Maybe I missed something but I installed the gocr program and fedd it
some stock spam files and the accuracy of what it read was really really
poor - unusable. Is there something else I need to install?
Seems to be working well. But before this new rule set the old spam
poisoned my bayes so I just purged all my bayes and starting over. That
way I won't get bayes_00 lowering the point score.
Tony Finch wrote:
The reason that message submission is done with SMTP is because of the
number of SMTP extensions that the MUA will want to use, in particular
DSNs, deliver-by, deliver-after, message tracking, and whatever else may
be invented in the future. If you want to make message
Chris Lear wrote:
What if I set up an SMTP server at home behind my ADSL router, collect
my vanity-domain mail there, and access it via IMAP or POP3? It seems
I only have one option, which is to send my mail via IMAP to my home
server. Which then sends via SMTP to... the Internet (or via
Logan Shaw wrote:
On Thu, 3 Aug 2006, Marc Perkel wrote:
Not really - what I'm proposing is that the IMAP connection just pipe
the message into an SMTP server. The IMAP is acting only and an
authenticated connection back to SMTP. I'm not suggesting replacing
SMTP. What I'm suggesting
Tom Ray wrote:
Hate to break the news to you but many ISPs are already not allowing
their users to connect via port 25 outside their networks. Comcast has
done it, as have a few others already. I run into this a lot because
I'm also a hosting company and offer SMTP Auth but many customers
Sanford Whiteman wrote:
Please don't pollute the IMAP and POP protocols this way.
POP3 XTND XMIT submission extensions already "polluted" POP3 many
years ago, supported by many thousands of servers (tho' not
necessarily enabled).
--Sandy
Does
Benny Pedersen wrote:
On Wed, August 2, 2006 05:10, John Rudd wrote:
Having also said the same thing ... Doesn't part of Microsoft's
extension to IMAP (called MAPI, oh so original) also support sending
via IMAP?
courier-mta does it and friends
how it works is another
Why not just eliminate the SMTP protocol for end users and keep SMTP as
a server to server protocol and have users send theit email to the
server by extending POP/IMAP to send email. It created an authenticated
connection back to the server where the POP/IMAP server hands it off to
the SMTP
Nigel Frankcom wrote:
On Wed, 02 Aug 2006 05:37:32 -0700, Marc Perkel [EMAIL PROTECTED]
wrote:
Why not just eliminate the SMTP protocol for end users and keep SMTP as
a server to server protocol and have users send theit email to the
server by extending POP/IMAP to send email
Here's what I've written so far. Deadline is today. Still working on it.
http://wiki.ctyme.com/index.php/UN_Spam_Paper
Kenneth Porter wrote:
--On Wednesday, August 02, 2006 5:37 AM -0700 Marc Perkel
[EMAIL PROTECTED] wrote:
Why not just eliminate the SMTP protocol for end users and keep SMTP
as a
server to server protocol and have users send theit email to the server
by extending POP/IMAP to send email
Magnus Holmgren wrote:
On Wednesday 02 August 2006 14:37, Marc Perkel took the opportunity to say:
Why not just eliminate the SMTP protocol for end users and keep SMTP as
a server to server protocol and have users send theit email to the
server by extending POP/IMAP to send
JamesDR wrote:
And this differs from SMTP AUTH in what way?
With SMTP AUTH te authentication for the outbound email isn't
necessarilly the same as the incoming email. If you use IMAP to send
email then the user has to know the IMAP password to send email. It also
doesn't require a separate
Magnus Holmgren wrote:
On Wednesday 02 August 2006 21:29, Marc Perkel took the opportunity to say:
The zombies wouldn't be able to connect because the zombies wouldn't
have the IMAP password.
In that case, neither the SMTP password, which we have to assume is required
Allowing IMAP/POP to Send Email
The email SMTP protocol was created in simpler times. One of the
problems is that it is far too easy for any one person to impersonate
any other person on the planet. One of the things that will reduce spam
and fraud on the Internet is to make it more
Logan Shaw wrote:
On Wed, 2 Aug 2006, Marc Perkel wrote:
SMTP passwords go away because SMTP goes away.
The idea is that outgoing IMAP would replace SMTP and there would be
no SMTP between clients and servers. SMTP would be a server to server
protocol.
