code emails? Would that require using image detection?
Perhaps instead it's a database of known malicious QR codes?
Has anyone even really seen any?
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linke
Reindl is the definition of something I learned decades ago as an energy
creature.
DNFTEC is an acronym to live by. Suggested reading:
http://www.cryonet.org/cgi-bin/dsp.cgi?msg=6284
KAM
On Sat, Aug 5, 2023, 13:24 Grant Taylor via users <
users@spamassassin.apache.org> wrote:
> On 8/5/23 8:04
Try something like this if I understand you correctly trying to score is a
__ rule:
meta OBFU_UNSUB_UL ( __OBFU_UNSUB_UL >=1 )
There are plenty of rules that are designed to be conditions in other meta
rules. Now that you've created a rule that relies on that condition you can
score the meta rule
s what was happening, but testing says otherwise.
Insights?
Thanks,
-Philip
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
Info:
https://raptor.pccc.com/RBL <https://raptor.pccc.com/RBL>
https://mcgrail.com/template/projects#KAM1
<https://mcgrail.com/template/projects#KAM1>
Regards,
KAM
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
http
CRM, Emails, Marketing, Email Security, and using Google Cloud & AI, I will
be working with emailexpert.org to give free classes as part of the 2023
membership drive running now. Join today!
Regards,
KAM
--
Kevin A. McGrail
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssa
32/mach/CORE/zaphod32_hash.h:88:3: note:
expanded from macro 'ZAPHOD32_SCRAMBLE32'
} STMT_END
^~~~
/usr/local/lib/perl5/5.32/mach/CORE/perl.h:667:21: note: expanded from
macro 'STMT_END'
# define STMT_END )
^
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
How did you install SpamAssassin 4.0.0 on your system because your error is
a bit baffling to me?
--
Kevin A. McGrail
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
On Fri, Jan 20, 2023 at 7:54 AM wrote:
> T
Using the score limit and multiple concepts we added to sa-update are an
excellent way to customize channels for your server!
--score-limit 2 --score-multiplier 0.8
Please see the KAM.cf for instructions to send a sample for review.
A mailing list that might discuss spam issues is probably better suited to
a welcomelist entry though
On Thu, Jan 19, 2023, 18:08 Benny Pedersen wrote:
> * 5.0 KAM_SOMETLD_ARE_BAD_TLD .bar, .beauty, .buzz, .cam, .casa,
It's not a freemail provider but if the domain is being abused, I would
recommend adding it to a rule that gives it a few points just because of
the potential for abuse.
More surgically, we could add it to the two TLD listing so RBL lookups will
work.
Regards, KAM
On Wed, Jan 18, 2023, 20:58 Be
ually a bad solution.
One case where it might be good is if you had a system setup that you
fed emails to that were classified. It would then use that good feed to
use the auto-learning and add a way of learning without using the
command line.
Regards,
KAM
--
Kevin A. McGrail
kmcgr.
That's the mail infrastructure run by infrastructure at Apache not by
the projects. See https://infra.apache.org/
i can't confirm infra only
The mailing lists at Apache are run by Infra not the project. If you
are having delivery issues, see that website and make sure you open a
ticket
On 1/15/2023 10:53 AM, Kevin A. McGrail wrote:
On 1/15/2023 10:20 AM, Benny Pedersen wrote:
https://multirbl.valli.org/lookup/95.216.194.37.html
but who cares ?
No one, likely cares. I don't think that machine sends email.
Checking more thoroughtly SpamAssassin.apache.org
On 1/15/2023 10:20 AM, Benny Pedersen wrote:
https://multirbl.valli.org/lookup/95.216.194.37.html
but who cares ?
No one, likely cares. I don't think that machine sends email.
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAss
On 1/14/2023 5:02 PM, Bill Cole wrote:
On 2023-01-13 at 23:16:43 UTC-0500 (Fri, 13 Jan 2023 23:16:43 -0500)
Kevin A. McGrail
is rumored to have said:
Rule ready isn't in 3.4.x and that DMARC line is from the 4.0.0 DMARC
plugin. No idea how the system is in that state.
Not sure
Rule ready isn't in 3.4.x and that DMARC line is from the 4.0.0 DMARC
plugin. No idea how the system is in that state.
On 1/13/2023 8:56 PM, Benny Pedersen wrote:
Kevin A. McGrail skrev den 2023-01-14 02:48:
We are using the plugin on CentOS 7 systems with 4.0.0.
What is the ste
We are using the plugin on CentOS 7 systems with 4.0.0.
What is the steps to recreate the original bug posters issue?
