r domain I can trust it.
Scoring has nothing to do with the real fix.
A SPF "validation tool", or as I put it: your mail server configuration,
doesn't allow receiving spoofed messages.
--
René Berber
mplies configuring your mail
server to use it (for sendmail it means using a milter, exim has it
built it).
The recommendation is to use both.
--
René Berber
ire.
Same here, sendmail + MailScanner and "RP_8BIT 1.39" seems to be a false
positive added to every message I see marked as spam, and many wouldn't
be if that point and fraction weren't added.
--
René Berber
ds of both RR
types. A compliant domain name MUST have a record of at least one
type. If a domain has records of both types, they MUST have
identical content."
No point in discussing if you use TXT or SPF or both, any of those is
good, no "deprecated" option.
--
René Berber
says "The
specification has been frozen" talking about the TXT record.
--
René Berber
are updated periodically...
do you use sa-update?
* You could have changed scores locally, but you said you are using
defaults, so I only mention it for reference.
--
René Berber
MAXCHAIN?
>
> I bet *none* of the /foo targets exist.
> Could that be confusing the plugin when /foo redirects back to "home"
> Steve?
Brent can see in /tmp/DecodeShortURLs.txt if that was the case (i.e. the
file shows the mapping found between the short link and the long one).
Of course this is only if he didn't change the original .cf's
url_shortener_log .
--
René Berber
do.
You are wrong saying they are for "daemon programs", at least that is
not precise enough.
Yes they are for command-line programs. Yes they are for daemon
programs that can run in the foreground; but not daemons in general.
--
René Berber
article (I haven't read it) is of
some help.
--
René Berber
ode 8 is "Exec format error".
--
René Berber
Justin Mason wrote:
> On Fri, Jan 29, 2010 at 14:59, Mark Martinec wrote:
>> On Friday 29 January 2010 04:20:15 René Berber wrote:
>>> Jason Bertoch wrote:
>>>> What version of re2c are you using? Can you post the output of
>>>> 'spamassassin -
Jason Bertoch wrote:
> On 1/28/2010 10:20 PM, René Berber wrote:
>>
>> Now using re2c 13.5 same problem, to be precise it doesn't hang, it
>> loops (the CPU usage goes up and down, RSS the same, up and down) at the
>> same point.
>>
>> Her
René Berber wrote:
> Jason Bertoch wrote:
>
>> What version of re2c are you using? Can you post the output of
>> 'spamassassin -D --lint' to pastebin?
>
> Now using re2c 1.3.5 same problem, to be precise it doesn't hang, it
Oops!0.13.5
>
me point.
Here's the output http://pastebin.com/m438000e0
--
René Berber
.
> Not sure which is which. I'd find interesting the output of:
> $ spamassassin -D -t test.log 2>&1
>
> and if it hangs during evaluation of regexp rules, it would
> be worth trying with a newer re2c.
Sounds like a plan. Thanks.
--
René Berber
Jason Bertoch wrote:
> Can you post the output of 'spamassassin -D --lint' to pastebin?
Here's the current working output: http://pastebin.com/m35634489
--
René Berber
Jason Bertoch wrote:
> On 1/28/2010 3:54 PM, René Berber wrote:
>> Hi,
>>
>> I'm having a problem with spamassassin 3.3.0 after doing sa-compile.
>>
>> The operation didn't return any error and seems to go as usual, but
>> running 'spamas
now I'm not giving enough info to diagnose the problem, but this was
in a production server so I just went for the fast solution: 'rm -rf
/var/lib/spamassassin/compiled'.
Anyone seen this? or anyone using sa-compile doesn't see this?
--
René Berber
accepting fake messages that pretend to come from you, also for your
server to do the same.
I use milter-spiff with sendmail; postfix can also use milters. Of
course SPF is not only the milter or SPF tests inside spamassassin, you
have to set it up on your domain DNS master.
[snip]
--
René Berber
d Argentina,
so why are we wasting time on this?
--
René Berber
Warren Togami wrote:
> On 10/05/2009 02:30 PM, René Berber wrote:
>> Warren Togami wrote:
>>
>>> I heard an interesting story from a friend who was working in Mexico for
>>> the past few months. Apparently in some Latin American countries,
>>> upper
ly is due to historical
> telegraph messages being in uppercase.
