Something is wrong with the configuration. Does anyone know which sa rule is
responsible for this ?
http://www.rfc-ignorant.org/tools/lookup.php?domain=gmail.com
On 02.07.08 13:55, NGSS wrote:
To: 'Matus UHLAR - fantomas' [EMAIL PROTECTED],
users@spamassassin.apache.org
Please, don't send private replies, I did not ask for them.
Yah I think it is just too aggressive, I included a handful of rules
Is there any forum or website that discuss
I did a spamassasin -D --lint , but cannot find where this rule came from.
Anyone knows this?
NGSS wrote:
Something is wrong with the configuration. Does anyone know which sa rule is
responsible for this ?
Probably not SA: SA does not reject mail. whatever tool you use to call
SA may, but then it may reject for other reasons. Please tell us more.
On Wed, 2008-07-02 at 14:56 +0800, NGSS wrote:
I did a spamassasin –D --lint , but cannot find where this rule came
from. Anyone knows this?
20_head_tests.cf, with the stock score set in 50_scores.cf. However,
this seriously doesn't matter...
Do NOT adjust scores in the SA provided cf files.
NGSS wrote:
I did a spamassasin -D --lint , but cannot find where this rule came from.
Anyone knows this?
do you mean SUBJ_ALL_CAPS? it is defined in 20_head_tests.cf (score is
in in 50_scores.cf as usual).
score SUBJ_ALL_CAPS 2.299 1.806 1.926 2.077
do not alter distributed rule
Thanks for all your helps.
Ya, you had my question answered.
I need to lower this score because it consistently give 2.1 for an All
capital letter subject to my email.
As some of you might know. It is pretty common for accounting related staff
to cap-lock their keyboard all the time, and
Hello!
during the last days i do get the following mails and i'm unable to
catch/score them
http://www.norddeutsche.de/temp/20080630185844296.eml.txt
http://www.norddeutsche.de/temp/20080701190353407.eml.txt
Any tips/hints how to score them ?
Ove Starckjohann
Hi,
I would like to do some whitelisting for an external mailing list. I found
whitelist_from and whitelist_auth but they automatically score -100. Is
there a way to use whitelist_* or something similiar with a custom score?
Thanks, Helmut
--
No Swen today, my love has gone away
My mailbox
On Wednesday 02 July 2008 4:08 am, Starckjohann, Ove wrote:
Hello!
during the last days i do get the following mails and i'm unable to
catch/score them
http://www.norddeutsche.de/temp/20080630185844296.eml.txt
http://www.norddeutsche.de/temp/20080701190353407.eml.txt
Any tips/hints
Starckjohann, Ove wrote:
Hello!
during the last days i do get the following mails and i'm unable to
catch/score them
http://www.norddeutsche.de/temp/20080630185844296.eml.txt
Content analysis details: (9.1 points, 5.0 required)
pts rule name description
Received: from n75.bullet.mail.sp1.yahoo.com ([10.10.10.21]) by
EXCHANGE02.norddeutsche.de with Microsoft SMTPSVC(6.0.3790.3959);
Mon, 30 Jun 2008 18:58:44 +0200
huh? what's that weird IP doing there?
--
best regards
Arvid Ephraim Picciani
On Wed, 2 Jul 2008, Arvid Ephraim Picciani wrote:
Received: from n75.bullet.mail.sp1.yahoo.com ([10.10.10.21]) by
EXCHANGE02.norddeutsche.de with Microsoft SMTPSVC(6.0.3790.3959);
Mon, 30 Jun 2008 18:58:44 +0200
huh? what's that weird IP doing there?
It's a version.
On Wed, 2008-07-02 at 11:12 +0200, Helmut Schneider wrote:
Hi,
I would like to do some whitelisting for an external mailing list. I found
whitelist_from and whitelist_auth but they automatically score -100. Is
there a way to use whitelist_* or something similiar with a custom score?
On Wed, 2008-07-02 at 13:40 +0200, Arvid Ephraim Picciani wrote:
Received: from n75.bullet.mail.sp1.yahoo.com ([10.10.10.21]) by
EXCHANGE02.norddeutsche.de with Microsoft SMTPSVC(6.0.3790.3959);
Mon, 30 Jun 2008 18:58:44 +0200
huh? what's that weird IP doing there?
yahoo transits
On 02.07.08 11:12, Helmut Schneider wrote:
I would like to do some whitelisting for an external mailing list. I found
whitelist_from and whitelist_auth but they automatically score -100. Is
there a way to use whitelist_* or something similiar with a custom score?
you can use def_whitelist_*
-Ursprüngliche Nachricht-
Von: McDonald, Dan [mailto:[EMAIL PROTECTED]
Gesendet: Mittwoch, 2. Juli 2008 14:00
An: users@spamassassin.apache.org
Betreff: Re: i'm unable to catch these
On Wed, 2008-07-02 at 13:40 +0200, Arvid Ephraim Picciani wrote:
Received: from
nice .-)
i added L_UNVERIFIED_YAHOO and GEO_QUERY_STRING to my rules, as i'm still using
SA_3.17...so maybe those rules are only embedded into the 3.2x'er SA.
