Am 05.09.2014 um 08:40 schrieb Adi:
>> i got recently a clear spam message which would have
>> a score of 6.9 but RP_MATCHES_RCVD removed 1.7 points
>>
>> is that not a little too much?
>
> think so too. I set it into local.cf:
>
> score RP_MATCHES_RCVD -0.1
thanks for confirmation
i give it e
Hi
> i got recently a clear spam message which would have
> a score of 6.9 but RP_MATCHES_RCVD removed 1.7 points
>
> is that not a little too much?
>
think so too. I set it into local.cf:
score RP_MATCHES_RCVD -0.1
Best Regards
Hi
i got recently a clear spam message which would have
a score of 6.9 but RP_MATCHES_RCVD removed 1.7 points
is that not a little too much?
* X-Spam-Status: Yes, score=5.2, tag-level=4.5, block-level=8
* 5.0 BAYES_95 BODY: Bayes spam probability is 95 to 99%
* -1.7 RP_MATCHES_RCVD Envelope sen
--- Begin Message ---
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-3019-1 secur...@debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
Se
Hi there
We're using the redis backend for bayes and sa-learn --dump seems to be
having some difficulty...
sa-learn --dump
0.000 0 3 0 non-token data: bayes db version
0.000 01329618 0 non-token data: nspam
0.000 0 756350 0
Heh, yeah I know kids of today are so much worse then 20 years ago :)
But either way, there needs to be drawn a line, so many newbies are
scarred to post there newbie questions on so many lists because of
people like Harry, he's got a long history of moderation and bannings,
but, even I admit
On Fri, 2014-09-05 at 01:05 +0200, Karsten Bräckelmann wrote:
> The AWL manipulating options are rather limited, offering addition of a
> high scoring positive or negative entry, or plain removal of an address.
> In particular unlike Bayes, AWL doesn't work on a per-message basis.
> Forgetting a si
On Thu, 2014-09-04 at 09:11 -0600, Jesse Norell wrote:
> On Thu, 2014-09-04 at 13:04 +0200, Matus UHLAR - fantomas wrote:
> > On 03.09.14 15:13, Jesse Norell wrote:
> > > Both today and in the past I've looked at some FP's that scored very
> > > high on AWL. At least today I dug up the old mess
On Thu, 2014-09-04 at 13:54 -0600, Philip Prindeville wrote:
> On Sep 3, 2014, at 7:36 PM, Karsten Bräckelmann
> wrote:
> >> header __KAM_PHIL1To =~ /phil\@example\.com/i
> >> header __KAM_PHIL2Subject =~ /(?:CV|Curriculum)/i
> >
> > Bonus points for using non-matching grouping. But maj
Am 04.09.2014 um 19:25 schrieb Reindl Harald:
>> Now as for dynamic or dialup RBLs go, UNFORTUNATELY although
>> many responsible ISPs do insert the word dynamic or dialup
>> in the PTRs of their dialup or dynamic pools, a great many
>> still do not. Which means the RBL's that track those need
>
On Thu, 2014-09-04 at 10:59 -0700, jdow wrote:
> On 2014-09-04 10:51, John Hardin wrote:
> > On Thu, 4 Sep 2014, LuKreme wrote:
> >
> >> For the record, using sql for babes is considerably faster.
> >
> > Is that anything like "SQL for Dummies"?
>
> John, I was wondering if there was an SQL for bo
The bayes_Seen stuff never expires - it just grows, forever.
You can safely delete it unless you frequently need to "forget" entries
(which hardly anybody does)
no need to restart MailScanner - just delete bayes_seen.* and watch it
come back & grow...
On 09/04/2014 10:05 PM, Kevin Miller wrot
On Thu, 4 Sep 2014, Timothy Murphy wrote:
I'm not certain that SA is taking account of the result of sa-learn.
I'm surprised that the spam score does not seem to change significantly
after many instances of almost identical messages are put through sa-learn.
