On 1/30/2024 10:58:52, Matus UHLAR - fantomas wrote:
On 30.01.24 09:59, joe a wrote:
Advisable to "prune" Bayes data based on age?
While cleaning up recent Ham/Spam, found my "saved SPAM" goes back to
2013.
Why that's over . . . wait, I need to take off my socks . . .
Advisable to "prune" Bayes data based on age?
While cleaning up recent Ham/Spam, found my "saved SPAM" goes back to
2013.
Why that's over . . . wait, I need to take off my socks . . .
So, how old is "too old". For saved SPAM?
On 11/14/2023 13:46:11, Matus UHLAR - fantomas wrote:
On 14.11.23 13:05, joe a wrote:
Low volume home office user and system.
Occasionally when first dealing with a new entity, their
correspondence gets flagged as SPAM.
When I whitelist these, what should be done with those messages
On 11/14/2023 20:48:27, John Hardin wrote:
On Tue, 14 Nov 2023, joe a wrote:
Low volume home office user and system.
Occasionally when first dealing with a new entity, their
correspondence gets flagged as SPAM.
When I whitelist these, what should be done with those messages that
might
Low volume home office user and system.
Occasionally when first dealing with a new entity, their correspondence
gets flagged as SPAM.
When I whitelist these, what should be done with those messages that
might remain in "flagged SPAM" or "Missed SPAM"?, thinking along lines
of keeping BAYES
mille!
Joe
SURBL
Thanks
Giovanni
ot see the URI and therefore not it through any of the
rules for URIs.
This means even if the bad site is listed on domain RBLs (SURBL, Spamhaus or
URIBL), the mail is not tagged for that.
Joe Wein
SURBL
On 2/28/2023 12:05 PM, Jeff Mincy wrote:
> From: joe a
> Date: Tue, 28 Feb 2023 11:37:34 -0500
>
> Curious as to why these scores, apparently "stock" are what they are.
> I'd expect BAYES_999 BODY to count more than BAYES_99 BODY.
>
> Noted in a head
Curious as to why these scores, apparently "stock" are what they are.
I'd expect BAYES_999 BODY to count more than BAYES_99 BODY.
Noted in a header this morning:
* 3.5 BAYES_99 BODY: Bayes spam probability is 99 to 100%
* [score: 1.]
* 0.2 BAYES_999 BODY: Bayes spam probability is
On 2/17/2023 10:41 PM, Loren Wilton wrote:
They receive wildly different BAYES scores.
* -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
* [score: 0.0002]
* 2.2 BAYES_20 BODY: Bayes spam probability is 5 to 20%
* [score: 0.0881]
This looks like you have per-user Bayes
On 2/17/2023 3:25 PM, joe a wrote:
Did a simple test today sending an email from a gmail account to two
email accounts on my system. The only difference was the email
address, both were on the same "To:" line in the composed messages.
They receive wildly different BA
On 2/17/2023 11:44 AM, Martin Gregorie wrote:
On Fri, 2023-02-17 at 10:54 -0500, joe a wrote:
Could it have been that simple?
If, like myself, you find reference books useful, you may want to get a
copy of "Linux in a Nutshell" - an O'Reilly book.
It tends to assume you know at
On 2/17/2023 4:42 AM, Matus UHLAR - fantomas wrote:
On 16.02.23 15:57, joe a wrote:
Re-energized having recently heroically wrestled an elusive issue (to
me) into surrender . . . we now turn to another issue.
Probably I need to retrain BAYES "From scratch". I have a mess
(years?)
On 2/17/2023 7:37 AM, Reindl Harald wrote:
Am 16.02.23 um 23:34 schrieb joe a:
I have no idea what you refer to when you state "don't user proper
packages". "Proper" in what sense? A rhetorical question.
i have no idea how you installed SA but rpm packages or debs u
On 2/16/2023 8:28 PM, Matija Nalis wrote:
On Thu, Feb 16, 2023 at 05:34:37PM -0500, joe a wrote:
Oh, of course. I installed as root initially, being foolish perhaps, but
did create a specific user "later" and adjusted permissions as needed. Or,
so I thought.
well, installi
. . .
it also runs with another environment, so it may miss PATHes or @INC
directories.
That throws me a curve. What is an @INC directory? SA specific?
