at that domain and tell them
they're listed in rfc-ignorant. I bet they haven't got a clue, and some
of their other legitimate messages aren't being delivered.
Peter
!
Peter
value and can also be configured to
delete, quarantine, deliver, or forward tagged messages. If tagged
messages are delivered to the recipient, he or she can write a
client-side rule to handle the spams.
Peter
positives; seems to work
okay here.
I don't use Bayes at all.
Peter
Steve Ingraham wrote:
Could you explain how I can train Bayes? What specifically do I need to
do to accomplish this?
http://spamassassin.apache.org/full/3.0.x/dist/doc/sa-learn.html
which gets 3 points here. They're nearly always spams though they're
usually tagged by other rules. A quick grep of my logs shows that the
lowest SA score received by a message that claims to be localhost is
about 10 (including the 3 points for this rule).
Peter
R Lists06 wrote:
Nothing personal, yet that is some messed up reverse dns delegation.
Perhaps, but RIPE, for instance, calls RFC2317, which proposed this
method, a Best Current Practices RFC:
http://www.ripe.net/rs/reverse/infosources.html
I also skimmed the list of complaints about this
the message.
Peter
a tribute to the hard work of mail
admins around the world, but it's also raised the expectation of most
email users well beyond what was envisioned when RFC822 was written.
Peter
. It's
always TXHE.
I'm using this for now:
SUBJ_SOMEONE_WROTE Subject =~ /\bwrote:$/i
with a score of 3. Works here.
I don't see many real messages with a subject line ending in wrote:.
The colon on the end gives it away!
Peter
be pretty obvious from looking at the headers of such a message.
Peter
on my SA scanner because
I block a lot of mail at the SMTP level based on a substantial custom
rule list.
Peter
.
If you run a caching server, make sure that /etc/resolv.conf has
127.0.0.1 as its initial nameserver address. Add the ISPs addresses
below this in case your local named falls over.
Peter
at most once a month.
The Obtuse daemon also has a function that can reject mail according to
the domain of the sending server's DNS host. That works well with some
spamming operations that have dozens of bogus domains all pointing at a
common DNS host.
Peter
self would not for the time
being, have that high of a score,
I give these messages a score of 3.3 with an SA criterion of 4.0; I get
very few false positives.
Peter
Marc Perkel wrote:
Sender Verification is an Exim trick. What it does is start a sequence
where my server starts to send an email back to the sender address to
see if it's a real email account. But I do a quit after the rctp to:
command. If the receiving end says the user doesn't exist then I
because this takes a bit of work. I usually
resort to such measures when I get really annoyed by a particular set of
spams. Most of my rules depend on the IP/hostname of the sending server,
not this indirect approach based on DNS servers, but the latter can come
in handy sometimes.
Peter
.__ _
O _' Y O ___ TE_ E
_Lncl nLnn __ mc)R hnrtb
Results at other -i settings are about the same.
System is CentOS 4.3
gocr is at version 0.37 (from rpmforge)
netpbm is version 10.25
Any hints?
Peter
in the two different depots I
don't know because I have not looked specifically. It is probably not
terrible for a heads up administrator though. At a guess I would
say that volatile is more volatile and sarge-backports is more
stable. :-)
Bob
Peter
Hi All,
With the great help of Michel Valliancourt I managed to solve my
bayesian problem. Solution, for the archives, is below
On 26-sep-2006, at 21:13, Peter Teunissen wrote:
After having trained SA with sufficient amounts of ham spam, I
have bayesian testing working. When I test
is
coming from.
Apologies for not setting a subject in my original mail by the way
Peter Smith
/spool/spamassassin ?
TIA
Peter
Output of spamassassin debug =
mrblue:#su filter
[EMAIL PROTECTED]:$spamassassin -D testmsg
snip
debug: using /dev/null/.spamassassin for user state dir
debug: mkdir /dev/null/.spamassassin failed: mkdir /dev/null: File
exists at /usr
blocking IP isn't going to be very
effective.
