Until recently, I had the spamassassin launched for every email received via
a VB program that did a CreateProcess to which I passed the a command like
spamassassin.bat < infile > outfile.
Since several days, the CreateProcess is executed and the command syntax has
not changed but it looks like t
On Thu, Dec 21, 2006 at 06:09:23PM -0700, Kelly Jones wrote:
> Many people write test rules w/ small negative scores like this:
> header SUBJ_FOO_BAR_TEST Subject =~ /foo.*bar/
Really? Why would you write a rule like that?
> header SUBJ_FOO_BAR_TEST Subject =~ /foo(.*)bar/
> will the parentheses
san wrote:
> Hi,
>
> Is there any rule to stop mails which has .Gif attachment in SA 2.64.
>
Generally speaking, not much.
If anything, you can try the SARE stocks ruleset, but I'm not sure if
that ruleset supports such an old version of spamassassin.
http://www.rulesemporium.com/rules/70_sar
On Thu, 21 Dec 2006, John Rudd wrote:
> > 1) BOTNET_SOHO -- If the sender's (chosen from Envelope-From,
> > Return-Path, or From, in that order) mail domain (the part after the @
> > sign) resolves back to the relay's IP address, or has an MX host which
> > resolves back to the IP address, AND t
Many people write test rules w/ small negative scores like this:
header SUBJ_FOO_BAR_TEST Subject =~ /foo.*bar/
describe SUBJ_FOO_BAR_TEST Subject contains both "foo" and "bar" in that order
score SUBJ_FOO_BAR_TEST -0.001
The logs will then show when SUBJ_FOO_BAR_TEST is hit.
I want to go one s
> it turns out that there was a hidden file in the same
> directory as my "local.cf" named,
>
> "._local.cf"
>
> filled with garbage, which the --lint was loading/reading.
>
> deleting it makes the --lint failure go away.
This looks like the type of hidden files Apple computers leave
Vivek Khera wrote:
> On Dec 21, 2006, at 2:56 PM, Chris Santerre wrote:
> > How about you just post the section that it FP'd on. Then we can
> > all enjoy the party.
>
> Not sure which section it is, but here's the whole shebang.
Oddly enough, it seems to match on the word "ALUMNI".
--
Bowie
On Monday 18 December 2006 09:41, Halid Faith wrote:
> I see a messages as below in Fuzzyocr.log.
> Image is single non-interlaced
Since nobody else has answered yet:
> What does it mean?
I don't really know, but IMHO it *should* mean that an image consisted of a
single non-interlaced block (as
On Dec 21, 2006, at 2:56 PM, Chris Santerre wrote:
How about you just post the section that it FP'd on. Then we can
all enjoy the party.
Not sure which section it is, but here's the whole shebang.
--cut here--
Return-Path: <[EMAIL PROTECTED]>
Received: from fp01.4rsg.net (fp01.4rsg.net [206.
> [7718] warn: config: failed to parse line, skipping: _ _2_ _R_TEXT_
No idea what that's about. The underscores could be other random/non-print
chars btw.
it turns out that there was a hidden file in the same directory as my
"local.cf" named,
"._local.cf"
filled with garbage,
> -Original Message-
> From: Vivek Khera [mailto:[EMAIL PROTECTED]
> Sent: Thursday, December 21, 2006 2:11 PM
> To: SpamAssassin Users
> Subject: FP on SARE_MLB_Stock6 rule from 70_sare_stocks.cf
>
>
> I just got an email from my alma mater that triggered
> SARE_MLB_Stock6
> rule, s
I just got an email from my alma mater that triggered SARE_MLB_Stock6
rule, so I went to see why... The comments in the file indicate it
matches 0 ham in all tested collections. Is there someone to whom I
can send this message (it is not private) to see if the rule can be
tightened?
Tony Guadagno wrote:
> I see, yes, I am calling SA directly, no Amavis etc involved..
>
>
> > > > Bowie Bailey <[EMAIL PROTECTED]> 12/21/2006 9:37 am >>>
> Tony Guadagno wrote:
> > I guess i don't understand, you say that "Rewriting the subject is
> > ultimately the responsibility of the MTA.", b
Am Donnerstag, 21. Dezember 2006 19:28 schrieb san:
> Hi,
>
> Is there any rule to stop mails which has .Gif attachment in SA 2.64.
Yes, upgrade to 3.1.7.
bye,
MH
--
Die unaufgeforderte Zusendung einer Werbemail an Privatleute verstößt gegen §1
UWG und 823 I BGB (Beschluß des LG Berlin
Hi,
Is there any rule to stop mails which has .Gif attachment in SA 2.64.
