dougp23 schrieb:
I'm stumped!! Here's some headers from our most recent test:
look at your sendmail configuration or maybe some of your milter
settings ... thats not spamassassin ...
/jd
i think in your local.cf it s not Mail::SpamAssassin::BayesStore::*SQL *
but Mail::SpamAssassin::BayesStore::*MySQL*
tries this
Mitchell Hudson a écrit :
Hmm... I was checking around and I found a bug with apache that might
be related, but wanted to run it by here first:
The bug is here:
Hi,
I have a problem that mails from internal (private) IPs generate
SPF_FAIL hits. E.g. my configuration is
| internal_networks 62.153.82.30
| internal_networks 192.168.0.0/16
|
| trusted_networks62.153.82.30
| trusted_networks192.168.8.0/24
Then, an (untrusted
nice. spam on the spamassassin ml. anyone got a rule for those already? :D
On Thursday 20 March 2008 11:13:09 agnello george wrote:
Hi,
I started your industry profile on Orglex by adding you as my contact and
joined Management Consulting, Commercial Banks, Mobile Operators,
Magazines,
Plese, there is a BIG problem with spamassassin!!
Some mail locks spamassassin and the entire mail system!
I can't understand which the problem is, but is becoming a very very big
problem!
Here are the links to the two mails that hang bayes filter. If I disable
bayes filter mail is
On Wed, March 19, 2008 13:21, James E. Pratt wrote:
http://pastebin.com/m8520d64
http://pastebin.com/m159c02de
http://www.gossamer-threads.com/lists/spamassassin/users/90664
Botnet plugin hits them nicely
Benny Pedersen
Need more webspace ? http://www.servage.net/?coupon=cust37098
Paolo
Upgrade to latest 3.2.4, run sa-update and see if this makes any difference.
There where a couple of nasty buglets in 3.2.3 that could slow the whole the
thing down.
--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300
-Original Message-
From:
DNS ADMINS at godaddy need a lesson in RFC's.
host -t mx godaddy.com
godaddy.com mail is handled by 0 smtp.secureserver.net.
godaddy.com mail is handled by 10 mailstore1.secureserver.net.
host -t a smtp.secureserver.net
smtp.secureserver.net is an alias for smtp.where.secureserver.net.
Yea, if SA list is going to allow spam they should lose their whitelist
settings.
RCVD_IN_DNSWL_MED=-4
--
Michael Scheidell, CTO
|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
FreeBsd SpamAssassin Ports maintainer
Charter member, ICSA labs anti-spam consortium
On 3/20/08, Arvid Ephraim Picciani [EMAIL PROTECTED] wrote:
nice. spam on the spamassassin ml. anyone got a rule for those already? :D
On Thursday 20 March 2008 11:13:09 agnello george wrote:
Hi,
I started your industry profile on Orglex by adding you as my contact and
joined
On Thu, 20 Mar 2008 17:18:03 +0530, Agnello George
[EMAIL PROTECTED] wrote:
On 3/20/08, Arvid Ephraim Picciani [EMAIL PROTECTED] wrote:
nice. spam on the spamassassin ml. anyone got a rule for those already? :D
On Thursday 20 March 2008 11:13:09 agnello george wrote:
Hi,
I started your
On Thursday 20 March 2008 12:48:03 Agnello George wrote:
SO SORRY!! THIS IS A BIG MISTAKE ON MY BEHALF !!! DIDN'T KNOW IT TOOK
ALL MY ADDRESSES IN MY ADDRESS BOOK!!
THERE IS NOTHING I CAN DO TO REVERSE
I DO APOLOGIES AGAIN !!
AGNELLO
it's all good. wasn't dead serious anyway (see the smiley)
Michael Scheidell wrote:
DNS ADMINS at godaddy need a lesson in RFC's.
host -t mx godaddy.com
godaddy.com mail is handled by 0 smtp.secureserver.net.
godaddy.com mail is handled by 10 mailstore1.secureserver.net.
host -t a smtp.secureserver.net
smtp.secureserver.net is an alias for
Paolo De Marco wrote:
Plese, there is a BIG problem with spamassassin!!
Some mail locks spamassassin and the entire mail system!
I can't understand which the problem is, but is becoming a very very big
problem!
Here are the links to the two mails that hang bayes filter. If I disable
It should use X-Spam-Relays-External. Still a common minconception that
untrusted == external.
can you explain why it should use *-external instead of *-untrusted?
On 19.03.08 20:47, Henrik K wrote:
Inspired by this thread I submitted this, which should explain it:
On 19.03.08 09:17, Mike Pepe wrote:
For some strange reason, I'm seeing Cyrillic spams very frequently lately.
