Hi Friends,
I have installed spamassassin few days back. using CPAN.
I gave the following command
# perl -MCPAN -e shell[as root]
cpan o conf prerequisites_policy ask
cpan install Mail::SpamAssassin
cpan quit
spamassassin -V gives me
SpamAssassin version 3.2.0
Hi all,
after updating spamassassin bu the following command
#sa-update do I need to run # sa-compile?
or just spamd restarting will serve the purpose?
TIA
Diptanjan
--
View this message in context:
http://www.nabble.com/sa-compile-tf3882216.html#a11003064
Sent from the SpamAssassin -
diptanjan wrote:
Hi Friends,
I have installed spamassassin few days back. using CPAN.
I gave the following command
# perl -MCPAN -e shell[as root]
cpano conf prerequisites_policy ask
cpaninstall Mail::SpamAssassin
cpanquit
spamassassin -V gives me
diptanjan wrote:
Hi all,
after updating spamassassin bu the following command
#sa-update do I need to run # sa-compile?
or just spamd restarting will serve the purpose?
If you want your rules compiled, yes, you must run sa-compile any time
you update your rules. Also don't forget to
hello
i got a question , Domainkey is now unsupportet, Dkim is supportet, and
Domainkey compat.
when i use this plugins with spamassassin, what are the main differents
between using this plugin for checking sign on incoming mails, and checking
it via a MTA (and domainkeys).
Normaly the Mta,
Hi Daryl,
Thanks for your prompt response.
Just want to know is sa-compile necessary for updation of SA rules?
or just sa-update will do. I mean why should I compile the rules. Whats the
advantage of compiling the rules?
Thanks
Diptanjan
--
View this message in context:
Check out Justin Mason's talk at MAAWG:
http://taint.org/2007/06/05/153724a.html
Cheers,
Phil
--
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK
-Original Message-
From: diptanjan [mailto:[EMAIL PROTECTED]
Sent: 07 June 2007 10:27
To:
www.rulesemporium.com isn't happy either :-(
Cheers,
Phil
--
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK
-Original Message-
From: Ken A [mailto:[EMAIL PROTECTED]
Sent: 06 June 2007 18:48
To: users@spamassassin.apache.org
Subject: Re: www.uribl.com
Raymond
On Thu, 7 Jun 2007 10:33:15 +0100, Randal, Phil
[EMAIL PROTECTED] wrote:
www.rulesemporium.com isn't happy either :-(
Cheers,
Phil
Yeah - I got this earlier
The following rules had errors:
TripWire had an unknown error:
curl exit code: 7
curl: (7) couldn't connect
000
SARE Adult Content
Thanks Daryl
You were 100% right.. I just missed that section.
I tried to Update those section issuing the commands from CPAN...
But the problem was the Mirror CPAN was using was not accessable so it
wasn't downloading the *.gz files
So I had to download those .gz files manually from
Hi Phil,
Thanks for this wonderful document..
It explained lot of my queries.
Thank u again
Diptanjan
Check out Justin Mason's talk at MAAWG:
http://taint.org/2007/06/05/153724a.html
Cheers,
Phil
--
Phil Randal
Network Engineer
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
My systems all were unable to connect for their daily RDJ update
yesterday. I time out trying to reach http://rulesemporium.com. Does
anyone know what's happening?
- --
Steve
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (GNU/Linux)
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 07, 2007 5:12 AM
To: users@spamassassin.apache.org
Subject: DKIM / Domainkey feature ins spamassassin
hello
i got a question , Domainkey is now unsupportet, Dkim is
supportet, and
On Thu, 2007-06-07 at 07:28 -0500, Steven Stern wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
My systems all were unable to connect for their daily RDJ update
yesterday. I time out trying to reach http://rulesemporium.com. Does
anyone know what's happening?
Apparently a DDOS
Steven Stern wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
My systems all were unable to connect for their daily RDJ update
yesterday. I time out trying to reach http://rulesemporium.com. Does
anyone know what's happening?
- --
Same issue here. 404 errors.
smime.p7s
Description:
On 6/7/2007 2:52 PM, Jake Vickers wrote:
Steven Stern wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
My systems all were unable to connect for their daily RDJ update
yesterday. I time out trying to reach http://rulesemporium.com. Does
anyone know what's happening?
- --
Same issue
i got a question , Domainkey is now unsupportet, Dkim is
supportet, and
Domainkey compat.
when i use this plugins with spamassassin, what are the main
differents
between using this plugin for checking sign on incoming
mails, and checking
it via a MTA (and domainkeys).
Normaly the Mta,
On Thursday 07 June 2007, Randal, Phil wrote:
www.rulesemporium.com isn't happy either :-(
Cheers,
Phil
So the email from curl would indicate. They aren't pingable either.
