[snip]
Phil,
Not seen any of these yet, any chance of some examples?
C.
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTED] Where the fun never starts
Powered by FreeBSD, and GIN!
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2.1 (GNU/Linux)
iD8DBQFEEZ0gMDDagS2VwJ4RA
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Philip Prindeville wrote:
[snip]
> I mean it's not X.400, right? ;-)
Thank the Gods...
C.
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTED] Where the fun never starts
Powered by FreeBSD, and GIN!
-B
what DNS software doesn't support
> that?
>
> mfg zmi
A better question might be "What DNS hosts don't support TXT records".
That would be quite a few. 1and1.co.uk for instance, hence the fact I'm
moving...
C.
- --
Craig McLeanhttp://fu
having simliar problems?
FBSD 5.2.1-RELEASE, SA3.1.1 on Perl 5.8.7 with IO::ZLib 1.04, no
problems here.
C.
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTED] Where the fun never starts
Powered by FreeBSD, and GIN!
-BEGIN PGP SIGNATURE-
Version: G
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Folks,
I've tinkered with t/SATest.pm to help get "make test" working correctly
in jails on FreeBSD. What's the best way to get this to the committers?
bugzilla? the dev list?
Thanks,
C.
- --
Craig McLeanhttp:
SHO. It
doesn't score here.
In any case, I'm sure the rules could be tweaked to create metas whereby
FROM_LOCAL_HEX or FROM_ENDS_IN_NUMS won't fire if (say) FROM_IS_MOBILE
or FROM_MMAIL is true. You'll need to write those rules, but they are
trivial.
> The real issue is be
n
"X-Everthing-Missed" header which I can grep for.
C.
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTED] Where the fun never starts
Powered by FreeBSD, and GIN!
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFEI/dKMDDagS
nstall it via cpan. Does anyonr of any experience
> getting Spamassasian installed on Fedora Core 4?
>
> Any help would be apprecciated.
>
> Abel Jeffcoat
[snip]
Hey Abel,
Axel T has already done the business for you:
http://atrpms.net/dist/fc4/spamassassin/
Regards,
Craig.
-
TOCKS and
HTML_IMAGE_ONLY is, IIRC, standard issue.
Out of interest, simply attaching a GIF to a mail can get you over 4
points here, all the HTML_IMAGE_ONLY rules have had their scores upped
pretty high. This system, however, has a total of 2 users. Me and the
wife. YMMV.
Those mails scored between 10 an
ch website
> under united States (www.savethechildren.org)
> Thanks
>Mrs Helen Cockran
>Ass. Coordinator
>NB: mailto: [EMAIL PROTECTED]
Smells like 419 to me, given (among other things) the level of literacy
displayed. If you have no objections I'll drop the sende
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Peter P. Benac wrote:
[snip]
>
> And your domain is my Mother's Maiden Name :)
>
> Regards,
> Pete
Remind me who you bank with? ;-)
C.
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTED] Where
.
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTED] Where the fun never starts
Powered by FreeBSD, and GIN!
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEWhuDMDDagS2VwJ4RAlA/AKCtWtELZzpn4eqB4Po3iKO61mMhmACggePg
rc2Eete27U0zum5JuQdRIx8=
=OZt9
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jean-Paul Natola wrote:
> Still getting hammered,
>
> Anyone else found a fix, getting these in DAILY
>
Not being psychic, I can't help. Perhaps you can put some examples up on
the web somewhere?
C.
- --
Craig McLea
8.621.44
18HTML_30_40453 1.683.711.38
19AWL 435 1.170.161.32
20HTML_40_50425 1.523.011.29
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTED
http://spamlegalaction.pbwiki.com/
Rules in CA might be a little different, but the principle is likely to
be the same..
C.
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTED] Where the fun never starts
Powered by FreeBSD, and GIN!
-BEGIN PG
ozen "%" characters.
If you are going to match, try doing it with patterns, like (off the top
of my head, and untested!)
/(?:£\$}\s?\d+(?:[\.,]\d+)?.{1,20}\d.{1,10}%/
might attempt to match:
"$250,000 loan at 6.35%"
"£ 1 for you just 6%!"
C.
- --
Craig McLean
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Craig McLean wrote:
> Jean-Paul Natola wrote:
>>> Hi all
>>>
>>> These homeowner spasm are still getting through ( a lot less though since
>>> adding the KAM_GEO_STRING2 rule.