None of my users read any Eastern European languages- is there a quick
way to catch these?
configure properly ok_locales (it defines charsets in which you accept
e-mail) and
For some strange reason, I'm seeing Cyrillic spams very frequently
lately.
None of my users read any Eastern European languages- is there a quick
way to catch these?
On 20.03.08 08:54, Michael Hutchinson wrote:
You could use the ok_languages and ok_locales settings. I'm sure
I'm sorry I should have responded to you directly, I did try both, but
encountered the same problem. It'll connect to the database and
learn/store tokens, just won't compare against them.
Thanks again!
--Mitch
LEVEAU Stanislas wrote:
i think in your local.cf it s not
On 19.03.08 18:42, Enrico Scholz wrote:
I have a problem that mails from internal (private) IPs generate
SPF_FAIL hits. E.g. my configuration is
| internal_networks 62.153.82.30
| internal_networks 192.168.0.0/16
|
| trusted_networks62.153.82.30
| trusted_networks
Now that URIBL is marking blogspot.com in addition to googlepages.com,
I'd like to update my config to reflect that. I have a single line
currently:
util_rb_2tld googlepages.com
what is the correct syntax to add blogspot.com? Do I create two lines,
or do I stack domains on a single line?
ie:
Leveau Stanislas schrieb am 19.03.2008 19:39:
Can you show us your spamassassin configuration : local.cf
My configuration is working very well, and it is this:
(running under Fedora 7, with a remote Windows MySql 5.0.37 server).
whitelist_bounce_relays lxrouter.wombaz.localnet *.prima.de
John Thompson ha scritto:
If you're not using the latest spamassassin, consider updating. Also, be
aware that there is a DoS exploit involving perl-Net-DNS, which
spamassassin uses, be sure to check and update that as well if necessary:
http://secunia.com/advisories/29343/
I have update
At 03:12 20-03-2008, Arvid Ephraim Picciani wrote:
nice. spam on the spamassassin ml. anyone got a rule for those already? :D
It's already included in SpamAssassin:
HTML_MESSAGE,HTML_MIME_NO_HTML_TAG,MIME_HTML_ONLY,MIME_HTML_ONLY_MULTI,MPART_ALT_DIFF,SPF_NEUTRAL
The score was 7.1.
At 04:48
Paolo De Marco wrote:
Plese, there is a BIG problem with spamassassin!!
Some mail locks spamassassin and the entire mail system!
I can't understand which the problem is, but is becoming a very very big
problem!
Here are the links to the two mails that hang bayes filter. If I disable
bayes
On Thursday 20 March 2008 16:31:54 SM wrote:
At 03:12 20-03-2008, Arvid Ephraim Picciani wrote:
nice. spam on the spamassassin ml. anyone got a rule for those already? :D
It's already included in SpamAssassin:
HTML_MESSAGE,HTML_MIME_NO_HTML_TAG,MIME_HTML_ONLY,MIME_HTML_ONLY_MULTI,MPAR
Matus UHLAR - fantomas [EMAIL PROTECTED] writes:
I have a problem that mails from internal (private) IPs
generate SPF_FAIL hits. E.g. my configuration is
| internal_networks 62.153.82.30
| internal_networks 192.168.0.0/16
|
| trusted_networks62.153.82.30
|
On Thu, 20 Mar 2008, Mitchell Hudson wrote:
I'm sorry I should have responded to you directly, I did try both, but
encountered the same problem. It'll connect to the database and
learn/store tokens, just won't compare against them.
Have you tried running a database trace utility to verify
I don't recall seeing any comments about the Bayes configuration
details, and I've deleted older messages from the thread.
Something that might be biting you is Bayes expiry; this is
particularly important to configure correctly for a global Bayes db.
I don't see anything especially
At 08:44 20-03-2008, Arvid Ephraim Picciani wrote:
wow. i got -1.0 here. you're filtering html agressivly?
That's from ASF.
It's better to whitelist messages from an antispam list given the
nature of the discussion.
Regards,
-sm
- Original Message -
From: McDonald, Dan [EMAIL PROTECTED]
To: users@spamassassin.apache.org
Sent: Thursday, March 20, 2008 4:55 PM
Subject: util_rb_2tld syntax?
man Mail::SpamAssassin::Conf is your frends.
All stuff to one line.
On Thursday 20 March 2008 18:25:15 SM wrote:
At 08:44 20-03-2008, Arvid Ephraim Picciani wrote:
wow. i got -1.0 here. you're filtering html agressivly?
