Bret Miller wrote:
I need to look at setting up a custom rule based on a SPF
result. If mail is sent from domain xyz.com and the SPF
record matches, let it pass as per normal. If on the other
hand the SPF record fails for xyz.com, add +5 to the score.
This has to happen ONLY for
is there any way check mx record as from ip adress and compare it sender ip
address ? so spamassassin can decide its spam ??
-
Ahhh...imagining that irresistible new car smell?
Check outnew cars at Yahoo! Autos.
We should have an out going spam filter functional by July 2007
www.think-antispam.com
hamann.w wrote:
Ian Eiloart wrote
--On 26 December 2006 05:53:12 + Monty Ree [EMAIL PROTECTED]
wrote:
Hello, list.
I have used well SA with procmail well against incoming mail.
But there
Gokhan ALKAN wrote:
is there any way check mx record as from ip adress and compare it sender
ip address ? so spamassassin can decide its spam ??
Why would you want SpamAssassin to consider mail that didn't come from a
server listed in a domain's MX record as spam?
Daryl
Thanks for the info Bret. What I've come up with is this:
header _FROM_DOMAIN From ~= /example\.com/i
header _SPF_TRUE /\bSPF_FAIL\b/
meta DOMAIN_SPF_TRUE (_FROM_DOMAIN_SPF_TRUE)
score DOMAIN_SPF_TRUE 10.0
Will this work?
Kinda, with few changes:
header
I have received some mails that from domain and return-path domain is
different and from domain is in whitelist nowadays. So spamassassin decide
mail that is ham . because of user_in_whilist rule.
can i block this spam that check mx records as from domain and compare sender
ip address ?
Loren Wilton wrote:
Thanks for the info Bret. What I've come up with is this:
header _FROM_DOMAIN From ~= /example\.com/i
header _SPF_TRUE /\bSPF_FAIL\b/
meta DOMAIN_SPF_TRUE (_FROM_DOMAIN_SPF_TRUE)
score DOMAIN_SPF_TRUE 10.0
Will this work?
Kinda, with few changes:
Hi all,
Anyone know if you can get Spamassassin to block and/or
delete emails from certain countries if you are on
shared hosting please ?
Any help very much appreciated.
Chris.
On 4/17/07, Derek Harding [EMAIL PROTECTED] wrote:
On Tue, 2007-04-17 at 16:52 +0530, BG Mahesh wrote:
hi
I want to pass the comments/text entered by users on a form to
SpamAssassin for approval. If it approves it only then I want to
accept the text, else I want to inform the user that
Chris wrote:
Hi all,
Anyone know if you can get Spamassassin to block and/or
delete emails from certain countries if you are on
shared hosting please ?
Any help very much appreciated.
Chris.
Just add a custom rule for matching the desired countries and use
procmail to deliver it to
On Wed, May 9, 2007 09:36, BG Mahesh wrote:
We have tested this on http://cause.greynium.com/spamtest.php
We have constructed a Mail header, concatenating $message to $header and
passing the contents of $header to the code given above.
We have installed the script from rulesemporium to
On Wed, May 9, 2007 09:57, Ruben Cardenal wrote:
Chris wrote:
Hi all,
Anyone know if you can get Spamassassin to block and/or
delete emails from certain countries if you are on shared hosting please
?
Any help very much appreciated.
Chris.
Just add a custom rule for matching the
On 5/9/07, Duncan Hill [EMAIL PROTECTED] wrote:
On Wed, May 9, 2007 09:36, BG Mahesh wrote:
We have tested this on http://cause.greynium.com/spamtest.php
We have constructed a Mail header, concatenating $message to $header and
passing the contents of $header to the code given above.
We
I have received some mails that from domain and return-path domain is
different and from domain is in whitelist nowadays. So spamassassin
decide mail that is ham . because of user_in_whilist rule.
Instead of whitelist_from you should use whitelist_from_rcvd, eg to
whitelist mails from me,
To ensure all is working okay, why not take a existing SPAM message and
construct the $message from that and test ?