On Fri, Jan 13, 2023, 20:42 Benny Pedersen wrote:
> Kevin A. McGrail skrev den 2023-01-14 00:25:
> > I'm referring to the DMARC plug in
> > ./lib/Mail
I'm referring to the DMARC plug in
./lib/Mail/SpamAssassin/Plugin/DMARC.pm not the perl language modules
necessary to use that plugin.
On 1/13/2023 4:31 PM, Benny Pedersen wrote:
Kevin A. McGrail skrev den 2023-01-13 22:03:
The version that is supported ships with 4.0.0.
perl module i
The version that is supported ships with 4.0.0.
On 1/13/2023 1:43 PM, Benny Pedersen wrote:
is this old version of perl still supported ?
in that case its a spamassassin bug if not
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin
I am 99% sure you will be unable to implement that in SA natively and
easily without something such as a milter. Using mimedefang, we have
significant code to allow people to submit samples to create the KAM
ruleset and maintain the RBL. In short, I think we have solved the exact
problem you're ta
s behind a
firewall make sure that SpamAssassin is resolving the gateway to its
external address."
I brazenly confess I have no idea how to check this (or what it means,
in this context).
Figured I should sort out that puzzlement before attempting to install
and configure "unbo
no need to revisit it. It still wouldn't make sense to have loadplugin
HashBL in two *.pre files.
On Wed, Dec 28, 2022 at 09:18:51AM -0500, Kevin A. McGrail wrote:
Wow, as it's enabled in v342.pre, that would imply it was enabled in 3.4.2.
We should not have changed a past pre file for t
that HashBL is only enabled for fresh 4.0.0 installs, it
wasn't default previously.
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
Alfieri wrote:
Would you then suggest to add also a:
ifplugin Mail::SpamAssassin::Plugin::URIDNSBL
to the .cf files where check_rbl , urirhssub etc are used?
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https
d the expected
outcome. Your posts on this thread are borderline nonsensical.
Only after multiple back and forths can someone divine what you might be
mentioning.
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
On 12/28/2022 8:35 AM, Riccardo Alfieri wrote:
Do you have hashbl plugin enabled?
Ah, I thought it was enabled by default in SA 4.0.
You are correct. HashBL is by default enabled in a stock distribution
with v342.pre. That doesn't mean the trouble reporter has it enabled.
--
Ke
an't solve" seems more than a bit disingenuous. Did you ever
report the problem to Infrastructure as I instructed you? Seems like a
better use of all our time instead emailing the list complaining about a
problem with a system we don't control.
Regards,
KAM
--
Kevin A. McGrail
km
I have no idea what the check plugin is. Read your quoted line again.
On 12/28/2022 8:22 AM, Benny Pedersen wrote:
Kevin A. McGrail skrev den 2022-12-28 14:20:
Do you have hashbl plugin enabled?
read your quoted line again ?
On 12/28/2022 8:17 AM, Benny Pedersen wrote:
above is with
I'll get the init.pre
modifications to after tests run.
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
Do you have hashbl plugin enabled?
On 12/28/2022 8:17 AM, Benny Pedersen wrote:
above is with only check plugin enabled, this should lint without
warnings
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https
On 12/28/2022 8:11 AM, Brent Clark wrote:
Something to see and keep an eye on (Read: Why build this tool)
Sigh. Yet another borderline ethical posting / tool like far too many
pentesters who think transparency is the ultimate way to move the needle
of security while thinly veiling their se
+1 and over and above by Henrik to install the distro for testing.
Our project cannot be responsible for the decisions of the distribution
package maintainers. This is definitely one that is not the right decision.
Do we have a contact at Gentoo?
Regards, KAM
On Wed, Dec 28, 2022, 04:38 Henrik
ckage. One could also move them to a subpackage for end users
who need to test the installation in a disconnected state.
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
Excellent news! Please let us know more about the WL/BL changes and open a
bugzilla bug.
--
Kevin A. McGrail
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
On Wed, Dec 14, 2022 at 9:54 AM Greg Troxel wrote
We have had issues with shortcircuit that cropped up.in the rc process from
optimization that was performed. Can you open up bugzilla ticket please?
On Tue, Dec 13, 2022, 08:37 Greg Troxel wrote:
>
> I am finding that short-circuiting seems not to be working, but this is
> not new and I am not 1
I have it in production.
On Sun, Dec 11, 2022, 09:00 Greg Troxel wrote:
>
> Sidney Markowitz writes:
>
> > I know a number of you have been looking at the release candidates for
> > the 4.0.0 release and have been helpful in finding issues with them.
> >
> > We have just announced a new release
Following up on my previous note I think we are working on #2. I see
that 8078 was reopened and there is some improvements / weighing in on a
patch from Giovanni that might resolve the issue too!