Does anyone know what happened to them?
--
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK
bbxrider wrote:
yes, but..
i have a spam filter on my client, spambayes, and it works fine to sort out
spam sent
to a 'real' account
the problem here is numbers, the spammer is spoofing my domain with a
constantly changing
name (but with a constant piece of it) with
bbxrider wrote:
yes, but..
i have a spam filter on my client, spambayes, and it works fine to
sort out spam sent
to a 'real' account
the problem here is numbers, the spammer is spoofing my domain with a
constantly changing
name (but with a constant piece of it) with
Anyone else getting 404 errors from RDJ lately?
The following rules had errors:
Tim Jackson's (et al) bogus virus warnings had an unknown error:
curl exit code: 7
curl: (7) couldn't connect to host
000
TripWire had an unknown error:
curl exit code: 7
curl: (7) couldn't connect to host
000
On Thu, 2007-06-07 at 17:45 +0200, Anders Norrbring wrote:
Anyone else getting 404 errors from RDJ lately?
Yes, this topic came up just a few hours ago. Probably a dDOS attack.
Please disable all RDJ till further notice.
guenther
--
char *t=[EMAIL PROTECTED];
main(){ char
guenther wrote:
On Thu, 2007-06-07 at 17:45 +0200, Anders Norrbring wrote:
Anyone else getting 404 errors from RDJ lately?
Yes, this topic came up just a few hours ago. Probably a dDOS attack.
Please disable all RDJ till further notice.
guenther
I would imagine this is related to
-Original Message-
From: Jim Maul [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 07, 2007 12:02 PM
To: users@spamassassin.apache.org
Subject: Re: 404 while getting RDJ updates?
guenther wrote:
On Thu, 2007-06-07 at 17:45 +0200, Anders Norrbring wrote:
Anyone else getting
Hello all!
I've tried and tried, and can't get a rule I've handwritten to work.
Hopefully you all can help. I've got a user using Alltel's picture
messaging that keeps getting whacked every time he sends a message.
It consistently scores about a 12.3 with my setup, where a 10 will get
you
On Thu, 7 Jun 2007 12:11:11 -0400, D.J. [EMAIL PROTECTED] wrote:
Hello all!
I've tried and tried, and can't get a rule I've handwritten to work.
Hopefully you all can help. I've got a user using Alltel's picture
messaging that keeps getting whacked every time he sends a message.
It consistently
Chris Santerre wrote:
-Original Message-
From: Jim Maul [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 07, 2007 12:02 PM
To: users@spamassassin.apache.org
Subject: Re: 404 while getting RDJ updates?
guenther wrote:
On Thu, 2007-06-07 at 17:45 +0200, Anders Norrbring
On 6/7/07, Nigel Frankcom [EMAIL PROTECTED] wrote:
On Thu, 7 Jun 2007 12:11:11 -0400, D.J. [EMAIL PROTECTED] wrote:
Hello all!
I've tried and tried, and can't get a rule I've handwritten to work.
Hopefully you all can help. I've got a user using Alltel's picture
messaging that keeps getting
Wouldn't whitelist_from_rcvd be safer? Then you could use a [EMAIL PROTECTED]
for the match FROM and whatever their server is (probably alltel.com) for
the RELAY.
Should be simple and mostly safe. I don't imagine their email server relays
much spam.
Dan
-Original Message-
From: D.J.
On Thu, 7 Jun 2007, Nigel Frankcom wrote:
On Thu, 7 Jun 2007 12:11:11 -0400, D.J. [EMAIL PROTECTED] wrote:
I know that a valid address will always be
a ten digit number followed by @mms.alltel.com, so I created the
following rule in local.cf:
header Alltel_Pics From =~
I'm not able to get to www.rulesemporium.com, what's up there? Any one
know?
=
Kevin W. Gagel
Network Administrator
Information Technology Services
(250) 562-2131 local 448
My Blog:
http://mail.cnc.bc.ca/blogs/gagel
Kevin W. Gagel schrieb:
I'm not able to get to www.rulesemporium.com, what's up there? Any one
know?
Do you read also or just write?
On Thu, 07 Jun 2007 19:26:59 +0200, arni [EMAIL PROTECTED] wrote:
Kevin W. Gagel schrieb:
I'm not able to get to www.rulesemporium.com, what's up there? Any one
know?
Do you read also or just write?
rulesemporium is under suspected DDOD. They have requested that all
users suspend
On Thu, 07 Jun 2007 18:41:49 +0100, Nigel Frankcom
[EMAIL PROTECTED] wrote:
On Thu, 07 Jun 2007 19:26:59 +0200, arni [EMAIL PROTECTED] wrote:
Kevin W. Gagel schrieb:
I'm not able to get to www.rulesemporium.com, what's up there? Any one
know?