On Wed, 9 May 2007 14:40:52 +0530, BG Mahesh [EMAIL PROTECTED] wrote:
On 5/9/07, Duncan Hill [EMAIL PROTECTED] wrote:
On Wed, May 9, 2007 09:36, BG Mahesh wrote:
We have
I ran your first sample through SA here and got the following score :-
X-Spam-Status: Yes, score=6.5 required=5.0 tests=BAYES_50,FRT_PENIS1,
HTML_MESSAGE,HTML_MIME_NO_HTML_TAG,MIME_HTML_ONLY,MISSING_DATE,MISSING_HB_SEP,
MISSING_MID,NO_RECEIVED,NO_RELAYS autolearn=no version=3.2.0
-Original Message-
From: Duncan Hill [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 09, 2007 11:00 AM
To: users@spamassassin.apache.org
Subject: Re: Can SpamAssassin delete mails just from
certain
countries ?
On Wed, May 9, 2007 09:57, Ruben Cardenal wrote:
Chris wrote:
On Wed, May 9, 2007 10:37, Chris wrote:
One thing, my hosts say that I'm not able to do this if
I'm on shared hosting - are you saying that there's a
way to do this on shared hosting please ?
Out of the ways that have been kindly recommended here,
which one would be the easiest for a
On Wed, May 9, 2007 10:10, BG Mahesh wrote:
On 5/9/07, Duncan Hill [EMAIL PROTECTED] wrote:
On Wed, May 9, 2007 09:36, BG Mahesh wrote:
We have tested this on http://cause.greynium.com/spamtest.php
We have constructed a Mail header, concatenating $message to $header
and passing the
-Original Message-
From: Duncan Hill [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 09, 2007 11:44 AM
To: users@spamassassin.apache.org
Subject: RE: Can SpamAssassin delete mails just from
certain
countries ?
On Wed, May 9, 2007 10:37, Chris wrote:
One thing, my hosts say
On Wed, May 9, 2007 11:13, Chris wrote:
I will look into that - I would prefer the emails from
some countries to not even reach my pc in the first place - so bearing that
in mind, is procmail still recommended in this instance please ?
If your hosting provider offers procmail, yes. The may
Gokhan ALKAN wrote:
I have received some mails that from domain and return-path domain
is different and from domain is in whitelist nowadays. So
spamassassin decide mail that is ham . because of user_in_whilist rule.
Rule 1: DO NOT use whitelist_from unless you have NO other options. Use
-Original Message-
From: Duncan Hill [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 09, 2007 12:20 PM
To: users@spamassassin.apache.org
Subject: RE: Can SpamAssassin delete mails just from
certain
countries ?
On Wed, May 9, 2007 11:13, Chris wrote:
I will look into that -
-Original Message-
From: Theo Van Dinter [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 08, 2007 10:01 PM
To: users@spamassassin.apache.org
Subject: Re: Poor performance with v3.2.0
On Tue, May 08, 2007 at 06:45:32PM -0700, Marc Perkel wrote:
I have to admit that I'm seeing
If you want a test,
cd /usr/ports/devel/re2c
rm -rf
get http://www.secnap.com/downloads/re2c.tgz
Untar it, make and install it, run sa-compile, and uncomment the RulesX2
line in v320.pre
Doesn't seem to do anything for SARES rules (I have ONE compiled rule in
rule_500) but it does seem to work.
On Wed, May 9, 2007 11:29, Chris wrote:
But what happens to the email that fails the threshold
of spam filtering ?
If it's below the threshold, it may get a subject modification, it
probably gets a new header or two. If it's above the threshold, it
probably gets a new header or two, and then
On Wed, 9 May 2007, Michael Scheidell wrote:
If you want a test,
cd /usr/ports/devel/re2c
rm -rf
get http://www.secnap.com/downloads/re2c.tgz
Untar it, make and install it, run sa-compile, and uncomment the RulesX2
line in v320.pre
Doesn't seem to do anything for SARES rules (I have ONE
Hi all,
I want the spamassassin work with files user_prefs and bayes_path for
user. Anyone can help me ?
thz.
We are currently running SpamAssassin 3.1.7. Can we run dnswl.org with
this version of SpamAssassin?
Can I put in lines like this in local.cf?
# dnswl.org file
header __RCVD_IN_DNSWL
eval:check_rbl('dnswl-firsttrusted,'127.0.\d+.1')
header RCVD_IN_DNSWL_LOW
Hi,
Recently I had some false positives that also had BAYES_99 triggered.
As I saved the original e-mail(s), I'd like to see what tokens
actually caused this. Is it possible to do this with Spam Assassin
3.1.8?
I vaguely remember that previously I ran spamassassin in debug mode
and that it
Hello,
I want ask some1 of you about version of SA 2.70.
This release was released ever ? or it was just abandoned and replaced
with 3.0 ?