On 12/4/2022 3:02 PM, Kevin A. McGrail wrote:
OK, so then we have really two Choices:
#1 accept
r
changing slightly, but still within the swim lane implied by the
previous non-spec, is not a bug.
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
s. It simply finishes metas which is not that expensive and
> might provide some additional useful hits. No sense postponing 4.0.0 to
> try
> to tweak this further.
>
> On Sun, Dec 04, 2022 at 09:28:02AM -0500, Kevin A. McGrail wrote:
> > I have not checked but does the short
bed in the bug.
>
>
> On Tue, Nov 29, 2022 at 05:28:00PM -0500, Kevin A. McGrail wrote:
> > https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8078 is now open on
> this
> > issue.
> > --
> > Kevin A. McGrail
> > Member, Apache Software Foundation
> >
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8078 is now open on this
issue.
--
Kevin A. McGrail
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
On Tue, Nov 29, 2022 at 1:11 PM wrote:
> On 11/28/22 17
Henrik's ideas are very good. I would also question the hardware too. KAM
On Tue, Nov 29, 2022, 08:28 Henrik K wrote:
> On Tue, Nov 29, 2022 at 07:34:51AM -0500, Greg Troxel wrote:
> >
> > Wolfgang Breyha writes:
> >
> > > It doesn't finish any other rules and doesn't display final results at
Mon, Nov 28, 2022 at 10:42 AM Kevin A. McGrail
> >
> > wrote:
> [...]
> >> Also, would be helpful to know if this is different than 3.4.6's
> >> behavior.
> >>
> >
> > Oh yes, I meant to mention that it is different behavior for 3.4.6.
>
Also, would be helpful to know if this is different than 3.4.6's behavior.
Regards,
KAM
--
Kevin A. McGrail
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
On Mon, Nov 28, 2022 at 10:38 AM Alex wrote:
>
I don't really know. Is there an example rule and I'll check the code.
--
Kevin A. McGrail
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
On Sat, Nov 26, 2022 at 8:32 AM Jared Hall wrote:
> SA:
Well, a short circuit rule kind of breaks things in the middle so I do not
think you should really spend too much time on rules that hit/didn't hit.
I like validity but I don't think it justifies a short circuit, FYI.
Regards,
KAM
--
Kevin A. McGrail
Member, Apache Software Founda
Apache SpamAssassin it's both an API and a program. In my installation, I
do not use it to do any subject modifications and I use a milter called
mime defang to do that using my own logic.
You can also configure spam d/Spam seed not to modify the subject.
If you would like similar headings remove
I have also seen the PayPal ecosystem being abused by bad actors sending
things like fake invoices. I am also +1 to remove the domain from the dkim
wl.
Regards, KAM
On Mon, Nov 14, 2022, 16:01 Shawn Iverson wrote:
> Bottom line is I don't think paypal deserves to be default whitelisted in
> re
w how to get USER_IN_BLOCKLIST working in place of
USER_IN_BLACKLIST.
Any help appreciated
Greetings, Roberto
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
hit, so I
didn't need to keep much of ham mail
There was so interesting in a SOUGHT2 but no, the tooling hasn't been
looked at in some time. It would show promise if you want to dig into it!
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeri
improving efficiency. This is inherent in the KAM
ruleset and has been there for several years.
Regards,
KAM
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
n. Please report this to Apache Infrastructure.
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
0.001] autolearn=disabled
provide datafeed or disable is not an option ?
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
hould) I somehow restrict search for this content only as beginning
of attachments?
Is there anything I should do better?
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
g here, and is it supposed
to be happening?
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
:SpamAssassin::SubProcBackChannel;
immediately after line 37
use Mail::SpamAssassin::Plugin;
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
ps://github.com/DavidGoodwin/ExtractText
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
I am pretty sure that will need to be a feature request. I don't remember
any code to address that type of scenario. -KAM
--
Kevin A. McGrail
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
On Sun, Aug 28, 20
If you can try the current RC-1 and report if the issue still exists and
open a bugzilla report ASAP that would be great too. We are working hard
on a last handful of items for a 4.0 release. -KAM
--
Kevin A. McGrail
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
Those sound like perfectly legitimate emails so working to classify them as
decent emails would be our goal. Was there anything malicious snuck in
there?
We are using extract text and have been making improvements to it. False
positives especially with the beneficiary and financial rules is someth
There is also a rule update for priority levels. Did you install the
latest rules too?