That's from ASF.
what's ASF?
tests there where:
-0.0 SPF_PASS SPF: sender matches SPF record
1.0 FUZZY_ROLEXBODY:
On Thursday 20 March 2008 18:44:14 Arvid Ephraim Picciani wrote:
not really. we don't say things like or * too
often :D
hahahaha i shouldnt have provoked it!
just got a bounceback from some MS filter which was almost filtered by my SA
which would propably result in a bounceback which
Details on configuration. Both machines, ma1 and ma2 are identical.
We are running:
sendmail
spamhaus.org blacklist which rejects the majority of mail so
SpamAssassin does not have to process that chunk of mail.
spamd (spamassassin) - 2 instances of spamd on each machine.
mimedefang
clamav
a
On Wednesday 19 March 2008 21:37:27 Loren Wilton wrote:
This is just off the top of my head, and needs linting and maybe tweaking
the scores.
uriBAD_BLOGSPOTm'http://[a-z]+\d+\.blogspot\.com'i
scoreBAD_BLOGSPOT1
body__SOFTWARES
At 10:44 20-03-2008, Arvid Ephraim Picciani wrote:
what's ASF?
That's the Apache Software Foundation.
not really. we don't say things like free office 2008 or VIAGRA too
often :D
Yes, we do; see above. :-)
Regards,
-sm
so i got these fake error messages http://rafb.net/p/yESmY248.html
it claims to be sent by [EMAIL PROTECTED]
SPF would reveal that 59.103.12.204 isn't us. (looks like a dialup in
pakistan to me) but sa doesn't seem to check the SPF at all. any idea why?
--
best regards/Mit freundlichen Grüßen
Well, you could always change
QMAILQUEUE=/var/qmail/bin/qmail-scanner-queue ; export QMAILQUEUE
To this
QMAILQUEUE=/var/qmail/bin/qmail-queue ; export QMAILQUEUE
And bypass the scanner logic on valid auth
Couldn't you?
;-
Otherwise, it would appear you need to better understand qmail and
SM wrote:
THERE IS NOTHING I CAN DO TO REVERSE
You can recall the message. :-)
No you can't. I can't tell if by the smiley you are really joking or
not but I will assume your humor is dry and you were really joking.
But you were too subtle in that case. So many people think that they
can
On 3/20/08 at 7:36 AM -0400 Michael Scheidell wrote:
So, godaddy, you use SpamAssassin?
I found out the hard way that Godaddy doe use SpamAssassin to scan
customers' outgoing mail. Up until late last year I was renting a
dedicated server from them. Suddenly one day most of the mail sent by my
Michael Scheidell wrote:
But then again, this is the bunch that blacklisted MY WHOLE CLASS C when a
vendor plugged an infected laptop into our conference room jack on the
outside of our firewall (vendors are now forbidden from connecting to our
network. If they don't have a evdo card they are
On Thu, March 20, 2008 2:22 pm, Bob Proulx wrote:
When I get a recall message from someone I routinely forward their
message back to them along with a note asking why they wanted to have a
copy if their message sent back to them just to drive home the point that
it doesn't work.
When I worked
Evan Platt wrote:
The e-mail had a pretty vague subject (numbers or something), and
the body of the message was vague, like Here's the latest with an
attached Excel spreadsheet. I almost deleted it until he not only
'recalled' it,
And if nothing else had happened for another day you probably
Periodically when manually learning a spam I get the below:
[EMAIL PROTECTED] ~]$ spamassassin -r spam1.txt
[28619] warn: reporter: razor2 report failed: No such file or directory
reporter: razor2 had unknown error during authenticate
at
My email is hosted on a shared hosting site where I don't have much
access to the good stuff, like syslog and /var/*anything*. For that
reason, I believe spamc/spamd is out for me. They do in fact have spamd
running. Here's the ps -aux output
root 9532 0.0 0.6 69628 24544 ? Ss
Arvid Ephraim Picciani wrote:
so i got these fake error messages http://rafb.net/p/yESmY248.html
it claims to be sent by [EMAIL PROTECTED]
SPF would reveal that 59.103.12.204 isn't us. (looks like a dialup in
pakistan to me) but sa doesn't seem to check the SPF at all. any idea why?
Hmm...
body SOFTWARE_AD
/(?:|\bbezahlen.*runterladen|Windows\bund\bmit\bMacintosh|\bOriginalversionen\b.*\blegal\b)/i
You probably want to adjust this a little bit. There are a few things here
that make me think you aren't getting quite what you expect.
1.Remove that first vertical bar.
You can recall the message. :-)
No you can't. I can't tell if by the smiley you are really joking or
Sometimes you can. In the past it was considerably more possible, but
vandals resulted in the feature being removed from a lot of stuff.
In some versions of Outlook you can recall a
47 matches
Mail list logo