Not true.
[snip]
--
René Berber
bind (named).
In Fedora 11 the same line is more complex, returning an error before
using named, but that is not your problem:
hosts: files mdns4_minimal [NOTFOUND=return] dns
--
René Berber
Its a proxy, much
better than others I've seen. Here's a link:
http://spampal.sanesecurity.com/
--
René Berber
needs. I still see
SpamAware as a better choice, it beats SAWin which anyway was intended
to be used on mail servers not mail clients, the POP3 proxy is an
independent tool, not really needed if you have a proper plugin.
--
René Berber
nging it, adding the report back to your own
program, would be possible.
--
René Berber
org/software/mozilla/thunderbird/spamness/, also needs SA
scoring on the mail server.
Perhaps there are options using tools like fetchmail and similar, I
haven't searched for those but it could be relatively easy to set them
up alongside SA.
--
René Berber
he porting). In
fact, ActiveState perl has SA as a ready-made downloadable, i.e. using
ppc but only works with the commercial GUI version IIRC (which I haven't
used).
On the other hand SAWin, or better yet, SpamAware can be tweaked to use
more rules (sa-update installed rules for instance).
--
René Berber
ed [256], skipping...
You should send this to the FuzzyOCR list.
My guess is you probably have a bad netpbm package. When I see
something like this, I configure FuzzyOCR to keep the temporary files,
then run the commands its using.
--
René Berber
sually they are specific cases that can be white listed by
recipient or sender).
--
René Berber
rds, for
instance). And all is documented on the fuzzy perl library used.
Thanks for a great SA plugin.
--
René Berber
Igor Chudov :
No, email is not unusable.
The only problem are inept admins and the people who hire them.
--
René Berber
threshold it doesn't scan it, if you run in debug mode the
threshold is ignored.
--
René Berber
sebastian wrote:
> i am filtering mails with spamassassin & procmail.
>
>
> The header of message
>
> X-Spam-Level: **
>
> I want to sort mails into some different directories.
>
[snip]
> :0:
> * ^X-Spam-Level: .*\(\*\*\*\*\*\*\*\*\*\*
-^^
You are quoting a
e 2003.
You are running a non-standard SA, so the following might be completely
wrong.
Usually the DNS server(s) are defined on /etc/resolv, which in your case
could be inside the perl directory (I don't know what perl you are
using, ActivePerl or Strawberry or the real McCoy under Cygwin, just
take that into consideration).
--
René Berber
system you are using),
or you can ignore the message since it's not important.
The configuration is in ~/.gnupg/gpg.conf (where ~ is for the user that
runs sa-update), the option is no-secmem-warning.
--
René Berber
searching their web site for a document that contains this:
"MailChannels has developped ... SLOW email traffic ..."
on their site. (the capitals in "SLOW" are mine).
[snip]
Can't you read? He said documentation on BarricadeMX, you answer with
more of your dumb messages.
--
René Berber
thing else.
Regards.
--
René Berber
user_prefs? They don't contain
anything special as far as I can see, but something definitely feels wrong
with my configuration. Why else would the AWL test get such scores?
AWL is probably not the culprit, as I said, it follows not leads.
--
René Berber
r per user (even if the "user" is the one running amavisd in
your case), dependending on your spamassassin configuration.
--
René Berber
ation (per user settings).
--
René Berber
nguage you are using it.
BTW the recommended (in FuzzyOcr's site) version is 3.5.1 with some
patches from the SVN repository. The version you have has some issues
with recent Spamassassin versions, like the one about the report being
empty, or not formatted.
--
René Berber
Has anyone noticed the same error output? Is there a solution
> available?
No, I have never seen that problem. Just tested gifsicle 1.48 and no problem
appeared (currently using version 1.44 on production).
--
René Berber
jidanni wrote:
> Wish this list would use e.g., mailman, where one can turn off delivery.
You can do the equivalent (to turn off delivery) by un-subscribing from the
user's list and subscribing to [EMAIL PROTECTED] .
