Gary W. Smith wrote:
I’ve seen a sharp increase in our OB Ticker spam’s that consist of an
image and some text. It passed the greylist just fine and was labeled
as bayes_00.
X-Spam-Status: No, score=-7.5 required=5.0 tests=BAYES_00,EXTRA_MPART_TYPE,
On Wed, Oct 25, 2006 at 10:18:44AM -0500, Bill wrote:
Ok, if the image spams all have a different hash wouldn't that make the
Hash function built into Fuzzy OCR useless as well? I'm not sure I buy into
that thinking. The hash option in my Fuzzy OCR setup runs pretty well.
I know nothing
This may not be a new idea but wouldn't a new RBL based on image spam be
worthy? I've been testing FuzzyOCR recently and although it seems to work it
seems sort of brute force. From what I understand it converts the images
to a PPM or PNM format and then runs gocr over those images
On Wed, Oct 25, 2006 at 10:00:10AM -0500, Bill wrote:
Couldn't there be an RBL established ... that
maintained the hash of known spam images and forego the wordlist detection?
most image spam contains small differences (some flipped pixels, etc)
so the hash function will return different
To: Bill ; users@spamassassin.apache.org
Sent: Wednesday, October 25, 2006 10:06 AM
Subject: Re: New RBL idea regarding image spam
On Wed, Oct 25, 2006 at 10:00:10AM -0500, Bill wrote:
Couldn't there be an RBL established ... that
maintained the hash of known spam images and forego
Bill wrote:
Ok, if the image spams all have a different hash wouldn't that make the
Hash function built into Fuzzy OCR useless as well? I'm not sure I buy into
that thinking. The hash option in my Fuzzy OCR setup runs pretty well.
No, the FuzzyOCR plugin's hash system isn't a checksum of
I notice that a lot of images spam has a structure where in the source
the fake text is at the top and the image code is at the bottom but it
is made to appear so that the image is at the top and the text is at the
bottom. Seems to me that this should be something we could test for?
Marc Perkel wrote:
I notice that a lot of images spam has a structure where in the source
the fake text is at the top and the image code is at the bottom but it
is made to appear so that the image is at the top and the text is at
the bottom. Seems to me that this should be something we could
-printable
[HTML Content]
--=_NextPart_001_0006_01C6DC77.1B7CF1F0--
They then revert back to the original mime boundary for the image spam
mime part:
--=_NextPart_000_0005_01C6DC77.1B7CF1F0
Content-Type: image/gif;
name=fighting.gif
Content-Transfer-Encoding: base64
Content-ID
multipart/alternate.
They then revert back to the original mime boundary for the image spam
mime part:
Yep, the image isn't an alternate for the text parts.
Does this happen in legitimate emails as well?
Absolutely.
I have never seen this in a legit email, however i do spend far longer
Ben Wylie wrote:
I have noticed that a lot of spam messages change their mime boundary
during the message.
That's not really what happens. The example you included is of nested MIME
entities: the top MIME entity is a multipart entity containg another multipart
entity.
Does this happen in
jdow writes:
From: Jim Maul [EMAIL PROTECTED]
Bowie Bailey wrote:
It doesn't really matter to me who supports which pieces as long as
they all work.
Someone may be able to fix sa-update so that it can take over from
RDJ, but as of now, that is not possible without configuring
On Fri, 11 Aug 2006, Justin Mason wrote:
jdow writes:
Nor does it make sense to use a tool, even if supplied with SpamAssassin,
that is broken for performing updates.
what's the broken part?
Well, this may not qualify as broken, but I would say it's an
undesirable behavior that, upon
On Fri, 11 Aug 2006, Justin Mason wrote:
jdow writes:
Nor does it make sense to use a tool, even if supplied
with SpamAssassin,
that is broken for performing updates.
what's the broken part?
Well, this may not qualify as broken, but I would say it's an
undesirable behavior that,
Bret Miller writes:
On Fri, 11 Aug 2006, Justin Mason wrote:
jdow writes:
Nor does it make sense to use a tool, even if supplied
with SpamAssassin,
that is broken for performing updates.
what's the broken part?