If it exist , could you please provide me link ?
thank you
--
Best regards,
Peter mailto:[EMAIL PROTECTED]
Thanks for the info Bret. What I've come up with is this:
header _FROM_DOMAIN From ~= /example\.com/i
header _SPF_TRUE /\bSPF_FAIL\b/
meta DOMAIN_SPF_TRUE (_FROM_DOMAIN_SPF_TRUE)
score DOMAIN_SPF_TRUE 10.0
Will this work?
Kinda, with few changes:
Peter Mikeska (MiKi) wrote:
Hello,
I want ask some1 of you about version of SA 2.70.
This release was released ever ? or it was just abandoned and
replaced with 3.0 ? If it exist , could you please provide me link ?
thank you
The content should be reported as Spam. The score (when I run from
command line is just about 1.0 and required is 5.0). The text in
$message
have very hardcore words. Shouldn't it be marked as spam?
Are we formating the header correctly (i.e. each line is ending with
\n)?
'hardcore' words
Hi,
BG Mahesh wrote:
The content should be reported as Spam. The score (when I run from
command line is just about 1.0 and required is 5.0). The text in
$message
have very hardcore words. Shouldn't it be marked as spam?
Are we formating the header
BQ wrote:
Hi,
Recently I had some false positives that also had BAYES_99 triggered.
As I saved the original e-mail(s), I'd like to see what tokens
actually caused this. Is it possible to do this with Spam Assassin
3.1.8?
spamassassin -D bayes message.eml
I vaguely remember that
Bruno Henrique de Oliveira wrote:
Hi all,
I want the spamassassin work with files user_prefs and bayes_path for
user. Anyone can help me ?
Can you elaborate a bit more on your setup? SpamAssassin does this by
default, but making it work depends on how you call spamassassin.
Bayes auto expiries (taking to long and getting killed)? I think
that's a 600 second timeout.
We're not using auto-expiry. Bayes expiry is being done with a batch
job.
It would be interesting on some system experiencing this slowdown to
put
'use bytes' back into SA and see what happens
Bruno Henrique de Oliveira wrote:
Hi all,
I want the spamassassin work with files user_prefs and bayes_path for
user. Anyone can help me ?
Can you elaborate a bit more on your setup? SpamAssassin does this by
default, but making it work depends on how you call spamassassin.
I have
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm running sendmail 8.14.1 configured to do authenticated e-mail
relaying with port 587 and TLS encryption. When our users authenticate
and send a message sendmail changes the received header line to look
like this -
Received: from
I've been doing some testing with v3.2.0 on my local machine and am seeing
a test that is triggering. I'm going to share the IP it is triggering on
in hopes someone can point out what I'm missing.
[71849] dbg: received-header: parsed as [ ip=162.42.148.100 rdns=
helo=smtpgate.ndunet.com
Duane Hill writes:
I've been doing some testing with v3.2.0 on my local machine and am seeing
a test that is triggering. I'm going to share the IP it is triggering on
in hopes someone can point out what I'm missing.
[71849] dbg: received-header: parsed as [ ip=162.42.148.100 rdns=
On Wed, 9 May 2007, Justin Mason wrote:
Duane Hill writes:
I've been doing some testing with v3.2.0 on my local machine and am seeing
a test that is triggering. I'm going to share the IP it is triggering on
in hopes someone can point out what I'm missing.
[71849] dbg: received-header: parsed
On Wed, May 09, 2007 at 12:14:24AM -0500, Gabriel Millerd wrote:
Beyond the s/3.1.20/v3.2.0/ issue that some people cannot get past.
I have the same issue. I had to juggle my cf/pre files entries for
quite some time to get past the check_scan problem you describe for
spamd to run peachy. I,
Matt,
On 5/10/07, Matt Kettler [EMAIL PROTECTED] wrote:
BQ wrote:
Hi,
Recently I had some false positives that also had BAYES_99 triggered.
As I saved the original e-mail(s), I'd like to see what tokens
actually caused this. Is it possible to do this with Spam Assassin
3.1.8?
On Thu, May 10, 2007 at 03:13:58AM +1200, BQ wrote:
Yep, it's gotta be -D bayes, not just -D
Thanks - this works great. It would be good if this little thing gets
included in the manual pages - it's either not there or I missed it
(quite possible :).
fyi:
Greetings,
Am I correct in saying that the proper way to set a default
required_score is in the /etc/mail/spamassassin/local.cf file?
I'm running SA 3.2.0 and I seem to be unable to change the default
required_score. I'm using spamc/spamd for processing via simscan.
