On Wed, 27 Jun 2007 16:42:39 -0400, "Daryl C. W. O'Shea"
<[EMAIL PROTECTED]> wrote:
>Nigel Frankcom wrote:
>> On Wed, 27 Jun 2007 08:48:02 -0400, David Boltz <[EMAIL PROTECTED]>
>> wrote:
>>
>>> I?ve been getting the lint failures found below on my Rules Du Jour
>>> updates for a few weeks now.
>>
>Daryl is right, there is no fix due in 3.2.2 - I got the RDJ and the
>sa-update errors confused. I guess maybe I should dye my hair blonde.
>
>Apologies for any confusion I've caused.
>
Geez - blonde it is - it's sa-compile not sa-update!
I wonder if McDonalds have any jobs going :-/
Kind r
I am getting some errors when i do
spamassassin --lint
Things like:
22120] warn: Unrecognized escape \V passed through in regex; marked by <--
HERE in m/(?i)\V <-- HERE iagra\b/ at
/usr/lib/perl5/vendor_perl/5.8.5/Mail/SpamAssassin/Conf/Parser.pm line 969.
[
Is it due to this rule in my local.
dougp23 wrote:
> I am getting some errors when i do
>
> spamassassin --lint
>
> Things like:
>
> 22120] warn: Unrecognized escape \V passed through in regex; marked by <--
> HERE in m/(?i)\V <-- HERE iagra\b/ at
> /usr/lib/perl5/vendor_perl/5.8.5/Mail/SpamAssassin/Conf/Parser.pm line 969.
> [
>
> I
Jason Heiser wrote:
We get order acknowledgment e-mails from a specific e-mail address for
orders placed on our website. A couple of days ago, these messages
stopped arriving. Somebody noticed this, I went looking for them, I
found them in our spam folder. For some reason, this address in the
> Also, I get this one:
>
> [22120] warn: config: failed to parse line, skipping: blacklist from
> [EMAIL PROTECTED]
>
You're missing an underscore.. It's "blacklist_from" not "blacklist from"
D'OH
--
View this message in context:
http://www.nabble.com/Errors-in-local.cf-tf3994100.html
Adam,
> This seems to be something to do with the huge AWL files we had - I've
> scheduled a weekly run of the trim_whitelist script (I had problems
> getting check_whitelist to process the broken file) and I've not seen
> the problem since. As a bonus, the AWL files are now tens of megabytes,
Jonathan Allen wrote:
Adam,
This seems to be something to do with the huge AWL files we had - I've
scheduled a weekly run of the trim_whitelist script (I had problems
getting check_whitelist to process the broken file) and I've not seen
the problem since. As a bonus, the AWL files are now t
For future references by others, documentation purposes at the list and to
avoid this question from being posted again, all you do to enable Botnet on
your server is download the Botnet.tar, decompress it, copy Botnet.pm and
Botnet.cf to /etc/mail/spamassassin and bounce qmail.
Thanks Matt.
--
Hello.
I have been getting the below error messages in my paniclog. What could be
the cause. Am using Exim 4.63 on debian server with Spamassissin 3.2.0 and
Clamav 0.90.3:
2007-06-27 08:08:30 1I3QfW-0002IM-O6 spam acl condition: error reading from
spamd socket: Connection timed out
2007-0
To be more accurate, that is the LEAST you have to do.
You should also read through the documentation and the Botnet.cf file to
be sure that it is properly set up for your environment. The default
will _probably_ work just fine for you, but it may not. It's best to
read through and be sure.
This problem is probably due to the way Rules Emporium is handling
traffic. If requests come too fast from the same address, or if their
server is busy, they send an HTML redirect page instructing the client
to try again in 0.1 second. Curl and wget don't understand "" and simply store the refres
Raymond Myren wrote:
> Just today I started receiving spam mails with attached .pdf files with
> a spam image.
> Any ideas how to stop this spam type?
Nothing, yet. But since these appear to be an image file encapsulated in
a .pdf, it may be possible to get FuzzyOCR to parse them for spam text.
Souza,
Looks Spamassassin can't talk to the spamd daemon. You sure it's running?
ps auxw | grep spamd
Best,
Ryan
Souza Simbota wrote:
Hello.