That's all well and good saying
jdow wrote:
From: Marc Perkel [EMAIL PROTECTED]
Magnus Holmgren wrote:
On Wednesday 02 August 2006 14:37, Marc Perkel took the opportunity
to say:
Why not just eliminate the SMTP protocol for end users and keep
SMTP as
a server to server protocol and have users send theit email
jdow wrote:
From: John Rudd [EMAIL PROTECTED]
On Aug 2, 2006, at 1:26 PM, Marc Perkel wrote:
If SMTP becomes a server to server protocol then it will wipe out
consumer virus infected spam zombies. It's not going to get rid of
all spam - just most of it.
It will wipe out the _existing_
Gino Cerullo wrote:
On 2-Aug-06, at 6:29 PM,Jason Haar [EMAIL PROTECTED]
wrote:
FYI: Courier-IMAP has had this feature for
some time. You can configure
it so that any mail message dropped into an
IMAP subfolder named (e.g.)
"Outbox" will be auto-sent - i.e. piped into
I'm writing a paper that I'm submitting to an Internet Governance Forum
of the United Nations. Keeping in mind that free speech and freedom is
important, what would you change in the world to stop spam? I'm looking
for things that are actually possible and practical. Suggestions can be
Evan Platt wrote:
At 12:56 PM 8/1/2006, you wrote:
I'm writing a paper that I'm submitting to an Internet Governance
Forum of the United Nations. Keeping in mind that free speech and
freedom is important, what would you change in the world to stop spam?
Turning Spamming into a capital
Theo Van Dinter wrote:
On Tue, Aug 01, 2006 at 04:07:38PM -0400, Rosenbaum, Larry M. wrote:
A reliable DUL list would be good. If it were possible to determine if
an incoming STMP connection were coming from a server or an end user,
that might help get rid of the problem of
Here's an early draft:
The Problem with Spam on the Internet
As Secretary General Kofi Annan said, In its short life, the
Internet has become an agent of dramatic, even revolutionary change and
maybe one of today's greatest instruments of progress. It is a
marvelous tool to promote and
Sorry folks
I agree without SPF ( or DK ?) it would very difficult to prevent
forging. I am going to ask my DNS providers to publish SPF records
immediately. Thanks to everyone for knowledge sharing
On Tue, 2006-07-25 at 18:33 -0700, Marc Perkel wrote:
Michele Neylon :: Blacknight.ie wrote
Create another highest MX record and point it to an IP address that
doesn't go anywhere. I get rid of several hundred thousand spams a day
doing that.
Benny Pedersen wrote:
On Tue, July 25, 2006 18:51, Marc Perkel wrote:
SPF breaks email forwarding. My users use forwarding.
fair, but why not stop using forwarding ?
Because my customers want to use forwarding.
Ram is cheap - I say put 4 gigs in.
Golden, James wrote:
If you do the math out, I would bump it down to 10 -15. AT 15 you
would be using 675mb of RAM (likely). Since you have other things that
still need to run, you need to leave some space open. We currently
have ours set to 8,
forwarding and not offer
an alternative merely makes you come off as a troll with an agenda.
Now, I know from your contributions here that you are neither a troll
or have an ulterior motive with such a statement but at the same time
I can't even trust that the original email came from Marc Perkel
implemenations or SPF breaks email
forwarding due to that lack of the wide spread implementation of SRS
but then we would have just said Duh!
On 25-Jul-06, at 12:51 PM, Marc Perkel wrote:
I don't have an SPF record because I refuse to support a broken
technology. SPF breaks email forwarding. My users use
If any of my customers fail to get any email that they are supposed to
get then that's not acceptable. It does happen and when it does - I fix
it. Several of my customers forward email from other account to
accounts that pass through my servers. So if I used SPF then I would
lose email to
Michele Neylon :: Blacknight.ie wrote:
Marc Perkel wrote:
So if I used SPF then I would lose email
to these customers.
No you wouldn't unless someone was doing some kind of demented hard fail
Yes - and other people do use hard fail.