--
René Berber
not message routes.
> botnet will get more accurate. I could be wrong on this but
> for the shake of fighting spam,I hope I am right and you could find a way to
> get this to work.
You are wrong.
--
René Berber
fer" in 1 lines]
["browser" in 1 lines]
["soma" in 1 lines]
["type" in 1 lines]
["pharmacy" in 1 lines]
[(12 word occurrences found)]
...
--
René Berber
John Rudd wrote:
> René Berber wrote:
>> Here's a good example of why Botnet's default score is too high, those
>> guys at
>> meridiencancun have a so called "Enterprise account" with their ISP,
>> what they
>> get is a fixed IP and no contro
allow you any
control over reverse DNS, perhaps none in the region that hotel operates.
[snip]
--
René Berber
sons; yes my ISP s-u-c-k-s
and I have been setting up mail servers for a long time, so I use my own.
And since Botnet doesn't block, it just scores, I do agree than only dumb people
would use its score as a 100% certainty that it is spam. Blacklists, way worse,
who is so innocent that thinks they only list the bad guys?
--
René Berber
and any ISP who uses SA
would gain by using it.
The work Botnet does is similar to graylists, a good one stops suspicious mail
servers for a while, if they insist they'll pass the graylist and get scored by
Botnet, how much you score them is your choice.
--
René Berber
ot be
overwritten if the download failed (that's what the html says, either a failure,
or that you are being blacklisted for downloading to often, or that the site is
off-line).
--
René Berber
tory
with the version in the name, not to use that directory with spamassassin, the
installation is the same (copying the 2 files) you just don't overwrite any
previous source you have.
--
René Berber
no; Exim will stop anything detected as
virus and the plugin will never receive one (it just wastes time).
If you meant using the databases from Sanesecurity, the answer is yes. They add
spam and additional phishing detection that clamd uses.
--
René Berber
_RDWR/etc. (that's why I
included the reference, so you can read the whole thread on the bug report).
--
René Berber
Wolfgang Zeikat wrote:
> In an older episode (Tuesday, 17. July 2007 21:43), René Berber wrote:
>> Wolfgang Zeikat wrote:
>
>>> 2. What can I do to solve that?
>> You can add a line to FuzzyOcr.pm :
>>
>> use POSIX;
>
> That line is already the
can update from SVN that module (along with changes to Scoring.pm, it
solves the unformatted report problem).
--
René Berber
s are
the redundant rules?), the second procedure is easy and that's why most of us
use it.
--
René Berber
with some manual help), spamd/spamc also work fine.
--
René Berber
tc/mail/spamassassin/70_sare_stocks.cf
# SARE Stocks Ruleset for SpamAssassin
# Version: 01.01.01
# Created: 2005-12-18
# Modified: 2007-05-06
...
[snip]
--
René Berber
Nothing should override your scores (your comment only makes sense if someone is
using SA in a non standard way... yes you can put score overrides anywhere, they
might even work or not, but that's not the way you are directed to do it).
local.cf IS the place to put your scores.
--
René Berber
tion might
> be accepted. Perhaps there is an outlook-plugin or something?
SpamAware (plugin for Outlook that includes SA). They also have a product
called Exchange Server Toolbox, I have no experience with it but it may be close
to what you are looking for.
--
René Berber
than in MS you choose the RBL list, SA has a standard list).
--
René Berber
2 word... found" but it only shows 8 words
(counting repetitions), it looks like the score is wrong anyway.
Sorry for taking the topic further away from the original problem with
Util::wrap(), which is the cause of the lost formatting on the report, it just
doesn't take into account the newlines and gets its character count wrong, so
the end result is the mess you see after it adds line breaks as a function of
that character count.
--
René Berber
Daryl C. W. O'Shea wrote:
René Berber wrote:
Matthew Dickinson wrote:
When sending messages from clients using SMTP Auth to a server
running sendmail, I'm seeing issues with SPF and Botnet thinking
these messages are spam-like - I'm not sure if this issue lays with
SA o
**
X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on server.domain.org
Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable
to 8bit by server.domain.org id l4HJRKUm015411
--
René Berber
the first line, there is no such ImageInfo.pm under
/etc/mail/spamassassin, it should be with all the rest of the SA installation.
