On Sat, 9 Nov 2013, Sergio Durigan Junior wrote:
[Note: By ham I assume you mean false-positives, and not just regular
e-mail.]
No, Train with correctly-classified ham as well.
--
John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
jhar...@impsec.orgFALaholic #11174
On Saturday, November 09 2013, Karsten Bräckelmann wrote:
> You don't have any kind of archive of spam? If so, train on recent ones,
> feel free to exceed the minimum limit, but don't bother too much with
> old spam. It changes much faster over time than ham does.
>
> Also, at least until you reac
On Sat, 2013-11-09 at 01:35 -0200, Sergio Durigan Junior wrote:
> On Friday, November 08 2013, Amir Caspi wrote:
> > I would run spamd as root and initiate spamc with the -u option, to allow
> > each user to have his/her own Bayes DB. However, again, it really depends
> > on what kind of email sy
On Sat, 2013-11-09 at 01:34 -0200, Sergio Durigan Junior wrote:
> On Friday, November 08 2013, Karsten Bräckelmann wrote:
> > You mentioned that's a fresh install, actually not even in production
> > yet. The Bayes sub-system requires some training (minimum of 200 ham and
> > spam each) by default
On Friday, November 08 2013, Amir Caspi wrote:
>> What's your opinion?
>
> I would run spamd as root and initiate spamc with the -u option, to allow
> each user to have his/her own Bayes DB. However, again, it really depends
> on what kind of email system you're running, and how you want to handl
On Friday, November 08 2013, Karsten Bräckelmann wrote:
> On Fri, 2013-11-08 at 16:09 -0200, Sergio Durigan Junior wrote:
>> #> spamc -c < spam.file
>> 0.0/5.0
>> #> spamc -L spam < spam.file
>> (successful message saying that the spam was learned)
>> #> spamc -c < spam.file
>> 0.0/5.0
On 08 Nov 2013, at 13:53 , Kris Deugau wrote:
> It's also been scored down in more recent rule updates; as of a few
> minutes ago it looks like it's *way* down:
>
> score RP_MATCHES_RCVD -1.501 -0.001 -1.501 -0.001
I saw that after I ran sa-update, which was shortly afte
On 08 Nov 2013, at 13:42 , Kris Deugau wrote:
> man Mail::SpamAssassin::Conf and scroll down to the "RULE DEFINITIONS
> AND PRIVILEGED SETTINGS" section.
Oh, well, crap. Yeah, that's not going to happen.
OK, time to come up with another way of doing this...
ZZ
er.. right.
--
"What if your
On 08 Nov 2013, at 13:53 , Kris Deugau wrote:
> SA is installed from package, this looks something like
> /var/lib/spamassassin.
Ah, /var/db/spamassassin
I would never have found them. thanks!
--
Everything you read on the Internet is false -- Glenn Fleishman
On 08 Nov 2013, at 13:42 , Kris Deugau wrote:
> If you want to put full rules in user_prefs files, you'll need to set
> allow_user_rules in the main configuration.
>
> man Mail::SpamAssassin::Conf and scroll down to the "RULE DEFINITIONS
> AND PRIVILEGED SETTINGS" section.
Thank you!
--
It w
On Fri, November 8, 2013 3:24 pm, Karsten Bräckelmann wrote:
> The latter is incorrect -- spamc by default sends the effective user ID,
> and spamd switches users before processing the mail (assuming the daemon
> has been started as root). The -u user option is only necessary to
> change that defau
On Fri, 2013-11-08 at 00:10 -0600, Sergio wrote:
> I tried this rule to stop emails with an empty subject, but it didn't
> work:
The rule is fine, though the score is a tiiiny bit excessive.
You'll have to elaborate on "trying" and "doesn't work".
--
char *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79
On Fri, 2013-11-08 at 20:18 -0200, Sergio Durigan Junior wrote:
> Nice, thank you. I am more inclined to use a per-user database, and
> call "spamc -u myuser -L spam". Let's see how that goes.
The real difference between sa-learn and spamc -L is how to feed it.
The spamc way expects a single me
On Fri, 2013-11-08 at 14:45 -0700, Amir 'CG' Caspi wrote:
> On Fri, November 8, 2013 2:39 pm, Sergio Durigan Junior wrote:
> > I don't think sa-learn can help with spamd. Its own manpage mention
> > that, for spamd users, "spamc -L" is the way to go.
Fundamentally, there is no difference between
On Friday, November 08 2013, John Hardin wrote:
>> I don't think sa-learn can help with spamd. Its own manpage mention
>> that, for spamd users, "spamc -L" is the way to go.
>
> Not true. sa-learn is just fine for spamd with a global Bayes
> database, and it's recommended for administrative simpl
On Fri, 2013-11-08 at 16:09 -0200, Sergio Durigan Junior wrote:
> #> spamc -c < spam.file
> 0.0/5.0
> #> spamc -L spam < spam.file
> (successful message saying that the spam was learned)
> #> spamc -c < spam.file
> 0.0/5.0
You mentioned that's a fresh install, actually not even in prod
On Fri, November 8, 2013 2:56 pm, Sergio Durigan Junior wrote:
> The problem with having a user-tailored database is that I will have to
> run sa-update for every user, right?