Many thanks,
Peter Smith
Last few genuine emails from ebay UK have started to trigger this rule. Might
be worth whoever is responsible for this one taking a look, in the meantime
I'll override the score to 0.
Can provide an example message if necessary, let me know (don't want to send
it to everyone as it's 37K)
I used CPAN to install it the first time.
Matt Kettler wrote:
Peter Marshall wrote:
This is probably in a doc .. but since oyu suggesed it .. maybe you
coupld possible point me to the doc :)
How do I upgrade spamassain .. and can I do it on my production
mailserver during the day
|| D || E || F)
equivalent to?:
A (!B !C !D !E !F)
as in:
meta __FORGED_OUTLOOK_DOLLARS (__OUTLOOK_DOLLARS_MUA !
__OUTLOOK_DOLLARS_MSGID !__OUTLOOK_DOLLARS_OTHER !__IMS_MSGID
!__UNUSABLE_MSGID)
Thanks,
Dan
Peter P. Benac, CCNA
Emacolet Networking Services, Inc
Providing
---
I removed my whitelists .. they had user specific info in them. They
were basically for a bunch of hotmail address that were getting marked
as spam.
Thanks for the suggestions.
Peter
Matt Kettler wrote:
Peter Marshall wrote:
Hi,
I have
that great since the start
of the week anyway).
Thanks
peter
Matt Kettler wrote:
Peter Marshall wrote:
I have
SpamAssassin version 3.0.2
Warning: SpamAssassin 3.0.2 is vulnerable to a remotely exploitable DoS
attack. Unless you're using a distro port that has backported fixes,
upgrade soon
Hi,
I have not updated my filters in a bit, and I getting a load of spam
through all of the sudden.
Can someone tell me how I can update my filters ??
Thanks
Peter
Received the message below at the weekend. I could be completely wrong and
this is a genuine misguided attempt at recruiting charity workers, but it
looks to me like a new kind of 419 scam - if you show an interest I suspect
they will want bank account details and/or money up front.
Suspicious
mouss wrote:
Liam-PrintingAutomation wrote:
given what you posted, you sa seems to be ok. you now need to make sure
your sendmail is actually calling procmail. try putting an error in your
You can tell procmail to log its actions by adding the following to the
top of a procmailrc:
Greetings Martin:
May I have the complete (match, describe, score) rules for the following:
HELO_EQ_LT4_SA
MISSING_HB_SEP
FR_BR_AFTER_HTML
FM_NO_STYLE
FM_MULTI_ODD2
Thank you.
At 04:10 AM 3/23/2006, Martin Hepworth wrote:
Peter
Here's the rules
Greetings:
This spam has been getting through our Spam Assassin rules set.
What rule can we use to catch this spam?
Return-Path:
[EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
Received: (qmail 4122 invoked by uid 399); 22 Mar 2006 23:12:50
-
Delivered-To: [EMAIL PROTECTED]
Received:
are making noise.
--Ralph Wiggum
Last Tap Dance in Springfield (Episode BABF15)
Peter M. Abraham
Support and Customer Care Department
Dynamic Net, Inc.
Helping companies do business on the Net
420 Park Road; Suite 201
Wyomissing
hits /etc/shadow.
# strace spamassassin 21 | grep shadow
open(/etc/shadow, O_RDONLY) = 3
Must be something else causing it. Maybe a module that SA requires?
Cya,
D
Peter P. Benac, CCNA
Emacolet Networking Services, Inc
Providing Network and Systems Project Management
the
lists I host have already done that.
In the mean time you could try using AOL's whitelist program, but it
is a joke.
Regards,
Pete
Peter P. Benac, CCNA
Emacolet Networking Services, Inc
Providing Network and Systems Project Management and Installation and
Web Hosting.
Phone: 919-618
. For my own edification, why is the whitelist program a
joke?
Dimitri
Peter P. Benac, CCNA
Emacolet Networking Services, Inc
Providing Network and Systems Project Management and Installation and
Web Hosting.
