On Tue, 2008-02-26 at 08:49 +, Anthony Peacock wrote:
> Hi,
>
> I have just received a number of spam emails which got through the
> filtering system because they hit the HABEAS_ACCREDITED_COI rule, which
> give them -8. They all came to role based addresses that are never used
> to outgoi
Postfix allows you to use blacklists as follows:
reject_rbl_client blacklist.junkemailfilter.com
Does Postfix allow you to use white lists? If so - what's the syntax?
I'm about to publish my whitelist for Postfix.
On 26/02/2008 9:33 PM, Oscar H. wrote:
> This print command is done by AWL plugin regardless debug option is set or
> not:
> (lines are 456 to 459)
> if ($whitelist->add_known_good_address($args->{address})) {
> print "SpamAssassin auto-whitelist: adding address to whitelist: " .
>
Hello,
I´m using Perl interface of SA in a shared hosting environment. Do not
use the std SA filtering from hosting company, what we do is to create a
filter in cPanel an pipe to a Perl Script to do Spam check. The script work
as expected, but have a problem when using this 2 functions:
$
Daryl C. W. O'Shea wrote:
On 23/02/2008 9:46 AM, Mike wrote:
A clue perhaps is that for some reason the default config file
/etc/mail/spamassassin/local.cf is being read despite the use of -C. (I
know this since it has custom rules not present in the config I am using
to test the mysql userpr
Mike Fahey wrote:
This page specifically uses /etc/mail/spamassassin.
Yeah, I read that the first time. It is wrong. In fact, I'd say it's
stupid.
I'll go edit the wiki article when I get a chance, but I want to have
some time to really sit down and do an extensive rewrite there. There's
a
On Tuesday 26 February 2008 6:15 am, Tarak Ranjan wrote:
> Hi List,
> i have posted my RAW email in http://pastebin.ca/918849 ,
> i'm receiving 1000 to 4000 per day this king of mesages.
> SA also skipping this kind of mails
>
> /
> TArak
Here's how my box scored it:
Content analysis details:
This page specifically uses /etc/mail/spamassassin. I believe its
hardware related, as other machines work fine.
Does anyone else have any tweaks for global bayes ?
Matt Kettler wrote:
Mike Fahey wrote:
I'm using site wide Bayesian Filtering.
These files can become very large anywhere fro
The ones I have seen I haven't been able to find a pattern. They tend to
use letters in place of any character.
I'll look over this run and feed it some of the samples. Any else have
thoughts?
Paul Douglas Franklin wrote:
Here is what I'm trying:
body CAN_PHAR
/c[\W\d]{0,4}a[\W\d]{0,4}n[\W\
On 26/02/2008 11:07 AM, Stefan `Sec` Zehl wrote:
> Hi,
>
> On Tue, Feb 26, 2008 at 15:56 +, Justin Mason wrote:
>> The fix would be to implement support for IPv6 trust paths:
>>
>> http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4503
>> http://issues.apache.org/SpamAssassin/show_bug.cgi?
Which brings up the question, why are you having problems catching it?
Have you whitelisted youreself with whitelist_from. Most of these I see
score around 20 or more.
I've recently found it convenient to add a regex that is closer to
blacklisting myself, since I generally don't send mail to m
This looks like a new version of the old Leo pill spams. Catching those
obfuscated things gets difficult since the spammers get VERY creative using
HTML formatting to juggle the characters around in non-obvious ways.
About the best method of catching them currently is SURBL, since they almost
Ok, here is a patch which fixes this specific (IPv6) problem until
someone has time to make SA completely v6 aware:
--- Mail/SpamAssassin/Message/Metadata/Received.pm.orig 2008-02-26
17:28:28.0 +0100
+++ Mail/SpamAssassin/Message/Metadata/Received.pm 2008-02-26
17:28:52.0 +0100
Rocco Scappatura wrote:
% telnet yourserver 25
...
EHLO somehostname
...
MAIL FROM:
...
RCPT TO:
DATA
copy-patse the message with full headers except the Delivered-To that
contains your recipient address
end with a line containing a dot ('.') like this:
.