R
On Sun, May 29, 2022, 12:41 Alex wrote:
> Hi,
>
> We have been DMARC issues so no, it is not you Are you running the latest
>> trunk right now? There have been a flurry of patches and some of them are
>>
Version 4 does have pre-releases out and people are testing it. And yes,
the project needs testers so we will support questions about 4.0 including
the pre-releases and trunk etc. As we work towards a release.
We have been DMARC issues so no, it is not you Are you running the latest
trunk right
o about it and test that pastebin to see if it
fails on our system too. I was also discussing more DMARC/DKIM regression
tests are needed. It's too fragile.
Regards,
KAM
--
Kevin A. McGrail
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.
I believe this is a bug and fixed in trunk.
On 5/10/2022 1:55 PM, Bill Cole wrote:
Looks like a bug. It should not be possible to hit DKIM_VALID_AU and also
DMARC_REJECT and/or KAM_DMARC_REJECT
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache
headers
that appear in ham and spam corpora and xor out the spam ones. Then
write a rule if any of those exist. They look like they might change a
lot and they are randomized to avoid these type of issues so I see your
dilemma and a plugin might be needed.
Regards,
KAM
--
Kevin A. McGrail
> we wait for spamassassin 4.0.0 :=)
>
> 4.0.0 is in pre-release now and in production for a few of us. Start
stress testing it now so we can shake out the bugs and get it out the door!
Regards,
KAM
Oh joy.
On 5/6/2022 11:19 AM, Dave Wreski wrote:
Hi, Intuit's servers are being used to send Paypal phishing invoices
combined with the "evil numbers" scam.
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassi
Hi Alex, sometimes I see this when the envelope from doesn't match the
header from. So what you think might pass SPF does not. That's my only
guess from looking at the example you posted. That example looked like it
would work perfectly. KAM
On Thu, May 5, 2022, 18:02 Alex wrote:
> Hi,
>
> I'm
Ahh party lines. Almost as bad as using my parents' line for a modem and
they would pick it up. And rotary. You hated anybody with a nine in their
number.
I always wanted to know the history behind how the White House got its own
CO. I figured it was security related since it's 202-456- whic
f DDD - Direct Distance
Dialing, or the area code system we are all familiar with.
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
e phone
switch / exchange name. The following Wikipedia article supports this
and has more details.
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
Love it! Thanks Henrik.
--
Kevin A. McGrail
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
On Mon, May 2, 2022 at 12:31 PM Henrik K wrote:
> On Sun, May 01, 2022 at 09:45:38PM -0400, Alex wrote:
>
, May 1, 2022 at 9:47 PM Kevin A. McGrail wrote:
Did it cause a fp with a score of 5.0 or higher?
Yes.
https://pastebin.com/AqezMHjQ
Thanks!
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in
>
> On 02/05/2022 11:47, Kevin A. McGrail wrote:
>
> Did it cause a fp with a score of 5.0 or higher?
>
> On Sun, May 1, 2022, 21:46 Alex wrote:
>
> Hi,
>
> Four points for a .online TLD with KAM rules
>
> * 2.0 PDS_OTHER_BAD_TLD Untrustworthy TLDs
> *
Did it cause a fp with a score of 5.0 or higher?
On Sun, May 1, 2022, 21:46 Alex wrote:
> Hi,
>
> Four points for a .online TLD with KAM rules
>
> * 2.0 PDS_OTHER_BAD_TLD Untrustworthy TLDs
> * [URI: www.lci-mtc.online (online)]
>
> * 2.0 KAM_SOMETLD_ARE_BAD_TLD .bar, .buzz, .cam, .cas
It talks about Office 365. It doesn't say anything about old,
unmaintained copies of Office on XP.
I don't see any reason it makes sense to to lighten up on protections.
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache Sp
u and processes them after that
is done.
Regards,
KAM
--
Kevin A. McGrail
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
On Thu, Apr 28, 2022 at 5:07 AM Pedro David Marco
wrote:
> Good question... probably an interes
I also want to mirror Bill's comment of a very detailed but report
On Fri, Mar 4, 2022, 18:05 Ricky Boone wrote:
> Sorry for the late reply, crazy week.
>
> Honestly, I wasn't expecting such a quick and relevant response, so thanks
> and kudos for that. :)
>
> I'm not currently using trunk, so
You can quote me: If the pope itself is sending me the cure to cancer but
he doesn't have my consent then it IS spam and I would block it and
depending on the way the domain manager handles it I would block the domain.
KAM
On Wed, Dec 15, 2021, 11:40 Bill Cole <
sausers-20150...@billmail.scconsul
Hi Thomas, needing to lower your score to two or three implies To me that
your system could use some tweaking. In particular I would guess that your
Bayesian tokens need to be cleared.