Michael Scheidell wrote:
-Original Message-
From: Graham Murray [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 24, 2006 7:44 AM
To: users@spamassassin.apache.org
Subject: Re: New DNS Black list, White List, Yellow List
Ramprasad [EMAIL PROTECTED] writes:
A
Chris Santerre wrote:
Aren't we dealing with a boolean data set? Its
either spam or ham. Which you train your software to look for doesn't
really matter.
Actually not. I look at email differently. I process 4 different grades
of spam and 3 grades of ham. As to my Black/White/yellow
But I have no control over the servers that forward to me. Thus SPF is
useless.
Michael Scheidell wrote:
Ramprasad wrote:
I know this is a troll subject
Yes SPF breaks email forwarding, so does PTR checking ( which never was
a great idea IMHO ). Every technique has some drawbacks. SPF has
John Andersen wrote:
On Sunday 23 July 2006 07:25, Brent Kennedy wrote:
But based on its current setup, spammers who probably
read this list, will most likely just feed good feedback about their mail
servers through those servers and corrupt the data.
And spammers
Looking for people to try this out and for people who want to
participate in this new project. These lists do block spam, but more
importantly that are used to actively detect nonspam and reduce false
positives. Here's the details. I'm looking for some partners to help
feed data into the
Benny Pedersen wrote:
On Sat, July 22, 2006 15:46, Loren Wilton wrote:
From: "test"test@test.com
Subject: Your PayPal account has been temporarily limited due to
Unauthorized Access.
Hum, yes. I'm sure I'd expect that message from "test".
maybe test.com testing that
John Andersen wrote:
On Saturday 22 July 2006 09:03, Marc Perkel wrote:
Looking for people to try this out and for people who want to
participate in this new project. These lists do block spam, but more
importantly that are used to actively detect nonspam and reduce false
Claudia Burman wrote:
Gary V wrote:
I use spamassassin (last perl version, updated it last week) on a mail
server, called from amavisd-new. I've set the $sa_kill_level_deflt to
5.00, if I lower this I get too many false positives.
I haven't touched any of the rules. I regularly train the
Michael Scheidell wrote:
-Original Message-
From: John D. Hardin [mailto:[EMAIL PROTECTED]]
Sent: Thursday, July 13, 2006 7:14 PM
To: SpamAssassin Users List
Subject: RE: The best way to use Spamassassin is to not use
Spamassassin
From: John D. Hardin
Rob McEwen (PowerView Systems) wrote:
Marc,
I've developed a system similar to what you've described. For example, I do my own RLB
lookups and reject messages which score above a certain number without doing additional
spam filtering. (and I've custom weighed various RBLs). This could be
Bart Schaefer wrote:
On 7/12/06, Marc Perkel [EMAIL PROTECTED] wrote:
Bart Schaefer wrote:
There's been a fellow over on the procmail list claiming for well over
a year now that he can get better accuracy than SA through message
header analysis alone
His claim might well be true.
Oh, I
Catchy subject line eh?
OK - so what I mean by this is that I now use SA for about 5% of all
incoming email. The reaso of spam is rejected before I get to SA through
a fairly large number of tricks that allow me to determine with near
100% accuracy things that are spam. It is none mostly
Rob Poe wrote:
Of course that 5% is very important because that is where I get the
data
for the other tests that allow me to bypass filtering. But - I want
you
all to start thinking of a new way to look at spam filtering. I have
some
Bart Schaefer wrote:
On 7/12/06, Marc Perkel [EMAIL PROTECTED] wrote:
Catchy subject line eh?
What you really mean is the best way to use SpamAssassin is as an
analysis tool.
Which of course is what the best way to use it always was. You're
just abstracting the analysis rather than
For what it's worth, I'm bouncing messages that contain mime gif and jpg
files if no reverse DNS is set. It's getting rid of some of it.
I want to propose and idea that I've been testing with some success. But
there are plenty of people who are a lot sharper than I am that can
implement it better. Here's what I'm thinking.
We are all familiar with DNS blacklists to block spam. But what about
lists of other servers? What about
Bart Schaefer wrote:
On 6/30/06, Marc Perkel [EMAIL PROTECTED] wrote:
Who likes this idea?