--
View this message in context:
http://www.nabble.com/Gif-Spam-tf2866950.html#a8012562
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
On Thu, Dec 21, 2006 at 11:50:02AM -0500, Jean-Paul Natola wrote:
> >trying to access the calling user's home directory, so you need to set
> >things
> >like bayes_path and auto_whitelist_path when running in a site-wide
config.
>
> So now where do I make these adjustments, is the local.cf ?
Ye
On Thu, Dec 21, 2006 at 08:46:24AM -0800, snowcrash+spamassassin wrote:
> [7718] dbg: plugin: fixed relative path:
> /etc/mail/spamassassin/updates/3.001008/updates_spamassassin_org/80_additional.cf
/etc/mail/spamassassin/updates ?
> [7718] warn: config: failed to parse line, skipping
On Thu, Dec 21, 2006 at 11:50:02AM -0500, Jean-Paul Natola wrote:
> >trying to access the calling user's home directory, so you need to set
> >things
> >like bayes_path and auto_whitelist_path when running in a site-wide config.
>
> So now where do I make these adjustments, is the local.cf ?
Yes
Jose Javier Sianes Ruiz wrote:
> Now I’m studding the possibility to build a very large Bayesian database.
> Due to a huge amount of user I got (over 100,000 and possibly doubled next
> year, with 8MB of Bayesian information each one on theirs Maildirs), I have
> discarded use MySQL or PostgreSQL,
On Thu, Dec 21, 2006 at 10:26:16AM -0500, Jean-Paul Natola wrote:
> No I have not modified the AWL path- actually that's where I'm really
> confused
>
> I see that spamd's home dire is
> spamd:*:58:58:SpamAssassin user:/var/spool/spamd:/sbin/nologin
>
> is that what I need to change?
>No, that
i have installed,
> spamassassin --version
SpamAssassin version 3.1.8-r454679
running on Perl version 5.8.8
after a recent sa-update, --lint returns,
[7718] dbg: plugin: fixed relative path:
/etc/mail/spamassassin/updates/3.001008/updates_spamas
Erik Dasque wrote:
Once installed, how do I know it's working ?
If you take a message that came from a host with no reverse DNS, bad DNS
(if you're using sendmail, and it said "[may be forged]" in the received
header), or a machine that has any other "botnet like characteristics",
then you c
Now Im studding the possibility to build a very large Bayesian database.
Due to a huge amount of user I got (over 100,000 and possibly doubled next
year, with 8MB of Bayesian information each one on theirs Maildirs), I have
discarded use MySQL or PostgreSQL, my only choice now is Oracle. Is it eas
Botnet.pm had a small problem in it (I rewrote the IPINHOSTNAME check,
and forgot one of the 4 stanzas, so some hosts may have gotten past it).
I've put up a new version of the tar file with the problem fixed.
Since there weren't any other problems, I'm not incrementing the version
number or
Hi
> Yes, it is, probably. At least with a plugin. But you'd have to define
> "recipient"... Envelope recipient, To/Cc/etc? If the latter, what's wrong
> with those headers? If the former, it'd probably be better to have the MTA
> do it when passing to the MDA. Otherwise SpamAssassin would hav
On Thu, Dec 21, 2006 at 10:26:16AM -0500, Jean-Paul Natola wrote:
> No I have not modified the AWL path- actually that's where I'm really
> confused
>
> I see that spamd's home dire is
> spamd:*:58:58:SpamAssassin user:/var/spool/spamd:/sbin/nologin
>
> is that what I need to change?
No, that's
On Thu, Dec 21, 2006 at 08:01:32AM +0100, Sebastian Ries wrote:
> Does noone know if it is possible to add the recipient to a custom header?
Yes, it is, probably. At least with a plugin. But you'd have to define
"recipient"...
Envelope recipient, To/Cc/etc? If the latter, what's wrong with tho
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
pinoyskull wrote:
> decoder wrote:
>
> pinoyskull wrote:
I've been using fuzzyocr plugin for some time now and I think
I noticed is its high cpu/memory usage resulting on delayed
delivery of mails. The server is serving 2000+ clients.
>
Once installed, how do I know it's working ? Also, what's the perl
file for ? I only copied the pm & cf files to the sa plugin directory.
Erik
On Dec 21, 2006, at 8:07 AM, John Rudd wrote:
Tim B. wrote:
John Rudd wrote:
out of curiosity, which release branches of SA is supported with
On Wed, Dec 20, 2006 at 04:32:41PM -0500, Jean-Paul Natola wrote:
> I'm noticing a lot of entries in my maillog regarding a non-existent
> directory
It means that some user calling spamd has a homedir set to /nonexistant.