As for the different scores, you would have to know the way that
spamassassin is being used on your system.
For
I don't think it's reasonable but an FP in Pyzor is leading to other
rule hits.
Was the overall email marked as spam?
On 9/24/2021 12:21 AM, Jared Hall wrote:
On 9/23/2021 10:07 PM, Kevin A. McGrail wrote:
Jared, looks to me like an FP in Pyzor.
No doubt. The 4.608 points fo
It hits Pyzor for some reason. Get a PYZOR_CHECK=1.985. Must've
picked the wrong checksum, chief!
It does not appear that the actual rule matches the spirit of the rule.
Jared, looks to me like an FP in Pyzor.
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Found
Morning all,
So I'd recommend a different take. Autolearn is an abomination we never
should have published. It is, in effect, a switch to allow a inherent bias
in the modelling to grow and continue.
Disable autolearn, wipe your Bayes store, and manually train from hand
classified ham and spam.
Jared, If you would like to submit these fake Norton and similar samples to
me for my KAM rules let me know.
But I don't know the purpose you have of posting the spams on the list or
snippets of them or phone numbers.
In general, if you have spammy content you want to discuss, the best thing
to d
I published a fix for the KAM SHORT A few hours ago. Please let me know how
it's working for you.
On Tue, Aug 31, 2021, 23:48 Kevin A. McGrail wrote:
>
> On 8/31/2021 12:57 PM, Jared Hall wrote:
> > 2) OTOH, what's the point of sa-update doing versioning if nobody uses
&
hem in has(capability), version, and plugin
tests to avoid that complexity.
I've got a fix for KAM.cf being looked at by another pair of eyes.
Expect it to be published tomorrow.
Regards,
KAM
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apac
We will take a look. We check with lint for every publication but maybe
there's a condition we missed or a spelling issue. Thanks for bringing it
up. KAM
On Mon, Aug 30, 2021, 15:31 Rick Cooper wrote:
> This have been going on a while but I haven't had time to addresses.
> When the KAM rules a
t was DDoSed when a major system
started using it for 10's of millions of systems. Thanks to Linode, we
will be launching two mirrors for the RBL and putting it back in use for
the world.
Regards,
KAM
--
Kevin A. McGrail
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssass
cert
with live mail and handle FPs/FNs based on that so the overlap is
considered with the scoring and impact.
Regards,
KAM
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
5.8 is way too much
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
messages at the SMTP layer, without having to worry about rejecting
legitimate messages.
Thank you!
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
As a note, I sometimes make my rules harder to read on purpose to dissuade
bad actors from trying to unwind them.
On Wed, Aug 11, 2021, 11:21 Kenneth Porter wrote:
> On 8/11/2021 8:05 AM, Kenneth Porter wrote:
> >
> > BTW, does SA permit use of Perl-style regex delimiters to avoid
> > leaning to
Hi Kenneth, the ruleset is designed for a system scoring over 5.0.
Did the rule from the cell provider cause an fp?
Is your threshold higher than 5.0?
There is a way to report problems listed in the file but feel free to
contact me off list and I'll tell you how to send me a sample.
Regards, KA
ect method "check_uri_host_in_whitelist" via
> package "Mail::SpamAssassin::PerMsgStatus" at (eval 2016) line 1489.
> )
> channel: lint check of update failed, channel failed
> Update failed, exiting with code 4
>
> -Alan
> On 7/29/2021 1:36 PM, Kevin A. M
documentation would be replacing sentence
note that Checker-Version can not be changed or removed
with
note that Checker-Version can not be removed
Cheers,
David
--
Kevin A. McGrail
kmcgr...@apache.org
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https
I'd prefer that information not be shared. It's not for public use.
On 7/30/2021 8:48 AM, RW wrote:
is KAMOnly.pm plugin needed ?, atleast its should be documented, i
have that plugin installed now, it makes huge diffrent,
How did you get it? Or is it just a dummy plugin?
up to the
public.
However, You should really install the rules with the channel ruleset too:
https://mcgrail.com/template/kam.cf_channel
Regards,
KAM
--
Kevin A. McGrail
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.017
The KAMOnly plugin is not needed. It activates rules for our
infrastructure.
--
Kevin A. McGrail
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171
On Thu, Jul 29, 2021 at 10:42 AM Benny Pedersen wrote:
> On 2
Fixes are likely done and just waiting on masscheck, etc. to publish
rules. If it isn't fixed by Monday, please let us know.
P.S. 3.3.1 is very old. Can you upgrade?
--
Kevin A. McGrail
Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.c
1 - 100 of 1638 matches
Mail list logo