>>>
>>> I do NOT
XT_LOANBODY: Loan at a certain rate.
2.0 TVD_DEAR_HOMEOWNER BODY: TVD_DEAR_HOMEOWNER
1.5 CM_CREDIT_SCOREBODY: Your score doesn't matter
1.0 CM_IMMEDIATE_CASH BODY: Immediate cash
1.0 CM_DEAR_HOMEOWNER BODY: Dear Homeowner
Plus BAYES_99 for 4 points, and
27;i
describe T_4_DODGY_DIVS Testing...
score T_4_DODGY_DIVS0.01
(note, the regexp should be on one line with no spaces)
That will catch it. You'd have to see what it FPs on though.
You could also get it to pick on single alphas between html tags with a
little tweaking.
C.
- --
Craig M
_DODGY_DIVS m'(?:\s{0,}?[\$%\w]\s{0,}?.{1,40}?){30}'i
Stick with rawbody, you don't need full. Also, you'll probably want
case-insensitive, and \s{0,}? to match zero or more whitespace.
C.
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTED] Where the fun ne
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
David B Funk wrote:
> On Tue, 16 May 2006, Craig McLean wrote:
>
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> [snipped]
>>
>> I use this style to catch a couple of common text formatting oddities
spam into different folders.
This means we can quickly see misfires either way, and has the added
benefit over milter-level bounces that bayes gets to see everything too.
C.
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTED] Where the fun never starts
Powered
#x27;t
>> even have to scan them.
>>
>>
>
> Which brings up the subject... How legitimate is email sent as
> windows-1252?
I have a bunch of stuff from paypal and ebay, and much more, which
include this charset.
I'm not attempting to answer the philosophical question,
gets put in a 'likely-spam' folder. Anything
else goes to 'spam'.
C.
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTED] Where the fun never starts
Powered by FreeBSD, and GIN!
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.3 (GNU/Linux)
ned...
Thanks,
C.
[1] http://fukka.co.uk/sa-rules/local/PhoneBL.pm
[2] http://fukka.co.uk/sa-rules/local/phone.cf
[3] http://fukka.co.uk/sa-rules/local/evilnumbers.db
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTED] Where the fun never starts
Powered by FreeBSD, and GIN!
ad, Given:
> --
> 4.8 FROM_KING_COM From known spammer 'king.com'
and:
> [EMAIL PROTECTED]
I'd say that the FROM_KING_COM rule might be misfiring, and for 4.8
points too!
C.
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTED] Where the fun never
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chan, Wilson wrote:
> Any else having this problem with spamass-milter with spamassassin?
Nope.
(ask a vague question...)
C.
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTED] Where the fun never starts
Powered
> i've come up with this
>
> #!/bin/bash
>
> for i in $( ls /home/MYDOMAIN); do
> sa-learn --spam /home/MYDOMAIN/i$/mail/Junk
> done
>
> If i set it to run as a cron job once a week, Will that do what I want it
> to do?
>
Almost certainly no
rect plugin
and a rule which gives any geocities URL a healthy dose of points (a la
http://fukka.co.uk/sa-rules/local/misc.cf) for the second 2.
XBL and spamcop (no flames please) for all, plus make sure you get your
bayes trained on this type of spam to drive the score up there, too.
Mine doesn
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Craig McLean wrote:
>
> Razor and multi.uribl.com RBL for the first 3
Oops, and multi.surbl.org...
C.
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTED] Where the fun never starts
Powered by FreeBSD, and GIN!
>
Don't know about 3.1.3, but Axel hosts 3.1.2 at atrpms.net:
http://atrpms.net/dist/fc4/spamassassin/
instructions on setting up yum to use the atrpms repo can also be found
on the site:
http://atrpms.net/install.html
C.
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTE
ago.
FWIW I have had real success using FBSD-6.0-RELEASE, SA from CPAN and
spamass-milter and sendmail from the ports collection. Just lately I've
moved away from the milter, towards a procmail-based SA setup for better
configurability. Ping me if you want more details.
C.
- --
Craig McLea
efraud me. Maybe I won't bother
> playing their game.
>
> Loren
Heh, got this one yesterday:
From: "Lazarus Dennis"
To: <[EMAIL PROTECTED]>
Subject: bastard
And thought, why's he calling me a bastard? Maybe he knows his crap
isn't going to get through.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
FWIW I *don't* see this issue on FBSD 5.2.1 running SA 3.0.4 with perl 5.6.1
Craig.