I have been getting the below error messages in my paniclog. What
could be the cause. Am using Exim 4.63 on debian server with
Spamassissin 3.2.
John Thompson wrote:
Raymond Myren wrote:
Just today I started receiving spam mails with attached .pdf files with
a spam image.
Any ideas how to stop this spam type?
Nothing, yet. But since these appear to be an image file encapsulated in
a .pdf, it may be possible to get FuzzyOCR to
> Actually, it didn't. The assertion is that if someone else hadn't seen
> this exact message first, then SA wouldn't have caught it.
No, the assertion is that if someone else hadn't seen prior abuse from
the sending host first (not this exact message), then SA wouldn't have
caught that particul
arni wrote:
> [EMAIL PROTECTED] schrieb:
>> Actually it did, take away the spamtrap fed blackholes (PBL and SPAMCOP)
>> and the spamtrap fed BAYES as well and it scores a whopping 3.1 thanks
>> to the BOTNET plugin (which is amazing btw). That hit was all from
>> late-receiver effect.
>>
> That sou
I currently have a test environment setup, pulling the emails from our server
using fetchmail.
About every 500 emails an email will error and bounce to sender with
can't create user output file. Command output: procmail: Error while
writing to "/var/mail/testuser"
/var/mail
Everything els
Eray Aslan wrote:
> On 28.06.2007 08:14, Lindsay Haisley wrote:
>> On Wed, 2007-06-27 at 22:24 -0500, Lindsay Haisley wrote:
>>> I just upgraded from SA 3.1.8-gr1 to SA 3.2.1-gr1 (Gentoo) and notice
>>> that I'm no longer getting any BAYES_NN test notices in my X-Spam-Status
>>> summary in my mail
Attached is a proposed patch for /var/lib/spamassassin/rules_du_jour
which addresses the problem of the refresh URL which Rules Emporium
sometimes sends out instead of a valid cf file. Basically, this patch
greps the downloaded file for the string "META HTTP-EQUIV", which should
never occur in a v
So what's the best fix for this? Should one just freeze SA at an
earlier version on a production server until this is fixed upstream? Is
upstream aware of the problem and working on a fix for it?
On Thu, 2007-06-28 at 13:51 -0500, John Thompson wrote:
> Eray Aslan wrote:
> > On 28.06.2007 08:14,
> So what's the best fix for this? Should one just freeze SA at an
> earlier version on a production server until this is fixed upstream?
> Is upstream aware of the problem and working on a fix for it?
Find out where the problem lies. When the component that needs fixing
is known, then something
On Thu, Jun 28, 2007 at 02:22:32PM -0500, Lindsay Haisley wrote:
> Attached is a proposed patch for /var/lib/spamassassin/rules_du_jour
> which addresses the problem of the refresh URL which Rules Emporium
> sometimes sends out instead of a valid cf file.
Why not just use sa-update and not deal wi
On Thu, Jun 28, 2007 at 02:27:36PM -0500, Lindsay Haisley wrote:
> So what's the best fix for this? Should one just freeze SA at an
> earlier version on a production server until this is fixed upstream? Is
> upstream aware of the problem and working on a fix for it?
You need to debug your instal
[EMAIL PROTECTED] wrote:
Actually, it didn't. The assertion is that if someone else hadn't seen
this exact message first, then SA wouldn't have caught it.
No, the assertion is that if someone else hadn't seen prior abuse from
the sending host first (not this exact message), then SA wouldn't ha
[EMAIL PROTECTED] schrieb:
Sounds more like "if we didn't rely on other people to have seen this
particular abusive host before us and our learning system to have seen
past examples of spam that looks a whole lot like this one from headers
alone to detect this particular spam, we'd fail to catch
On Thu, 2007-06-28 at 15:39 -0400, Theo Van Dinter wrote:
> Why not just use sa-update and not deal with this?
sa-update and rules_du_jour deal with different rules repositories. I
use both.
