Thanks guys,
Problem solved now, It was a program called "watchdog" in Plesk which was
the problem. Somehow it is not detecting the status of process and is
starting the process again and again.
Jai
On Jan 14, 2008 11:38 PM, Mike Jackson <[EMAIL PROTECTED]> wrote:
> > My server has 8GB of ram,
In my (limited) experience, nonspam IP-based URLs almost always have
paths after the IP address, whereas a *lot* of spam just points to the
IP address.
Does this match anyone else's experience?
I've never run a masscheck to see, it would be interesting. Trying to think
about what I've seen th
Matt Kettler wrote:
> Yes. In fact, IP based URLs occur more commonly in nonspam than spam.
Chip M. wrote:
> Matt, yes this is correct, however in this particular case "nonspam" is
> perhaps a bit broad. It's been my experience that these almost always
> occur in mass marketing ham, not person-
Valid email addresses have a well-known structure (i.e. [A-z.]*_NAME) so,
for example [EMAIL PROTECTED] is clearly a bogus address.
Off the top of my head you might be able to do something like (untested):
header__GOOD_NAMETo=~
/[A-Za-z]{1,30}_[A-Za-z\d\.]{2,40}\@(?i:domain\.com)/
On Wed, 16 Jan 2008 [EMAIL PROTECTED] wrote:
> So, all 3 categories include emails that SA has already seen and
> presumably included in its Bayesian filters,
Only if you have autolearn enabled. Can we assume that you do from
this question? You didn't explicitly say.
> and emails that it has ne
Am 2008-01-16 20:16:34, schrieb Matus UHLAR - fantomas:
> so why are you asking procmail question in SA list? :)
[X] I have not read the thread and jumped only in.
Thanks, Greetings and nice Day
Michelle Konzack
--
Linux-User #280138 with the Linux Counter, http://counter.li.org/
Hi SA experts,
We have procmail filters that see emails before SA. They can:
1. whitelist emails direct to our Inbox,
2. send emails to direct to the bit bucket (/dev/null)
3. send emails to the Junk folder for review, or
4. leave them for processing by SA.
So SA never sees the emails in categ
> Am 2008-01-16 14:47:33, schrieb Matus UHLAR - fantomas:
> > why do you (not) use SpamAssassin at all?
On 16.01.08 20:08, Michelle Konzack wrote:
> Because it eat too much memory and procmail is arround 100 times faster?
so why are you asking procmail question in SA list? :)
Well, many MTA's ar
Bowie Bailey wrote:
Catch-all setups always have this problem. You could use SA to figure
out which addresses are likely to be valid, but this means that you have
to accept the message and then call SA for EVERY one of these emails.
I'm aware of that... but the benefits outweigh the problems
Am 2008-01-16 14:47:33, schrieb Matus UHLAR - fantomas:
> why do you (not) use SpamAssassin at all?
Because it eat too much memory and procmail is arround 100 times faster?
And since I have to call fetchmail too, spamassassin is integrated in
the procmailrc
Thanks, Greetings and nice Day
Mic
> The latest variant is "gooogle.com", which is a legit alias for Google,
> and appears to work with all the regular spammer trick parameters.
>
> I've also seen two more google TLD variants.
And another variation this morning with 4 slashes instead of 2 between the
domain and 'search'
Cheers,
>
Matt Kettler wrote:
Yes. In fact, IP based URLs occur more commonly in nonspam than spam.
STATISTICS-set0.txt:OVERALLSPAM% HAM% S/ORANK SCORE
NAME
STATISTICS-set0.txt: 0.395 0.3920 0.40010.495 0.420.10
NORMAL_HTTP_TO_IP
Note the S/O of 0.42 means that 42%
Steve wrote:
> I'm looking for suggestions as to the best way to do this.
>
> I've a catch-all mail strategy for a domain, and a number of users
> have accounts - say - [EMAIL PROTECTED]; [EMAIL PROTECTED] etc. When
> engaging with a new contact, or mailing list, a new email address is
> generate
I'm looking for suggestions as to the best way to do this.
I've a catch-all mail strategy for a domain, and a number of users have
accounts - say - [EMAIL PROTECTED]; [EMAIL PROTECTED] etc. When engaging
with a new contact, or mailing list, a new email address is generated.
For example:
[E
The latest variant is "gooogle.com", which is a legit alias for Google,
and appears to work with all the regular spammer trick parameters.
I've also seen two more google TLD variants.
- "Chip"
On Wed, 16 Jan 2008, Matt Kettler wrote:
>Yes. In fact, IP based URLs occur more commonly in nonspam than spam.
Matt, yes this is correct, however in this particular case "nonspam" is
perhaps a bit broad. It's been my experience that these almost always
occur in mass marketing ham, not person-t
> Am 2008-01-10 08:34:37, schrieb Marc Perkel:
> > Just a thought. I'm wondering if there are any clues the th received
> > lines that indicate the MTA that might be used for spam detection, or
> > rather ham detection. Do spammers ever use Exim, Qmail, Postfix?
On 12.01.08 13:28, Michelle Konza
Am 2008-01-10 08:34:37, schrieb Marc Perkel:
> Just a thought. I'm wondering if there are any clues the th received
> lines that indicate the MTA that might be used for spam detection, or
> rather ham detection. Do spammers ever use Exim, Qmail, Postfix?
- END OF REPLIED M
Jason Haar wrote:
Hi there
I just got a one-line piece of spam with a ipaddress-based URL.
Probably pointing at some "auto infect your Windows PC" app.
Anyway, it got a score of 0.1 out of 5 when it came in. 4 hours later
it had showed up in several RBLs and the score was pushed up to 4.9.
19 matches
Mail list logo