(1) Do you see any BAYES_* rules hi
My bayes_see.pag file seems awfully large to me. Is this normal? I run a
nightly expiry via cron. Here's the directory listing and output from sa-learn
mx2:/etc/MailScanner/bayes # l
total 3956304
drwxrws--- 2 root www4096 Sep 4 09:59 ./
drwxr-xr-x 7 root root 4096 Sep 3 13:07
On Thursday, September 04, 2014 11:26:01 AM LuKreme wrote:
> > Is there a simple check to make sure salearn is working?
> > (I get the message that "192 messages have been examined",
> > and ~/.spamassassin/bayes_seen and bayes_tok are pretty large,
> > 300kB and 5MB.)
> For the record, using sql
On Sep 3, 2014, at 7:36 PM, Karsten Bräckelmann wrote:
>
>> header __KAM_PHIL1To =~ /phil\@example\.com/i
>> header __KAM_PHIL2Subject =~ /(?:CV|Curriculum)/i
>
> Bonus points for using non-matching grouping. But major deduction of
> points for that entirely un-anchored case insensitive
David F. Skoll wrote
> On Thu, 4 Sep 2014 11:02:27 -0700 (PDT)
> George Johnson <
> georgejohnson@
> > wrote:
>
>> I'm getting another slew of these this morning, all with a variety of
>> strange headers added apparently to foil spam filtering. All are
>> getting through my spamassassin set up,
On 9/4/2014 1:51 PM, John Hardin wrote:
On Thu, 4 Sep 2014, LuKreme wrote:
For the record, using sql for babes is considerably faster.
Is that anything like "SQL for Dummies"?
I've heard good things about the Derek Zoolander Center for Kids who
can't SQL Good and who Wanna Learn to do Other
On 9/4/2014 2:18 PM, John Hardin wrote:
On Thu, 4 Sep 2014, jdow wrote:
On 2014-09-04 10:51, John Hardin wrote:
On Thu, 4 Sep 2014, LuKreme wrote:
> For the record, using sql for babes is considerably faster.
Is that anything like "SQL for Dummies"?
John, I was wondering if there was an
On Thu, 4 Sep 2014, jdow wrote:
On 2014-09-04 10:51, John Hardin wrote:
On Thu, 4 Sep 2014, LuKreme wrote:
> For the record, using sql for babes is considerably faster.
Is that anything like "SQL for Dummies"?
John, I was wondering if there was an SQL for boys, too.
SQL for Jocks, mayb
On Thu, 4 Sep 2014 11:02:27 -0700 (PDT)
George Johnson wrote:
> I'm getting another slew of these this morning, all with a variety of
> strange headers added apparently to foil spam filtering. All are
> getting through my spamassassin set up, which is usually nearly
> bulletproof. Typical headers
I'm getting another slew of these this morning, all with a variety of strange
headers added apparently to foil spam filtering. All are getting through my
spamassassin set up, which is usually nearly bulletproof. Typical headers
are:
Imbrue-Gaol:17169949.17169949
Manila-Cairn:
On 2014-09-04 10:51, John Hardin wrote:
On Thu, 4 Sep 2014, LuKreme wrote:
For the record, using sql for babes is considerably faster.
Is that anything like "SQL for Dummies"?
John, I was wondering if there was an SQL for boys, too.
{O,o}
On Thu, 4 Sep 2014, LuKreme wrote:
For the record, using sql for babes is considerably faster.
Is that anything like "SQL for Dummies"?
--
John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB873
On Wed, 2014-09-03 at 23:50 -0400, Alex wrote:
> > > I looked in the quarantined message, and according to the _TOKEN_
> > > header I've added:
> > >
> > > X-Spam-MyReport: Tokens: new, 47; hammy, 7; neutral, 54; spammy, 16.