But pls tell me: how may CLAMAV score with 10 points ?
where is the virus ???
Ove
-Ursprüngliche Nachricht-
Von: Chris
Starckjohann, Ove wrote:
nice .-)
i added L_UNVERIFIED_YAHOO and GEO_QUERY_STRING to my rules, as i'm still using
SA_3.17...so maybe those rules are only embedded into the 3.2x'er SA.
But pls tell me: how may CLAMAV score with 10 points ?
where is the virus ???
This is probably ClamAV with
On 02.07.08 14:58, Starckjohann, Ove wrote:
please configura your mail client to wrap lines below 80 characters per
linx. 72 to 76 is good.
i added L_UNVERIFIED_YAHOO and GEO_QUERY_STRING to my rules, as i'm still
using SA_3.17...so maybe those rules are only embedded into the 3.2x'er
SA.
But pls tell me: how may CLAMAV score with 10 points ?
where is the virus ???
virus, phish, PUA or false-positive. I recommend reject them
as SMTP level, not in SA plugin, if possible
we DO reject at smtp-level if we are sure that the mail is spam.
Our smtp-proxy is doing own tests
But pls tell me: how may CLAMAV score with 10 points ?
where is the virus ???
virus, phish, PUA or false-positive. I recommend reject them
as SMTP level, not in SA plugin, if possible
On 02.07.08 15:25, Starckjohann, Ove wrote:
we DO reject at smtp-level if we are sure that the
Where can I find the url to download the FreeMail Plugin?
--
DJ Helmes
Matus UHLAR - fantomas wrote:
we DO reject at smtp-level if we are sure that the mail is spam.
you seem not to reject viruses at SMTP level ;) otherwise clamav couldn't
score them :)
Or 1: they may use SpamAssassin during SMTP conversations in
order to reject at SMTP level based on
At 05:23 02-07-2008, Starckjohann, Ove wrote:
10.10.10.21 is MY address. It's a smtp-PROXY which passes through
the smtp-connection to EXCHANGE02.
Network tests on the message headers will be ineffective.
Regards,
-sm
On Wed, 2008-07-02 at 10:14 -0400, Dj Helmes wrote:
Where can I find the url to download the FreeMail Plugin?
http://sa.hege.li/FreeMail.pm
--
DJ Helmes
--
Daniel J McDonald, CCIE #2495, CISSP #78281, CNX
Austin Energy
http://www.austinenergy.com
signature.asc
Description: This is a
At 05:23 02-07-2008, Starckjohann, Ove wrote:
10.10.10.21 is MY address. It's a smtp-PROXY which passes through
the smtp-connection to EXCHANGE02.
On 02.07.08 07:34, SM wrote:
Network tests on the message headers will be ineffective.
not if the 10.10.10.21 is in trusted_networks and
On Wed, 2 Jul 2008, Dj Helmes wrote:
Where can I find the url to download the FreeMail Plugin?
Right on the plugins wiki page:
http://wiki.apache.org/spamassassin/CustomPlugins
It's toward the bottom of the page.
you seem not to reject viruses at SMTP level ;) otherwise clamav couldn't
score them :)
One can score an email and still reject during the SMTP session if the
systems are setup to do so.
- rh
you seem not to reject viruses at SMTP level ;) otherwise clamav couldn't
score them :)
On 02.07.08 08:13, Robert - elists wrote:
One can score an email and still reject during the SMTP session if the
systems are setup to do so.
one does need to score viruses in SA if (s)he can reject them
On Wednesday 02 July 2008 16:34:12 SM wrote:
At 05:23 02-07-2008, Starckjohann, Ove wrote:
10.10.10.21 is MY address. It's a smtp-PROXY which passes through
the smtp-connection to EXCHANGE02.
Network tests on the message headers will be ineffective.
that was my worry. With the default
Starckjohann, Ove wrote:
Received: from n75.bullet.mail.sp1.yahoo.com ([10.10.10.21]) by
EXCHANGE02.norddeutsche.de with Microsoft SMTPSVC(6.0.3790.3959);
Mon, 30 Jun 2008 18:58:44 +0200
10.10.10.21 is MY address. It's a smtp-PROXY which passes through the
smtp-connection to
Is there an easy way to detect the registrar of a domain through DNS?
For example - can I easilly figure out if an email I'm processing is
hosted by GoDaddy or Tucows?
Here's what I'm thinking. I think there's some expensive and highly
secure registrars out there who are the registrar of
one does need to score viruses in SA if (s)he can reject them directly
--
Yes, we do that.
See the SA clamav plugin
- rh
On Wed, 2 Jul 2008, Marc Perkel wrote:
Is there an easy way to detect the registrar of a domain through DNS? For
example - can I easilly figure out if an email I'm processing is hosted by
GoDaddy or Tucows?