Phone: 919-618-2557
Web: http://www.emacolet.com
Need quick reliable Systems
the AOL members addresses then I'd like to know what you
did to receive them, because you appear the only one is several list I
belong to that are discussing this very issue that is seeing those
addresses.
Peter P. Benac wrote:
AOl will send you what they refer to as a TOS alert wherever anyone
I tried that Matthew. It too was changed to [EMAIL PROTECTED]
What I haven't tried is removing the @aol.com.
Peter P. Benac wrote:
Very true.. I went around and around with AOL over this every issue
for three days.
After inspecting some TOS reports...
Sometimes (not always
simply put a MD5 hash of the
address in the headers. Then I have something to check against the
subscriber list that AOL would never remove from the headers. Now if only
I
could make Mailman do the same thing...
Peter P. Benac, CCNA
Emacolet Networking Services, Inc
Providing Network
Don't tempt me, though that would pay for the goodmail payments.
Peter P. Benac wrote:
Confirmation elimates bad addresses. The major problem comes
from people too lazy to unsubscribe from a list. They just hit the
spam
button. AOL refuses to acknowledge that is happens. Even when
What do I have to put in the local.cf file to tell spam assasin to mark
a particular email as spam ?
Thanks
peter
I am not sure if there is anything that I can do ...
But our marketing email address is getting spammed to death. We are
getting about 2000 messages an hour. It is getting to be a problem.
Do any of you have a suggestion other than simply turfing the email
address ?
Thanks
Peter
nope .. unfortunitly, that is not the case :(
Kristopher Austin wrote:
Are the messages coming from the same sending server? If so, I'd
blacklist it at your MTA until the storm is over.
Kris
-Original Message-
From: Peter Marshall [mailto:[EMAIL PROTECTED]
Sent: Monday, February 13
000
Performing preliminary lint (sanity check; does the CURRENT config lint?).
I am running OpenBSD 3.8 on this server for a month now with no such
errors. Any ideas? My internet connection is fine. It is something to
do with curl perhaps?
--
Peter
--- Matt Kettler [EMAIL PROTECTED] wrote:
Peter wrote:
False alarm. I wasn't aware I needed outgoing port 80 open for RDJ.
Strange I never got these errors before. Does it only use curl when
it
detects (how?) an update is required?
Nope.. it always needs to go out over port 80
--- Matt Kettler [EMAIL PROTECTED] wrote:
Peter wrote:
False alarm. I wasn't aware I needed outgoing port 80 open for RDJ.
Strange I never got these errors before. Does it only use curl when
it
detects (how?) an update is required?
Nope.. it always needs to go out over port 80
--- Robert Menschel [EMAIL PROTECTED] wrote:
Hello Peter,
Wednesday, January 11, 2006, 7:31:39 PM, you wrote:
P Looks like I had two problems simultaneously. The update issue was
not
P causing the error it seems. The real problem I'm encountering
appears to
P concern a particular
To Better-Scripters-Than-Me: would this work? I know there's probably a
better way, but if it works as written, it would avoid creating
duplicate email addresses.
Much easier to remove the duplicates with a 'sort -u' once you've finished
appending.
Hello everybody
Since I upgraded to spamassassin version 3.1.0 spamassassin dies in
irregular intervalls. I have an mailserver (exim) which calls
spamassassin for checking mail. In the logfiles I have entries like
[494] dbg: prefork: sysread(7) not ready, wait max 300 secs
[20458] dbg:
of
nameservers, and it would probably be pretty close to a 100% hit rate if I
could check that.