Per-user rules are enabled
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Sujit Acharyya-Choudhury wrote:
We are currently running SpamAssassin 3.1.7. Can we run dnswl.org with
this version of SpamAssassin?
Sure - it uses regular DNSBL-style lookups. dnswl.org data (and the
rules) should work in almost any version of
Dan Schwartz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm running sendmail 8.14.1 configured to do authenticated e-mail
relaying with port 587 and TLS encryption. When our users authenticate
and send a message sendmail changes the received header line to look
like this -
is this a problem?
Can't locate object method finish via package
Mail::SpamAssassin::Timeout at
/usr/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/PluginHandler.pm line 234.
Tim Litwiller wrote:
is this a problem?
Can't locate object method finish via package
Mail::SpamAssassin::Timeout at
/usr/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/PluginHandler.pm line 234.
Do you have the FuzzyOCR plugin installed? At least one version of it
tried to call this
Daryl C. W. O'Shea wrote:
Tim Litwiller wrote:
is this a problem?
Can't locate object method finish via package
Mail::SpamAssassin::Timeout at
/usr/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/PluginHandler.pm
line 234.
Do you have the FuzzyOCR plugin installed? At least one version of it
Hi there
Wasn't there a recent thread on this one?
Umm here is the error
spamd[705]: Malformed UTF-8 character (unexpected non-continuation byte
0x00, immediately after start byte 0xd2) in pattern match (m//) at
/etc/mail/spamassassin/70_sare_adult.cf, rule SARE_OBFUFCK1, line 1.
Can
Why does the SA list accept postings from unsubscribed email addresses?
- rh
--
Abba Communications
Spokane, WA
www.abbacomm.net
I have 3 mail servers with relatively identical configurations that I just
upgraded to MailScanner 4.59.4 and SpamAssassin 3.2.0. Two of them are
working fine, however on one of them, sa-compile won't run, due to the
spamassassin --lint check failing.
spamassassin --lint --debug only turns up
harp2812 wrote:
I have 3 mail servers with relatively identical configurations that I just
upgraded to MailScanner 4.59.4 and SpamAssassin 3.2.0. Two of them are
working fine, however on one of them, sa-compile won't run, due to the
spamassassin --lint check failing.
spamassassin --lint
That fixed it! Thank you!
Daryl C. W. O wrote:
Make sure that the Razor2 plugin is being loaded. The loadplugin line
for it is in v310.pre. If enabled (and the .pm file isn't missing,
you'll see it being loaded in the debug output).
Daryl
--
View this message in context:
Daryl C. W. O'Shea wrote:
Tim Litwiller wrote:
is this a problem?
Can't locate object method finish via package
Mail::SpamAssassin::Timeout at
/usr/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/PluginHandler.pm
line 234.
Do you have the FuzzyOCR plugin installed? At least one version of it
Tim Litwiller wrote:
Daryl C. W. O'Shea wrote:
Tim Litwiller wrote:
is this a problem?
Can't locate object method finish via package
Mail::SpamAssassin::Timeout at
/usr/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/PluginHandler.pm
line 234.
Do you have the FuzzyOCR plugin installed? At
On Wed, 9 May 2007, Rosenbaum, Larry M. wrote:
Bayes auto expiries (taking to long and getting killed)? I think
that's a 600 second timeout.
We're not using auto-expiry. Bayes expiry is being done with a batch
job.
It would be interesting on some system experiencing this slowdown to
put
is there any way check mx record as from ip adress and compare it sender ip
address ? so spamassassin can decide its spam ??
Hi,
some domains, unfortunately only few, use spf (or domainkeys) to declare the
machines allowed to
send mail for the domain. Now, If such information exists, and
Daryl C. W. O'Shea wrote:
Tim Litwiller wrote:
Daryl C. W. O'Shea wrote:
Tim Litwiller wrote:
is this a problem?
Can't locate object method finish via package
Mail::SpamAssassin::Timeout at
/usr/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/PluginHandler.pm
line 234.
Do you have the
- Original Message -
From: RobertH [EMAIL PROTECTED]
To: users@spamassassin.apache.org
Sent: Wednesday, May 09, 2007 10:25 AM
Subject: attack, bug, or just misconfig?
Hi there
Wasn't there a recent thread on this one?
Umm here is the error
spamd[705]: Malformed UTF-8 character
On Wed, May 9, 2007 11:13, Chris wrote:
I will look into that - I would prefer the emails from
some countries to not even reach my pc in the first place - so bearing that
in mind, is procmail still recommended in this instance please ?
