Noc Phibee wrote:
Hi
A small problems ;=)
Before, my spamassassin server are in front ends .. all messages
going directly to my spamassassin server and the result are very good.
Now, it's a smtp relay server that receive the email and after sent to
my spamassassin (the relay don't have filter
Hello!
http://people.ucsc.edu/~jrudd/spamassassin/Botnet.tar
link seems to be dead, since John Rudd is not listed at people, the link
perhaps moved?
Any tips?
--
Grüsse/Greetings
MH
Dont send mail to: [EMAIL PROTECTED]
--
Matthias Haegele wrote:
Hello!
http://people.ucsc.edu/~jrudd/spamassassin/Botnet.tar
link seems to be dead, since John Rudd is not listed at people, the link
perhaps moved?
Any tips?
That's still the right/current URL.
Just looks like people.ucsc.edu might be down right now.
Hey,
I'm using FuzzyOCR which works great. However, lately I've been seeing
annoying Outlook users using some kind of plugin which seem to add an
image, and it has the text Free emoticons, download here (or something),
mostly it's in my language and then it has the text gratis.
The word
simply remove gratis from your wordlist and you'll be done...
I think even without gratis in the wordlist FuzzyOCR will do a great job on
real spam ;-)
Ove
-Ursprüngliche Nachricht-
Von: news [mailto:[EMAIL PROTECTED] Im Auftrag von
[EMAIL PROTECTED]
Gesendet: Freitag, 11. Mai
Hi, list, I'm currently running zen.spamhaus.org and cbl.abuseat.org
as RBLs over Postfix, how can I disable them in SA? (I mean, if I'm
already blocking connections which got listed in those RBLs, why let
SA check them? I suppose it should lower scan times...)
Thanks,
Luix
--
A small problems ;=)
Before, my spamassassin server are in front ends .. all messages
going directly to my spamassassin server and the result are very good.
Now, it's a smtp relay server that receive the email and after sent to
my spamassassin (the relay don't have filter or other,,
Is this how I send to the list ?
ZEN includes CBL, so you've got a duplicate test there.
CBL isn't tested in spamassassin (except via XBL).
You'll need something like this to stop the spamhaus tests:
score __RCVD_IN_ZEN 0.0
score RCVD_IN_SBL 0.0
score RCVD_IN_XBL 0.0
score RCVD_IN_PBL 0.0
score URIBL_SBL 0.0
Cheers,
Phil
--
I setup Bayes and whitelist db paths in my local.cf
The whitelist db created succesfully but the bayes_* db's did not...
OK, Got it. Anyway, I tracked down the timing issues which drove me to
disable DNS tests to a problem with my nameservers. Now the scanning
times reported by Amavis are similar to the other servers I have. BTW,
thanks for the tip, I've disabled CBL testings in Postfix.
Luix
2007/5/11, Randal,
Daniel Aquino schrieb:
Is this how I send to the list ?
Congratulations you have made it ;-).
--
Grüsse/Greetings
MH
Dont send mail to: [EMAIL PROTECTED]
--
First, RTFM.
Second, Google.
Third, oh, well... You NEED to feed Bayes a significant amount of
data, so it knows what is spam and waht is ham, due to the fact that
the kind of spam and ham you receive is different from the ones I get
on my servers. Then it will start auto learning on that basis.
Matthias,
Worked fine for me. Try it again if it still doesn't work for you - I've
uploaded a copy to my public share at:
http://mail.cnc.bc.ca/users/gagel/Botnet.tar
I'll keep it there till next week.
- Original Message -
From: Matthias Haegele [EMAIL PROTECTED]
To: SpamAssassin
On Fri, 11 May 2007, Luis Hern?n Otegui wrote:
Hi, list, I'm currently running zen.spamhaus.org and cbl.abuseat.org
as RBLs over Postfix, how can I disable them in SA? (I mean, if I'm
already blocking connections which got listed in those RBLs, why let
SA check them? I suppose it should lower
Kevin W. Gagel schrieb:
Matthias,
Worked fine for me. Try it again if it still doesn't work for you - I've
uploaded a copy to my public share at:
http://mail.cnc.bc.ca/users/gagel/Botnet.tar
Thx alot. It was a temporarily problem, it is good to have an
alternative download location.