Well, this may not qualify as broken, but I would say it's an
Bret Miller writes:
On Fri, 11 Aug 2006, Justin Mason wrote:
jdow writes:
Nor does it make sense to use a tool, even if supplied
with SpamAssassin,
that is broken for performing updates.
what's the broken part?
Well, this may not qualify as broken, but I would
On Fri, Aug 11, 2006 at 10:14:46AM -0500, Logan Shaw wrote:
What happens if the new set is broken? There's no easy way
to revert to the last known good state.
sa-update lint checks the new files in a separate temp area before
installing them into the real directory. Only if lint succeeds
On Fri, Aug 11, 2006 at 10:14:46AM -0500, Logan Shaw wrote:
What happens if the new set is broken? There's no easy way
to revert to the last known good state.
sa-update lint checks the new files in a separate temp area before
installing them into the real directory. Only if lint succeeds
I received/responded to this privately before it was also sent to the list, so
paraphrasing below...
On Fri, Aug 11, 2006 at 08:45:43AM -0700, Bret Miller wrote:
But adding the option to archive will make at least some people more
comfortable with running sa-update. So I added the bz ticket.
Bret Miller wrote:
Bret Miller writes:
On Fri, 11 Aug 2006, Justin Mason wrote:
jdow writes:
Nor does it make sense to use a tool, even if supplied
with SpamAssassin,
that is broken for performing updates.
what's the broken part?
Well, this may not qualify as broken, but I would say it's
On Fri, Aug 11, 2006 at 11:56:00AM -0400, DAve wrote:
I think a status report would be a good option as well. SA already asks
you for your admins email address at install time. Sending a report of
what happened during the sa-update process would be very, very valuable.
Hrm. I'd say feel
Theo Van Dinter wrote:
On Fri, Aug 11, 2006 at 11:56:00AM -0400, DAve wrote:
I think a status report would be a good option as well. SA already asks
you for your admins email address at install time. Sending a report of
what happened during the sa-update process would be very, very valuable.
From: Logan Shaw [EMAIL PROTECTED]
On Fri, 11 Aug 2006, Justin Mason wrote:
jdow writes:
Nor does it make sense to use a tool, even if supplied with SpamAssassin,
that is broken for performing updates.
what's the broken part?
Well, this may not qualify as broken, but I would say it's
From: Justin Mason [EMAIL PROTECTED]
jdow writes:
From: Jim Maul [EMAIL PROTECTED]
Bowie Bailey wrote:
It doesn't really matter to me who supports which pieces as long as
they all work.
Someone may be able to fix sa-update so that it can take over from
RDJ, but as of now, that is
--On Wednesday, August 09, 2006 3:54 PM -0500 Logan Shaw
[EMAIL PROTECTED] wrote:
This is purely a philosophical argument, but something seems
wrong about the idea of using a package manager to manage
volatile data files in /var.
The problem is not the use of the package manager but the
--On Wednesday, August 09, 2006 7:33 PM -0700 jdow [EMAIL PROTECTED]
wrote:
For about a femto-second, perhaps. There is too much YMMV
involved with the SARE rule sets to make it practical as
an rpm solution.
True, this is the real problem with packaging SARE: There's no clear
separation of
On Fri, 11 Aug 2006, Kenneth Porter wrote:
--On Wednesday, August 09, 2006 7:33 PM -0700 jdow [EMAIL PROTECTED]
wrote:
For about a femto-second, perhaps. There is too much YMMV
involved with the SARE rule sets to make it practical as
an rpm solution.
True, this is the real problem
Nor does it make sense to use a tool, even if supplied
with SpamAssassin,
that is broken for performing updates.
what's the broken part?
Well, this may not qualify as broken, but I would say it's an
undesirable behavior that, upon successful download of the new
set of rules, it
From: Bret Miller [EMAIL PROTECTED]
Nor does it make sense to use a tool, even if supplied
with SpamAssassin,
that is broken for performing updates.
what's the broken part?
