> > On Fri, 2 Oct 2009, Bill Landry wrote:
> >
> > > John Hardin wrote:
> > >> On Fri, 2 Oct 2009, Igor Bogomazov wrote:
> > >>
> > >>> I've checked rDNS of the prefix.domain.mail with 'host' utility
> > >>> - it's all right.
> > >>
> > >> You don't check rDNS using "host", you check it using "dig
> On Fri, 2 Oct 2009, Jose Luis Marin Perez wrote:
>
> > - Approximately 85% of spam are in Spanish, this can be a problem
> > for SpamAssassin?
>
> Possibly. Most of the default rules and most third-party rules are
> for English. This would tend to reduce your hit rate, but a
> properly-trained
> On Fri, 2 Oct 2009, Bill Landry wrote:
>
> > John Hardin wrote:
> >> On Fri, 2 Oct 2009, Igor Bogomazov wrote:
> >>
> >>> I've checked rDNS of the prefix.domain.mail with 'host' utility -
> >>> it's all right.
> >>
> >> You don't check rDNS using "host", you check it using "dig -x
> >> host.ip.a
On 10/03/09 20:16, quoth Benny Pedersen:
> On lør 03 okt 2009 23:41:41 CEST, "Steven W. Orr" wrote
>> Thank you. I am still confused in one area:
>
> no problem
>
>> These scripts do not touch the bayes_token table, and it is this table
>> that
>> has by far the most number of rows.
>
> i do not
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Warren Togami wrote:
> http://spameatingmonkey.com
>
> Anyone have any experience using these DNSBL and URIBL's?
>
> Is anyone from this site on this list?
>
> I wonder if we should add these rules to the sandbox for masschecks as
> well.
Since som
On Sun, 4 Oct 2009, Warren Togami wrote:
On 10/04/2009 04:07 PM, John Hardin wrote:
On Thu, 1 Oct 2009, Warren Togami wrote:
> The "Oddity" I was pointing out at the beginning of the thread is not
> prevalence of .cn URI's, but rather most of them appear to be exactly
> 8 characters long.
Warren Togami wrote:
http://spameatingmonkey.com
Anyone have any experience using these DNSBL and URIBL's?
Is anyone from this site on this list?
I wonder if we should add these rules to the sandbox for masschecks as
well.
Warren Togami
wtog...@redhat.com
I've been using them for a few
http://spameatingmonkey.com
Anyone have any experience using these DNSBL and URIBL's?
Is anyone from this site on this list?
I wonder if we should add these rules to the sandbox for masschecks as well.
Warren Togami
wtog...@redhat.com
On Sun, 2009-10-04 at 11:46 -0700, Steve Fatula wrote:
> We use Spamassassin via spamc/spamd via procmail. In the maillog file, we see
> when there is spam, the message indicates a bunch of information. raddr shows
> up always as 127.0.0.1, which is our course our connection to SPAMD from our
>
RW a écrit :
> On Sun, 04 Oct 2009 15:53:34 +0200
> Yet Another Ninja wrote:
>
>
>> why "lastexternal" ?
>> would you expect ham traffic from those IPs? and want to loose deeper
>> header parsing?
>
> Right, although I doubt this list is going to be much use for
> SpamAssassin. With zen being
> On Sunday, October 4, 2009, 1:55:55 PM, RW wrote:
>
> R> Right, although I doubt this list is going to be much use for
> R> SpamAssassin. With zen being so popular, I think everything that can
> R> be caught with it will get caught at the smtp level . With SBL you get
> R> additional deep hits
On 10/04/2009 04:07 PM, John Hardin wrote:
On Thu, 1 Oct 2009, Warren Togami wrote:
The "Oddity" I was pointing out at the beginning of the thread is not
prevalence of .cn URI's, but rather most of them appear to be exactly
8 characters long.
Are there any other .cn domain formats (like {8}.c
On Sun, 04 Oct 2009, LuKreme wrote:
> On 3-Oct-2009, at 23:54, Sahil Tandon wrote:
> >As documented in the spamd(1) man page:
> >
> >-s facility, --syslog=facilitySpecify the syslog facility
> >
> >So, specifly a syslog FACILITY instead of a FILENAME. See syslogd
> >(8) and
> >syslog.conf(5)
On Thu, 1 Oct 2009, Warren Togami wrote:
The "Oddity" I was pointing out at the beginning of the thread is not
prevalence of .cn URI's, but rather most of them appear to be exactly 8
characters long.
Are there any other .cn domain formats (like {8}.com.cn) that would be of
interest? I was tr
On 3-Oct-2009, at 23:54, Sahil Tandon wrote:
As documented in the spamd(1) man page:
-s facility, --syslog=facilitySpecify the syslog facility
So, specifly a syslog FACILITY instead of a FILENAME. See syslogd
(8) and
syslog.conf(5) man pages for more.
man spamd(1) says:
On Sunday, October 4, 2009, 1:55:55 PM, RW wrote:
R> Right, although I doubt this list is going to be much use for
R> SpamAssassin. With zen being so popular, I think everything that can
R> be caught with it will get caught at the smtp level . With SBL you get
R> additional deep hits from spammer
On Sun, 04 Oct 2009 15:53:34 +0200
Yet Another Ninja wrote:
> why "lastexternal" ?