--
Lindsay Haisley | "In an open world,| PGP public key
FMP Computer Services |who nee
Lindsay Haisley wrote:
> On Thu, 2007-06-28 at 15:39 -0400, Theo Van Dinter wrote:
>> Why not just use sa-update and not deal with this?
>
> sa-update and rules_du_jour deal with different rules repositories. I
> use both.
sa-update can use both, if I'm not mistaken. I distantly remember config
On Thursday 28 June 2007 15:22, Lindsay Haisley wrote:
> Attached is a proposed patch for /var/lib/spamassassin/rules_du_jour
> which addresses the problem of the refresh URL which Rules Emporium
> sometimes sends out instead of a valid cf file. Basically, this patch
> greps the downloaded file fo
On Thu, 2007-06-28 at 21:33 +0200, Mark Martinec wrote:
> > So what's the best fix for this? Should one just freeze SA at an
> > earlier version on a production server until this is fixed upstream?
> > Is upstream aware of the problem and working on a fix for it?
>
> Find out where the problem li
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dallas Engelken schrieb:
> John Thompson wrote:
>> Raymond Myren wrote:
>>
>>
>>> Just today I started receiving spam mails with attached .pdf files with
>>> a spam image.
>>> Any ideas how to stop this spam type?
>>>
>>
>> Nothing, yet. But sin
On Thu, 2007-06-28 at 23:18 +0300, Jari Fredriksson wrote:
> > sa-update and rules_du_jour deal with different rules repositories.
> I
> > use both.
>
> sa-update can use both, if I'm not mistaken. I distantly remember
> configuring it to do so.
http://saupdates.openprotect.com/ has instructions
On Thu, 2007-06-28 at 15:43 -0400, Theo Van Dinter wrote:
> On Thu, Jun 28, 2007 at 02:27:36PM -0500, Lindsay Haisley wrote:
> > So what's the best fix for this? Should one just freeze SA at an
> > earlier version on a production server until this is fixed upstream? Is
> > upstream aware of the p
On Thu, 2007-06-28 at 15:46 -0400, Phil Barnett wrote:
> I'm going to try this, but with a 5 minute wait. I run it in the middle of
> the
> night anyway, who cares how long it takes.
>
> Actually, the proper response might be a random wait.
The HTML that gets sent by SARE is:
If this were
John Rudd wrote:
The "policy" here is NOT the recipient's policy, the sendering network
owner's policy.
That was a rather mangled sentence...
The "policy" that is the P in PBL is not the recipient's spam/abuse/etc.
policy, it's the sending network owner's policy about who should or
should
Lindsay Haisley wrote:
> On Thu, 2007-06-28 at 15:43 -0400, Theo Van Dinter wrote:
>> On Thu, Jun 28, 2007 at 02:27:36PM -0500, Lindsay Haisley wrote:
>>> So what's the best fix for this? Should one just freeze SA at an
>>> earlier version on a production server until this is fixed upstream? Is
>
I have a question regarding this.
I have set up the sa_update channel for the SARE rules and run it.
Everything worked OK BUT, I notice that sa_update is installing the rules
in /var/lib/spamassassin/3.001007, while rulesdujour was instaling them in
"/etc/mail/spamassassin".
Do I need to remove
On Thu, Jun 28, 2007 at 04:33:43PM -0500, Larry Starr wrote:
> Do I need to remove the rules, in /etc/mail/spamassassin, to prevent the
> older
> rules from overriding any updates that may come in?
Yes.
--
Randomly Selected Tagline:
"I lost my foo." - Theo
pgpgySBNRd9Tg.pgp
Des
On Thursday 28 June 2007 16:39, Theo Van Dinter wrote:
> On Thu, Jun 28, 2007 at 04:33:43PM -0500, Larry Starr wrote:
> > Do I need to remove the rules, in /etc/mail/spamassassin, to prevent the
> > older rules from overriding any updates that may come in?
>
> Yes.
I suspected as much.
Thank you,
On Thu, 2007-06-28 at 16:32 -0500, Michael Parker wrote:
> I can't recall a bug open for anything like this. Please visit
> http://issues.apache.org/SpamAssassin/ and file a complete bug report.
