Re: IMPORTANT NOTICE FOR PEOPLE RUNNING TRUNK re: [Bug 7826] Improve language around whitelist/blacklist and master/slave

> On Jul 9, 2020, at 9:00 PM, Kevin A. McGrail wrote: > > IMPORTANT NOTICE > > If you are running trunk, we are working on changing terms like whitelist to > welcomelist and blacklist to blocklist. > > https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7826 >

Re: Anyone else just blocking the ".top" TLD?

>> >> On Wed, Apr 27, 2016 at 5:39 PM, @lbutlr wrote: >> On Apr 27, 2016, at 2:06 PM, Olivier Coutu wrote: >> > I have affected a hefty penalty in SA to any mail that comes from one of >> > these TLDs: >> > >> > (party|science|click|link|faith|racing|win|zip|review|country|kim|cricket|work|gq|d

Re: Heads up: Net::DNS update may have quietly broken your SpamAssassin.

> > Your problem is URIBL_BLOCKED. The usual cause of this is running a mail > system that relies on a public-access DNS resolver, although if you have > substantial volume on your system you can have this happen with your own DNS > infrastructure. See http://uribl.com/refused.shtml for detail

Re: Heads up: Net::DNS update may have quietly broken your SpamAssassin.

> On Sep 18, 2015, at 12:41 AM, Bill Cole > wrote: > > nd after many hours of trying to determine why which included reviewing BIND > configs and packet captures and dissection, I nailed it down to SA making DNS > queries without the "recursion desired" flag. Since my local nameservers > isn

Re: SA and Ubuntu 14.04 LTS

On Jul 16, 2014, at 7:31 AM, Chris wrote: > On Wed, 2014-07-16 at 01:50 -0700, Ian Zimmerman wrote: >> On Wed, 16 Jul 2014 06:09:08 +0200 >> Karsten Bräckelmann wrote: >> >>> And to really include *local* plugins, provide a relative path (to the >>> current site-wide configuration dir, without

Re: 'hair' spam

>> >> >> >> Missing Date and Message-Id headers, no Received headers. I'd focus on >> fixing those, before looking at Bayes again. > > Just had a look at various samples here. Correction: The Message-Id > header appears to be missing indeed. > > I have now noticed this with all other message

'hair' spam

I've been getting flooded with pump n dump spams for a particular stock symbol, and my feeble admin skills these days are making it difficult to slow. Been using mailspike, spam cop at the mta, and barracuda too. Here's a sample: http://pastebin.com/Y5q4QTnf What kind of worries me are the lo

Re: Large # of Spam getting through all of a sudden.

On Jun 13, 2013, at 6:20 PM, Alex wrote: > > > It's only been in the last few weeks that I've had real difficulty > with pump-and-dump spam and needing to investigate something > additional. Interestingly, they only seem to work during EDT business > hours. After working with it for a few day

Re: URIBL_BLACK unreilable?

> > So, why is it triggering URIBL_BLACK and URIBL_DBL_SPAM etc now, but > not when I received the original spam? > > Or was the database updated with those > URLs after I received that particular spam? > i It is quite likely that it was not in the database when you received it, but was added

sa-update & different rulesets

Evening, This might be particular to the Ubuntu spamassassin package, but I'm a little confused about sa-update and the channel files. I added sought & dostech rulesets and updated them with sa-update. Will sa-update remember them and continue to update them daily? Does sa-update need

Test - ignore

Excuse the test. Testing a delivery issue. I think I clamped down on things a bit too much and broke my own ability to send stuff to/from sourceforge. :-)

Re: spam skating through

> >> This sagrey plugin sounds great, I'm giving it a try now. Thanks for >> the info. > > I'd be wary about that. Personally, the FPs I've had in the past have > overwhelmingly "first contact". I've been giving it a whirl and adjusted the score down a little bit.. So far, it's been doing gr