QUIT
Infact I get:
Feb 26 23:07:5
On Tue, 2008-02-26 at 23:14 +0100, Rocco Scappatura wrote:
> And spammer are becoming more faster as the time goes on.. Is it
> convenient to use gray listing or there is something other effective
> tecnique that I could use to reduce false negative?
Grey-listing helps, but seldom because the UR
Hi,
Yes, I have whitelist myself. I see it as that score without the whitelist.
Regards,
Frank
On 26/02/2008 3:21 PM, fchan wrote:
Hi,
Thank you Loren Wilton. I think this is best solution for me.
These are not from Kohl's or any other legitimate company. The subject
changes from month to
> % telnet yourserver 25
> ...
> EHLO somehostname
> ...
> MAIL FROM:
> ...
> RCPT TO:
> DATA
> copy-patse the message with full headers except the Delivered-To that
> contains your recipient address
> end with a line containing a dot ('.') like this:
> .
> QUIT
Infact I get:
Feb 26 23:07:50 av4
On Tue, 2008-02-26 at 13:15 -0800, Paul Douglas Franklin wrote:
> Here is what I'm trying:
>
> body CAN_PHAR
> /c[\W\d]{0,4}a[\W\d]{0,4}n[\W\d]{0,4}a[\W\d]{0,4}d[\W\d]{0,4}a[\W\d]{0,4}n[\W\d]{0,4}p[\W\d]{0,4}h[\W\d]{0,4}a[\W\d]{0,4}r[\W\d]{0,4}m[\W\d]{0,4}a[\W\d]{0,4}c[\W\d]{0,4}y/i
Seems to me
Rocco Scappatura wrote:
Rocco Scappatura wrote:
[snip]
Sorry It was not the case to send the entire email.. Here the
X-Spam-Status after running the message against 'spamassassin -D':
X-Spam-Status: Yes, score=11.2 required=5.0
tests=AWL,BAYES_50,HTML_MESSAGE,
RATWARE_MS_H
Here is what I'm trying:
body CAN_PHAR
/c[\W\d]{0,4}a[\W\d]{0,4}n[\W\d]{0,4}a[\W\d]{0,4}d[\W\d]{0,4}a[\W\d]{0,4}n[\W\d]{0,4}p[\W\d]{0,4}h[\W\d]{0,4}a[\W\d]{0,4}r[\W\d]{0,4}m[\W\d]{0,4}a[\W\d]{0,4}c[\W\d]{0,4}y/i
I believe I have stripped out all non-letters and then search for the
tip-off phrase
> Quoting Rocco Scappatura <[EMAIL PROTECTED]>:
>
>> Maybe, now is the case to set up a copy of zone locally on my server.. I
>> ve about 1300K messages rejected per day!!
>
> Yes, you should not query 1.3 million messages per day on the public
> nameservers. That would be considered abusive.
> Rocco Scappatura wrote:
>>> [snip]
>>
>> Sorry It was not the case to send the entire email.. Here the
>> X-Spam-Status after running the message against 'spamassassin -D':
>>
>> X-Spam-Status: Yes, score=11.2 required=5.0
>> tests=AWL,BAYES_50,HTML_MESSAGE,
>>
>> RATWARE_MS_HASH,RATWARE_OUTL
Maybe this is it:
(February 25, 2008)
Spammers have figured out a way to defeat the Gmail Captcha
challenge-response mechanism, which is used to ensure that requests to
create new accounts are coming from real people and not from automated
programs. Spammers successfully broke the Hotmail Captch
On 26/02/2008 3:21 PM, fchan wrote:
> Hi,
> Thank you Loren Wilton. I think this is best solution for me.
> These are not from Kohl's or any other legitimate company. The subject
> changes from month to month and the percentages change but the format
> remains the same for the subject line. The bo
Hi,
Thank you Loren Wilton. I think this is best solution for me.
These are not from Kohl's or any other legitimate company. The
subject changes from month to month and the percentages change but
the format remains the same for the subject line. The body uses
legitimate text taken from various
> -Original Message-
> From: Mike Fahey [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, 27 February 2008 6:16 a.m.