Do you read also or just write?
rulesemporium
On 6/7/2007 at 1:45 PM, Nigel Frankcom [EMAIL PROTECTED]
wrote:
On Thu, 07 Jun 2007 18:41:49 +0100, Nigel Frankcom
[EMAIL PROTECTED] wrote:
On Thu, 07 Jun 2007 19:26:59 +0200, arni [EMAIL PROTECTED] wrote:
Kevin W. Gagel schrieb:
I'm not able to get to www.rulesemporium.com, what's up there?
On Thu, 07 Jun 2007 18:41:49 +0100, Nigel Frankcom
[EMAIL PROTECTED] wrote:
rulesemporium is under suspected DDOD. They have requested that all
users suspend automated downloads until further notice.
KR
Nigel
That would be DDOS it's been a long day
Thank God it's not DDOD, I need my
Does anybody know how they do work?
Are they just YABL (Yet Another Blocking List) or are they somehow
different?
Thanks,
-
Giampaolo Tomassoni - I.T. Consultant
Piazza VIII Aprile 1948, 4
I-53043 Chiusi (SI) - Italy
Tel/Ph: +39-0578-21100
MAI mandare un
At 10:18 07-06-2007, Kevin W. Gagel wrote:
I'm not able to get to www.rulesemporium.com, what's up there? Any one
know?
It's a denial of service.
The thread starts here
http://mail-archives.apache.org/mod_mbox/spamassassin-users/200706.mbox/browser
Regards,
-sm
- Original Message -
rulesemporium is under suspected DDOD. They have requested that all
users suspend automated downloads until further notice.
KR
Nigel
Thanks Nigel. Allways nice to have an answer after you've checked and
couldn't find it yourself. Thanks again.
Its true, scanners indicate klingon war vessels approaching our sector.
We've dropped out of warp due to overuse of the dilythium crystals.
Federation starships have been called in for assistance. Scottie has
given us more power, but is not sure she will hold together much
longer. All the
- Original Message -
At 10:18 07-06-2007, Kevin W. Gagel wrote:
I'm not able to get to www.rulesemporium.com, what's up there? Any one
know?
It's a denial of service.
The thread starts here
http://mail-archives.apache.org/mod_mbox/spamassassin-users/200706.mbox/browser
Regards,
-sm
On Thu, 7 Jun 2007, Jonathan Nichols wrote:
Great, you owe me a new laptop. My current one now has coffee all over
it. :P
Nose-cups. ISAGN.
--
John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
[EMAIL PROTECTED]FALaholic #11174 pgpk -a [EMAIL PROTECTED]
key:
thanks for the help dan
i will try one more time to reason with sitelutions, but my prob with them
is that they seem to think this is not a problem, and vaguely imply that
they
know better than me since they are tech gods and therefore i shouldn't be
concerned
and i'm still trying to see if there
On Thursday 07 June 2007, Chris Santerre wrote:
-Original Message-
From: Jim Maul [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 07, 2007 12:02 PM
To: users@spamassassin.apache.org
Subject: Re: 404 while getting RDJ updates?
guenther wrote:
On Thu, 2007-06-07 at 17:45 +0200,
thanks for your help, i'm trying to get filters working now,
and thanks for list subjects.
bbxrider
Kris Deugau wrote:
bbxrider wrote:
yes, but..
i have a spam filter on my client, spambayes, and it works fine to sort
out
spam sent
to a 'real' account
the
Well, before all, here is my config :
nowhere:~# linuxinfo
Linux nowhere 2.6.18-4-k7 #1 SMP Wed May 9 23:42:01 UTC 2007
One AMD Unknown 1300MHz processor, 2601.92 total bogomips, 95M RAM
System library 2.3.6
OS : Debian Etch
I use qmail + jms patch (lastest version (on 2007/06/07))
and as
Hi all,
Using SA 3.2.0 on a shared hosting account via CPanel, with my
sa-trainer.cgi Perl script to call sa-learn with various parameters
which I'll get to in a second, to scan ham and spam from some Maildir
folders.
After scanning, the Perl script calls sa-learn --dump magic and parses
Well, before all, here is my config :
nowhere:~# linuxinfo
Linux nowhere 2.6.18-4-k7 #1 SMP Wed May 9 23:42:01 UTC 2007
One AMD Unknown 1300MHz processor, 2601.92 total bogomips, 95M RAM
System library 2.3.6
OS : Debian Etch
I use qmail + jms patch (lastest version (on 2007/06/07))
and as
On Thu, Jun 07, 2007 at 03:15:35PM -0700, geist_ wrote:
One AMD Unknown 1300MHz processor, 2601.92 total bogomips, 95M RAM
[...]