I do not find any with the locate command, but if the are an actual
directory may need to escape the @ sign somehow. \ does not seem to do
On 2/16/2023 5:32 PM, hg user wrote:
On Thu, Feb 16, 2023 at 9:57 PM joe a <mailto:joea-li...@j4computers.com>> wrote:
plugin: failed to parse plugin (from @INC): Can't locate
Mail/SpamAssassin/Plugin/SpamCop.pm:
lib/Mail/SpamAssassin/Plugin/SpamCop.pm: Permissi
. . .
I have no idea what you refer to when you state "don't user proper
packages". "Proper" in what sense? A rhetorical question.
i have no idea how you installed SA but rpm packages or debs usually
have correct permissions
Oh, of course. I installed as root initially, being foolish
On 2/16/2023 4:30 PM, Reindl Harald wrote:
Am 16.02.23 um 21:57 schrieb joe a:
I understand that sa-learn should be run as the same user as spamd,
however I find it has always been run as root and when running as the
spamassassin user results in errors, such as:
~su -c "sa-learn -
On 2/14/2023 6:09 PM, joe a wrote:
Please let this sit for a while, I've discovered a fundamental issue
with my scheme of feeding messages to BAYES. Unfortunately I was
remiss, apparently, it setting up logging for some bits, so have no idea
how long this has been failing.
Sorry
Please let this sit for a while, I've discovered a fundamental issue
with my scheme of feeding messages to BAYES. Unfortunately I was
remiss, apparently, it setting up logging for some bits, so have no idea
how long this has been failing.
Sorry for the clutter.
joe a.
On 2/14/2023 5:37 PM
On 2/14/2023 2:56 AM, Matus UHLAR - fantomas wrote:
On 13.02.23 17:42, joe a wrote:
Have some annoying SPAM that consistently shows a negative score on
BAYES. Is the default scoring or influenced by BAYES in some way?
*-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
* [score
On 2/13/2023 5:51 PM, Benny Pedersen wrote:
joe a skrev den 2023-02-13 23:42:
Have some annoying SPAM that consistently shows a negative score on
. . .
time to upgrade imho :=)
. . .
And, yes, I should upgrade.
On 2/13/2023 5:51 PM, Benny Pedersen wrote:
joe a skrev den 2023-02-13 23:42:
Have some annoying SPAM that consistently shows a negative score on
BAYES. Is the default scoring or influenced by BAYES in some way?
*-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
* [score: 0.
Have some annoying SPAM that consistently shows a negative score on
BAYES. Is the default scoring or influenced by BAYES in some way?
*-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
* [score: 0.]
SpamAssassin 3.4.5
Thanks for any pointers.
ore 0 are not run.
However, joe a aka the OP should be more interested in finding out why
are his DNS queries going through an open resolver and fixing the real
issue.
Right you are. It now appears resolved (cough, cough . . .).
Spamhaus site provided this quick test: "dig 2.0.0.127.ze
:
dns_query_restriction deny spamhaus.org
Ah Hah! Seems to work for me. See? I CAN be taught!
joe a.
On 1/8/2023 4:38 PM, Benny Pedersen wrote:
joe a skrev den 2023-01-08 21:50:
SA version 3.4.5
Gears are clashing, clutch is slipping, among other things.
Trying to exclude certain checks, via spamhouse services "by the book"
what book ?
The good one? Several places. Most looke
On 1/8/2023 4:23 PM, Charles Sprickman wrote:
What did you end up with?
score RCVD_IN_ZEN_BLOCKED_OPENDNS 0
I am not certain if that stops the test or simply reporting of the
message. Looks like I will need to do some packet capture after all.
I have a bunch of zero rules for these yet
On 1/8/2023 4:00 PM, joe a wrote:
On 1/8/2023 3:50 PM, joe a wrote:
SA version 3.4.5
Gears are clashing, clutch is slipping, among other things.
Trying to exclude certain checks, via spamhouse services "by the book"
When placing these values in local.cf:
RCVD_IN_ZEN 0
RCV
On 1/8/2023 3:50 PM, joe a wrote:
SA version 3.4.5
Gears are clashing, clutch is slipping, among other things.