> To: users@spamassassin.apache.org
> Subject: any rules for this?
>
> Does anyone have any rules for these?
>
> C A 5N A D/1AN P 7 5H A RM A 9CY
>
> V / 7A G R \A - $1.45
Rocco Scappatura wrote:
[snip]
Sorry It was not the case to send the entire email.. Here the
X-Spam-Status after running the message against 'spamassassin -D':
X-Spam-Status: Yes, score=11.2 required=5.0
tests=AWL,BAYES_50,HTML_MESSAGE,
RATWARE_MS_HASH,RATWARE_OUTLOOK_NONAME,RDNS_NONE,URIBL
Igor Chudov wrote:
If I recall correctly...
This Habeas is some sort of a braindead business idea to insert an
unauthenticated header in bodies of "legitimate" emails coming from
their customers, to assure spam filters that the email is legitimate.
Not anymore. They've long since switched to
Anyone else just get bombed by listserve servers?
I got a user who got 20 emails in 5 mins from: questex.com 66.203.94.0/24
and
civicplus.com 69.149.139.127
almost feels like zombie worms or something is subscribing users to these
listserv servers -- which either do not require a confirm email
On Tue, 26 Feb 2008, aritza sobrinos wrote:
Im getting false positives like this:
X-Spam-Status: Yes, score=3.776 tag=x tag2=3.5 kill=3.5 tests=[BAYES_50=
0.001,
HTML_10_20=0.246, HTML_MESSAGE=0.001, HTML_SHORT_LENGTH=0.389,
SPF_HELO_SOFTFAIL=3.14, SPF_PASS=-0.001]
SPF_HELO_SOFTFAIL and SPF_PA
Hi,
Im getting false positives like this:
X-Spam-Status: Yes, score=3.776 tag=x tag2=3.5 kill=3.5 tests=[BAYES_50=
0.001,
HTML_10_20=0.246, HTML_MESSAGE=0.001, HTML_SHORT_LENGTH=0.389,
SPF_HELO_SOFTFAIL=3.14, SPF_PASS=-0.001]
SPF_HELO_SOFTFAIL and SPF_PASS in the same mail, is this ok ? is ha
Michael Hutchinson wrote:
I have tried different approaches, and let us not forget I have
filled
out 3 whitelist forms, and received no response from Yahoo. Their
service
is breaking RFC's by not delivering mail. They are ignorant towards
other
companies trying to
They are getting high score because are using dynamic ip ranges and they match
rbl lists.
Matus UHLAR - fantomas escribió:
On 26.02.08 14:51, Miguel Angel wrote:
i am using spamassassin 3.2.3 with qmail and simscan, the problem i
have it is that my authenticated smtp
users have any ma
For some reason spamd is not scoring email nearly as high as
spamassassin scores if you run the message through manually. I do not
understand this, and it is causing spam to get through that should have
been blocked. As you can see when running spamassassin manually it
scored it a 7.5, but spam
On Tue, Feb 26, 2008 at 11:18:32AM -0600, Igor Chudov wrote:
> This Habeas is some sort of a braindead business idea to insert an
> unauthenticated header in bodies of "legitimate" emails coming from
> their customers, to assure spam filters that the email is legitimate.
The original Habeas SWE w
On Tue, 26 Feb 2008, Igor Chudov wrote:
If I recall correctly...
This Habeas is some sort of a braindead business idea to insert an
unauthenticated header in bodies of "legitimate" emails coming from
their customers, to assure spam filters that the email is legitimate.
Kind of like SPF, but im
On 26.02.08 14:51, Miguel Angel wrote:
> i am using spamassassin 3.2.3 with qmail and simscan, the problem i
> have it is that my authenticated smtp
> users have any mails rejected because a high score,
do they get high score because of the authentication or are they catching
something li
I strongly recommend to block Habeas entirely.
They are a yet another garbage email company.
i
On Tue, Feb 26, 2008 at 03:10:54PM +, Anthony Peacock wrote:
> Hi,
>
> Following up to myself...
>
> Anthony Peacock wrote:
>> Hi Justin,
>>
>> Justin Mason wrote:
>>> Jason Haar writes:
Antho
If I recall correctly...