I'll
Luis Hernán Otegui wrote:
First, RTFM.
Second, Google.
Third, oh, well... You NEED to feed Bayes a significant amount of
data, so it knows what is spam and waht is ham, due to the fact that
the kind of spam and ham you receive is different from the ones I get
on my servers. Then it will
Have you trained the bayes database? Is this a fresh install? It needs
at least 200 spam and 200 ham messages to get it going. However, the
more ham and spam you can feed it, the better it will perform...
Luix
2007/5/11, Daniel Aquino [EMAIL PROTECTED]:
I setup Bayes and whitelist db paths in
Daniel Aquino wrote:
I setup Bayes and whitelist db paths in my local.cf
The whitelist db created succesfully but the bayes_* db's did not...
More information please... Just saying that it doesn't work isn't very
helpful.
Before we can help you, we need the two basic pieces of information:
Daniel Aquino wrote:
I really don't know if I can extract emails from Outlook 2003 into a
standard mbox format...
Maildir is the preferred format. You can extract emails from Outlook,
but Outlook and Exchange tend to rewrite portions of the message which
makes this less than ideal for SA's
Daniel Aquino wrote:
run these commands as the defang user.
Would it be bad to use root because defang is not a real user..
spamd will not run as root. If you try it, it will switch to
nobody.
You can deal with this two ways:
If your mail accounts are owned by real users on the system,
Daniel Aquino wrote:
1) What (exactly) did you do?
# local.cf config file at this url
http://pastie.caboo.se/60756
What user is SA running as? What are the permissions on the bayes
directory?
drwx-- 2 defang defang 4096 2007-05-11 10:48
/var/spool/MD-Databases/
2) What
Does anyone know what is injecting this 3793/xpopup.js and
_popupControl() all over the place. There's usually a http://127.0.0
.1 in front of the port :3793
I'm seeing it in webpages and email (not mine! google for it and you'll
see what a mess it's making).
I've searched and all I see are
I didn't even realize my reply's were not being sent to the thread I started...
Sorry!
Ok it looks like using sa-learn created the databases fine even with
only 1 ham/spam...
[EMAIL PROTECTED] wrote:
I'm using FuzzyOCR which works great. However, lately I've been seeing
annoying Outlook users using some kind of plugin which seem to add an
image, and it has the text Free emoticons, download here (or
something), mostly it's in my language and then it has the text
I think I remember reading that SA Rules can be updated from Official Repos ?
On Fri, May 11, 2007 at 02:20:55PM -0400, Daniel Aquino wrote:
I think I remember reading that SA Rules can be updated from Official Repos
?
sa-update
--
Randomly Selected Tagline:
If all the girls who attended the Harvard-Yale game were laid end to end,
I wouldn't be surprised. -
- Original Message -
sa-update
Usage info is located where?
=
Kevin W. Gagel
Network Administrator
Information Technology Services
(250) 562-2131 local 448
My Blog:
http://mail.cnc.bc.ca/blogs/gagel
On Friday 11 May 2007 3:04 pm, Kevin W. Gagel wrote:
- Original Message -
sa-update
Usage info is located where?
=
Kevin W. Gagel
Network Administrator
Information Technology Services
(250) 562-2131 local 448
My Blog:
On Fri, 11 May 2007, Kevin W. Gagel wrote:
- Original Message -
sa-update
Usage info is located where?
% man sa-update
We just put our mailserver (with SpamAssassin of course) behind a firewall,
and now we get many many interesting error messages from spamd telling me
that there's no route to some host or other. I tweaked the DnsResolver.pm
module to show what host it was trying to route to, and I got this
On Fri, May 11, 2007 at 01:34:06PM -0700, Ernie Dunbar wrote:
Of course, hosts like 190.57.78.66.bl.spamcop.net are DNSBL blacklist
members, and they resolve to nothing at all, which is why there is no route
to host. But why is spamd suddenly spewing these errors now? It didn't do
this before
Kevin W. Gagel wrote:
sa-update
Usage info is located where?
Most common usage is:
$ sa-update
Or, if you want to see what it's doing:
$ sa-update -D
Unless you are adding extra channels or doing something strange with it,
you shouldn't need more than that.
--
Bowie
- Original Message -
Most common usage is:
$ sa-update
Or, if you want to see what it's doing:
$ sa-update -D
Unless you are adding extra channels or doing something strange with it,
you shouldn't need more than that.