Justin Mason wrote:
>
> ah, good to hear -- although it would have been nice to have had that
noted on bug 3900, which was still listed as "awaiting confirmation"...
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Matthew Yette wrote:
| Running the sa-stats.pl version 0.9 that produces a chart with stats on
| what rules are hit for spam and ham most frequently, I notice that of
| all 13,411 autolearns performed, every one of them was for spam. Ham has
| 0 messa
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
3.1.0-rc1 nailed it to the wall.
Craig.
Ilan Aisic wrote:
|
| pts rule name description
| --
- --
| 0.9 RCVD_BY_IP Received by mail server with no na
; phrases, or "unauthorised
# access" phrases. Confirms that the mail came from @paypal and contains
# only paypal.com links, otherwise throws scores.
#
# Craig McLean - 2005/05/22
header __LOCAL_PP_ISFROMPP From:addr =~ /[EMAIL PROTECTED]/i
header __LOCAL_PP_S_UPD Subject: =~ m&
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Daryl C. W. O'Shea wrote:
| Craig McLean wrote:
|
|> -BEGIN PGP SIGNED MESSAGE-
|> Hash: SHA1
|>
|> 3.1.0-rc1 nailed it to the wall.
|>
|> Craig.
| <...>
|> domain
|> | 4.5 URIBL_SC_SURBL Con
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Nels Lindquist wrote:
| Looks like you're missing IO-stringy and
| MIME-tools, at a minimum.
|
| If you don't like the CPAN route, I believe all the perl modules
| required by MIMEDefang are available as RPMs from Dag Wieers' yum
| repository.
Out o
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
M.Lewis wrote:
>
> Is there a best practices recommendation for how often to run sa-learn ?
In addition to all the good responses you've had I would add that if you
keep the spam after learning, as I do (in case the bayes DB get killed)
then it can so
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
jdow wrote:
[Headers snipped]
I've been using the rules below to catch the paypal phishing mails I
get. I know they don't counter the header issues you are seeing, but I'd
be interested to know if they hit on the full message. If not, I'd
appreciate
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Philipp Snizek wrote:
> Hi
>
> when starting SA 3.1.0 I'm getting this in my logs:
[snip]
> Nov 6 14:46:53 mail spamd[20449]: rules: failed to run
> INVALID_HOSTNAME test, skipping:
> Nov 6 14:46:53 mail spamd[20449]: _(Can't locate object method
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[EMAIL PROTECTED] wrote:
> I'm pretty sure my Bayes database is muntered
Although I can't help with your problem, I *have* just found my new
"word for the week". And for that, I thank you.
C.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andy Pieters wrote:
> Hi list
>
> We have been receiving a lot of spam from the .jp tld lately. What's more is
> this:
[snip]
[Saw this on the fedora list..]
Andy,
As mentioned on the Fedora list, if you want to block by "fake" HELO at
the MTA lev
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andy Pieters wrote:
> On Sunday 13 November 2005 23:06, Craig McLean wrote:
>> Andy Pieters wrote:
>>> Hi list
>>>
>>> We have been receiving a lot of spam from the .jp tld lately. What's
>>> more
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Kenneth Porter wrote:
> --On Sunday, November 13, 2005 11:26 PM +0000 Craig McLean
> <[EMAIL PROTECTED]> wrote:
>
>> Ok, well if you read my last message, I've indicated a better way than
>> appending the whole thing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tracey Gates wrote:
> I'm trying to run it as user root but I'm still getting these error
> messages:
>
>
> [EMAIL PROTECTED] mail]# /usr/local/sbin/rules_du_jour
> mkdir: cannot create directory `/etc/mail/spamassasin/RulesDuJour': No
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
jdow wrote:
>
> procmail:
> :0:
> # was from one specific person
> * ^From: AntiSpam UOL <[EMAIL PROTECTED]>
> /dev/null
>
> ...
> # I just got pissed.
> :0:
> * ^From: .*uol.com.br
> $HOME/mail/uol_crap
Or (assuming you are your own MX) /etc/mail/a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Theo Van Dinter wrote:
[snip]
> Bayes is good at catching words which are spam/ham for you, make sure to
> learn those mails. SA will work better for people who tune it to the
> mail they receive though -- add your own rules for words and phrases
> yo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hey folks, I was having a thought about phone numbers in spam messages,
and the old brain pinged an idea at me. I'd really appreciate any feedback!