This Habeas is some sort of a braindead business idea to insert an
unauthenticated header in bodies of "legitimate" emails coming from
their customers, to assure spam filters that the email is legitimate.
Kind of like SPF, but implemented by third graders with multiple
l
Does anyone have any rules for these?
C A 5N A D/1AN P 7 5H A RM A 9CY
V / 7A G R \A - $1.45
C 4/ A L / S - $2.26
S0 O M A - $0.67
L E7 V / T R A - $3.63
F E _MALE V 6/ A G \R 4A
U 8 L T 7R A M - $1.36
165 Items on S /AL \E Today.
Grab yours while supplies last
Randy Ramsdell wrote:
Question 2. And some email have this tag
X-Spam-Status: No, hits=? required=?
Why?
This is and always has been documented behaviour in Qmail-Scanner.
Please read the FAQ
--
Cheers
Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 F
>
> System: Debian with Qmail + QmailScanner + SpamAssassins + ClamAV
> Installation: qmailrocks.org
>
> I've updated SA (original from qmailrocks.org 3.0.2) to 3.2.4
> my locale.cf is :
>
> rewrite_header Subject *SPAM*
> report_safe 0
> required_score 4
> required_hits 5
> use_bayes 1
>
> Que
Hi,
On Tue, Feb 26, 2008 at 16:26 +, Justin Mason wrote:
> Stefan `Sec` Zehl writes:
> > Ok, so you're telling me that not only is this bug known, but it went
> > unfixed fot over a year?
>
> Unfortunately, nobody who's bothered by it, has bothered fixing it
> and sending us a patch. I'll om
Stefan `Sec` Zehl writes:
> Hi,
>
> On Tue, Feb 26, 2008 at 15:56 +, Justin Mason wrote:
> > The fix would be to implement support for IPv6 trust paths:
> >
> > http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4503
> > http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4964
>
> Ok,
Quoting Rocco Scappatura <[EMAIL PROTECTED]>:
Maybe, now is the case to set up a copy of zone locally on my server.. I
ve about 1300K messages rejected per day!!
Yes, you should not query 1.3 million messages per day on the public
nameservers. That would be considered abusive.
Jeff C.
Hi,
On Tue, Feb 26, 2008 at 15:56 +, Justin Mason wrote:
> The fix would be to implement support for IPv6 trust paths:
>
> http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4503
> http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4964
Ok, so you're telling me that not only is this bu
Stefan `Sec` Zehl writes:
> Hi,
>
> Ok, I debugged this a bit more.
>
> Problem is, these headers were marked as ALL_TRUSTED:
>
> > > | Received: from mout4.freenet.de (mout4.freenet.de
> > > [IPv6:2001:748:100:40::2:6])
> > > | (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits
Hi,
Ok, I debugged this a bit more.
Problem is, these headers were marked as ALL_TRUSTED:
> > | Received: from mout4.freenet.de (mout4.freenet.de
> > [IPv6:2001:748:100:40::2:6])
> > | (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
> > | (No client certificate reque
> All of sudden, my ability to report email to spamcop has
> been impacted. I'm not doing anything differently.
>
> I read my mail using alpine and I pipe my spam through
> the following script:
>
> exec tee >(mail [EMAIL PROTECTED]) |
> sa-learn --spam
>
> As of this morning I get the reports
Hi,
On Tue, Feb 26, 2008 at 14:56 +0100, Stefan `Sec` Zehl wrote:
>
[... on producing ALL_TRUSTED with these header ...]
>
> | Received: from mout4.freenet.de (mout4.freenet.de
> [IPv6:2001:748:100:40::2:6])
> | (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
> | (No
Hi,
Following up to myself...
Anthony Peacock wrote:
Hi Justin,
Justin Mason wrote:
Jason Haar writes:
Anthony Peacock wrote:
I have had a look around the http://www.habeas.com/ website and
can't really see how to check the company in question, or make a
complaint. There is a form for aski
Hi Randy,
> I can only guess that you still have two versions of spamassasin
> installed. I would search the disk for multiple copies of
> spamd/spamc/spamassassin and remove the older version. Also remember
> that spamassassin probably runs as non-root or at least, it should.