OK, got all those RTFM answers :-) - I get that...
But
Theo Van Dinter-2 wrote:
On Fri, May 11, 2007 at 01:34:06PM -0700, Ernie Dunbar wrote:
Of course, hosts like 190.57.78.66.bl.spamcop.net are DNSBL blacklist
members, and they resolve to nothing at all, which is why there is no
route
to host. But why is spamd suddenly spewing these errors
On Friday 11 May 2007 5:00 pm, Kevin W. Gagel wrote:
- Original Message -
Most common usage is:
$ sa-update
Or, if you want to see what it's doing:
$ sa-update -D
Unless you are adding extra channels or doing something strange with it,
you shouldn't need more than
-Oorspronkelijk bericht-
Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Verzonden: vrijdag 11 mei 2007 23:01
Aan: users@spamassassin.apache.org
Onderwerp: RE: SA Rules Auto-Update ?
- Original Message -
Most common usage is:
$ sa-update
Or, if you want to see what it's
Ernie Dunbar wrote:
We just put our mailserver (with SpamAssassin of course) behind a firewall,
and now we get many many interesting error messages from spamd telling me
that there's no route to some host or other. I tweaked the DnsResolver.pm
module to show what host it was trying to route to,
Ken A wrote:
May 11 12:00:09 pop spamd[47940]: dns: sendto() failed: No route to host
Host: 190.57.78.66.bl.spamcop.net. at
/usr/local/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/DnsResolver.pm
line
340, GEN1444 line 137.
Of course, hosts like 190.57.78.66.bl.spamcop.net are DNSBL
Kevin W. Gagel wrote:
- Original Message -
Most common usage is:
$ sa-update
Or, if you want to see what it's doing:
$ sa-update -D
Unless you are adding extra channels or doing something strange with it,
you shouldn't need more than that.
OK, got all those RTFM answers :-)
In v3.2 it seems the reading of the /etc/mail/spamassassin/*.(pre|cf)
files is less forgiving. You used to be able to have the all in one
.cf file before v3.2. Likely your header rules are in a .cf file and
the sa-update is just reading the .pre file.
I had to juggle the /etc/mail/spamassassin
Gabriel Millerd wrote:
In v3.2 it seems the reading of the /etc/mail/spamassassin/*.(pre|cf)
files is less forgiving. You used to be able to have the all in one
.cf file before v3.2. Likely your header rules are in a .cf file and
the sa-update is just reading the .pre file.
You could never put
Daryl C. W. O wrote:
Ernie Dunbar wrote:
Ken A wrote:
May 11 12:00:09 pop spamd[47940]: dns: sendto() failed: No route to
host
Host: 190.57.78.66.bl.spamcop.net. at
/usr/local/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/DnsResolver.pm
line
340, GEN1444 line 137.
It might be a
His question may have been pretty basic, born of laziness. But when you
respond with man sa-update or RTFM, then you end up with a mailing
list archive full of useless info, lowering its value as a useful resource.
Ignore or respond with something useful. (In my opinion)
Duane Hill wrote:
On
On 5/11/07, Daryl C. W. O'Shea [EMAIL PROTECTED] wrote:
the \d+_scores.cf rules also can be a pain with sa-update which is a
big part of the juggling.
Care to elaborate?
If you have a minimal configuration the mass-check scores will likely
bomb on your lint check. The names of the two
On Sat, 12 May 2007, Pete Russell wrote:
His question may have been pretty basic, born of laziness. But when you
respond with man sa-update or RTFM, then you end up with a mailing list
archive full of useless info, lowering its value as a useful resource.
Ignore or respond with something
Greetings,
I'm seeing incoming spam at a rate of 2-3 a minute per user and I'm
having trouble properly identifying these as spam with spamassassin.
Or, alternatively, blocking them.
It appears that each mail is sent by a unique IP, so it doesn't look
like a simple firewall rule will stop this.
On May 11, 2007, at 10:54 PM, Jason Frisvold wrote:
It appears that each mail is sent by a unique IP, so it doesn't look
like a simple firewall rule will stop this.
Is every single message coming from a unique IP, or is it just that
they're widely distributed?
-faisal
49 matches
Mail list logo
