On 11.08.14 16:38, Matteo Dessalvi wrote:
I am planning to install SA on our SMTP MTAs, which deals only with
outgoing traffic generated in the internal network.
I am making the assumption that our clients are mostly sending 'clean'
email (I know, I am trusting *a lot* my users but
Hi all.
Thanks for all the answers. I am afraid I was being naive.
I was explicitly thinking of a scenario like this: filter as
much as possible 'unsolicited email' sent by some (possibly)
'infected' account.
I thought that turning off the bayesian classifier (and the
RBL checks) would still
Hello All,
Please have a look at the email below: in the content analysis report (in
the body) the spam score appears as 5.1 points. The email is correctly
identified as spam, the subject line changed to include *SPAM*.
However, in the email headers the score appears as 0.001, message is
On 8/12/2014 6:31 AM, matth wrote:
Hello All,
Please have a look at the email below: in the content analysis report (in
the body) the spam score appears as 5.1 points. The email is correctly
identified as spam, the subject line changed to include *SPAM*.
However, in the email headers
Hi,
We periodically have users that complain about receiving email they
believe
to be spam, but it looks to be legitimate.
What's your definition of legitimate :) ?
My definition of spam is email which is:
- unsolicited (ie: the user didn't sign up for some newsletter or mailing
list
On Tue, 12 Aug 2014 09:41:07 -0400
Alex mysqlstud...@gmail.com wrote:
I define legitimate as having been sent through a reputable
company's mail system. Chances are, Computer Associates aren't
spamming people.
I disagree with that. In my opinion, only two criteria are needed
to define spam:
On 8/12/2014 9:48 AM, David F. Skoll wrote:
On Tue, 12 Aug 2014 09:41:07 -0400
Alex mysqlstud...@gmail.com wrote:
I define legitimate as having been sent through a reputable
company's mail system. Chances are, Computer Associates aren't
spamming people.
I disagree with that. In my opinion,
On 12.08.2014 08:43 Matus UHLAR wrote:
That means, much of rules that push over limit will not hit.
You still should not push required_score down, I remember outgoing mail
being blocked by inherited servers for hitting 7.0...
On 12.08.14 12:08, Matteo Dessalvi wrote:
I was thinking about
On 8/12/2014 6:31 AM, matth wrote:
Please have a look at the email below: in the content analysis report (in
the body) the spam score appears as 5.1 points. The email is correctly
identified as spam, the subject line changed to include *SPAM*.
However, in the email headers the score
On Tue, 12 Aug 2014 10:02:37 -0400
Bowie Bailey bowie_bai...@buc.com wrote:
On 8/12/2014 9:48 AM, David F. Skoll wrote:
1) An objective criterion: Was the message unsolicited?
Unfortunately, that can be difficult to determine.
Yes, definitely. But in principle, a message is either
On 8/12/2014 10:05 AM, Matus UHLAR - fantomas wrote:
On 8/12/2014 6:31 AM, matth wrote:
Please have a look at the email below: in the content analysis report (in
the body) the spam score appears as 5.1 points. The email is correctly
identified as spam, the subject line changed to include
On Tue, Aug 12, 2014 at 6:08 AM, Matteo Dessalvi mte...@yahoo.it wrote:
Hi all.
Thanks for all the answers. I am afraid I was being naive.
I was explicitly thinking of a scenario like this: filter as
much as possible 'unsolicited email' sent by some (possibly)
'infected' account.
I
Oh, right, thanks. It is amavis. I did not realise it was triggering SA.
Thanks for the pointer.
--
View this message in context:
http://spamassassin.1065346.n5.nabble.com/Spam-score-in-headers-does-not-match-the-Content-analysis-report-tp110896p110906.html
Sent from the SpamAssassin -
On 8/12/2014 10:42 AM, matth wrote:
Oh, right, thanks. It is amavis. I did not realise it was triggering SA.
Thanks for the pointer.
Doing spam scanning with Amavis can be useful. It gives you the ability
to reject high-scoring spam, but you lose some of the per-user
customizations.
If
On Mon, Aug 11, 2014 at 5:46 PM, Karsten Bräckelmann guent...@rudersport.de
wrote:
On Mon, 2014-08-11 at 15:48 -0400, Karl Johnson wrote:
Is there any rule to score an email with only 1 URL and very few text?
It could trigger only text formatted email because they usually aren't
in HTML.
Can someone tell me why Spamassassin/Amavis are missing these types of very
obvious emails? I'm still trying to figure all of this out and I know I missed
something somewhere. Thanks.