> I do not have per-user config- and spamd runs as root-
So you're runni
I see, yes, I am calling SA directly, no Amavis etc involved..
***
Tony Guadagno
Guadagno Consulting
[EMAIL PROTECTED]
585.703.6700
***
>>> Bowie Bailey <[EMAIL PROTECTED]> 12/21/2006 9:37 am >>>
Tony Guadagno
Sander Holthaus wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
pinoyskull wrote:
I've been using fuzzyocr plugin for some time now and I think I
noticed is its high cpu/memory usage resulting on delayed delivery
of mails. The server is serving 2000+ clients.
The server is a P4 2.6Ghz
decoder wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
pinoyskull wrote:
I've been using fuzzyocr plugin for some time now and I think I
noticed is its high cpu/memory usage resulting on delayed delivery
of mails. The server is serving 2000+ clients.
The server is a P4 2.6Ghz, 1GB memor
On Wednesday, December 20, 2006, 5:44:09 AM, Dhaval Patel wrote:
> Hello all, I have been using spamassassin for quite some time and just
> recently I have
> seen some false positives. Looking at the content analysis I see that it is
> the
> URIBL*SURBL rules that is throwing it over the edge. Wh
Tony Guadagno wrote:
> I guess i don't understand, you say that "Rewriting the subject is
> ultimately the responsibility of the MTA.", but SA has this option,
> so that means that it is SA's responsibility...right?
It depends on how you call it. If you call SA directly, then yes, it does
the m
Tim B. wrote:
John Rudd wrote:
out of curiosity, which release branches of SA is supported with this
plugin? the 3.1.x & 3.0.x or just the 3.1.x?
I've only tried it on 3.1.7.
John Rudd wrote:
New things:
1) BOTNET_SOHO -- If the sender's (chosen from Envelope-From,
Return-Path, or From, in that order) mail domain (the part after the @
sign) resolves back to the relay's IP address, or has an MX host which
resolves back to the IP address, AND the sender's mail dom
Botnet 0.7 is up and available.
http://people.ucsc.edu/~jrudd/spamassassin/Botnet-0.7.tar
Botnet is a SpamAssassin plugin which attempts to identify hosts which
are likely to be spambot/virusbot hosts, using various DNS fingerprints
of the submitting relay.
New things in 0.7:
1) BOTNET
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
pinoyskull wrote:
> I've been using fuzzyocr plugin for some time now and I think I
> noticed is its high cpu/memory usage resulting on delayed delivery
> of mails. The server is serving 2000+ clients.
>
> The server is a P4 2.6Ghz, 1GB memory running
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Nigel Frankcom wrote:
> On Thu, 21 Dec 2006 11:16:43 +0100, Emmanuel Lesouef
> <[EMAIL PROTECTED]> wrote:
>>
>> reject_rbl_client sbl-xbl.spamhaus.org,
>> reject_rbl_client list.dsbl.org,
>> reject_rbl_client rbl-plus.mail-abuse.org,
>> reject_rbl_cl
On Thu, 21 Dec 2006 11:16:43 +0100, Emmanuel Lesouef
<[EMAIL PROTECTED]> wrote:
>Thanks Ian, I didn't know rbl-plus.mail-abuse.ja.net. I therefore added
>rbl-plus.mail-abuse.org as I'm outside of Janet.
>
>This gives me for my postfix based installlation :
>
>reject_rbl_client sbl-xbl.spamhaus.org
Thanks Ian, I didn't know rbl-plus.mail-abuse.ja.net. I therefore added
rbl-plus.mail-abuse.org as I'm outside of Janet.
This gives me for my postfix based installlation :
reject_rbl_client sbl-xbl.spamhaus.org,
reject_rbl_client list.dsbl.org,
reject_rbl_client rbl-plus.mail-abuse.org,
reject_rb
Theo Van Dinter wrote:
You can override this stuff in local.cf, but for things like SBL+XBL->ZEN, we
keep up with that in the normal updates (sa-update), fyi.
Theo,
just what i wanted to know, thank you.
/ Martin
I've been using fuzzyocr plugin for some time now and I think I noticed
is its high cpu/memory usage resulting on delayed delivery of mails. The
server is serving 2000+ clients.
The server is a P4 2.6Ghz, 1GB memory running on FreeBSD 6.0. Should i
upgrade the memory to 2GB or 4GB? Will it fix
Sietse,
my spamassassin classifies your mail as spam. Maybe that holds for others too.
This are the reasons:
X-Spam-Flag: YES
X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on alzental-castle.de
X-Spam-Level: *
X-Spam-Status: Yes, score=5.3 required=5.2 tests=AWL,BAYES_50,
45 matches
Mail list logo