Re: spam skating through

On Feb 23, 2012, at 12:59 PM, Benny Pedersen wrote: > Den 2012-02-23 18:50, Jonathan Nichols skrev: > >> Now this is something that I have never seen before and am going to >> look into this evening > > setup awl to mask on /32 and keep awl factor at 0.5 > >

Re: spam skating through

> > 1.3 SAGREY Adds score to spam from first-time senders > Now this is something that I have never seen before and am going to look into this evening

Re: spam skating through

Message has a DKIM or DK signature, not > necessarily valid > 1.7 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/) > > Regards, > KAM > > > > On 2/23/2012 12:10 PM, Jonathan Nichols wrote: >> >> Two examples from the past half hour alone: >&

spam skating through

Two examples from the past half hour alone: http://pastebin.com/SraBrj7r http://pastebin.com/PRspRuLS I'm getting flooded with spam these days. Bayes is on, I'm using the built-in RBLs, hostkarma, mailspike, BRBL, botnet & freemail plugin, pyzor, razor.. and things are still sailing right thro

Re: RCVD_IN_SORBS_DUL on my own emails to self

On Apr 9, 2011, at 5:59 PM, Michelle Konzack wrote: > Hello rstarkov, > > Am 2011-04-09 15:50:36, hacktest Du folgendes herunter: >> Does your header definitely include an ESMTP marker as per the RFC? Mine >> didn't; that was the real issue. We didn't find a bug in this rule. So I >> guess SpamA

Re: ANNOUNCE: Apache SpamAssassin 3.3.1 available

On Mar 19, 2010, at 11:31 AM, Justin Mason wrote: > Release Notes -- Apache SpamAssassin -- Version 3.3.1 > > The Ubuntu package for hardy is *way* out of date and seemingly stuck at 3.2.5, Is it safe to update via CPAN and still retain compatibility with apt-get/aptitude? Cheers!

Botnet keeps tripping

This might be very simple, but Botnet keeps triggering on a local school district. I THOUGHT that I added it to the pass_domains list correctly. Help! Botnet.cf has the following in it: botnet_pass_domains amazon\.com # they use IP in Hostname; dorks botnet_pass_domains

spamd on a remote server - user_prefs

Hi. I'm testing a setup with DirectAdmin boxes and a dedicated spamd box, but so far I've found that spam_required is a global setting and you can't seem to send user_prefs across since they live on the spamc server. Is there a workaround for this at all? Can SA be told "Ok, user_prefs l

Spam from Gmail & Blogspot

Example spam at: http://www.pbp.net/~jnichols/spam3.txt I've been getting quite a lot of spam that's coming *directly* from Google, using Google servers and referencing blogspot.com (also a Google property) URLs. I've been submitting them to URIBL but naturally, they're constantly changing.

spamd & DirectAdmin

Hey y'all! Have any of you tweaked the spamc/spamd setup on a DirectAdmin box to point to a dedicated spamd server? I've been surfing around the DirectAdmin forums but haven't seen much of an answer yet. Basically, we have a few DirectAdmin boxes, and we want to build one honcho spamd ser

Re: Returned mail spam

On Apr 9, 2008, at 2:16 PM, mouss wrote: Martin Gregorie wrote: On Wed, 2008-04-09 at 19:04, Jonathan Nichols wrote: Guys? He's been joe-jobbed. From the original email: "somebody is using my email as the bounce- back return email. How do I avoid the problem?" If SPF

Re: Returned mail spam

On Apr 8, 2008, at 2:50 PM, McDonald, Dan wrote: On Tue, 2008-04-08 at 12:36 -0700, ahgu wrote: They forged the header with my email addr as the return address. When it get bounced back by a server, everything is valid. Since the server strip off most of the content, it can pass the spamass

Re: OT: uribl.com folks awake?

On Mar 27, 2008, at 10:19 AM, Dallas Engelken wrote: Jonathan Nichols wrote: Sorry for the OT. I've been trying to get in touch with whoever is in charge of URIBL zonefile mirrors without success. Is this thing on? Ping me offlist, por favor. I may have just been pinging the

OT: uribl.com folks awake?