Trying to exclude certain checks, via spamhouse services "by the book"
When placing these values in local.cf:
RCVD_IN_ZEN 0
RCVD_IN_XBL 0
RCVD_IN_PBL 0
"spam
SA version 3.4.5
Gears are clashing, clutch is slipping, among other things.
Trying to exclude certain checks, via spamhouse services "by the book"
When placing these values in local.cf:
RCVD_IN_ZEN 0
RCVD_IN_XBL 0
RCVD_IN_PBL 0
"spamassassin --lint" complains. Yet SA starts without
On 1/8/2023 2:08 PM, Martin Gregorie wrote:
On 07.01.23 14:06, joe a wrote:
Pretty sure. Or, I was. Ran various tests with unbound running
and
not running confirmed it was working, at least providing a
response.
Thats pretty simple to check, provided you've got Wireshark installed:
Fire
On 1/8/2023 12:36 PM, Matus UHLAR - fantomas wrote:
On 07.01.23 12:03, joe a wrote:
Thanks. I think I actually got unbound working but still was
getting URIBL rejects from spamhaus.
On 1/7/2023 1:25 PM, Matus UHLAR - fantomas wrote:
- do you actually use that unbound server? is 127.0.0.1
On 1/7/2023 12:16 PM, Benny Pedersen wrote:
joe a skrev den 2023-01-07 18:03:
That will give me some time to review how to disable specific checks,
such as dnswl.org which caused a score of -5.0 for some obviously
spammy stuff.
please report spam https://www.dnswl.org/?page_id=17
especily
your own
non-forwarding caching nameserver
https://cwiki.apache.org/confluence/display/SPAMASSASSIN/CachingNameserver
On 07.01.23 12:03, joe a wrote:
Thanks. I think I actually got unbound working but still was getting
URIBL rejects from spamhaus.
- do you actually use that unbound server
On 1/7/2023 9:06 AM, Matus UHLAR - fantomas wrote:
On Fri, 6 Jan 2023, joe a wrote:
Attempting to utilize the various block lists and find rejection
messages in mail headers "blocked due to usage of an open resolver".
On 06.01.23 09:49, John Hardin wrote:
Are you forwarding your Sp
On 1/6/2023 12:49 PM, John Hardin wrote:
On Fri, 6 Jan 2023, joe a wrote:
. ..
I think you're getting distracted by the word "resolve" there... This
sounds like a DNS issue.
Agree it is likely a DNS issue. Apparently one I do not yet grasp.
Is there an online tool to which
On 1/6/2023 12:15 PM, Kevin A. McGrail wrote:
My interpretation is thus:
You have a firewall with a public IP and an private IP
You have a box with email behind that firewall.
When it talks to the world, it should do helo that maps back to
your Firewall's public IP not to a private RFC1918
Attempting to utilize the various block lists and find rejection
messages in mail headers "blocked due to usage of an open resolver".
One of many things puzzling me at the moment is something found in the
related Wiki that states "A: Third, if your email gateway is behind a
firewall make sure
On 1/5/2023 3:24 AM, Loren Wilton wrote:
You can simplify your rule code a little if you want:
header __LOCAL_FROM_BE From =~ /.\.beauty/i
meta LOCAL_BE (__LOCAL_FROM_BE)
score LOCAL_BE 2
describe LOCAL_BE from beauty domain
to
header LOCAL_BE From =~ /.\.beauty/i
score LOCAL_BE 2
As an increasing amount of SPAM from "boutique" domains began slipping
through, I resorted assuring they are marked as SPAM by adding custom
rules when sufficiently annoyed.