Well, this may not qualify as broken, but I would say it's an
undesirable behavior that, upon successful
-Original Message-
From: jdow [mailto:[EMAIL PROTECTED]
Sent: Wednesday, August 09, 2006 7:33 PM
Gary Funck wrote:
Has anyone considered also supplying new rules in the
form of rpm's available via a yum-compatible repository?
It'd be nice to have the usual versioning and logging
On Wed, August 9, 2006 22:01, Gary Funck wrote:
could be done as a gateway to sa-update, perhaps
providing the updates in other package formats as well.
rpm packages does not install sa-update ?
i know yum, but dont make it the better sa-update :-)
it was worse enogh with rulesdujour
--
On Wed, 9 Aug 2006, Gary Funck wrote:
Has anyone considered also supplying new rules in the
form of rpm's available via a yum-compatible repository?
It'd be nice to have the usual versioning and logging
support as well as a central update facility. This
could be done as a gateway
i am reading the link
http://www.rulesemporium.com/plugins.htm#imageinfo
then the .pm file and do not have a plugins directory. where
does the .pm
file go?
i assume the .cf goes in /etc/mail/spamassassin
and i edit v310.pre then restart spamd
It is probably best to put the plugin in
Bowie Bailey wrote:
Bret Miller wrote:
On Wed, 9 Aug 2006, Gary Funck wrote:
Has anyone considered also supplying new rules in the
form of rpm's available via a yum-compatible repository?
It'd be nice to have the usual versioning and logging
support as well as a central update facility. This
Bowie Bailey wrote:
It doesn't really matter to me who supports which pieces as long as
they all work.
Someone may be able to fix sa-update so that it can take over from
RDJ, but as of now, that is not possible without configuring about 62
sa-update channels (one for each ruleset RDJ manages).
Jim Maul wrote:
Bowie Bailey wrote:
It doesn't really matter to me who supports which pieces as long as
they all work.
Someone may be able to fix sa-update so that it can take over from
RDJ, but as of now, that is not possible without configuring about
62 sa-update channels (one
-Original Message-
From: Bowie Bailey [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 10, 2006 2:45 PM
To: users@spamassassin.apache.org
Subject: RE: Image spam with inline jpeg image
Possibly. It depends on the overhead involved in setting up
the channels.
Plus, not all
Michael Scheidell wrote:
From: Bowie Bailey [mailto:[EMAIL PROTECTED]
Possibly. It depends on the overhead involved in setting up the
channels.
Plus, not all of us want ALL 62 files!
Some of the *[0-3] files say to use 70_abcd0.cf , or _1, or_2, or_3.
Would need tome cf file for
Bowie Bailey wrote:
Michael Scheidell wrote:
From: Bowie Bailey [mailto:[EMAIL PROTECTED]
Possibly. It depends on the overhead involved in setting up the
channels.
Plus, not all of us want ALL 62 files!
Some of the *[0-3] files say to use 70_abcd0.cf , or _1, or_2, or_3.
Would need tome
Perhaps it could be as simple as only updating existing rules for your
installation? In other words, you would have to download the CF file and
install it first (but you would do this anyways to test!!!). Then sa-update
could simply parse your rules directory and update rules found there
From: Jim Maul [EMAIL PROTECTED]
Bowie Bailey wrote:
It doesn't really matter to me who supports which pieces as long as
they all work.
Someone may be able to fix sa-update so that it can take over from
RDJ, but as of now, that is not possible without configuring about 62
sa-update channels
On 8/11/2006 12:02 AM, jdow wrote:
From: Jim Maul [EMAIL PROTECTED]
Bowie Bailey wrote:
It doesn't really matter to me who supports which pieces as long as
they all work.