Sorry for the OT. I've been trying to get in touch with whoever is in charge of URIBL zonefile mirrors without success. Is this thing on? Ping me offlist, por favor. I may have just been pinging the wrong people. -- Jonathan

Re: The 'believe-it' spams

On Feb 24, 2008, at 7:39 PM, Bob Proulx wrote: Jonathan Nichols wrote: Anyone catching these? Here's a sample: http://pastebin.ca/916902 Those have been slipping right through these days. Scores are in the pastebin post. Even with a current sa-update and also Justin's (very w

The 'believe-it' spams

Anyone catching these? Here's a sample: http://pastebin.ca/916902 Those have been slipping right through these days. Scores are in the pastebin post. SpamAssassin version 3.2.3 running on Perl version 5.8.7 (From the Ubuntu package, which I cannot for the life of me figure out how to e

blank mail with pdf attachment slipping right through

I had one slip right through. Looks like PDFInfo.pm loaded too.. Aug 20 14:05:59 mailgate postfix/qmgr[4397]: 6BD0419D66: from=<[EMAIL PROTECTED]>, size=32111, nrcpt=1 (queue active) Aug 20 14:05:59 mailgate postfix/smtpd[2391]: disconnect from localhost[127.0.0.1] Aug 20 14:05:59 mailgate ama

Re: amavisd & sa not loading plugins?

Theo Van Dinter wrote: On Thu, Aug 02, 2007 at 12:27:55PM -0700, Jonathan Nichols wrote: I tried dumping the PDFInfo.pm plugin there, but it's still not loading it. I also have a copy in /etc/mail/spamassassin along with the cf file, but no dice so far. Plugins aren't automatica

amavisd & sa not loading plugins?

My logs show this: Aug 2 12:22:43 mailgate amavis[2883]: (02883-01) extra modules loaded: Mail/SpamAssassin/Locales.pm, Mail/SpamAssassin/Plugin/Bayes.pm, Mail/SpamAssassin/Plugin/BodyEval.pm, Mail/SpamAssassin/Plugin/Check.pm, Mail/SpamAssassin/Plugin/DNSEval.pm, Mail/SpamAssassin/Plugin/H

RDJ "autoban"

I'm still seeing this when I run RDJ manually. I'm not running it from cron and it's been disabled for weeks. yes, I emailed the address noted in the error. :) [11915] warn: config: failed to parse line, skipping: AUTOBAN: Over 500 *.cf requests in 48 hours period - Check your CRON [11915] wa

Folks using amavisd-new and SA...

Just a quick question to those that are using those two together. I have: $max_servers = 10; $max_requests = 15; in amavisd.conf. But the box's load average seems to be hovering around 2.00 all the time. Sometimes a little lower, sometimes higher. Quax 500mhz Xeon, ultra 160gb disks, 1gb RA

Re: 404 while getting RDJ updates?

Sic the RIAA lawyers on them. {^_^} What? And give them a chance to show they may have some redeeming quality? Not to those sharks, Joanne, ever. I think that they'd encounter the spammers and a really bizarre "good or evil" loop would form, causing a vortex that would slurp up everyt

Re: 404 while getting RDJ updates?

Its true, scanners indicate klingon war vessels approaching our sector. We've dropped out of warp due to overuse of the dilythium crystals. Federation starships have been called in for assistance. Scottie has given us more power, but is not sure she will hold together much longer. All the whil

Re: New stock spam (2/14/07)

Maciej Friedel wrote: On 02/14/07 Jonathan wrote: http://www.pbp.net/~jnichols/spam2.txt 0.0 BOTNET_NORDNS IP address has no PTR record 0.1 HTML_50_60 BODY: Message is 50% to 60% HTML 0.0 HTML_MESSAGE BODY: HTML included in message 1.0 BAYES_50 BODY: Bayesian spam probability is 40 to 6

New stock spam (2/14/07)

Ugh! http://www.pbp.net/~jnichols/spam2.txt I've been getting absolutely hammered with these spams. I had over 50 in my inbox this morning. Any rulesets to deal with them? They're scoring lower and lower all the time. The one I linked to scored -2 :-(

Re: Stock Spam

It's time to switch to 3.1.7, San. Isn't it? :) giampaolo It was time a long time ago. :-) The upgrade is good. sa-update is a useful tool.