Looks to me like a scrambled installation.
--
René Berber
il::SpamAssassin::Plugin::URIDNSBL
--
René Berber
efault parametes, as you have seen, work fine... I would only check
focr_enable_image_hashing (disabled by default, recommended set to 2), and
focr_base_score (which is too high in my opinion, 5 is the default and there's a
know bug that counts the same word as several repetitions so the count is not
very reliable).
--
René Berber
I'm using and version 3.5.1, only one word
was detected. The score is actually a known bug in the current version, it
counted twice the same word (I think it doesn't appear in two different lines).
> and upgrade to new version, but I'm
> already using the last Fuzzry version (OCR 2.3b)
That's not the latest version, go to the FuzzyOcr page again and read what it
says carefully.
--
René Berber
use the global
default;
- You can upgrade to the latest version, it has different factors and more
functionality but, the downside is that you will have to upgrade the pnm stuff
and probably other perl modules.
--
René Berber
real
problem, and they are literally what they say: an undefined dependency.
For instance SARE_OBFU_CIALIS, you probably have the file 70_sare_obfu0.cf in
/etc/mail/spamassassin, then you have something different than me since I can't
find a reference to SARE_OBFU_CIALIS2, perhaps you have an old version.
Try looking into the SARE files with: grep SARE_OBFU_CIALIS2 *.cf; better yet,
try updating your "Ruled Du Jour".
--
René Berber
Of course milters are for
sendmail or postfix, you may need something similar for other servers.
--
René Berber
-D FuzzyOcr < test.eml
Then you can see which words were detected and how the score was added up.
Unless you changed the default FuzzyOcr configuration I doubt the score you saw
came only from FuzzyOcr, you probably have AWL and that lowered the score a lot.
--
René Berber
sable_score 30
In debug mode FuzzyOcr sets this parameter to 100 (or 1000 I don't remember),
that explains what you see one way and not the other way.
--
René Berber
Alexis Manning wrote:
[snip]
> I'm using FuzzyOCR 3.4.2 - does 3.5.1 have any additional support for
> animated GIFs?
Yes, it uses gifsicle.
--
René Berber
prises.com/cgpsa/) and ClamAV
> (http://webmail.wcg.org/~support/cgFilterMessages/history.html).
A better option for using ClamAV (w/o having to install it):
http://www.niversoft.com/products/cgscripts/cgpclamav
--
René Berber
VMware player, and use a full featured server;
- Install Cygwin + Exim + ClamAV + (SA + EximConfig);
- Others I haven't used (Courier is known to work under Cygwin, etc.)
--
René Berber
this out is by running `spamassassin -x -t -D FuzzyOcr <
sample.eml` and see if FuzzyOcr is really using the mySQL module or not. Leave
out the -D part if you want to find who is using what.
--
René Berber
are
seeing is in file FuzzyOcr/Config.pm, I think you have the old one, or...
Somebody else had a report just like yours (on the FuzzyOcr list), with the
correct version, but it seems he was calling mySQL from somewhere else in the
spamassassin configuration (Bayes perhaps?).
--
René Berber
ts,
># recommended)
>focr_enable_image_hashing 2
>
> So why is it looking for DBD::mysql?
You are using a very old pre-release of version 3.5. That problem was fixed a
few months ago, before 3.5.1 came out.
--
René Berber
e_ is about 6 months old.
> Is this tool really advisable on a serious system?
It works fine, I would recommend it.
--
René Berber
;> DiG 9.3.2 <<>> aip.org txt
...
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
--^
So the question is, if there is no SPF why should SA score against it? It
shouldn't, there must be something wrong with your setup.
--
René Berber
Robert Nicholson wrote:
> Fuzzy OCR isn't getting any hits on this mail. Anybody know why?
[snip]
You can see for yourself, use `spamassassin -x -t -D FuzzyOcr < sample.eml`.
--
René Berber
c/mail/spamassassin
[snip]
This is obviously with FuzzyOcr-3.5.1, did you installed correctly? Seems that
you did not copy directory scuzzy which has 8 perl modules, Logging.pm is one of
them.