I've searched t
Jason Haar wrote:
> Anthony Peacock wrote:
>>
>> I have had a look around the http://www.habeas.com/ website and can't
>> really see how to check the company in question, or make a complaint.
>> There is a form for asking them to ask the company to remove these
>> addresses from their mailing list
All of sudden, my ability to report email to spamcop has been impacted.
I'm not doing anything differently.
I read my mail using alpine and I pipe my spam through the following
script:
exec tee >(mail [EMAIL PROTECTED]) | sa-learn --spam
As of this morning I get the reports sent back to me s
I use these rules. Score as you see fit. Mind the linebreaks...
body HC_GIRL/\bnice girl that would like to chat.{1,16}Email
me at \
.{1,32}\.info.{1,120}\bpic(ture)?s\b/
describe HC_GIRLGirl with pics scam
scoreHC_GIRL5
body HC_GIRL2 /I am (?:using|wri
Miguel Angel wrote:
The latest versions of simscan will not run spamc on email where
RELAYCLIENT is set. This can happen via smtp auth or via tcp.smtp.
You might want to take this over to the simscan mailing list and post
your ./configure options so we can help you figure out why it is
sca
Massimiliano Marini wrote:
System: Debian with Qmail + QmailScanner + SpamAssassins + ClamAV
Installation: qmailrocks.org
I've updated SA (original from qmailrocks.org 3.0.2) to 3.2.4
my locale.cf is :
rewrite_header Subject *SPAM*
report_safe 0
required_score 4
required_hits 5
use_bayes 1
Q
Any hint about it?
It might depend on the older version of qmail-scanner (1.25-st-qms)?
--
Massimiliano Marini - http://www.linuxtime.it/massimilianomarini/
"It's easier to invent the future than to predict it." -- Alan Kay
Rick Macdougall escribió:
Miguel Angel wrote:
Hello,
i am using spamassassin 3.2.3 with qmail and simscan, the problem
i have it is that my authenticated smtp
users have any mails rejected because a high score, i know i can use
other ip not listed in mx of the domains
to create a server wi
> > Since some days the number of SMTP connections rejected by
> my server
> > is increased (maybe doubled). It doesn't worry me. But
> there is a side
> > effect because even the number of false negative is increased.
> >
> > For example, at the moment a spam message with this header is
> >
Miguel Angel wrote:
Hello,
i am using spamassassin 3.2.3 with qmail and simscan, the problem i
have it is that my authenticated smtp
users have any mails rejected because a high score, i know i can use
other ip not listed in mx of the domains
to create a server with required authentication
Hi,
On Tue, Feb 26, 2008 at 08:38 -0500, Matt Kettler wrote:
> Stefan `Sec` Zehl wrote:
> >The AWL is acting seriously wrong. I get some spam with my own address
> >in the "From:" header, and the AWL assigns ridiculous scores to it.
> Any chance you have a broken trust path? (ie: does ALL_TRUSTED
Matt wrote:
Is anyone else having issues sending mail to Yahoo?
Yes. I have heard using Domainkeys or DKIM helps greatly? Is that
true? We have not implemented it yet but do use SPF records which are
much easier to implement with Exim or any MTA and do mostly the same
thing if you ask m
Hello,
i am using spamassassin 3.2.3 with qmail and simscan, the problem i have it
is that my authenticated smtp
users have any mails rejected because a high score, i know i can use other ip
not listed in mx of the domains
to create a server with required authentication where i should not sc
Rocco Scappatura wrote:
Hello,
Since some days the number of SMTP connections rejected by my server is
increased (maybe doubled). It doesn't worry me. But there is a side
effect because even the number of false negative is increased.
For example, at the moment a spam message with this header i
Stefan `Sec` Zehl wrote:
Hi,
I'm having trouble with the AWL of Spamassassin.
The AWL is acting seriously wrong. I get some spam with my own address
in the "From:" header, and the AWL assigns ridiculous scores to it.