Any help should be usefull...
Get more RAM. :)Seriously, 95M is not really enough for anything these
days, let alone resource intensive apps such as SA.
--
This anti-spam DDoS is being reported on SANS as well... Seems SpamHaus
is also getting slammed.
http://isc.sans.org/diary.html?storyid=2940
Wish we could find the bot master and turn the DNS pointers back to them.
Gene Heskett wrote:
On Thursday 07 June 2007, Chris Santerre wrote:
On Thu, 2007-06-07 at 17:03 -0400, Gene Heskett wrote:
On Thursday 07 June 2007, Chris Santerre wrote:
I would imagine this is related to www.uribl.com and
surbl.org having
issues as well. Both are now pointing to 127.0.0.1 in what I would
assume was an attempt to stop the attack.
On Thu, 7 Jun 2007, Daniel J McDonald wrote:
On Thu, 2007-06-07 at 17:03 -0400, Gene Heskett wrote:
Good luck Chris. If you know who it is, maybe we should send Vinnie
Luigi
over to have a little talk with them?
Should we arm them with a RFC-2321 compatible RITA, and a confident
From: Daniel J McDonald [EMAIL PROTECTED]
On Thu, 2007-06-07 at 17:03 -0400, Gene Heskett wrote:
On Thursday 07 June 2007, Chris Santerre wrote:
I would imagine this is related to www.uribl.com and
surbl.org having
issues as well. Both are now pointing to 127.0.0.1 in what I would
jdow wrote:
Should we arm them with a RFC-2321 compatible RITA, and a confident
demeanor?
Sic the RIAA lawyers on them.
Since Microsoft recently claimed ALL open-source or free applications
violated 250+ patents they own, maybe we can all sue M$ for BotNets???
Isn't that FREE software?
a ten digit number followed by @mms.alltel.com, so I created the
following rule in local.cf:
header Alltel_Pics From =~ /[EMAIL PROTECTED]/
describeAlltel_Pics Fixing Alltel's Picture Mail
score Alltel_Pics -100
However, they are still getting whacked. I
On Thursday 07 June 2007, jdow wrote:
From: Daniel J McDonald [EMAIL PROTECTED]
On Thu, 2007-06-07 at 17:03 -0400, Gene Heskett wrote:
On Thursday 07 June 2007, Chris Santerre wrote:
I would imagine this is related to www.uribl.com and
surbl.org having
issues as well. Both are now
On Thursday 07 June 2007, John D. Hardin wrote:
On Thu, 7 Jun 2007, Daniel J McDonald wrote:
On Thu, 2007-06-07 at 17:03 -0400, Gene Heskett wrote:
Good luck Chris. If you know who it is, maybe we should send Vinnie
Luigi over to have a little talk with them?
Should we arm them with a
On Thursday 07 June 2007, Daniel J McDonald wrote:
On Thu, 2007-06-07 at 17:03 -0400, Gene Heskett wrote:
On Thursday 07 June 2007, Chris Santerre wrote:
I would imagine this is related to www.uribl.com and
surbl.org having
issues as well. Both are now pointing to 127.0.0.1 in what I
From: Gene Heskett [EMAIL PROTECTED]
On Thursday 07 June 2007, jdow wrote:
From: Daniel J McDonald [EMAIL PROTECTED]
On Thu, 2007-06-07 at 17:03 -0400, Gene Heskett wrote:
On Thursday 07 June 2007, Chris Santerre wrote:
I would imagine this is related to www.uribl.com and
surbl.org
Gene Heskett wrote:
On Thursday 07 June 2007, Randal, Phil wrote:
www.rulesemporium.com isn't happy either :-(
Cheers,
Phil
So the email from curl would indicate. They aren't pingable either.
Does anyone know what happened to them?
They're hosted on one of URIBL's systems. If you're
Sic the RIAA lawyers on them.
{^_^}
What? And give them a chance to show they may have some redeeming quality?
Not to those sharks, Joanne, ever.
I think that they'd encounter the spammers and a really bizarre good or
evil loop would form, causing a vortex that would slurp up
John Rudd wrote:
The diagnostic output for that message would have been useful.
OK ! Here it is, a long as Botnet is concerned:
[21114] dbg: Botnet: checking baddns
[21114] dbg: Botnet: get_relay good RDNS
[21114] dbg: Botnet: IP is '195.82.166.1'
[21114] dbg: Botnet: RDNS is
62 matches
Mail list logo