The local rules take this form (thanks to whoever provided the
"template" for this):
header __LOCAL_FROM_BE From =~
On 1/2/2023 4:27 PM, Bill Cole wrote:
On 2023-01-02 at 16:18:53 UTC-0500 (Mon, 2 Jan 2023 16:18:53 -0500)
joe a
is rumored to have said:
On 1/2/2023 4:01 PM, joe a wrote:
On 1/2/2023 2:49 PM, joe a wrote:
Noticed this line in /var/log/mail:
spamd[31188]: config: failed to parse line
On 1/2/2023 4:01 PM, joe a wrote:
On 1/2/2023 2:49 PM, joe a wrote:
Noticed this line in /var/log/mail:
spamd[31188]: config: failed to parse line, skipping, in
"/etc/mail/spamassassin/local.cf": Mail::SpamAssassin::Plugin::URIDNSBL
It seems to have started a few weeks ag
On 1/2/2023 2:49 PM, joe a wrote:
Noticed this line in /var/log/mail:
spamd[31188]: config: failed to parse line, skipping, in
"/etc/mail/spamassassin/local.cf": Mail::SpamAssassin::Plugin::URIDNSBL
It seems to have started a few weeks ago and does not appear to be
related t
Noticed this line in /var/log/mail:
spamd[31188]: config: failed to parse line, skipping, in
"/etc/mail/spamassassin/local.cf": Mail::SpamAssassin::Plugin::URIDNSBL
It seems to have started a few weeks ago and does not appear to be
related to the date of any deliberate changes on my part.
I am far from an anti SPAM expert, but:
On 8/13/2022 4:52 PM, Vincent Lefevre wrote:
On 2022-08-13 14:05:43 -0400, joe a wrote:
On 8/13/2022 12:38 PM, Martin Gregorie wrote:
. . .
2) There's no mandatory need to REJECT spam. It has always been up to
the recipient to decide whether
I'll be sure to look this over well to see what I can use or adapt, thanks.
On 8/13/2022 11:04 AM, Reindl Harald wrote:
Am 13.08.22 um 16:21 schrieb joe a:
Ah, thanks for describing that. I am somewhat more brain fogged than
usual this morning, so am uncertain any of those would work
On 8/13/2022 12:38 PM, Martin Gregorie wrote:
. . .
2) There's no mandatory need to REJECT spam. It has always been up to
the recipient to decide whether to return it to the sender or not.
Agreed in part. I see returning SPAM to sender as an exercise in
futility or perhaps further
And, of course, I must edit my last reply:
On 8/13/2022 10:21 AM, joe a wrote:
My first thought was, the postfix stuff would work, because . . .
My first thought was, the postfix stuff would NOT work, because . . .
solutions for some time, if ever. So,
I should stop here and look them over.
However, any real world "we did that" exists, please let me know.
joe a.
On 8/13/2022 9:52 AM, Bert Van de Poel wrote:
I think what Noel is referring to is Postfix configuration li
On 8/12/2022 11:43 PM, Noel Butler wrote:
Why are you not blocking with blacklists at the border, ie: MTA.
I'm not familiar with how to do that or if it can be done. Since SA
offers this functionality, so did not even consider that. I'll look into it.
Given its 0 resources for your MTA,
I need to refresh my brain on using blacklists with SA, before looking
more deeply into why this got through.
Today a email slipped through with a very low score that was clearly
phishy. A url in question, posing as another, hits no less that 6
blacklists. I was going to look at clamav
This is OT, but perhaps someone here knows.
In the context of the logrotate conf file, what does the + sign indicate
when used as a prefix size directive?
Example: "size +4096k"
Some conf files have it, some don't. Man pages do not mention it AFAICT
and the internet is rather seems to
> On 2022-01-20 at 16:21:40 UTC-0500 (Thu, 20 Jan 2022 16:21:40 -0500)
> Joe Acquisto-j4
> is rumored to have said:
>
. . . . .
> To figure out what matched, you'll need to check a message with the
> "rules" debug channel on:
>
> spamassassin -t -
>>>>
>> On 2022-01-20 15:47, Joe Acquisto-j4 wrote:
>>
X-Spam-Checker-Version: SpamAssassin 3.4.5 (2021-03-20)
>>
>> old version
>>
>>> * 1.8 FSL_HELO_NON_FQDN_1 No description available
>>
>> have you configured internal_netw
>>>
> On 2022-01-20 15:47, Joe Acquisto-j4 wrote:
>
>> X-Spam-Checker-Version: SpamAssassin 3.4.5 (2021-03-20)
>
> old version
>
>> * 1.8 FSL_HELO_NON_FQDN_1 No description available
>
> have you configured internal_networks, trusted_networks ?