If your hosting provider offers procmail, yes. The may
Is anyone else seeing an increased FP rate after upgrading to 3.2?
I've got a number of reports coming in like:
AXB_XMID_1212, which defaults to 3.899 and was
causing a fair amount of legitimate mail to one of our customers to fail
Replace 'AXB_XMID_1212' with a handful of other rules with
On Wed, May 9, 2007 10:10, BG Mahesh wrote:
On 5/9/07, Duncan Hill [EMAIL PROTECTED] wrote:
On Wed, May 9, 2007 09:36, BG Mahesh wrote:
We have tested this on http://cause.greynium.com/spamtest.php
We have constructed a Mail header, concatenating $message to $header
and passing the
On Wed, May 9, 2007 10:37, Chris wrote:
One thing, my hosts say that I'm not able to do this if
I'm on shared hosting - are you saying that there's a
way to do this on shared hosting please ?
Out of the ways that have been kindly recommended here,
which one would be the easiest for a
I just switched from using spamassassin to spamc in our procmail.
* is there an equivalent of 'spamassassin -d' for spamc?
* spamd is running with
'-d -H -s /usr/temp/spamd.log -u esp -r /var/run/spamd.pid' .
spamc is running with '-u esp' , which is a normal account.
Yet in
On 5/8/2007 7:18 PM, Kelsey Cummings wrote:
Is anyone else seeing an increased FP rate after upgrading to 3.2?
I've got a number of reports coming in like:
AXB_XMID_1212, which defaults to 3.899 and was
causing a fair amount of legitimate mail to one of our customers to fail
Replace
What do I put in the messages.pm and where do I put it?
Thanks.
=
Kevin W. Gagel
Network Administrator
Information Technology Services
(250) 562-2131 local 448
My Blog:
http://mail.cnc.bc.ca/blogs/gagel
What do I put in the messages.pm and where do I put it?
Its 'use bytes;' YOu'll have to search back in the archives for a message
describing exactly where it goes.
Note this isn't a FIX, this is a tempoary WORKAROUND.
Loren
On Wed, May 9, 2007 5:10 pm, Loren Wilton wrote:
What do I put in the messages.pm and where do I put it?
Its 'use bytes;' YOu'll have to search back in the archives for a message
describing exactly where it goes.
Note this isn't a FIX, this is a tempoary WORKAROUND.
I've been checking all
On Wed, May 9, 2007 6:20 pm, Jerry Durand wrote:
I've been checking all the archives of this list as well as bugzilla and
google searches, can't find anything about this. Obviously I'm looking in
the wrong place.
Found it, Loren added an s to the file name, that's why I couldn't find it!
--
.rp wrote:
I just switched from using spamassassin to spamc in our procmail.
*
is there an equivalent of 'spamassassin -d' for spamc?
Do you really mean spamassassin -D? -d does markup stripping, -D does
debugging.
If so, you can pass -D to spamd, but you'd have to debug everything
Gary V wrote:
I have links to some of the files that used to be in this location:
http://spamassassin.apache.org/full/3.1.x/dist/
compare that URL to this one:
http://spamassassin.apache.org/full/3.0.x/dist/
Who would know if the files that used to be there will be returned to
that
Thanks for straightening me out on that Vincent.
Folks - for completeness here are some instructions for the WORKAROUND.
Locate your Message.pm module and edit the section in the begining as
indicated below.
I have been running this now for a couple of hours with no adverse affects
(that I can
On Wed, 9 May 2007, Matt Kettler wrote:
.rp wrote:
I just switched from using spamassassin to spamc in our procmail.
*
is there an equivalent of 'spamassassin -d' for spamc?
Do you really mean spamassassin -D? -d does markup stripping, -D does
debugging.
If so, you can pass -D to
-Original Message-
From: Rosenbaum, Larry M. [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 09, 2007 10:10 AM
To: users@spamassassin.apache.org
Subject: RE: Poor performance with v3.2.0
sa-compile took 3 hours to run. (System is a SunFire v210
with 2 processors and 2 GB ram.)
On Thu, 10 May 2007, Michael Scheidell wrote:
-Original Message-
From: Rosenbaum, Larry M. [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 09, 2007 10:10 AM
To: users@spamassassin.apache.org
Subject: RE: Poor performance with v3.2.0
sa-compile took 3 hours to run. (System is a
79 matches
Mail list logo