Any chance you have a broken trust path? (ie: does ALL_TRUSTED ever fire
o
Michael Scheidell escreveu:
hotmail changes their servers like boy george changes eye liner.
unless you keep up with them, you will get FP's
If you can't upgrade, set score to 0.
I'm running spamassassin 3.1.7 and use sa-update, but upgrade is not
possible for now ...
So, I will score FORG
Hi List,
i have posted my RAW email in http://pastebin.ca/918849 ,
i'm receiving 1000 to 4000 per day this king of mesages.
SA also skipping this kind of mails
"Nice girl" spam. Look in the archives over the last week, those were
discussed a lot and several rules posted for them.
I got one of something like that tonight. Clearly foreign language, and got
tagged for around 20 points by my system. Looks like a Russian spam run or
the like starting.
Loren
Hi,
I score it as follows :-
Content analysis details: (23.1 points, 5.0 required)
pts rule name description
-- --
3.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100%
Tarak Ranjan wrote:
> > Hi List,
> > i have posted my RAW email in http://pastebin.ca/918849 ,
> > i'm receiving 1000 to 4000 per day this king of mesages.
> > SA also skipping this kind of mails
> >
> > /
> > TArak
> >
> >
I get 8.2 without Bayes...
1.5 IXHASH2BODY: mail has
Rejaine Monteiro wrote:
But, I not agree with the " 2.3 FORGED_HOTMAIL_RCVD" score, because
the message come from Hotmail...
to to bugzilla for spamassassin. fill out a report for
forged_hotmail_rcvd (posting to SA list won't help any)
If you are NOT running SA 3.2.4, upgrade. if you ar
Hi,
I'm having trouble with the AWL of Spamassassin.
The AWL is acting seriously wrong. I get some spam with my own address
in the "From:" header, and the AWL assigns ridiculous scores to it.
I have quite a few cronjobs running which send mail with the same
"From"-address on my local machine but
Michael Scheidell escreveu:
'However, interestingly enough, you have FORGED_HOTMAIL_RCVD. Did someone
send an email from non hotmail source using a hotmail email address?
No, the message was send from hotmail site (www.hotmail.com)
And, interestingly enough, SCREAMED AT YOU IN THE SUBJ
> From: Chris <[EMAIL PROTECTED]>
> Date: Mon, 25 Feb 2008 21:31:57 -0600
> To:
> Subject: Re: google running an open relay?
>
> I received the below from Google ref one of my spam reports, some content has
> been snipped:
>
> Thank you for your note. This is an automated reply. If you're report
On Tue, 2008-02-26 at 10:28 -0200, Luis Hernán Otegui wrote:
> Hi, tarak
>
> 2008/2/26, Tarak Ranjan <[EMAIL PROTECTED]>:
> > Hi List,
> > i have posted my RAW email in http://pastebin.ca/918849 ,
> > i'm receiving 1000 to 4000 per day this king of mesages.
> > SA also skipping this kind of ma
> From: Anthony Peacock <[EMAIL PROTECTED]>
> Date: Tue, 26 Feb 2008 08:49:11 +
> To: SpamAssassin Users
> Subject: HABEAS_ACCREDITED_COI
>
> Hi,
>
> I have just received a number of spam emails which got through the
> filtering system because they hit the HABEAS_ACCREDITED_COI rule, which
>
Hi, tarak
2008/2/26, Tarak Ranjan <[EMAIL PROTECTED]>:
> Hi List,
> i have posted my RAW email in http://pastebin.ca/918849 ,
> i'm receiving 1000 to 4000 per day this king of mesages.
> SA also skipping this kind of mails
>
> /
Well, I get a beautiful BAYES_99 on the mail you've shown. Y
Sorry,
The original subject was "TESTE_CAXIAS" (in portuguese language and all
capitals)
Rejaine Monteiro escreveu:
Here is...
===
Received: from bay0-omc2-s37.bay0.hotmail.com (65.54.246.173)
by myserver.mydomain with SMTP; 24 Feb 2008 20:34:41 -0300
Receiv
Here is...