Re: Loads of 'xxx wrote:' Spam

John D. Hardin wrote: On Mon, 27 Nov 2006, Jonathan Nichols wrote: I ran sa-update earlier, have URIBL, razor, etc.. and I'm still getting these slipping through. It's tempting to add +3 to "wrote:" in the subject. Do you happen to be using the SARE stocks ruleset? If no

Re: Loads of 'xxx wrote:' Spam

Chris wrote: On Monday 27 November 2006 4:27 pm, John D. Hardin wrote: On Mon, 27 Nov 2006, Bowie Bailey wrote: As has been the suggestion for the past X months, run sa-update. :) we've got to make this a more prominent FAQ somehow... Too bad you can't have a "sticky" thread on a mailing list

Re: I never see BAYES anymore..

Matt Kettler wrote: Jonathan Nichols wrote: I feed all of my spam into Bayes. Stuff that slips through gets fed into bayes as well. but I never see any Bayes hits. spamassassin -D --lint gives me this: Are you *sure* you're running this as the same user your mail gets scanned as?

Re: I never see BAYES anymore..

Matt Kettler wrote: Jonathan Nichols wrote: I feed all of my spam into Bayes. Stuff that slips through gets fed into bayes as well. but I never see any Bayes hits. spamassassin -D --lint gives me this: Are you *sure* you're running this as the same user your mail gets scanned as?

I never see BAYES anymore..

I feed all of my spam into Bayes. Stuff that slips through gets fed into bayes as well. but I never see any Bayes hits. spamassassin -D --lint gives me this: [28551] dbg: uri: running uri tests; score so far=0.96 [28551] dbg: bayes: DB journal sync: last sync: 1150988415 [28551] dbg: bayes: co

"strategic oil" spam

http://www.pbp.net/~jnichols/textfiles/spam_060606.txt Here's an example of one. TONS of these have been slipping through. I have pretty much every single ruleset that RulesDuJour will install, plus Bayes, etc. My big question - is there now a ruleset that lists stock ticker symbols? I'm thi

Re: New German ruleset failing lint

Hm, not here: RDJ says it's version 01.11.25, downloaded about 10 hours ago. Kai RDJ just picked up 01.11.28 early this morning and it passed OK. :-)

New German ruleset failing lint

***WARNING***: spamassassin --lint failed. Rolling configuration files back, not restarting SpamAssassin. Rollback command is: mv -f /etc/spamassassin/70_zmi_german.cf /etc/spamassassin/RulesDuJour/70_zmi_german.cf.2; mv -f /etc/spamassassin/RulesDuJour/70_zmi_german.cf.20060521-0531 /etc/spam

OT - test, and happy holidays

Sorry for the test. It's too slow around the holidays, and I need to see if my filters are working properly before I leave for holiday.. (ie NOT replying to everything with an OOO message!) Happy Holidays everyone! Have a great New Year and hopefully we'll all come back to find SA has caught all o

Re: geocities.yahoo.com.br rule help

Try this regex instead: /^http:\/\/geocities\.yahoo\.com\.br\b/i hahaha, this worked - and it tagged that broken autoresponder we've been seeing. boundary="--=ce94da72-0632-49d0-99bb-3f8c8149300b" X-Virus-Scanned: by amavisd-new at mailgate.pbp.net X-Spam-Status: Yes, score=9.704 t

Re: geocities.yahoo.com.br rule help

But that's not the format, there's nothing between the / and the geocities. Try this regex instead: /^http:\/\/geocities\.yahoo\.com\.br\b/i Cool, I shall try that. Thanks! For some reason, I thought one had www.geocities.yahoo.com.br in it, but I could be mistaken.