> would you expect ham traffic from those IPs? and want to loose deeper
> header parsing?
Right, although I doubt this list is going to be much use for
SpamAssassin. With zen being so popular, I think everythi
We use Spamassassin via spamc/spamd via procmail. In the maillog file, we see
when there is spam, the message indicates a bunch of information. raddr shows
up always as 127.0.0.1, which is our course our connection to SPAMD from our
machine via procmail. Similarly, rhost is our machine.
We are
On Sun, 04 Oct 2009, LuKreme wrote:
> >As documented in the spamd(1) man page:
> >
> >-s facility, --syslog=facilitySpecify the syslog facility
> >
> >So, specifly a syslog FACILITY instead of a FILENAME. See syslogd
> >(8) and
> >syslog.conf(5) man pages for more.
>
> So setting the -s to '
On Sun, 4 Oct 2009, Karsten Br?ckelmann wrote:
On Sun, 2009-10-04 at 09:59 -0400, Warren Togami wrote:
On 10/04/2009 12:21 AM, John Hardin wrote:
Right, in adding things to the sandbox it does not necessarily mean I
suggest they should become rules. I am mainly curious to see what the
result
On søn 04 okt 2009 15:20:09 CEST, LuKreme wrote
# CSS is the Snowshoe Block List: http://www.spamhaus.org/css/
header RCVD_IN_CSS eval:check_rbl('zen-lastexternal',
'zen.spamhaus.org.', '127.0.0.3')
you make another dns lookup here compared to what rule i maked :)
--
xpoint
On søn 04 okt 2009 12:31:37 CEST, Mike Cardwell wrote
SpamHaus announced a new list a couple of days back -
http://www.spamhaus.org/news.lasso?article=646
According to that page it returns results of 127.0.0.3
I just took a quick look at 20_dnsbl_tests.cf and it doesn't seem to
include it
On Sun, 2009-10-04 at 09:59 -0400, Warren Togami wrote:
> On 10/04/2009 12:21 AM, John Hardin wrote:
> > > Right, in adding things to the sandbox it does not necessarily mean I
> > > suggest they should become rules. I am mainly curious to see what the
> > > results say.
> >
> > Warning: autopromo
On 10/04/2009 12:21 AM, John Hardin wrote:
On Sat, 3 Oct 2009, Warren Togami wrote:
On 10/03/2009 07:50 PM, Adam Katz wrote:
8 is *extremely* important in Chinese culture. When running these
tests, make sure that there is a good quantity of .cn TLD URIs in the
ham before drawing any conclusio
On 10/4/2009 3:20 PM, LuKreme wrote:
On 4-Oct-2009, at 04:31, Mike Cardwell wrote:
SpamHaus announced a new list a couple of days back -
http://www.spamhaus.org/news.lasso?article=646
According to that page it returns results of 127.0.0.3
I just took a quick look at 20_dnsbl_tests.cf and it d
On 4-Oct-2009, at 04:31, Mike Cardwell wrote:
SpamHaus announced a new list a couple of days back -
http://www.spamhaus.org/news.lasso?article=646
According to that page it returns results of 127.0.0.3
I just took a quick look at 20_dnsbl_tests.cf and it doesn't seem to
include it yet. Curre
On 3-Oct-2009, at 23:54, Sahil Tandon wrote:
On Sat, 03 Oct 2009, LuKreme wrote:
My spammed.log file is empty:
Do you mean spamd.log?
Yes (sometimes auto-spelling correcting sucks)
$ cat /var/log/spamd.log
Oct 3 00:00:00 mail newsyslog[82079]: logfile turned over
OK, so newsyslog(8)
Matt Kettler wrote:
SpamHaus announced a new list a couple of days back -
http://www.spamhaus.org/news.lasso?article=646
According to that page it returns results of 127.0.0.3
I just took a quick look at 20_dnsbl_tests.cf and it doesn't seem to
include it yet. Currently we have:
RCVD_IN_SBL -
Mike Cardwell wrote:
> SpamHaus announced a new list a couple of days back -
> http://www.spamhaus.org/news.lasso?article=646
>
> According to that page it returns results of 127.0.0.3
>
> I just took a quick look at 20_dnsbl_tests.cf and it doesn't seem to
> include it yet. Currently we have:
>
>
SpamHaus announced a new list a couple of days back -
http://www.spamhaus.org/news.lasso?article=646
According to that page it returns results of 127.0.0.3
I just took a quick look at 20_dnsbl_tests.cf and it doesn't seem to
include it yet. Currently we have:
RCVD_IN_SBL - 127.0.0.2
RCVD_IN_
30 matches
Mail list logo