> > >
> > > Isn't that sufficient for auto-learning this message as spa
On 9/4/2014 12:52 PM, Jude DaShiell wrote:
Since spamassassin cannot handle large spam over 2MB in size, what can
be used to handle that class of junk? Maybe some of you have got
messages from 3 Bureau Monitoring. I get those probably twice daily
and much as I dislike it, I will probably term
> On 04 Sep 2014, at 05:32 , Timothy Murphy wrote:
>
> 1) Is there a simple way of dumping email with an empty To: header?
> This seems invariably to be spam, and I'm surprised SA doesn't seem
> to score it highly.
You may be surprised if you actually check spam and ham.
> 2) Does "autolearn"
Am 04.09.2014 um 19:08 schrieb Ted Mittelstaedt:
>> there are no countermeasures for a spammer against make it
>> on a RBL or use a zombie on a infected machine and get
>> blocked by Dialup-RBL's before the first mail or by
>> get rejected because the dynamic PTR of the infected
>> zombie
>
> Ye
On 9/3/2014 11:13 AM, Reindl Harald wrote:
Am 03.09.2014 um 19:16 schrieb Ted Mittelstaedt:
On 9/2/2014 1:52 PM, Reindl Harald wrote:
Am 02.09.2014 um 22:32 schrieb Ted Mittelstaedt:
On 9/2/2014 4:59 AM, Reindl Harald wrote:
just get a proper MTA, enable debug logging
and watch the com
Since spamassassin cannot handle large spam over 2MB in size, what can be
used to handle that class of junk? Maybe some of you have got messages
from 3 Bureau Monitoring. I get those probably twice daily and much as I
dislike it, I will probably terminate that other internet account when
time
On Thu, 2014-09-04 at 13:04 +0200, Matus UHLAR - fantomas wrote:
> On 03.09.14 15:13, Jesse Norell wrote:
> > Both today and in the past I've looked at some FP's that scored very
> >high on AWL. At least today I dug up the old messages that caused AWL
> >to get out of line, and trained them as ha
On Thu, 4 Sep 2014, Geoff Soper wrote:
I've got an issue whereby spam messages seem to be somehow bypassing SA
and getting into my inbox.
:0fw: spamassassin.lock
* < 40
| spamc -x
Are the messages that bypass SA always rather large?
--
John Hardin KA7OHZhttp://www.i
On Thu, 4 Sep 2014, Timothy Murphy wrote:
1) Is there a simple way of dumping email with an empty To: header?
If by "dump" you mean "discard", this simple test might be better done in
your MTA. However, "poison pill" rules (absent certain DNSBLs) are
generally discouraged.
This seems inva
1) Is there a simple way of dumping email with an empty To: header?
This seems invariably to be spam, and I'm surprised SA doesn't seem
to score it highly.
Maybe it doesn't consider this to be a header?
2) Does "autolearn" actually remove spam with a very high score?
Or does it still get marked as
On 03.09.14 15:13, Jesse Norell wrote:
Both today and in the past I've looked at some FP's that scored very
high on AWL. At least today I dug up the old messages that caused AWL
to get out of line, and trained them as ham. AWL's scores still show
the high scores on those (in this case I manual
On 09/04/2014 12:29 PM, Kevin A. McGrail wrote:
Using procmail without MTA glue is OK for many uses. I am wondering how many
spamd connections you allow and if you have checked your logs?
I also cannot remember but the uses of a lock file seem odd for something that
can thread. Any one know
Using procmail without MTA glue is OK for many uses. I am wondering how many
spamd connections you allow and if you have checked your logs?
I also cannot remember but the uses of a lock file seem odd for something that
can thread. Any one know if that is a good idea to remove?
Regards,
KAM
>>
On 04.09.14 07:51, Geoff Soper wrote:
References:
<1014212314.119.1394801251166.JavaMail.TPIWEB$@virus.tw.shuttle.com>,<6d30dd2234165a4fb52082d093514b87132b0...@tpiex04.shuttle.corp>
<16437ca7e285c5498f501fae7eeb7d131323f...@tpiex04.shuttle.corp>,<53282f7c.9010...@alphaworks.co.uk>
<16437ca7e285
38 matches
Mail list logo