It occurred to me that I get a fair amount of spam which includes
phone/fax numbers. It also occurred t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
List Mail User wrote:
>> Hey folks, I was having a thought about phone numbers in spam messages,
>> and the old brain pinged an idea at me. I'd really appreciate any feedback!
>>
>> It occurred to me that I get a fair amount of spam which includes
>> p
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
jdow wrote:
>> On Sat, Dec 10, 2005 at 12:07:05PM -0800, JP Kelly wrote:
>>> is SA 3.1 available through cpan yet?
>>> If not will it be?
>>
>> Has been since September:
>>
>> http://cpan.org/modules/by-module/Mail/Mail-SpamAssassin-3.1.0.tar.gz
>
> S
s, but your
point is well taken. I assume from your comments that email addresses in
the body of messages do not currently get looked at?
Thanks!
C.
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTED] Where the fun never starts
Powered by FreeBSD, and GIN!
--
o the list, so if anyone wants them,
they're at http://fukka.co.uk/sa-rules/local/phone_rules.cf
C.
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTED] Where the fun never starts
Powered by FreeBSD, and GIN!
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1
Jim Nasby's comments that:
"It's surprising to me that the SA lists aren't just run through SA.
Spam making it past that is a good indication of where SA could be
improved afterall."
C.
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTED] Where th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Martin Hepworth wrote:
>
>
>> -Original Message-----
>> From: Craig McLean [mailto:[EMAIL PROTECTED]
>> Sent: 23 December 2005 16:03
>> To: users@spamassassin.apache.org
>> Subject: Re: I'm afraid I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Kai Schaetzl wrote:
> Craig McLean wrote on Fri, 23 Dec 2005 16:02:47 +:
>
>> I'll disagree with you here, I have had to contact the list-owner to get
>> a dynamic address unsubscribed
>
> You mean an address
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Kai Schaetzl wrote:
> Craig McLean wrote on Sun, 25 Dec 2005 13:51:46 +:
>
>> I *subscribed* with a dyndns-style address in
>> a dynamic space, then couldn't *unsubscribe* it because the list bounced
>> everything
8 ham (from 4936) for squirrelmail and 6 spam/51 ham for thebat.
Kind Regards,
C.
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTED] Where the fun never starts
Powered by FreeBSD, and GIN!
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (G
to users@spamassassin.apache.org
in local.cf.
C.
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTED] Where the fun never starts
Powered by FreeBSD, and GIN!
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDvBHJMDDagS2VwJ4RAl5QAKDF
s lines 269/270 (correct me if I'm wrong).
Is this expected behaviour? It seems a little extreme?
I can easily lower the score locally, and with a little better bayes
training we would never have hit the threshold, but thoughts and
comments would be appreciated.
Thanks in advance,
bayes just fine. My bayes FP rate doesn't get pushed up
either.
Regards,
C.
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTED] Where the fun never starts
Powered by FreeBSD, and GIN!
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDxq
nspam and
bayes_auto_learn_threshold_spam
C.
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTED] Where the fun never starts
Powered by FreeBSD, and GIN!
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDxquHMDDagS2VwJ4RAu7yAJwMerw6z+HTG
very careful to feed
accurate info into it.
Set up a spamtrap and a "spam" folder for manually identified spam, feed
those into bayes by hand using sa-learn. Do the same for ham.
There are plenty of ways to get a sizeable spam corpus fairly quickly :-)
C.
- --
Craig McLean
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
jdow wrote:
> (And sometimes it is fun to exercise morbid curiosity and look at some of
> the outlandishly large scores and laugh at the poorly defined
> messages. "Die Vile Spam!")
>
> {^_-}
I'm glad it's not
Gene, I'm a little confused about your setup, why not just get fetchmail
to deliver all mail to procmail as the local MDA (man fetchmail will
help you out), then let procmail sort into folders and spam check as
necessary, and then use KMail as what it essentially is - a mail reader.
Have
hose is no longer advisable).
I also have a bunch of homebrew rules which add weigh to the specific
types of spam I see here. They're on the website below if your interested.