Re: geocities.yahoo.com.br rule help

Have you tried the 70_sare_specific.cf filter? I am not sure it will catch that specific problem but it catches spam with geocities and tripod url's for me. Yeah, I'm using that list. It's been great, but the *.br one kept getting through. I DID see THIS in there, though.. headerSARE

Re: geocities.yahoo.com.br rule help

Matt Kettler wrote: Jonathan Nichols wrote: Ok, I gave it a shot.. This rule *does* work. uri GEOCITIES /^http:\/\/[a-z0-9-]{1,30}\.geocities\.com\b/i describe GEOCITIESHigh amounts of spam from Geocities. score GEOCITIES 6.01 This rule does NOT work. uri

geocities.yahoo.com.br rule help

Ok, I gave it a shot.. This rule *does* work. uri GEOCITIES /^http:\/\/[a-z0-9-]{1,30}\.geocities\.com\b/i describe GEOCITIESHigh amounts of spam from Geocities. score GEOCITIES 6.01 This rule does NOT work. uri GEOCITIES_YAHOO /^http:\/\/[a-z0-9-]{1,30}\.geocities\.yaho

Re: I have written a script !!!

Please remove my antidrug.cf from your script. This file should NOT be used by anyone with SA version 3.0.0 or higher as they are already included. Please see my post "Antidrug.cf deprecated and no longer maintained." From November 29. Eek! I didn't see that message. Glad I saw *this* one

'lngd' etc

You know, these days, the *only* spam that slips through is "product test panel" and similar crap. The URL is always similar to this one: http://lngd-pp.com/link/91268749298550548/ Usually 4 letters, dash, 1 or 2 letters, and what looks like a 'hashbuster' Anyone found a way to effectively

web badge

Did the winner of the logo contest (http://wiki.apache.org/spamassassin/LogoContestEntries) ever do a web badge? Or have y'all just been using the other ones on the page? :)

Re: URIDNSBL: found domain geocities.com in skip list

Here is another way to do it as well. www.blackholes.us/docs/usage.html (Above example makes more sense to me though.) It's also been pointed out that none of the blackholes.us websites load and some of their rbls have been timing out. :(

Re: Fwd: How do I ask instration problem of Mail-SpamAssassin ?

Yes, I know that it requires perl 5.6.1. However my server is Cobalt RaQ4. Sun micro doesn't support upgrade perl at RaQs. And I don't know how to upgrade perl on RaQ4. Ah! You have a RaQ! You're on the wrong list for this question.. Search here: http://www.cobaltfacts.com/mailinglist.h

Re: What the hell is that?

Steven Dickenson wrote: On Aug 10, 2005, at 1:21 PM, Matt Kettler wrote: For example, try doing "turkeybacon" as a destination. Firefox will fail the lookup, do a web search (using google or whatever your default search engine is) and jump to the first hit: http://www.livejournal.com/user

Re: SUBJECT_MONTH

Sure there is.. Perhaps you forgot about the month of May. *smacks forehead like the moron he is* D'oh! If you aren't running 2.43 or older, perhaps you should find out why you have rules from 2.43 in your config. I'm running 3.x - I've just been dragging around the same local.cf since

SUBJECT_MONTH

Huh? Subject didn't have month in it at all.. :( Return-Path: <[EMAIL PROTECTED]> Received: from mailgate.pbp.net (mailgate.pbp.net [192.168.10.87]) by mail.pbp.net (Postfix) with ESMTP id 95CA7117720 for <[EMAIL PROTECTED]>; Thu, 11 Aug 2005 05:24:29 -0700 (PDT) Received:

Re: GeoCities Link-only spam

Of course, if you want to match *any* Geocities URL (which I think is a bit much for a 4-point score), you'd want something like this: uri GEOCITIES /\.geocities\.com\b/i or if you want to make sure it matches the domain name, uri GEOCITIES /^http:\/\/[a-z0-9-]{1,30}\