===
Received: from bay0-omc2-s37.bay0.hotmail.com (65.54.246.173)
by myserver.mydomain with SMTP; 24 Feb 2008 20:34:41 -0300
Received-SPF: pass (myserver.mydomain: SPF record at spf-a.hotmail.com
designates 65.54.246.173 as permitted sender)
Received: from BAY136
'hotmail' isn't listed in DCC.
DCC only scored on fuzy checksums on the body and portions of the headers.
Also, DCC is NOT a 100% 'spam score'. DCC is a 'bulk email' score.
Even well run technical mailing list emails are SUPPOSED to score high with
DCC. (its 'bulk'). Read The DCC documents on wh
Hi List,
i have posted my RAW email in http://pastebin.ca/918849 ,
i'm receiving 1000 to 4000 per day this king of mesages.
SA also skipping this kind of mails
/
TArak
Hi Justin,
Justin Mason wrote:
Jason Haar writes:
Anthony Peacock wrote:
I have had a look around the http://www.habeas.com/ website and can't
really see how to check the company in question, or make a complaint.
There is a form for asking them to ask the company to remove these
addresses fr
Hello,
i am using spamassassin 3.2.3 with qmail and simscan, the problem i have it is that my authenticated smtp
users have any mails rejected because a high score, i know i can use other ip not listed in mx of the domains
to create a server with required authentication where i should not sc
Hello,
Since some days the number of SMTP connections rejected by my server is
increased (maybe doubled). It doesn't worry me. But there is a side
effect because even the number of false negative is increased.
For example, at the moment a spam message with this header is considered
clean by Amav
System: Debian with Qmail + QmailScanner + SpamAssassins + ClamAV
Installation: qmailrocks.org
I've updated SA (original from qmailrocks.org 3.0.2) to 3.2.4
my locale.cf is :
rewrite_header Subject *SPAM*
report_safe 0
required_score 4
required_hits 5
use_bayes 1
Question 1. The email still tag
we would need to see the full headers.
Regards,
--
--[ UxBoD ]--
// PGP Key: "curl -s http://www.splatnix.net/uxbod.asc | gpg --import"
// Fingerprint: F57A 0CBD DD19 79E9 1FCC A612 CB36 D89D 2C5A 3A84
// Keyserver: www.keyserver.net Key-ID: 0x2C5A3A84
// Phone: +44 845 869 2749 SIP Phone: [EMAI
This is the rule check for a 'normal' (non-spam) e-mail become from Hotmail:
pts rule name description
--
--
1.0 SUBJ_ALL_CAPS Subject is all capitals
2.3 FORGED_HOTMAIL_RCVDForged hotmail.com 'Re
I run a cluster of servers (18 node) and over the last week the mail
spools skyrocketed to process around 80,000+ emails per node. (There are
hundreds of domains hosted.).
Spamassassin is set to DB for accounts to filter as well as storing
whitelistfrom functions.
Tonight I found an account
On 2/26/2008 10:57 AM, Justin Mason wrote:
Jason Haar writes:
Anthony Peacock wrote:
I have had a look around the http://www.habeas.com/ website and can't
really see how to check the company in question, or make a complaint.
There is a form for asking them to ask the company to remove these
a
Jason Haar writes:
> Anthony Peacock wrote:
> >
> > I have had a look around the http://www.habeas.com/ website and can't
> > really see how to check the company in question, or make a complaint.
> > There is a form for asking them to ask the company to remove these
> > addresses from their mai
Anthony Peacock wrote:
I have had a look around the http://www.habeas.com/ website and can't
really see how to check the company in question, or make a complaint.
There is a form for asking them to ask the company to remove these
addresses from their mailing list, but I don't want to have to
On Tue, February 26, 2008 09:49, Anthony Peacock wrote:
> Does anyone know anything about this. At this stage I am planning on
> changing the score for all HABEAS_ACCREDITED_??? rules to 0, to make
> them neutral to the score.
score 0 disables the test
Hi,
I have just received a number of spam emails which got through the
filtering system because they hit the HABEAS_ACCREDITED_COI rule, which
give them -8. They all came to role based addresses that are never used
to outgoing emails and would certainly never be subscribed to opt in
email li
94 matches
Mail list logo