--Russell
--
Russell Miller - [EMAIL PROTECTED] - Agoura Hills, CA
Peter P. Benac, CCNA
Emacolet Networking Services, Inc
Providing Network and Systems Project Management and Installation
Hi. Yesterday I installed SA 3.1.0 by Perl module. I am using it with
amavisd-new 2.3.3. I am getting these messages when I start amavisd-new:
[12981] info: config: failed to parse line, skipping: use_auto_whitelist 1
[12981] info: config: failed to parse line, skipping: use_razor2 1
[12981]
--- Michael Monnerie [EMAIL PROTECTED] wrote:
On Sonntag, 4. Dezember 2005 19:05 Peter wrote:
[12981] info: config: failed to parse line, skipping:
use_auto_whitelist 1 [12981] info: config: failed to parse line,
skipping: use_razor2 1 [12981] info: config: failed to parse line
Hello, I am using
MySQL 4.0.24
SA 3.04
amavisd-new 2.3.3
OpenBSD 3.8
I am having difficulty creating a proper SQL schema. I am using the
one in the amavisd-new documenation but it gives me errors
reletating I believe with my older MySQL version. Their schema
contains lines like:
CREATE TABLE
Please remove [EMAIL PROTECTED] from the user list.
Thank you
that an RFC requirement? Or just common email curtesy?
Chris Santerre
SysAdmin and SARE/URIBL ninja
http://www.uribl.com
http://www.rulesemporium.com
Peter P. Benac, CCNA
Emacolet Networking Services, Inc
Providing Network and Systems Project Management and Installation and
Web Hosting.
Phone
.
Peter
---
Peter
McEwen
Web
Developer
Nuclear
Age Peace Foundation
PMB 121
1187
Coast Village Rd., Suite 1
Santa
Barbara, CA
93108-2794
Ph: 805
965-3443
Fax: 805 568-0466
www.wagingpeace.org
messages and put them in the Not Spam folder. I have
a script that runs to learn the messages. I was just wondering, is it
ok, to just drag messages from my Inbox into Not Spam so that I learn
some ham as well ? or do I need to do this.
Thanks.
Peter
On Thu, 2005-06-09 at 11:05 -0400, Steven Dickenson wrote:
Peter Guhl wrote:
Well, still... somehow I don't get why the software is running as spamd
and tries to write into /root. I wouldn't say anything if the sofware
inwvolved wasn't designed to cooperate (spamd, spamass-milter
Cannot write to /root/.spamassassin/user_prefs: Permission denied
/root/.spamassassin/ is world-writable (of course I can't leave it like
this, but apparently this error message points me to the wrong
direction.
FreeBSD 5.4, Spamassassin 3.0.3.
Everybody heard about before?
Regards
Peter
On Thu, 2005-06-09 at 13:03 +0200, Peter Guhl wrote:
Cannot write to /root/.spamassassin/user_prefs: Permission denied
/root/.spamassassin/ is world-writable (of course I can't leave it like
this, but apparently this error message points me to the wrong
direction.
Nope, it was right
file?
Also, does spam assassin ONLY look in the /etc/mail/spamassassin folder
and no deeper or does it recurse into all subdirectories in there as well?
--
Regards,
Peter Kiem
Zordah IT - IT Consultancy and Internet Services
Ph: (0414) 724-766 Fax: (07) 3344-5827
Web: www.zordah.net Email
... how did she know I like that kind of talk ?
Yes, punish me. I was a bad boy for not taking instructions from you all the
time 8-)
C-Store Hard- und Software GmbH
Christoph Peter
Düstere Straße 20
37073 Göttingen
http://www.c-store.de
[EMAIL PROTECTED]
- Original Message -
From
. Is there a problem doing this, and if so, is there a
better solution for learning ham ?
(by the way, I changed one of the moves, to move data from MissedSpam to
Trash instead of the spam box, so that eliminates learning those
messages twice)
Thank you a bundle for looking at my script.
Peter
Bowie Bailey
Hey,
I got this book (slightly outdated) called Spamassassin (by O'Reilly).
Anyway, it says if you are going to sa-learn a bunch of directories in
Maildir format you should do the following:
sa-learn --no-rebuild --spam mail/spam
sa-learn --no-rebuild ...blah.
sa-learn --no-rebuild
the spam as spam ... (I am just asking .. not trying to argue ... just
curious).