Re: GeoCities Link-only spam

Back on topic.. Since Geocities has done exactly *nothing* to delete the spamvertized sites, I have no objection to adding 3 points to anything with *.geocities.com in the URL. I tried this: uri GEOCITIES /uk.geocities.com/i describe GEOCITIESHigh amounts of spam from Geo

Re: HELP: Looking for mac mail server software

OS X uses Postfix by default (at least it does on my Powerbook running Tiger). While it's not "graphical" per-sea, it's not difficult to set up. I'm sure someone out there has written a GUI for it. Check out VersionTracker. Postfix Enabler: http://www.cutedgesystems.com/software/Pos

Re: subject - why not all caps?

As for the all caps rule, it is hard to understand why it was written not to fire on a single excessively long word. Probably because end users are morons and think that if they put lots of capital letters in the subject that you'll somehow prioritize it differently. Our helpdesk guy is

Re: Maybe OT: SA/amavisd-new not killing

What do you have set for $final_spam_destiny? It should be D_DISCARD if you want amavisd-new to discard the message which has higher score then the kill level. BQ. *gasp* Oh no! mailgate etc # grep final_spam_destiny amavisd.conf $final_spam_destiny = D_PASS; # (defaults to D_REJECT)

SOLVED: Re: Maybe OT: SA/amavisd-new not killing

What do you have set for $final_spam_destiny? It should be D_DISCARD if you want amavisd-new to discard the message which has higher score then the kill level. BQ. BQ, you da man (or wo-man, whatever the case may be.) that solved it! Jun 30 14:09:24 mailgate amavis[27766]: (27766-02) ESMTP:

URIBL love once again!

X-Virus-Scanned: by amavisd-new at mailgate.pbp.net X-Spam-Status: Yes, hits=17.323 tagged_above=-999 required=6 tests=[FORGED_RCVD_HELO=0.05, HTML_90_100=0.189, HTML_MESSAGE=0.001, MSGID_FROM_MTA_ID=1.704, RAZOR2_CF_RANGE_51_100=1.485, RAZOR2_CHECK=0.15, RCVD_IN_SORBS_DUL=0.137, URIBL_AB_SURBL

Re: Very few URIBL hits today. :(

Just curious.. Are you using multi.uribl.com? d hrm. You know, I'm not. heh. Where's the info on how to do so? I'm not sure if I got subscribed to the mailing list or not..

Re: Very few URIBL hits today. :(

URIBL tests are still hitting good here. TOP SPAM RULES FIRED FROM 2005-06-27 03:47:11 TO 2005-06-27 21:28:42 Hrm. Interesting. I turned the debug level up a bit and saw this: Jun 27 20:59:18 mailgate amavis[11145]: (11145-01) SPAM-TAG, <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>,<[EMAIL PR

Maybe OT: SA/amavisd-new not killing

The kill level is set to 12, this spam had 21.301 points, and made it through. Hrm. No matter what I set the kill level to (using the squirrelmail amavissql plugin) it doesn't kill it. I'm not exactly sure what to check.. Jun 27 20:35:11 mailgate amavis[14254]: (14254-02) Passed SPAM, <[EMAI

Very few URIBL hits today. :(

Man, I've been getting a *lot* of spam hitting the Inbox today. Only been able to find 1 spam today with any URIBL hits at all, but almost all of the have had RAZOR2_CHECK points added. ALso noticing a LOT of spam with Squirrelmail headers.. ie: User-Agent: SquirrelMail/1.4.3a X-Mailer: Squirre

Re: Dumb script question

Hi, for i in `ls /home/vmail/shared-maildirs/Spamdrop/.Incoming/cur`; do sudo rm /home/vmail/shared-maildirs/Spamdrop/.Incoming/cur/$i; done Although imapsalearn is easier. Regards, Rick I should get an extra shot of espresso when I hit up the coffee shop in the morning. That worked fi

Dumb script question

I have POP/IMAP/SMTP on a seperate box from the spamassassin/amavis box, and I'm trying to come up with a script to take stuff out of the shared-maildir where users deposit spam that slipped through, tar it up, and move it to the other box, where yet another script will feed it to bayes. Most

Re: Blogger attacks SURBL

Jeff Chan wrote: Pardon the dramatic title, but hopefully it got your attention. This guy's domain got listed by Outblaze, we removed it, and as thanks this guy paints us as irresponsible. Please help us straighten him out, gently: http://blog.holtz.com/index.php/weblog/comments/blacklisting_b

Re: Unable to whitelist...