Yes
> I followed my own advice about egrep -R and found this immediately
>
> it's in
>
> 3.004006/updates_spamassassin_org/72_active.cf
>
> and it is
>
> ##{ FSL_HELO_NON_FQDN_1
> header FSL_HELO_NON_FQDN_1 X-Spam-Relays-External =~ /^[^\]]+
> helo=[a-zA-Z0-9-_]+ /i
> ##} FSL_HELO_NON_FQDN_1
>
> Am 20.01.22 um 15:47 schrieb Joe Acquisto-j4:
>> Where can I get some idea of what the rule below actually checks for? I
> noticed some normally passed email was flagged as SPAM.
>>
>> Started seeing it sometime after making some configuration changes to l
them
all, or one at a time, I'd rather have a clue. Semi-informed hacking about can
be problematic.
X-Spam-Checker-Version: SpamAssassin 3.4.5 (2021-03-20)
* 1.8 FSL_HELO_NON_FQDN_1 No description available
Thanks
joe a.
lue x four.
But, no . . .
In the words of Lt. Commander Data, I was "chasing an untamed ornithoid
without cause".
Perhaps sheepishly yours . . . .
joe a.
> On Monday 12 July 2021 at 20:07:16, Joe Acquisto-j4 wrote:
>
>> SpamAssassin 3.4.5 (2021-03-20) on Suse Leap 15.2 (their distr
SpamAssassin 3.4.5 (2021-03-20) on Suse Leap 15.2 (their distro IIRC)
Noticed that mail marked as SPAM was scanned again by SA after it had been
"disposed" as an attachment.
I uncommented "report_safe 0" and did a restart of SA. Next SPAM came through
as a normal email, still marked as SPAM
Thanks for all the solutions and suggestions.
joe a.
> Anyone have a regex example handy that can detect any number of digits before
> @ sign?
> Not a regex maven at all. What searching I did on this topic just served to
> kick the bee hive.
>
>
Pe
Anyone have a regex example handy that can detect any number of digits before @
sign?
Not a regex maven at all. What searching I did on this topic just served to
kick the bee hive.
>> Perhaps memory fails, but was there not, once, a standard rule that
>> detected non alpha characters in
>
Using SpamAssassin 3.4.5 (2021-03-20)
Perhaps memory fails, but was there not, once, a standard rule that detected
non alpha characters in
sender name? The domain/provider is not of interest for this question.
Such as this item (not the actual sender name)
* 1.0 FREEMAIL_FROM Sender
On 4/23/21 2:52 PM, David B Funk wrote:
On Fri, 23 Apr 2021, Steve Dondley wrote:
I'm looking at KAM.cf. There is this rule:
body __KAM_WEB2 /INDIA based
IT|indian.based.website|certified.it.company/i
I'm wondering if there is a good reason why a singe period is used
instead of
> On 26 Jan 2021, at 17:04, Joe Acquisto-j4 wrote:
>
>> running version 3.42.
>
> Presumably you meant 3.4.2...
>
> Unless that's a distro-patched variant, such as the ones RH and Debian
> produce, you should update to 3.4.4. There are significant secur
>> On Tue, 26 Jan 2021, Joe Acquisto-j4 wrote:
>>
>> On 2021-01-26 23:04, Joe Acquisto-j4 wrote:
>>>>>
>>> Any suggestions?
>>>>>
>>>>> does it lint if local.cf is empty or non exists ?
>>>>
>>>> Just
> On Tue, 26 Jan 2021, Joe Acquisto-j4 wrote:
>
>>>> On 2021-01-26 23:04, Joe Acquisto-j4 wrote:
>>>>
>> Any suggestions?
>>>>
>>>> does it lint if local.cf is empty or non exists ?
>>>
>>> Just renamed local.cf a
>On Tue, 26 Jan 2021 17:04:17 -0500
> Joe Acquisto-j4 wrote:
>
>
>> Ran lint (spamassassin -D --lint) and noticed numerous (20-30 ?)
>> "__E_LIKE_LETTER," in sequence, followed by
>>
> "__GATED_THROUGH_RCVD_REMOVER,__HAS_FROM,__HAS_MESSAGE_ID,
>> On 2021-01-26 23:04, Joe Acquisto-j4 wrote:
>>
Any suggestions?
>>
>> does it lint if local.cf is empty or non exists ?
>
> Just renamed local.cf and get the same results. Now I am more confused. Too
> late for more coffee.
spamd was stopped at the time.
> On 2021-01-26 23:04, Joe Acquisto-j4 wrote:
>
>> Any suggestions?