> Please describe the exact problem you are seeing as well as full debug
> output. A random thread on
On Thursday 28 June 2007 17:02, Lindsay Haisley wrote:
> I don't know what would be gained by a random wait.
The idea of a random wait for contention resolution is long standing. It's
built into the TCP/IP protocol for example.
For example, say my cron job runs at 3 am. Lot's of them probably
Robert Schetterer wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dallas Engelken schrieb:
John Thompson wrote:
Raymond Myren wrote:
Just today I started receiving spam mails with attached .pdf files with
a spam image.
Any ideas how to stop this spam type?
This must be an issue that needs to be raised with Prolexic, as they are
doing the DDoS protection for rulesemporium.com.
Can anyone reproduce this redirect outside of RDJ, and give me a dump of
the full transaction including http headers?
I'd rather fix the actual problem and not patch aroun
Apparently SA 3.2.1 is more finicky than 3.1.8 about the user the daemon
runs as. If no -u option is given to spamd when it starts, then its
child processes run as root, which works, but the bayes module won't
cooperate. If a spamd child is running as root, the bayes filter uses
the user spec'd t
OliverScott wrote:
Assuming that you have managed to get SA to add headers to messages which is
thinks are spam, and are looking to add a header to ALL messages so you can
see what rules are firing on your HAM, then you can do the following. This
may not be what you are after, but may be of some
cannot write to /var/www/.spamassassin/user_prefs: No such file or directory
failed to create default user preference file /var/www/.spamassassin/user_prefs
I never ever ever ever want to try to create a user_prefs file.
How do I make sure I never do this?
On Thu, 2007-06-28 at 17:31 -0500, Dallas Engelken wrote:
> This must be an issue that needs to be raised with Prolexic, as they are
> doing the DDoS protection for rulesemporium.com.
>
> Can anyone reproduce this redirect outside of RDJ, and give me a dump of
> the full transaction including ht
On Thu, 2007-06-28 at 18:56 -0500, Lindsay Haisley wrote:
> By running a curl hit repeatedly on the RE server I reproduced the
> problem.
By running this test a couple of times I'm apparently now blocked by
RE :-P
Oh well .
Hope the info I sent was useful.
--
Lindsay Haisley | "In an
We are currently running - SpamAssassin for Win32 v3.1.7.0
downloaded sa-update sa-update v3.1.7.0
After running D:\SpamAssassin>sa-update.exe --nogpg
I get the following error -
http: request failed: 500 Can't connect to spamassassin.apache.org:80
(connect:
Unknown err
ahattarki wrote:
[4724] dbg: http: GET request,
http://spamassassin.apache.org/updates/MIRRORED.BY
[4724] dbg: http: request failed, retrying: 500 Can't connect to
spamassassin.apache.org:80 (connect: Unknown error): 500 Can't connect to
spamassassin.apache.org:80 (connect: Unknown error)
Any
On Thu, Jun 28, 2007 at 05:18:50PM -0700, ahattarki wrote:
> [4724] dbg: http: GET request,
> http://spamassassin.apache.org/updates/MIRRORED.BY
> [4724] dbg: http: request failed, retrying: 500 Can't connect to
> spamassassin.apache.org:80 (connect: Unknown error): 500 Can't connect to
> spamassas
On Thu, 28 Jun 2007, Tom Allison wrote:
cannot write to /var/www/.spamassassin/user_prefs: No such file or directory
failed to create default user preference file
/var/www/.spamassassin/user_prefs
I never ever ever ever want to try to create a user_prefs file.
How do I make sure I never do t
Dear list,
I am using suse 9.3 and confused with postfix+spamassassin+amavisd-new
I have first installed amavisd-new and perl-spamassassin. Then I find
the /etc/mail/spamassassin/local.cf file
I manually added an email address as black listed and start
amavisd-new. then I check the email and fin
On Thursday 28 June 2007, JOYDEEP wrote:
> Dear list,
>
> I am using suse 9.3 and confused with postfix+spamassassin+amavisd-new
>
> I have first installed amavisd-new and perl-spamassassin. Then I find
> the /etc/mail/spamassassin/local.cf file
> I manually added an email address as black listed a
54 matches
Mail list logo