Kevin W. Gagel wrote: Try adding the "Return-Path: <[EMAIL PROTECTED]>" address and see if thats it. Oddly enough, that worked. Hrm. I wonder why

Unable to whitelist...

I can't manage to whitelist this mailing list. hrm. I'm using amavisd-new and the SpamAssassin squirrelmail plugin as an interface. I have no trouble whitelisting/blacklisting other lists, but this one keeps getting tagged... Here's what I have in the mysql db: | 0 | 0 |6 | [EMAIL P

Re: delete email

jdow wrote: From: "Jonathan Nichols" <[EMAIL PROTECTED]> Is there any way in the stock SA install to tell it to delete email? I know you can do it with procmail, milter, etc, but that's not what I want. I'm asking because the question has come up about "can spamass

delete email

Is there any way in the stock SA install to tell it to delete email? I know you can do it with procmail, milter, etc, but that's not what I want. I'm asking because the question has come up about "can spamassassin itself with NO add-ons be set to delete email."

hillsdale media = PWN3D

Ok, right on! I fixed the trusted_networks thing, and check this out! BTW, the jerks are using another domain.. for a new "division." my god, CAN-SPAM is a piece of crap. How the *hell* did it get passed? Ugh. At least it's getting plonked now. And with that, off to KFC I go... Return-Path: <[EM

Re: hillsdale media

Try the wiki: http://wiki.apache.org/spamassassin/TrustPath Which will end up explaining a few things, and then direct you to the manpages for the trusted_networks setting. Ah. Thanks! :D I added "trusted_networks 192.168/16 127/8" to local.cf - the box itself is a 192.168.x.x host, as it's behin

Re: hillsdale media

The OP said nothing about having verified and set the trust path, and his server setup does appear to use a local IP, which means that there's a good chance that, *in his case*, the actual problem is not with the ALL_TRUSTED *rule* but with the *actual trust path*. In that case, disabling ALL

Re: hillsdale media

He may not have posted the received headers for some ineffable reason.Plus, if the actual email did not originally hit ALL_TRUSTED, then the original score would have been 4.152 + 2.4 (ALL_TRUSTED score) = 6.552 which should have stopped the email unless his kill level is set higher than

hillsdale media

Ugh. I'm getting stuff from these jerks slipping through left & right.. anyone else seeing this stuff? :| It's hitting the sbl rules, but still only scoring 4.152.. From: ChristianMortgageUSA.com <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Let our experts help you save on your home Date: T

Re: OT quick amavisd-new question

did you check the amavisd-new web site? http://www.ijs.si/software/amavisd/#faq-net-server you know, I did read that too, but I never had to jump through that hoop on a nearly identical machine. I applied the new subroutine to the new box, and it solved the issue. I have *no* idea why it's actu

OT quick amavisd-new question

I posted this to the Gentoo forums as well, no replies yet. :( New installation of amavisd-new. Here's the relevant information from the log.. notice the bit about "Couldn't POSIX::setuid.." I thought that was solved in Net::Server already. I have 0.85. Is there a known workaround for this issu

Re: Excessive DNS Requests

lister lynch wrote: Our ISP, Covad, is periodically claiming that we have excessive DNS requests and is threatening to turn off our service. It's primarily due to SA, I think. Looked around for answers, and already set a bunch of the BL checks to 0.0 to turn off the rules. Any idea how to furthe

Humor: "The Ultimate Spam Email"