Thank you again for your help,
Peter
Robert Menschel wrote:
Hello Peter,
Thursday, April 7, 2005, 5:29:38 AM, you wrote:
PM I have been building a new mailserver to replace my old one.
PM The new one has postfix
,
Peter
that auto_learn is good, but should be
suplimented with sa-learn. Just curious if auto_learn affecs all users
bayes database, or the system one.
Sorry for all the questions this morning ... I am just a little confused ...
Peter
it is being run as a particular user.)
/usr/bin/sa-learn --spam --dir ~/Maildir/.Spam/new
/usr/bin/sa-learn --spam --dir ~/Maildir/.Spam/cur
mv ~/Maildir/.Spam/new/* ~/Maildir/.Trash
mv ~/Maildir/.Spam/cur/* ~/Maildir/.Trash
Thanks for the input,
Peter
--
Peter Marshall, BCS
System Administrator
, is it better to run a cron for each user, or have it does system
wide by root ?
Thank you,
Peter
Gray, Richard wrote:
-Original Message-
From: Peter Marshall [mailto:[EMAIL PROTECTED]
Sent: 07 April 2005 13:30
To: SpamAssassin list
Subject: WHich is better
I am looking for opinions
as root and run it on each of the users spam / ham
directories.
If each user must have their own cron job, Is there a way to have it
auto create the job when I make the user accounts ?
Thanks,
Peter
the backslash as \#. Without escaping
it does, again as I said, nothing because anything starting with # is
considered a comment in local.cf
I did use the + now. No need to escape anything and (hopefully) no
wildcard.
Thanks for your tips anyway.
Regards
Peter
helped was starting spamd in debug mode and realizing that it
got stuck in the DB_File (or was it File_DB?) perl module. I updated the
module from CPAN, and voila, problem gone.
Cheers,
Peter
-Original Message
) or in (using #SPAM#).
Now... how did those people manage to tag spam with #SPAM#? Any idea?
Somebody suggested to use SPAM. Of course, that's easy - but
nobody else does it and I don't want to invent my own tagging-standard
if I can avoid it.
Regards
Peter
Hello @all,
by default, RDJ updates TRIPWIRE, EVILNUMBERS and SARE_RANDOM.
Can anyone give a good advice on which rules should be included in the
update ?
Or is the default setting sufficient ?
Thanks,
C-Store Hard- und Software GmbH
Christoph Peter
Düstere Straße 20
37073 Göttingen
http://www.c
Jason, I accidently deleted your reply before I could read it ... would
you mind re-sending it ... my apologies ...
Peter
Matt Kettler wrote:
At 05:06 PM 2/10/2005, Matias Lopez Bergero wrote:
Just a question,
It is worth to train the bayes filter with messages already detected
and flagged
I am not sure why it is doing this ... but everytime i get a spam, it looks
like it does the smap rateing twice. And it gives different scores each
time. Here is the new header from the last email I got. Notice how it
looks like spamassassin ran twice. Any Idea's ??? (yes, my threshhold is
spamd
RETVAL=$?
echo
[ $RETVAL = 0 ] rm -f /var/lock/subsys/spamassassin
;;
-Original Message-
From: Matt Kettler [mailto:[EMAIL PROTECTED]
Sent: Thursday, February 03, 2005 9:58 AM
To: Peter Marshall; users@spamassassin.apache.org
Subject: Re: spamassassin
found it ... I had another procmailrc file in /etc ... I was trying
something else a little while ago and for got about it.
Thanks for the help.
I have another question, but I will make a new post.
Peter
-Original Message-
From: Peter Marshall [mailto:[EMAIL PROTECTED]
Sent: Thursday
, and these are my points of confusion. Any help would be greatly
appreciated.
Thanks,
Peter
When I am trying to train bayes ... eveyrone says you have to remove the
message header first ??
I assume this means the spam tag that spam assassin adds ? If the spam
is in the mailbox on the server, how do you remove the tag ???
