Hi,
I have done it through sa-update chanels[1], and done spamd reload
regards,
a.Johnson
On Fri, Mar 7, 2008 at 1:28 PM, Daryl C. W. O'Shea
<[EMAIL PROTECTED]> wrote:
> On 07/03/2008 2:39 AM, Johnson Jeba Asir wrote:
> > I am running Suse 10 with Postfix and spamassassin, I have updated
> >
Hi
I have a spamassissin server with 512 MB ram cpu speed 1796.635 MHz . i am
currently connecting a mailserver called "Smater mail " to connect to my
remote spamassissin server and it works fine. but suddenly ( after a few
days ) its connection breaks. When I check the log i find the
following
I am getting alot of spam from domains which are:
Name.de
Name.ch
And alot for diffrent tablets.
Is there any way this can be filter. I am new to this as my server was setup
for me and it is running Smartermail. We want ot get some of the spam down
before we place a large amount of customers on
I have started, over the last few months, getting a lot of plain text "scam"
messages ("Nigerian" type scams, lottery wins etc etc). Previously I had
almost none of these.
Unfortunately I'd need to send rather a lot of information about my configs,
and log files to help, but can anybody point
>
> > >
> > > Your inputs will be of great help
> > >
> > Might I suggest swatch? Why create your own script, when someone's
> > already created a powerful tool to do this.
> >
> > http://swatch.sourceforge.net/
> >
> > There's lots of good articles on using it out there:
> >
> > http://www.linuxse
Hi!
You said
"then i add a crontab to run for ever 10 min
crontab -e
10 * * * * /your/location/of/script "
Please note that your syntax said to execute once per hour at the 10th minute
of the hour
To execute at interval of 10 minutes, you may use the following line:
*/10 * * * * /your/locat
I just noticed that for some reason only some of my messages are
actually being run through Bayesian classifying. I am not sure how long
this has been occuring. I did a google search which did not turn up much
as to what could cause this.
One suggestion was there was not enough processing thr
On 3/7/08, Eddy Beliveau <[EMAIL PROTECTED]> wrote:
>
> Hi!
>
> You said
> "then i add a crontab to run for ever 10 min
>
> crontab -e
> 10 * * * * /your/location/of/script "
>
> Please note that your syntax said to execute once per hour at the 10th
> minute of the hour
>
> To execute at interva
When running the rulesdejour script, I'm getting the following:
-- SARE_RANDOM --
RULESET_NAME=SARE_RANDOM
INDEX=23
CF_URL=http://www.rulesemporium.com/rules/70_sare_random.cf
CF_FILE=70_sare_random.cf
CF_NAME=SARE Random Ruleset for SpamAssassin 2.5x and higher
PARSE_NEW_VER_SCRI
I see in my log the following what does it mean ??
Fri Mar 7 21:07:12 2008 [11800] info: prefork: child states: BBB
Fri Mar 7 21:07:12 2008 [11800] info: prefork: server reached
--max-children setting, consider raising it
--
Regards
Agnello Dsouza
www.linux-vashi.blogspot.com
www.bible-s
Robert S wrote:
I have started, over the last few months, getting a lot of plain text "scam"
messages ("Nigerian" type scams, lottery wins etc etc). Previously I had
almost none of these.
Unfortunately I'd need to send rather a lot of information about my configs,
and log files to help, but
On Fri, Mar 07, 2008 at 07:04:07PM +0530, Agnello George wrote:
> I see in my log the following what does it mean ??
>
> Fri Mar 7 21:07:12 2008 [11800] info: prefork: child states: BBB
> Fri Mar 7 21:07:12 2008 [11800] info: prefork: server reached --max-children
> setting, consider raisin
On Fri, 2008-03-07 at 22:41 +1100, Robert S wrote:
> I have started, over the last few months, getting a lot of plain text "scam"
> messages ("Nigerian" type scams, lottery wins etc etc). Previously I had
> almost none of these.
>
> Unfortunately I'd need to send rather a lot of information abo
Hey, Christian!
So, for my clients I've switched from RDJ to sa-update; sa-update
actually digitally signs all the files and is a little more elegant in
how it check whether the file has changed.
There's a tutorial here:
http://daryl.dostech.ca/sa-update/sare/sare-sa-update-howto.txt
Let me know
Dave Koontz writes:
> I just noticed that for some reason only some of my messages are
> actually being run through Bayesian classifying. I am not sure how long
> this has been occuring. I did a google search which did not turn up much
> as to what could cause this.
>
> One suggestion was th
Hi Agnello,
as Johann stated all SA-childs are "busy" ... so no more mail can be checked at
that point of time.
We encountered same problems on our systems (approx. 20.000 mails /day) and
looked into depth.
Normally the problems arose, when checks like FuzzyOCR took to long to
complete o
In article <[EMAIL PROTECTED]>, ram
<[EMAIL PROTECTED]> writes
>But ultimately this boils down to end user education.
>Recipients must realize that no one from Africa is going to transfer all
>the millions of dollars in an unknown account , or there is nothing
>called as a national lottery in the
Am 2008-02-28 15:30:43, schrieb Mike Jackson:
> Not "nearly impossible." I work daily with people who run servers
> exactly like that, yet spam of all sorts is spewing from their mail
> queues. Most of the ones I see are SMTP accounts with weak passwords.
> The spammers authenticate as the users
Mail from sender <[EMAIL PROTECTED]>, coming from intuit.com
servers 206.154.105.168, 169, 170, subject "TurboTax: Your New Account
Has Been Created", is hitting DATE_SPAMWARE_Y2K and INVALID_DATE.
This is about 4.3 just for the two DATE hits, although they don't
seem to hit anything else.