Received: from es300.phhwtechnology.com (10.0.1.3) by mail.phhwtechnology.com
(10.0.1.5) with Microsoft SMTP
On Tue, 12 Aug 2014, Greg Ledford wrote:
Can someone tell me why Spamassassin/Amavis are missing these types of
very obvious emails? I'm still trying to figure all of this out and I
know I missed something somewhere. Thanks.
Those headers don't seem to claim that message was even scanned by
Can someone tell me why Spamassassin/Amavis are missing these types of
very obvious emails? I'm still trying to figure all of this out and I
know I missed something somewhere. Thanks.
Those headers don't seem to claim that message was even scanned by SA.
Do messages that SA *does* properly
On Tue, 12 Aug 2014, Greg Ledford wrote:
Can someone tell me why Spamassassin/Amavis are missing these types of
very obvious emails? I'm still trying to figure all of this out and I
know I missed something somewhere. Thanks.
Those headers don't seem to claim that message was even scanned by
They may take a couple of different forms depending on how SA is hooked into
your mail infrastructure.
Basic SA headers start with X-Spam, like X-Spam-Status and X-Spam-Report.
If you're using Amavis, then there would be some Amavis headers. (Note that
the mention of Amavis in the Received
On Tue, Aug 12, 2014 at 1:27 PM, Greg Ledford gledf...@phhwtechnology.com
wrote:
It should just be called by Amavis directly. Sometimes it scans and
sometimes it doesn't. I just found another obvious piece of email that SA
and Amavis scanned and missed. I tried to attach the headers but they
On Tue, 12 Aug 2014, Greg Ledford wrote:
They may take a couple of different forms depending on how SA is hooked into
your mail infrastructure.
Basic SA headers start with X-Spam, like X-Spam-Status and X-Spam-Report.
If you're using Amavis, then there would be some Amavis headers. (Note
Take a look at the sa_tag_level_deflt in your amavisd configuration file.
$sa_tag_level_deflt = 5.5;
$sa_tag2_level_deflt= 6.0;
$sa_spam_subject_tag= '***POSSIBLE SPAM***';
$sa_kill_level_deflt= 7.0;
I did. I bumped the levels a bit because they were catching some legitimate
Hi,
I disagree with that. In my opinion, only two criteria are needed
to define spam:
1) An objective criterion: Was the message unsolicited?
Unfortunately, that can be difficult to determine. People frequently put
themselves on mailing lists as a consequence of creating a free account on
On Tue, Aug 12, 2014 at 2:50 PM, Greg Ledford gledf...@phhwtechnology.com
wrote:
Take a look at the sa_tag_level_deflt in your amavisd configuration
file.
$sa_tag_level_deflt = 5.5;
$sa_tag2_level_deflt= 6.0;
$sa_spam_subject_tag= '***POSSIBLE SPAM***';
Use sa_tag_level_deflt = -100;
All your emails will have the SpamAssassin headers.
Changed and Amavis has been restarted. I’ll check the headers on the next piece
of spam to come through. Thanks for the great help!
Alex wrote:
Bowie Bailey wrote:
But you still have to consider point 1. If a user starts complaining
that he's getting spam from Amazon, I'm not going to mess with SA, I'm
going to tell him to click the unsubscribe link at the bottom of the
email. (Assuming that it actually is from Amazon,
On 2014-08-12 15:11, Kris Deugau wrote:
So... What do you do, when user A gets extremely mad to see
$legitimatenewsletter in their Inbox, and user B gets extremely mad to
see $legitimatenewsletter in their Spam folder? If you only have a
global policy with no way to adjust on a per-user basis,
On Tue, 2014-08-12 at 11:42 -0400, Karl Johnson wrote:
Thanks for the rule Karsten. I've already searched the archive to find
this kind of rule and found few topic but I haven't been able to make
it works yet. I will try this one and see how it goes.
Searching is much easier, if you know some
We're seeing FPs on legitimate messages caused by KAM_BODY_URIBL_PCCC.
It is firing on URLs from MSPs that (altho they may have some questionable
clients) have legimate customers. EG: mandrillapp-dot-com and
streamsend-dot-com
I'm a bit suprised that this rule would have a one-shot-kill score
of
Both of those are recent, I believe and both have reasons to blacklist.
Reporting here is fine. Joe will look at moving them to our marketing list but
in the end you might have to consider a custom score because we consider places
with convicted spammers as suitable for listing even if there
On 08/12/2014 05:11 PM, Kris Deugau wrote:
So... What do you do, when user A gets extremely mad to see
$legitimatenewsletter in their Inbox, and user B gets extremely mad to
see $legitimatenewsletter in their Spam folder?
Tell user A to unsubscribe? And don't do anything to increase the
32 matches
Mail list logo