Someone may be able to fix sa-update so that it can take over from
RDJ, but as of now, that is not possible without
All my rulesets and the LARGO rules are for catching inline png and
inline gif. Now I am getting stock spams with
images like
--=_NextPart_001_000C_01C6BBE8.11C02650--
--=_NextPart_000_000B_01C6BBE8.11BB4450
Content-Type: image/jpeg; name=militarism.jpg
Content-Transfer-Encoding:
Ramprasad wrote:
All my rulesets and the LARGO rules are for catching inline png and
inline gif. Now I am getting stock spams with
images like
--=_NextPart_001_000C_01C6BBE8.11C02650--
--=_NextPart_000_000B_01C6BBE8.11BB4450
Content-Type: image/jpeg; name=militarism.jpg
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Are you using the updated version OR the one originally posted?
http://www.rulesemporium.com/plugins.htm#imageinfo
can the rules_du_jour script be config'd to pickup plugin updates as well?
i'd guess more than just an add to
http://www.rulesemporium.com/plugins.htm#imageinfo
Updates:
- added optimization changes by Theo Van Dinter
- added jpeg support
- added function image_named()
- added function image_size_exact()
- added function image_size_range()
- added function image_to_text_ratio()
- dhawal
image-spam that got a LARGO score
since the install last week, I don't get many of those spams..
Regards
Menno
--
View this message in context:
http://www.nabble.com/Image-spam-with-inline-jpeg-image-tf2079118.html#a5728450
Sent from the SpamAssassin - Users forum at Nabble.com.
I had a similar, less expensive thought; Checking the global color
table in the header of all of the gif images in a particular message. I
tested a couple of spam cases and the GCTs are identical in all of my
limited number of test cases.
Logan Shaw wrote:
Looks like people have started to
first and only image-spam that got a LARGO score
since the install last week, I don't get many of those spams..
The OCR plugin hits on this one:
Content analysis details: (11.5 points, 5.0 required)
pts rule name description
On Wed, August 9, 2006 16:39, Richard wrote:
can the rules_du_jour script be config'd to pickup plugin updates as well?
i'd guess more than just an add to TRUSTED_RULESETS
everyone likes to have sa-update ruledujour now :-)
rules_du_jour was done when sa-update did not exists
--
Benny
Hi
i am reading the link http://www.rulesemporium.com/plugins.htm#imageinfo
then the .pm file and do not have a plugins directory. where does the .pm
file go?
i assume the .cf goes in /etc/mail/spamassassin
and i edit v310.pre then restart spamd
Mark
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
hi,
can the rules_du_jour script be config'd to pickup plugin updates as well?
i'd guess more than just an add to TRUSTED_RULESETS
everyone likes to have sa-update ruledujour now :-)
i'm sorry, i don't understand that sentence.
Richard wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
hi,
can the rules_du_jour script be config'd to pickup plugin updates as well?
i'd guess more than just an add to TRUSTED_RULESETS
everyone likes to have sa-update ruledujour now :-)
i'm sorry, i don't understand that
On Wed, Aug 09, 2006 at 09:58:19AM -0700, Richard wrote:
rules_du_jour was done when sa-update did not exists
are you implying that sa-update replaces rules-du-jour?
That depends on what you mean by replaces.
i though sa-update updates the SA distro's bundled rules, but NOT any
additional
- Original Message -
From: Gary Funck [EMAIL PROTECTED]
To: users@spamassassin.apache.org
Sent: Thursday, August 10, 2006 12:04 AM
Subject: RE: Image spam with inline jpeg image
Menno wrote:
Ramprasad wrote:
But still this mail is getting thru
http://ecm.netcore.co.in/tmp
Theo wrote (in part):
sa-update is a generic tool that lets users download
channels (ie: bundles
of rules/plugins) from anywhere that decides to publish them
(requires a
certain setup, etc.) At the moment, the only published
channel that I know
of is updates.spamassassin.org. (all
On Wed, 9 Aug 2006, Gary Funck wrote:
Has anyone considered also supplying new rules in the
form of rpm's available via a yum-compatible repository?
It'd be nice to have the usual versioning and logging
support as well as a central update facility. This
could be done as a gateway to sa-update,
Logan Shaw wrote:
On Wed, 9 Aug 2006, Gary Funck wrote:
Has anyone considered also supplying new rules in the
form of rpm's available via a yum-compatible repository?