>
> does it lint if local.cf is empty or non exists ?
Just renamed local.cf and get the same results. Now I am more confused. Too
late for more coffee.
running version 3.42.
I added a rule in local.cf and restarted spamd. (systemctl restart
spamd.service) It hit. Changed the score on it and an existing rule and did a
restart and they it but neither score changed.
Ran lint (spamassassin -D --lint) and noticed numerous (20-30 ?)
/sendmail -i "$@"
exit $?
It's been there all along. t sure why I did it that way.
I guess I need to re-read something as I have been changing the -s value in
spamc.conf and is seems to have an effect after a restart. 00I would have
thought the value in master.cf would take preced
Umm, err, . . . well . . .
Just what I robotically entered in postfix master.cf
smtp inet n - n - - smtpd -o
content_filter=spamassassin
Is that what you were after?
>>>
> What glue are you using to call SA?
>
> On Sat, Dec 26, 2020,
Some mail with attached suspect files are larger than can be processed.
Looking for a way to flag such "oversize" messages as suspect even if not
processed.
Is there a simple way? SpamAssassin version 3.4.2
> What, specifically, is the config you're using to invoke CLAMAVPlugin?
>
> You need to have at least two things set up in your spamassassin config
> files:
> 1) load the plugin in a "v*.pre"
> 2) invoke the check_clamav() procedure
>
> EG:
> in v320.pre
>
> # AntiVirus - some simple
> Am 03.12.20 um 03:00 schrieb Joe Acquisto-j4:
On Wed, 02 Dec 2020 19:38:22 -0500
>>> Joe Acquisto-j4 wrote:
>>>
>>>> Malware is not being detected in the test form
>>>
>>> Just to be clear, do you have EICAR as an attached .com file?
&
> On Wed, 02 Dec 2020 19:38:22 -0500
> Joe Acquisto-j4 wrote:
>
>> Malware is not being detected in the test form
>
> Just to be clear, do you have EICAR as an attached .com file?
I thought so, but it appears not. has a form
that has both "clean" a eicar.com at
to 1%
* [score: 0.]
Received: from auxilary (localhost [127.0.0.1])
by aux.a.com (Postfix) with ESMTP id 853C029D72
Might verbose or debug level loggin be of any help? Not seeing anything
different when I tail /var/log/mail.
joe a.
> On Wed, 2 Dec 2020, Tom Hendrikx wrote:
>
>>
>>
>> On 02-12-2020 16:18, Joe Acquisto-j4 wrote:
X-Spam-Virus: _CLAMAVRESULT
>>
>> I never integrated Clam using this plugin, but this seems a config
typo to
>> be: there should be a Yes/No in there
>On Wed, 2 Dec 2020, Tom Hendrikx wrote:
>
>>
>>
>> On 02-12-2020 16:18, Joe Acquisto-j4 wrote:
X-Spam-Virus: _CLAMAVRESULT
>>
>> I never integrated Clam using this plugin, but this seems a config typo to
>> be: there should be a Yes/No in there
>>>
> On Wed, 2 Dec 2020, Joe Acquisto-j4 wrote:
>
>> Hacking away, seem to have it working?, Using CLAMAVPlugin. At least mail
>> does not appear "broken".
>>
>> But EICAR is not detected. I "think" it is being scanned as I
>> Am 23.11.20 um 17:37 schrieb Joe Acquisto-j4:
So, beyond "experiences" any leads on generic "how to" guides that actually
>> work in
>>> practice? I've found a few, rather than chase geese, I'm sure some here
>> have done
>>> si
> Am 23.11.20 um 17:37 schrieb Joe Acquisto-j4:
>> So, beyond "experiences" any leads on generic "how to" guides that actually
> work in
>> practice? I've found a few, rather than chase geese, I'm sure some here
> have done
>> similar t
>
> I would also be interested in newer/supported AV alternatives.
>
> Regards,
> Dave
>
Where did you hear this? I was just informed it will continue until 2023 at
least.
The "Free" version is no longer available, apparently, b
>>
> On 11/24/20 12:40 PM, Axb wrote:
>> Fuglu supports Sophos AV
>> See fuglu.org
>
> Sophos recently discontinued their support for SAVI on Linux. They now
> only support "Server Central Intercept X Advanced" which is an entirely
> different product.