Evidently habeas.com does, as that's now their business model. Also
Bonded Sender (I think they changed the name recently, but I forget to
what). And I believe the ISIPP maintains several such lists
Loren Wilton wrote:
OK - 3rd time same question. Is there a bug here or am I doing something
wrong? The first host listed works but if the first host is down it
doesn't try the next host in the list.
Can't help you on that, sorry.
Also - I can't seem to find a
Marc Perkel wrote:
Marc Perkel wrote:
I'm trying to use the spamc -d option and it doesn't seem to be
working. I have multiple hosts listed and it works fo the first host
bot not for the second.
spamc -x -d pascal.ctyme.com,localhost
What am I doing wrong? Or is there a bug?
Am I
Marc Perkel wrote:
I'm trying to use the spamc -d option and it doesn't seem to be
working. I have multiple hosts listed and it works fo the first host
bot not for the second.
spamc -x -d pascal.ctyme.com,localhost
What am I doing wrong? Or is there a bug?
Am I the only one who
I'm trying to use the spamc -d option and it doesn't seem to be working.
I have multiple hosts listed and it works fo the first host bot not for
the second.
spamc -x -d pascal.ctyme.com,localhost
What am I doing wrong? Or is there a bug?
David Goldsmith wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Marc Perkel wrote:
I'm trying to use the spamc -d option and it doesn't seem to be working.
I have multiple hosts listed and it works fo the first host bot not for
the second.
spamc -x -d pascal.ctyme.com
Are there any DNS bases whitelists out there? If not - shouldn't we
build one?
I need two different kinds of DNS whitelists. One would be hosts that
NEVER send spam. Large banks, etc.
The second list is a list of hosts that should never be blacklisted.
These are hosts that might send some
I'm not thinking links, What I want to do is whitelist based on the host
name of the server connecting to my server.
Matt Kettler wrote:
Marc Perkel wrote:
I'm not thinking links, What I want to do is whitelist based on the
host name of the server connecting to my server.
You mean like bondedsender, and the current incarnation of Habeas?
(Habeas is no longer based on the SWE haiku
JamesDR wrote:
Marc Perkel wrote:
I'm not thinking links, What I want to do is whitelist based on the
host name of the server connecting to my server.
Why use the host name? They way I see it is you want to whitelist a
server, there already exists a way for SA to do a lookup based upon
Dirk Bonengel wrote:
Hi all,
just a few explanations to the iXhash stuff:
First of all, sorry there were no installation instructions - I'll
work on that (Marc already added a few lines - thanks)
What the plugin does is the following:
- It works solely on the body of an email.
- Given a few
So far so good. This is as you say very accurate. I increased the score
to 4.5. No FPs so far. In fact it's catching spam that would have
slipped through. For what it's worth this should definitely be part of
the default package rather than a third party plugin.
I suppose I did. I used the files posed in the Wiki.
Dirk Bonengel wrote:
Nice to hear! But: Don't blame me if you get a FP due to iXhash.
Did you set up all three lists, btw? (i.e. manitu.net,
login-solutions.de and login-solutions.ag ??)
Matt Kettler wrote:
Marc Perkel wrote:
Here's the link to the wiki, but I don't know what to do with it.
http://wiki.apache.org/spamassassin/iXhash
Disclaimer: I've never tried this. However, the following is a fairly
well educated guess at how to install it.
1
OK - I updated the Wiki - but - how about writing up a good overview of
what the plugin does and why people would want to use it.
OK - so far so good. It seems to be detecting spam. I have a few
questions though.
If SA determines that it is spam and ixhash doesn't detect it, will SA
sort of report it to ixhash to the ixhash will learn it? If not -
shouldn't it?
Is there any confidence levels that can be returned. If
I found this plugin iXhash in the Wiki but I don't know how to use it.
What do I do to install it?
Here's the link to the wiki, but I don't know what to do with it.
http://wiki.apache.org/spamassassin/iXhash
Kenneth Porter wrote:
On Tuesday, June 13, 2006 8:52 PM -0700 kbaker [EMAIL PROTECTED]
wrote:
It is visionary in that it is not the norm, but again DBMail does
all of
this very well and has been production quality for quite some time.
