing company is very picky about accepting physical inputs
from vendors. We should be equally picky about what we accept from them in
email.
Oh, I'll fully agree with that. The problem isn't doing it the
right way. The
On 11/9/06, Jim Maul [EMAIL PROTECTED] wrote:
I think pretty much everyone understand WHY people use these BLs.Thisis not the point.The point is, its not a very good solution.Is it even a solution? I guess that depends o nwhat the problem is. If the problem is the volume of mail passing through
Judging from the replies on this list, it's a good idea to run
sa-update about once a week. But I don'tk now how. I looked at the man
file, but that doesn't tell me what options I need for a standard
update. Can anyone help me?
Steven Lake
Owner/Technical Writer
Raiden's Realm
Kelson kelson at speed.net writes:
Henry Kwan wrote:
Is there a way to conditionally whitelist with SPF? That is, I want all
addresses from a certain domain to be whitelisted only if it passes SPF.
whitelist_from_spf does exactly what you need.
I believe there's one for DomainKeys
On Friday, November 3, 2006, 10:45:42 AM, PĂ©ntek Imre wrote:
Jim Maul wrote:
Are you using network tests, razor, surbl, add on rules from sare, etc?
I can just guess, as I don't know how to get to be sure.
I can find several spams marked with:
RCVD_IN_BL_SPAMCOP_NET
UNPARSEABLE_RELAY
I get this warning:
plugin: failed to create instance of plugin
Mail::SpamAssassin::Plugin::RelayChecker: Can't locate object method
new via package Mail::SpamAssassin::Plugin::RelayChecker at (eval
26) line 1.
(This is my own build of SA 3.1.7 on Max OS X Server 10.4 ppc)
It seems to
63 matches
Mail list logo