This oughta replace GTUBE! http://lowendmac.com/lite/05/0210.html

Re: OT: Crippled Verizon phones

Blame that on NIMBYs in your neighborhood who do not want an unsightly cellphone tower there. Don't forget the NIMBYs that think cell towers cause brain cancer or something silly like that. Local school district wanted to enter into a contract with one of the carriers (Sprint, I believe) to clam

Re: OT: Crippled Verizon phones

I had a similar problem with T-Mobile and Cingular/AT&T...my office is in a dead spot. Repeated complaints to T-Mobile didn't help. (Pity, since they're by far the least expensive.) Reception is nonexistant there for T-Mobile and hit-or-miss for AT&T. Step outside the building a few feet a

Re: Equifax/NCR partnership in spam???

You could always go through the unsubscribe link and unsubscribe but also do whatever is necessary for your SA install to mark any further messages from them as SPAM. Oh, they ignore those. I signed up for "freecreditreport.com" (scam) like a moron a few years ago. It requires you to pay for Equi

Re: consensus on SPF

Clarke Brunt wrote: Hi, I have heard that SPF is controversial among mail administrators. Why is that? How many people use it (on this mailing list)? It's certainly not a simple subject: anyone who isn't familiar see http://spf.pobox.com/ So long as you're careful, and realise that mistakes migh

Re: OT - How often to reboot?

My power supply died on Sunday morning, and as much as I wanted it not too, the machine powered off. Doesn't meet any of your above requirements but I'll let it pass this once. Rob This bloody uptime thread cursed me. My mail server was up for almost 200 days, when at 6:50pm on Sunday (Fry's

OT how often to reboot?

>support DSL. I nearly cried when I took that machine down. (I'd even >moved it, while still on its UPS, from one side of the room to another >when we rearranged the room for better space utilization.) Oh, that's nothing. :) I had a Sparc 5 that was up for like 520 days. I moved from Sacramento, C

Help me help someone...

http://forums.gentoo.org/viewtopic.php?p=1777629 This poor guy is having some strange issues with SpamAssassin and RulesDuJour that I can't manage to recreate. Anyone care to take a look and offer a suggestion or two? :)

Gentoo ebuild for 3.x?

Hi everyone, Has anyone seen an ebuild for 3.x yet? Or, if there's anyone using Gentoo around here, have you installed 3.x successfully yet? :)

Re: NOT_TO_ME

"Jonathan Nichols". It might be, I'll have to go dig for it.. Besides, what are you complaining about? That message looks like it was probably spam from the headers, and this rule is probably all that pushed it over the limit. :-) It wasn't, that's the thing. It was a frie

NOT_TO_ME

To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]> Subject: *SPAM* BLM beach land Date: Thu, 28 Oct 2004 13:19:29 -0700 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: multipart/alternative; boundary="_=_NextPart_001_01C4BD2B.6D9A2B00" X-Virus-Scanned: by amavisd-new a

Re: *SPAM* RE: Hi. I'm dumb.

Bret Miller wrote: I'm having problems whitelisting one of the mailing lists I'm on.. a few sparklist.com lists. I'm using SA 2.6x and amavisd-new. I can't just whitelist the "From" because it's the "To:" field that I need to use.. Help. I'm too brain dead today to figure this one out.. blah.

Hi. I'm dumb.

I'm having problems whitelisting one of the mailing lists I'm on.. a few sparklist.com lists. I'm using SA 2.6x and amavisd-new. I can't just whitelist the "From" because it's the "To:" field that I need to use.. Help. I'm too brain dead today to figure this one out.. blah. Here's the full heade

Re: *SPAM* feeding frenzy for ws.surbl.org!!!

LOL, oh please let me know how that conversation went! "Uh...yeah..hello. Is this Tanya? You actually exhist? Ok, thanks. *click*" I bet she slept well that night! I got voicemail. :P Good thing about Vonage, you don't get long distance charges. 6 pack of Pyramid Ale offerings, and I'll call anyo

  1   2   >