I asked on the Dovecot list about how Dovecot
John Rudd wrote:
On Jun 9, 2006, at 1:19 PM, Marc Perkel wrote:
After considerable experimenting and thinking things through I thought
I'd start a thread on the future of email to start planting the seeds of
where MTA development needs to go. I'm convinced that someday soon we
will all
John Rudd wrote:
I had been thinking about how feasible it would be to re-implement
dbmail in perl..
and maybe a decent perl MTA to put in front of it too (something that
will work with sendmail milters...).
Then you could be pretty database agnostic. Just whatever perl wants
to put
This is still visionary so take it for what it's worth. People are more
familiar with MAILDIR and MBOX because they are files. You can read them
with VI and PICO and FGREP and all the stuff that we are familiar with.
MySQL is also easy but might require new tools and some learning. Once
you
John Rudd wrote:
On Jun 13, 2006, at 7:52 PM, Marc Perkel wrote:
John Rudd wrote:
and maybe a decent perl MTA to put in front of it too (something
that will work with sendmail milters...).
I think that a local delivery program could be written fairly easily
that Exim or any other
Jim C. Nasby wrote:
On Fri, Jun 09, 2006 at 06:16:15PM -0400, Rob McEwen wrote:
MS Exchange... one big Database
Exactly...
And that is one reason why I wouldn't touch this SQL idea with a 10 foot
pole.. the fact that Exchange works this
Steve Thomas wrote:
While this is quite an interesting topic, I have to ask why it's on the
spamassassin list. Message stores aren't spamassassin specific and this is
already a pretty high-volume list. Does this discussion really belong
here?
St-
The reason I posted it here as well as
Gary W. Smith wrote:
It's getting there, albeit slowly. I think that if you rule out any up
and coming application but it's just not there yet we wouldn't have an
opensource community...
We have a variety of reasons for using MySQL, most of them aren't good
ones though but it's something
NM Public wrote:
Sur 2006-06-09, Marc Perkel skribis:
Perhaps the headers and other information that you would index be
kept in the database and the body of the message stored somewhere
else, perhaps even as files.
It seems that this is what Zimbra does. Check out my blog post here
After considerable experimenting and thinking things through I thought
I'd start a thread on the future of email to start planting the seeds of
where MTA development needs to go. I'm convinced that someday soon we
will all realize that MBOX and MAILDIR are obsolete technologies and
that
wrote:
My point here is - think outside the box. I'm going to be lobbying IMAP
server developers to include SQL backends. exim could pipe data into a
local delivery agent, or it can have features written to write directly
to the SQL backend.
Thoughts . ?
that
these tools themselves might start that implementation within
themselves (hint
hint) so we dont have to turn to the alternative imap systems.
Anyway, this
stuff exists and some of us
use certain concepts already applied. Implementation is simple in many
cases.
From: Marc
Perkel
Jim C. Nasby wrote:
On Fri, Jun 09, 2006 at 02:25:52PM -0600, wrote:
My point here is - think outside the box. I'm going to be lobbying IMAP
server developers to include SQL backends. exim could pipe data into a
local delivery agent, or it can have features written to
Greg Allen wrote:
-Original Message-
From: Rob McEwen [mailto:[EMAIL PROTECTED]]
Sent: Friday, June 09, 2006 6:16 PM
To: users@spamassassin.apache.org
Subject: RE: The Future of Email is SQL
MS Exchange... one big Database
All the stuff on my list is either honnypot accounts or people
impersonating my domains or other trickery. So they can't get around it
by sending good messages because they get listed by who that sent the
messages too. None of those listed are processed by Spamassassin. So if
there's any good
I have another tricky DNS question. I'm scream testing my new dnsbl
server and I'm going to open it up for others to use soon. Just working
out the final details.
So - here's my tricky question. I have 2 DNS servers. Server A runs
MyDNS - a MySQL driven server. It's the one that does the work
I'm experimenting with my own DNS Blacklist and it's working and in
testing right now. It's a list that is honeypot driven and only includes
traps that only spammers fall for. However, I'm trying to make sure it
never has a false positive. So - I'm looking for suggestions for best
practices.
Rob McEwen (PowerView Systems) wrote:
Marc,
First, you should make a design decision up front... Are you going to allow IP
addresses of valid hotmail and yahoo DNS servers (for example) which spew out a
very high percentage of spams (especially nigeria scams) on your list, or not?