--
René Berber
Ed Kasky wrote:
> At 10:23 AM Tuesday, 1/23/2007, René Berber wrote -=>
>> Ed Kasky wrote:
>>
>> > With FuzzyOcr 3.5.1 and SA 3.1.7, I noticed this in the log while
>> > debugging my setup:
>> >
>> > 2007-01-23 01:39:23 [16842] Processing M
sult, I have had no hits since installing the new version.
When did you install the new version?
For what period of time there are no hits? Do you know how many times the
plugin was called?
> Any suggestions as to where to look next are gratefully accepted and
> appreciated...
There is a global timeout, usually disabled but looks like you uncommented the 1
sec sample value.
--
René Berber
Will Nordmeyer wrote:
>
> René Berber wrote:
>> Sherman Lilly wrote:
> [snip]
>>> I get why they are getting through. They are spoofing the Return-Path.
>>> Is there any way to remedy this problem?
>> Depends on your server. For sendmail there is:
&g
mail/english.html
the FEATURE(`local_sender_check') gets rid of all forged addresses pretending to
be from your domain.
--
René Berber
ds for
> hotmail, excite, mail.com etc, but there don't seem to be any general rules.
Take a look at Botnet plugin:
http://permalink.gmane.org/gmane.mail.spam.spamassassin.general/93141
with minor changes I think it can do exactly what you describe, which is a
subset of what it already does.
--
René Berber
but if there is anything I missed, I'd be glad
> for a pointer. Thanks!
http://fuzzyocr.own-hero.net/wiki/Installation-3.5.x
Look for Log::Agent in the (required) Perl modules section.
--
René Berber
table enough for production use yet?
>
> We are still running 2.3b because it is the only one currently listed as
> stable.
Read the *bold* text.
--
René Berber
d or not). Probably what you suspected from the start, spamd's
user does have a path set or not set, try `su - spamd` or whatever the name of
the user and repeat the ldd test.
--
René Berber
René Berber wrote:
> Markus Eskola wrote:
> [snip]
>> dbg: diag: perl platform: 5.008006 solaris
>>
> [snip]
>> cpan> m DBD::mysql
> ...
>> INST_VERSION 4.00
>
> Both look alright.
>
>> Is there somehow I can check that all the other file
4-solaris/auto/DBD/mysql/mysql.so; it
does depend on libgcc_s.so.1, is it shown as missing? what does `gcc gcc
-print-file-name=libgcc_s.so.1` show? (if it's only the name with no path, then
gcc didn't find it).
--
René Berber
Markus Eskola wrote:
> René Berber skrev:
>> You are probably using two different perl versions, in one you have
> DBD::mysql,
>> in the other (perl 5.8.6) you don't.
>
> Yes, there are two versions of perl installed but only 5.8.6 is used
> (atleast in a SA p
ried but a MingW version should also be possible, I don't know if in
that case you have to use ActiveState's perl (or perhaps there is a MingW perl).
--
René Berber
t have anything to do with PATHs, or LD_PATHs for the spamd user?
Yes, if perl is found using the PATH the one that comes first wins.
--
René Berber
shell and use the command "install
Mail::SpamAssassin", that's it. Another advantage of Cygwin's environment is
that you can really use the spamd server if you want (and spamc needs a server
to do its work).
--
René Berber
uld be to extend AWL and/or other auto white-listing in a
similar fashion. SA's AWL is probably decreasing the score in your case already
and you don't have much control, just add or delete manually, and the automatic
score averaging.
> I am running 3.1.7 with sa-update and some of the various SARE rulesets.
> I have AWL and Bayes turned on also.
>
> Thanks for your thoughts!
HTH
--
René Berber
ero.net/browser/tags/FuzzyOcr-3.5.0-rc1
>
> To see none patches. Or should I use rather (see below) this?
>
> http://fuzzyocr.own-hero.net/browser/trunk/devel
He meant that you should use:
http://fuzzyocr.own-hero.net/wiki/Downloads
and leave the code in development alone (unless you are a developer ;^).
--
René Berber
1 - 100 of 127 matches
Mail list logo