If you are getting a lot of pump-and-dump stock/microcap image spam, I
can heartily recommend SARE_STOCKS. It's a
cribe
> messages to the getmail-user list over the last 3 days with no response
> which is discouraging. OTOH, now that I know it can't do what I want,
> who cares. It might be that if there was a manpage for getmail, it
> might be possible. A pox on software that doesn
stances that Spamassassin skips any
> rules?
>
>
Rules scored at 0 will be skipped by SA. If you want the rule to fire
but with a very low score (for testing, etc) assign a score like 0.01 to it.
C.
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTED] Where the fun n
you could install one
on the firewall box and use fetchmail to pull it onto the main server.
Assuming you felt suitably insane.
Regards,
C.
- --
Craig McLeanhttp://fukka.co.uk
[EMAIL PROTECTED] Where the fun never starts
Powered by FreeBSD, and GIN!
-BEGIN PGP SIGNAT
>
> I I have "local5.*; /var/log/spamassassin" in my syslogd.conf file. I HUP
> syslog, and relaunch spampd, but the messages still go to the console and
> not to the file.
> Any ideas?
You could try "/usr/local/bin/spamd -s /var/log/spamassassin &"
C.
- --
Craig M
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Henry F. Camacho Jr wrote:
> You need the -d.
>
> HFC
>
>
> Craig McLean wrote:
>
> Don O'Neil wrote:
>
>
>>>> Hi all... I've tried using the FAQ entry to get spamd to log to
>>&g
Apologies for the top-posting and crappy formatting. I need a better mail
client for my handheld...
I know that SA strips existing headers these days, but would it be possible to
add a custom rule which checks for the existence of such headers, added by an
upstream MTA, and scores accordingly?
All,
I don't have a massive mail system. Just 2 users, of which this is
one ;-) and ~200 messages a day.
In order to train bayes I created a junk user and seeded it to a few
messageboards to get it on the spam lists. The account isn't used for
anything else so every message is spam and gets learned
A whole new set of challenges heading our way...
http://www.theregister.co.uk/2005/02/17/spam_gets_vocal_with_voip/
Craig.
Don, some thoughts inline..
Don Levey wrote:
If the definition of insanity is doing the same thing multiple times and
expecting a different result, what is it when you're doing the same thing
multiple times, expecting the same result, and you get DIFFERENT results?
Sounds like the definition of com
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Don Levey wrote:
| Craig McLean wrote:
|
|
|>> * The spamd/spamass-milter processes should not run as root (user
|>>'spamassassin').
|>
|>I gather from your previous mail that you already run this as
|>"spamas
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Don Levey wrote:
[snip]
[Spamassassin rejecting mail above a certain score]
| Not only that, but it seems to be happening now! I vaguely remember
seeing
| which config file would control this, but re-Googling for it doesn't turn
| anything up now. Dam
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Don Levey wrote:
[snip]
| The latest in my quest to get SA to work properly...
|
| I've made sure that the whitelist and Bayes DB can be written to and
be read
| by 'spamassassin'. I've set the '-u spamassassin' flag for both the
| /etc/sysconfig/spama
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dear list,
I've got a few local rules which I use to supplement the basic SA
installation (3.0.2), but I don't really have a sizeable ham/spam corpus
to test them against. Also, I'm aware that there will likely be some
cross-over with the SARE ruleset,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Anyone spot the deliberate mistake? :-(
Craig. - This time with the attachment.
-
Dear list,
I've got a few local rules which I use to supplement the basic SA
installation (3.0.2), but I don't really have a sizeable ham/spam corpus
to test them aga
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andreas Davour wrote:
[snip]
| Are there any rule for this? Would one be hard do design? I haven't seen
| anything about is in the documentation. OR, I haven't understood what
| I've read...
I just wrote a bunch of obfu-rules with negative lookaheads an
On Thu, April 14, 2005 12:04 pm, Gray, Richard said:
[snip]
> When we've had to deal with this, I tend to write to write a short email
> demonstrating the effectiveness of the tool (produce some statistics on
> spam stopped) and point out that there is no way to achieve a 100%
> efficiency.
Or ju
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Call me paranoid, but a few weeks back I posted a couple of rules on this
list and to the exit0 wiki which were designed to catch a common phrase
seen in many 419 spams. Notably one which catches a common "allow me to
introduce myself" style opening.
I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ron Shuck wrote:
| Has anyone ever seen a situation where entries in the black_list are not
| being used or matching?
Yes.
Kind Regards,
Craig.