Thanks,
Peter
At 09:56 AM 2/3/2005, Peter Marshall wrote:
OK
/ bayes ) ...
Any help in this area would be greatly appreciated.
Thank you for the info,
Peter
it.
Thanks for the info.
Peter
to turn
forwarded spam (forwarding as attachment in GroupWise sends you the
headers too - so far so good...) into single mails resembling the
original as close as possible...
Regards
Peter
to turn
forwarded spam (forwarding as attachment in GroupWise sends you the
headers too - so far so good...) into single mails resembling the
original as close as possible...
Regards
Peter
! Thanks! ;-)
Sorry for sending the question several times... PEBKAC-Error in my
Mailsoftware ;-)
Regards
Peter
, and thus blocked all email containing the
former employees name.
This has got nothing to do with spam filtering, unless somebody complains
that he/she wants to read all the nonsense 8-)
Cheers,
C-Store Hard- und Software GmbH
Christoph Peter
Düstere Straße 20
37073 Göttingen
http://www.c-store.de
working together ?
Thanks for the help
Peter
And that makes it right because?
Peter P. Benac, CCNA
Celtic Spirit Network Solutions
Providing Network and Systems Project Management and Installation and Web
Hosting.
Phone: 919-618-2557
Web: http://www.emacolet.com
Need quick reliable Systems or Network Management advice visit
http
of spending the money like maybe on Education,
Law Enforcement, EMS Services, or Fire Services... Just a thought!!
Regards,
Pete
Peter P. Benac, CCNA
Celtic Spirit Network Solutions
Providing Network and Systems Project Management and Installation and Web
Hosting.
Phone: 919-618-2557
Web: http
I agree. After some minor issues SA works perfect for us. It runs perfect on
a small PPro 200 machine, and gets almost 100 %. I have one or two spam
mails getting through.
I´m pretty happy with SA.
Cheers,
C-Store Hard- und Software GmbH
Christoph Peter
Düstere Straße 20
37073 Göttingen
http
Hi, I have heard that SPF is controversial among mail administrators. Why is
that? How many
people use it (on this mailing list)?
Peter
__
Post your free ad now! http://personals.yahoo.ca
--- Michele [EMAIL PROTECTED] wrote:
Are you using DCC and Bayes?
I, for one, would like to use Bayes. The docs say it is enabled by default.
How does one
begin testing or using this?
__
Post your free ad now!
How can I verify whether my system is really using DNSBLs? From what I have
read all I need to
do is install Net::DNS. I have read as well that if the filtering gateway is
running a local
nameserver that it should not be pointing to itself otherwise the DNSBLs
mechanism will fail.
And is
suggestions.
Peter
__
Post your free ad now! http://personals.yahoo.ca
How does one begin using the quarantine? I am using SA 3.01 with milter
smtp-vilter.
__
Post your free ad now! http://personals.yahoo.ca
Hello,
can anyone tell a me what this can be used for ? I have SA 3.01 set up and
running fine now - what does this script acutally update ?
Thanks,
Chris
- Original Message -
From: Rob [EMAIL PROTECTED]
To: users@spamassassin.apache.org
Sent: Wednesday, December 01, 2004 9:46 PM
Hi, I am currently on dial-up but I have spamassassin installed and spamd is
running. I would
like to test my setup in the most realistic way possible given my situation. I
have tried
forwarding spam I get on my regular windows machine to my lan mailserver (the
one on which
spamd is running)
Ok, you have SpamAssassin installed and you have spamd running. Where do
you call spamc?
I am not using spamc directly. How is that done? Actually, my system does not
have a man page
on this program. Anyway, I am using a Sendmail milter called smtp-vilter and I
guess that it
internally
I have just installed 3.0.1 on my OpenBSD 3.6 stable (Nov. 16) system using
cpan. I can't seem
to locate the spamd daemon although the spamc client is there. It's curious
because OpenBSD
already has a daemon named spamd. Also, if anyone has any experience running
SA with
smtp-vilter (a
201 - 300 of 308 matches
Mail list logo