Registrar != hosted by.
Here's what I'm thinking. I think there's some expensive and
John Hardin wrote:
On Wed, 2 Jul 2008, Marc Perkel wrote:
Is there an easy way to detect the registrar of a domain through DNS?
For example - can I easilly figure out if an email I'm processing is
hosted by GoDaddy or Tucows?
Registrar != hosted by.
Here's what I'm thinking. I think
SpamAssassin version 3.1.8
running on Perl version 5.8.8
OpenSuse 10.2, latest patchlevel
How do I enable a target tagged 'userconf'?
I'd like to have all messages checked against the BODY_8BITS target
defined in /usr/share/spamassassin/25_textcat.cf:
body BODY_8BITS
On Wed, 2008-07-02 at 17:05, Marc Perkel wrote:
Is there an easy way to detect the registrar of a domain through DNS?
For example - can I easilly figure out if an email I'm processing is
hosted by GoDaddy or Tucows?
Even if it was possible I don't think its would be at all useful.
Spammers
Martin Gregorie wrote:
On Wed, 2008-07-02 at 17:05, Marc Perkel wrote:
Is there an easy way to detect the registrar of a domain through DNS?
For example - can I easilly figure out if an email I'm processing is
hosted by GoDaddy or Tucows?
Even if it was possible I don't think its
On Wed, 2008-07-02 at 19:31 +0200, Ralf Fassel wrote:
SpamAssassin version 3.1.8
running on Perl version 5.8.8
OpenSuse 10.2, latest patchlevel
How do I enable a target tagged 'userconf'?
The flag just checks that there is something configured before it fires.
I'd like to have all
On Wed, 2008-07-02 at 18:46, Marc Perkel wrote:
Martin Gregorie wrote:
On Wed, 2008-07-02 at 17:05, Marc Perkel wrote:
Is there an easy way to detect the registrar of a domain through DNS?
For example - can I easilly figure out if an email I'm processing is
hosted by GoDaddy or
- Original Message -
From: mouss [EMAIL PROTECTED]
Cc: users@spamassassin.apache.org
Sent: Tuesday, July 01, 2008 12:27 PM
Subject: Re: Lots of spam with the following snip
Justin Mason wrote:
[snip]
On 01.07.08 10:50, Justin Mason wrote:
no -- this is real spam, not a bounce in
On 02.07.08 13:55, NGSS wrote:
To: 'Matus UHLAR - fantomas' [EMAIL PROTECTED],
users@spamassassin.apache.org
Please, don't send private replies, I did not ask for
them.
Its impossible to know who wants them, and who does not. Someone who does not
sit here and read all messages thru may
Martin Gregorie wrote:
On Wed, 2008-07-02 at 18:46, Marc Perkel wrote:
Martin Gregorie wrote:
On Wed, 2008-07-02 at 17:05, Marc Perkel wrote:
Is there an easy way to detect the registrar of a domain through DNS?
For example - can I easilly figure out if an email I'm
On Wed, 2 Jul 2008, Martin Gregorie wrote:
OK, but it still won't work. A lot of spam comes from botnets: hence my
comment about PC users. There's certainly no correlation between the
location of infected PCs and the reputation of the domain registrar of
the domain the infected PC is posting
On Wed, 2 Jul 2008, Marc Perkel wrote:
John Hardin wrote:
On Wed, 2 Jul 2008, Marc Perkel wrote:
Is there an easy way to detect the registrar of a domain through DNS?
For example - can I easilly figure out if an email I'm processing is
hosted by GoDaddy or Tucows?
Registrar !=
On Wed, 2 Jul 2008, Marc Perkel wrote:
Again - it's not to figure out where spam comes from. It's figuring out
where non-spam comes from. I think there are registrars out there that
don't have any spam domains registered.
Right, but how do you guarantee a host with a whitelisted RDNS domain
On Wed, Jul 02, 2008 at 12:08:43PM -0700, John Hardin wrote:
On Wed, 2 Jul 2008, Marc Perkel wrote:
Again - it's not to figure out where spam comes from. It's figuring out
where non-spam comes from. I think there are registrars out there that
don't have any spam domains registered.
On Thu, 2008-07-03 at 05:59 +0300, Henrik K wrote:
On Wed, Jul 02, 2008 at 12:08:43PM -0700, John Hardin wrote:
On Wed, 2 Jul 2008, Marc Perkel wrote:
Again - it's not to figure out where spam comes from. It's figuring out
where non-spam comes from. I think there are registrars out
On Wed, Jul 02, 2008 at 09:18:41PM -0700, John Hardin wrote:
On Thu, 2008-07-03 at 05:59 +0300, Henrik K wrote:
On Wed, Jul 02, 2008 at 12:08:43PM -0700, John Hardin wrote:
On Wed, 2 Jul 2008, Marc Perkel wrote:
Again - it's not to figure out where spam comes from. It's figuring out
50 matches
Mail list logo