P.S Perhaps you could be more specific?
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.6 (GNU/Linux)
Comme
the
| header. I have modified the init.d script for SpamAssassin to include
| -D, and there are no errors in the startup.
|
|
|
| Ron Shuck, CISSP, GCIA, CCSE - Managing Consultant
| Buchanan Associates - People. Process. Technology.
|
| -Original Message-
| From: Craig McLean [mailto:[EMAIL
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ron Shuck wrote:
| Here is the log. I don't have the message, but as you can see it did not
| match the blacklist.
|
| ---log--
| Apr 24 04:39:43 mail postfix/smtpd[25746]: connect from
| castile.calmra.com[72.11.146.117]
| Apr 24 04:39:44 mail
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ring, John C wrote:
| I just learned of an issue we're having on a fail positive due to a hit on
| INVALID_MSGID (and that I'd jacked the score on that up to 20, but that's
| another story...). While I just learned of the issue today, it started a
| bi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
In reply to my own earlier post:
Thanks to Matt Kettler for a better understanding of the facts. I should
have RTFRFC again before opening my mouth!
| They both seem to hit INVALID_MSGID here.
As they should, see below.
| I'm having some problems unders
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mike Chambers wrote:
| I finally got spamassassin working (I think), via installed
| spamassassin-milter and it seems to stop the spam, as well as I see the
| headers showing it's checking.
|
| spamass-milter-0.3.0-1.1.fc3.rf
| spamassassin-3.0.3-3.fc4
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Theo Van Dinter wrote:
| On Fri, Apr 29, 2005 at 11:14:10PM +0100, Craig McLean wrote:
|
|>| BTW, why have *any* single rule scored at 20? Especially this one.
|>
|>This question, however, still stands.
|
|
| If a rule doesn't FP for you
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael Weber wrote:
| This one came in on my 3.0.2 gateway, haven't yet had one try my other
| gateway which is 3.0.3.
|
| -Michael
Without adding anything useful, except perhaps corroborating evidence,
this has also been an issue here on 3.0.2 and s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Matt Kettler wrote:
|
| HSA (Historical Score Averager) might be reasonably accurate, but unless
| you think about the math, it's purpose isn't clear. (And in my
| experience, most people don't enjoy thinking about math. )
|
| Got any better suggestions
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Johnson, S wrote:
| Anyone know the best way to subscribe to receive all the spam I can
| possibly get?
|
|
| Thanks
A foolproof way used by the 419 eaters used to be:
1) search in google for "MUGU GUYMAN"
2) post a message in the resulting guestbook
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Johnson, S wrote:
>
>
> Im looking at creating an email address to capture spam and only be
> used for spam. Since I can be guaranteed that all email I received to
> this address is spam, is there a way to weigh this higher in the sa-learn?
>
Spam i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
jdow wrote:
| From: "Craig McLean" <[EMAIL PROTECTED]>
|
|>-BEGIN PGP SIGNED MESSAGE-
|>Hash: SHA1
|>
|>Johnson, S wrote:
|>
|>>
|>>I'm looking at creating an email address to capture sp
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alan Munday wrote:
|
| Is it possible to move the awl data when migrating to SQL?
|
Sounds like a job for convert_awl_dbm_to_sql which, here at least, is in:
/var/cpan/build/Mail-SpamAssassin-3.0.3/tools/
Then again, I might be talking out of my behind.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi all,
Using SA 3.0.3 on FreeBSD, I noticed the following interesting maths in
the report from a message received a moment ago:
- -quote-
Content analysis details: (4.1 points, 4.0 required)
~ pts rule name description
- ---
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Loren Wilton wrote:
|>Now correct me if I'm wrong, but 3.5 + 0.2 + 0.1 + 0.1 is not 4.1 ?
|
|
| Rounding. See the wiki.
|
Can you be more specific? A search of wiki.apache.org/spamassassin shows
2 pages containing "rounding":
StatusRounding - orphaned.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Theodore Heise wrote:
|
| On Sun, 15 May 2005, Craig McLean wrote:
|
|
|>-BEGIN PGP SIGNED MESSAGE-
|>Hash: SHA1
|>
|>Loren Wilton wrote:
|>|>Now correct me if I'm wrong, but 3.5 + 0.2 + 0.1 + 0.1 is not 4.1 ?
|>|
|
1 - 100 of 107 matches
Mail list logo