>
> I would also be interested in
So, beyond "experiences" any leads on generic "how to" guides that actually
work in
practice? I've found a few, rather than chase geese, I'm sure some here have
done
similar things, even if with other AV scanners.
> SOHO system, on virtual machines. Fairly recent versions. Running openSUSE
SOHO system, on virtual machines. Fairly recent versions. Running openSUSE
Leap 15.1.
Due to some recent malware (obvious stuff) wanted to add AV scanning. I
gather "Amavis-new" is the hot ticket these days,
I deal with Sophos products and would like to use their linux product to do the
>>>
> On 7/24/20 7:41 PM, Noel Butler wrote:
>
>> On 24/07/2020 23:26, Benny Pedersen wrote:
>>
Noel Butler skrev den 2020-07-24 14:57:
>>>
because it shits trolls like you off
>>>
>>>
> https://imgur.com/pHlUeZY?fbclid=IwAR2l8HBDnXST5-adnmyIbBAsq16sZeGNhfqHwBNM8I
> kQZsir2aUw-H919hk
>>
>>
>>>
> Not sure how to phrase the question, but I wonder about creating a rule.
>
> In /etc/mail/spamassassin/local.cf I see the following, and believe it is a
> long forgotten custom rule:
>
> header PW_IS_BAD_TLD From =~ /\.pw\b/
> describe PW_IS_BAD_TLD PW TLD ABUSE
> score PW_IS_BAD_TLD
Not sure how to phrase the question, but I wonder about creating a rule.
In /etc/mail/spamassassin/local.cf I see the following, and believe it is a
long forgotten custom rule:
header PW_IS_BAD_TLD From =~ /\.pw\b/
describe PW_IS_BAD_TLD PW TLD ABUSE
score PW_IS_BAD_TLD 4.0
Could someone
>>>
> On Thu, 2019-11-28 at 22:12 -0500, Joe Acquisto-j4 wrote:
>> I use fetchmail on a different box to pull mail from several
>> accounts at an ISP and send those messages to the SA/postfix box.
>>
> OK, more similar to my setup, then, than I'd guessed.
>>>
>>>>
>> On Thu, 2019-11-28 at 18:38 -0500, Joe Acquisto-j4 wrote:
>>
> > Is there any tangent down this path were I can get the dropped
>>> > > "test" message to actually flow through, in "normal" fashion?
>&
>>>
> On Thu, 2019-11-28 at 18:38 -0500, Joe Acquisto-j4 wrote:
>
>> > > Is there any tangent down this path were I can get the dropped
>> > > "test" message to actually flow through, in "normal" fashion?
>>
>> >
>>>
>>>>
>> On Thu, 2019-11-28 at 11:56 -0500, Joe Acquisto-j4 wrote:
I want to be able to reprocess a particular email, marked as SPAM,
>>> after making some SA tweaks.
>>>
>> I do something similar with with collection of test messages, most
>>>
> On Thu, 2019-11-28 at 11:56 -0500, Joe Acquisto-j4 wrote:
>> I want to be able to reprocess a particular email, marked as SPAM,
>> after making some SA tweaks.
>>
> I do something similar with with collection of test messages, mostly
> received spam,
Well, here goes, asbestos pants on. I did, honest, do some searching before
asking this.
I want to be able to reprocess a particular email, marked as SPAM, after making
some SA tweaks.
Basically I have saved the email, which was received as an attachment, as a
text file. Thinking to
>>> On 4/1/2019 at 3:04 PM, in message
<20190401200413.26170...@gumby.homeunix.com>, RW
wrote:
> On Mon, 01 Apr 2019 14:55:31 -0400
> Joe Acquisto-j4 wrote:
>
>> >>> On 4/1/2019 at 12:02 PM, in message
>> <86dcd67b-89d7-b1d7-ff98-627b
>>> On 4/1/2019 at 12:02 PM, in message
<86dcd67b-89d7-b1d7-ff98-627b06a4f...@thelounge.net>, Reindl Harald
wrote:
>
> Am 01.04.19 um 17:53 schrieb Joe Acquisto-j4:
>> Occasionally an obvious phish gets through, traced to being over the "skip
> it" size
1 - 100 of 511 matches
Mail list logo