No, or at least, not that I've seen. If spamd is running as root, it will
load the sa-update rules from the root installa
On Friday, November 08 2013, Amir Caspi wrote:
> On Fri, November 8, 2013 2:39 pm, Sergio Durigan Junior wrote:
>> I don't think sa-learn can help with spamd. Its own manpage mention
>> that, for spamd users, "spamc -L" is the way to go.
>>
>> Hm, really? I thought spamd kept a global Bayes data
On Fri, 8 Nov 2013, Sergio Durigan Junior wrote:
On Friday, November 08 2013, John Hardin wrote:
On Fri, 8 Nov 2013, Sergio Durigan Junior wrote:
#> spamc -c < spam.file
0.0/5.0
#> spamc -L spam < spam.file
(successful message saying that the spam was learned)
#> spamc -c < spam.file
0
On Fri, November 8, 2013 2:39 pm, Sergio Durigan Junior wrote:
> I don't think sa-learn can help with spamd. Its own manpage mention
> that, for spamd users, "spamc -L" is the way to go.
>
> Hm, really? I thought spamd kept a global Bayes database, and that
> everyone calling "spamc -L" would end
On Friday, November 08 2013, John Hardin wrote:
> On Fri, 8 Nov 2013, Sergio Durigan Junior wrote:
>
>> #> spamc -c < spam.file
>> 0.0/5.0
>> #> spamc -L spam < spam.file
>> (successful message saying that the spam was learned)
>> #> spamc -c < spam.file
>> 0.0/5.0
>>
>> I have already updat
On Fri, 8 Nov 2013, Kris Deugau wrote:
LuKreme wrote:
Some spam has been matching the rule RP_MATCHES_RCVD which is worth
-2.8 points. I wanted to look at this rule, so I went to
/usr/local/etc/mail/spamassassin and gripped for the name, but no hits.
There was a thread on this rule not too l
On Fri, 8 Nov 2013, Sergio Durigan Junior wrote:
#> spamc -c < spam.file
0.0/5.0
#> spamc -L spam < spam.file
(successful message saying that the spam was learned)
#> spamc -c < spam.file
0.0/5.0
I have already updated my Bayesian database, restarted the spamd
service, etc. I was expecti
LuKreme wrote:
> Some spam has been matching the rule RP_MATCHES_RCVD which is worth -2.8
> points. I wanted to look at this rule, so I went to
> /usr/local/etc/mail/spamassassin and gripped for the name, but no hits.
There was a thread on this rule not too long ago; check the list
archives and
LuKreme wrote:
>
> I would like to add a score in user_prefs based on the To header (I have an
> email that collects several email addresses and I want to add some
> spamishness indicators).
>
> Does the user_prefs understand the same syntax as the local.cf file? And what
> would be the best w
Some spam has been matching the rule RP_MATCHES_RCVD which is worth -2.8
points. I wanted to look at this rule, so I went to
/usr/local/etc/mail/spamassassin and gripped for the name, but no hits.
Where's the rule defined? I thought there was a rules folder, but the only one
I can find it one i
On Friday, November 08 2013, John Hardin wrote:
> Not directly addressing your other questions but: running spamassassin
> directly is only really suitable for *very* low-traffic environments,
> as that will parse and compile all of the rules and other config *per
> message*, which is a lot of ove
I would like to add a score in user_prefs based on the To header (I have an
email that collects several email addresses and I want to add some spamishness
indicators).
Does the user_prefs understand the same syntax as the local.cf file? And what
would be the best way to say:
If the to field i
On Fri, 8 Nov 2013, Sergio Durigan Junior wrote:
I am using Debian Wheezy here (therefore, Exim + Dovecot for e-mail),
and I am still deciding how to run SpamAssassin. I am divided between
running it by directly calling spamassassin, or by running spamd and
calling spamc. Both methods are goin
Hey there,
I am using Debian Wheezy here (therefore, Exim + Dovecot for e-mail),
and I am still deciding how to run SpamAssassin. I am divided between
running it by directly calling spamassassin, or by running spamd and
calling spamc. Both methods are going to be used via my .procmailrc.
Well,
On 11/8/2013 6:59 AM, emailitis.com wrote:
Thank you and Benny for your help.
I put those in place and all looks well. We had one captured this
morning but wondered if you can explain in the log below which seems
as if it has been deleted, yet then allowed:
Nov 8 10:05:04 plesk3 spamd[119
On Fri, 8 Nov 2013 00:10:01 -0600
Sergio wrote:
> Hi all,
> I tried this rule to stop emails with an empty subject, but it didn't
> work:
>
> header SUBJECT_EMPTY SUBJECT =~ /^$/i
> describe SUBJECT_EMPTY EMPTY SUBJECT
> scoreSUBJECT_EMPTY 11
>
> Any hint on what is wrong?
I p
Thank you and Benny for your help.
I put those in place and all looks well. We had one captured this morning
but wondered if you can explain in the log below which seems as if it has
been deleted, yet then allowed:
Nov 8 10:05:04 plesk3 spamd[11926]: spamd: result: Y 9 -
AEXP_ALL,DCC_CHECK,R
On 11/7/2013 6:00 PM, Owen Mehegan wrote:
> Thanks in advance for any advice anyone can offer!
fwiw, of the 4 spam examples, ivmURI had blacklisted one or more domains
in ALL 4 out of 4 samples at least several minutes BEFORE those spams
hit your server (some days or weeks before).
In a large po
34 matches
Mail list logo