The
jdow wrote:
From: Marc Perkel [EMAIL PROTECTED]
Rob McEwen (PowerView Systems) wrote:
Marc,
First, you should make a design decision up front... Are you going
to allow IP addresses of valid hotmail and yahoo DNS servers (for
example) which spew out a very high percentage of spams
Ramprasad wrote:
On Thu, 2006-06-01 at 19:52 -0700, Marc Perkel wrote:
I'm thinking about using MyDNS to create my own DNS blacklist. I'm
thinking I'll make it available to everyone to list IPs that are not on
other lists. Mostly virus infected zombies and such.
So - has
add IP addresses to the list. I'm also
thinking about adding another field that will have an expiration date
for the record so as to self clean the list.
But - I don't want to reinvent everything so if someone is doing this I
can use some help. Will share the results.
Thanks in advance.
Marc
Andrzej Adam Filip wrote:
Michael Monnerie [EMAIL PROTECTED] writes:
On Samstag, 20. Mai 2006 12:58 Andrzej Adam Filip wrote:
You can use *separate* script to make spamcop.net send LARTs
(munged or unmunged).
e.g. http://anfi.homeunix.net/perl/spamcop-ack.pl or
Kai Schaetzl wrote:
Andrzej Adam Filip wrote on Sat, 20 May 2006 12:58:15 +0200:
Have you considered using "spamassassin -r" to report the spam to:
Well, he says that at least one of his "feeds" isn't 100% spam. So I very
much hope if he starts doing this that he
I'm now capturing 2 separate spam feeds and I want to share it with
anyone who can use it. I'll forward it to you in real time.
First - the spambot feed. This is spam that is mostly spambot generated
targeted at email addresses that never existed. It's 100% spam and I've
added a header that
URI based black lists have been extremely effected in identifying spam.
I propose another kind of black list. A list of email addresses embedded
in the message body as replies to nigerian type spam and other spam
where you are instructed to reply to the email address in the message body.
One
Dallas L. Engelken wrote:
The only
problem I have with it is that it would be very manual, and address
rotation per msg would be very easy to defeat this.
Dallas
Even if they used a lot of email addresses in the body they would all
have to be good addresses that got the response back to
Steven Dickenson wrote:
Couldn't find a thread like this hence this new one. Just wondering
what strategy people are using when it comes to dealing with email
that gets enough points to be considered as spam. Eg. being deleted
and quarantined, or delivered and quarantined etc.
I'm using
jdow wrote:
From: Dallas L. Engelken [EMAIL PROTECTED]
Dallas
jdow Directly answering his question - it is not infrequent these
days for the answer site to be part of a botnet, I understand. So a
blacklist would have to be bigevil.cf in size and then some.
It'd be easier to simply click
Rob McEwen (PowerView Systems) wrote:
problem I have with it is that it would be very manual, and address
rotation per msg would be very easy to defeat this.
I'm in favor of this because, despite what Dallas said,
(1) Many who are really serious about
Rob McEwen (PowerView Systems) wrote:
jdow said:
It'd be easier to simply click fraud the sites until the vendors who
commission the spam catch on and turn off the money up front.
I think you've misunderstood Marc's proposal. He is talking about identity theft schemes
Title: RE: Proposal: First URI black list, how about email address
black lists?
Chris Santerre wrote:
We have a hard enough time with tons of new domains
in URIBL. Those cost money and IMHO a bit more steps to go thru to
setup then an email address. I can't imagine trying to
Rob McEwen (PowerView Systems) wrote:
It could actually be a benefit if/when the e-mail address account was
terminated because this could keep the overall size of the list smaller. I
wonder if there is some automated way to check this getting in trouble for
spamming or abusing the free
Matt Kettler wrote:
Marc Perkel wrote:
I'm just going to throw this out there having not thought this through
but if the spammer moves on to a different account then compaints
against that email address will cease. I say that if and email address
hasn't receives a complaint
I believe that using email addresses that are embedded in 419 type spams
as a spam fingerprint will be as effective against 419 typre spam as
URIBL is for identifying spam that has links in it.
All spam has one thing in common. Spam wants you to DO something. And
what it wants you to do is
901 - 1000 of 1043 matches
Mail list logo