It's
Justin Mason wrote:
The only indication is SA's X-Spam-DataBase: Bayes not run. header.
SpamAssassin doesn't add a header like that... what are you using:
spamd, MailScanner, amavisd?
--j.
I use a product called MDaemon, which has a windows port of SA. Perhaps
my header mapping in l
i keep getting spam with low scores from what seems to be the same or
similar sources.
they all have a bunch of random words and a link to a throwaway domain
(currently blogspot)
also they always seem to be from an address at yahoo.co.uk
anyone else having trouble with these?
any possible sol
aha -- that's being added by SpamAssassin alright, then, due to
the add_header line.
Are you using 1 global Bayes db, or per-user dbs? if the latter, maybe
there just isn't enough training for bayes to be active? Try getting debug
logs from SpamAssassin -- they'll fill you in on the reason (alth
I have a file that contains a list of all the IP's that have
successfully POP3'ed there email within last 15 minutes. Its used for
POPB4SMTP. Naturally the IP's in the file are constantly changing.
/etc/virtual/pophosts
Is there anyway to setup Spamassassin to whitelist all IP's in that
file?
Did you ever notice this, especially in phishing spam?
From: "LAFCU"<[EMAIL PROTECTED]>
That is, no space between the " and the < signs.
header FROM_NOSPACEFrom =~ /\"
On 07.03.08 09:58, Matt wrote:
> I have a file that contains a list of all the IP's that have
> successfully POP3'ed there email within last 15 minutes. Its used for
> POPB4SMTP. Naturally the IP's in the file are constantly changing.
>
> /etc/virtual/pophosts
>
> Is there anyway to setup Spama
> Mail from sender <[EMAIL PROTECTED]>, coming from
> intuit.com servers 206.154.105.168, 169, 170, subject
> "TurboTax: Your New Account Has Been Created", is hitting
> DATE_SPAMWARE_Y2K and INVALID_DATE. This is about 4.3
> just for the two DATE hits, although they don't seem to
> hit anything el
Seeing a missing space there is not uncommon in spams, although it is (or
historically hasn't been) hugely common either. I had a rule for it once
when a particular spam tool was being rather vociferous in that way.
I have seen this in legit mail from things like webmail systems, but it is
fa
The format of date is of course written and described in the RFC's, and
have to formatted
to that specific format in all systems, I think. Hardly no system outputs
the correct format by
some syscall.
Kinda like Ebay that sends official notices with "-0800GMT" as the timezone
on the date. I s
[EMAIL PROTECTED] wrote:
Do you know if there is a list of RBL's and where I can get it from.
I have a customer who is getting alot of spam and I need to cut it
down alot, he seems to be getting alot from drug companies and medical
extension companies.
Dave,
I recommend the following 5 "1st ti
I got the following rejection notice (full message available at
http://www.lib.aero/~ari/email.msg)
lib.aero is my personal domain, has an MX record, receives email, etc., and
clearly has a a TLD. I'm also puzzled by the assertion that "message was not
completely plain text."
Ari.
pts rule nam
On 05/03/2008 5:44 AM, Johann Spies wrote:
> On Thu, Feb 28, 2008 at 02:44:02PM +0200, Johann Spies wrote:
>> On a new mailserver with 8Gb ram and 2xdual-core CPU's we get regular
>> messages in the log:
>>
>> Feb 28 12:52:43 mail2 spamd[32558]: prefork: child states: BIBBB
>> Feb 28 12:52:44 mail2
Hi,
What this means there there are more incoming messages than spamd
daemon can handle.
You have you need to change the spamd --max-children to an higher
setting. You need also make sure you system can handle the extra
children processes so not to lock up your system due to an spam
attack. I
> > We are in the middle of a migration of users from a
> > system which we can't upgrade running 3.1.8, to a new system
> > (which can of course be upgraded) running 3.2.4 .
> >
> > I'm contemplating having the .procmailrc of users
> > on the old system call spamc with the hostname of th
On 07/03/2008 4:09 PM, Tuc at T-B-O-H.NET wrote:
>>> We are in the middle of a migration of users from a
>>> system which we can't upgrade running 3.1.8, to a new system
>>> (which can of course be upgraded) running 3.2.4 .
>>>
>>> I'm contemplating having the .procmailrc of users
>>> on t
>
> I have a file that contains a list of all the IP's that have
> successfully POP3'ed there email within last 15 minutes. Its used for
> POPB4SMTP. Naturally the IP's in the file are constantly changing.
>
> /etc/virtual/pophosts
>
> Is there anyway to setup Spamassassin to whitelist all IP
>
> Have you added the "sought " rules from
> http://taint.org/2007/08/15/004348a.html
>
> With these rules and my custom rules I catch 99% of these
> But I keep getting some 2-5 daily complaints yet from customers
>
I think you're right about the source of these scams. I've installed this
acc
Agnello George wrote:
> #!/bin/sh -x
>
> if [ $(tac /var/log |grep -e "error: syswrite()" | wc -l ) = 0 ] ; then
This can be improved. Let's walk through it.
On my system /var/log is a directory of log files and not an actual
log file. The typical log file is /var/log/syslog one many systems
Bob Proulx wrote:
> if grep -q "error: syswrite()" /var/log/spamd.log; then
> echo "your mailserver is down" | mail -s " pls check server ip
> 216.185.xxx.xxx " [EMAIL PROTECTED]
> exit 1
> fi
> exit 0
Oh, and after I sent that previous message I realized I should have
asked another
Hi !
Call me -- whatever :-) I took a look at SpamAssassin a while back, and (at
least at the time), it seemed to scan the mailbox file after the message(s)
were received. The program (again, at the time) was written in Perl.
This whole process seemed somewhat inefficient, and also allowed the
39 matches
Mail list logo