It'd be nice to have the usual versioning and logging
support as well as a central update facility. This
could be done
From: Theo Van Dinter [EMAIL PROTECTED]
There's nothing stoping the SARE folks from publishing a single or a
bunch of channels and getting rid of RDJ in favor of sa-update if they
wanted to... There are some benefits either way I suppose, and I'm biased
towards sa-update of course. :|
Um,
From: Gary Funck [EMAIL PROTECTED]
Theo wrote (in part):
sa-update is a generic tool that lets users download
channels (ie: bundles
of rules/plugins) from anywhere that decides to publish them
(requires a
certain setup, etc.) At the moment, the only published
channel that I know
of is
Looks like people have started to get a grip on the image
spams that are so popular lately, but here's an additional
idea I thought I'd toss out. (I'm not familiar enough with
SA to easily figure out how to make a plugin.)
Basically, these spams all have a bunch of images which are
tiles of a
On Aug 1, 2006, at 10:30 PM, Derek Harding wrote:
John Rudd wrote:
Um, how exactly will they fail?
How about a nice black white speckled image with red text on it?
Explain to me how you think it will fail?
John Rudd wrote:
On Aug 1, 2006, at 10:30 PM, Derek Harding wrote:
John Rudd wrote:
Um, how exactly will they fail?
How about a nice black white speckled image with red text on it?
Explain to me how you think it will fail?
So you're dropping three bits? White is FF, Black 00,
On Wed, August 2, 2006 06:11, John Rudd wrote:
white will produce (assuming 24bit color) f0,f0,f0 and black will
produce 00,00,00. Thus, you get a nice high-contrast image for feeding
just for clearness white is ff, ff, ff
will it not be much faster just to make a md5 sum on the image file
On Aug 1, 2006, at 11:58 PM, Derek Harding wrote:
John Rudd wrote:
On Aug 1, 2006, at 10:30 PM, Derek Harding wrote:
John Rudd wrote:
Um, how exactly will they fail?
How about a nice black white speckled image with red text on it?
Explain to me how you think it will fail?
So you're
On Aug 2, 2006, at 12:12 AM, Benny Pedersen wrote:
On Wed, August 2, 2006 06:11, John Rudd wrote:
white will produce (assuming 24bit color) f0,f0,f0 and black will
produce 00,00,00. Thus, you get a nice high-contrast image for
feeding
just for clearness white is ff, ff, ff
yes, white
will it not be much faster just to make a md5 sum on the image file
without
thinking if it a appel or orange ? :-)
Yes, but just taking a straight sum will be sensitive to all of those
small pixels which are changed by the spammers so that they have
different sums, but the differences
On Aug 2, 2006, at 3:03 AM, Matthias Keller wrote:
will it not be much faster just to make a md5 sum on the image file
without
thinking if it a appel or orange ? :-)
Yes, but just taking a straight sum will be sensitive to all of those
small pixels which are changed by the spammers so that
On Aug 2, 2006, at 3:03 AM, Matthias Keller wrote:
will it not be much faster just to make a md5 sum on the image file
without
thinking if it a appel or orange ? :-)
Yes, but just taking a straight sum will be sensitive to all of those
small pixels which are changed by the spammers so that
On Wed, 2 Aug 2006 [EMAIL PROTECTED] wrote:
Maybe I'm not getting the obvious, but what about using something like
Perl::Magick to convert a given image into B/W? I mean, ImageMagick is
made for things like that...
Shrinking it to, say, a quarter of it's original size would take care of
at
John Rudd wrote:
No, 70 would still be 70. 07 would become 00. And 07 is a pretty
faint red. Looking at it now, I can't distinguish it from black.
(70 is 0111 so the lower 3 or 4 bits are already 0's, whereas 07
is 0111 .. THAT becomes 0 and is indistinguishable from
1) use Martin Blapp's OCR plugin/patch for SA. feed data to bayes.
http://antispam.imp.ch/patches/patch-ocrtext
2) to combat the images with subtle differences, develop a checksum
method that ignores the lower (3 or 4 bits? out of 8 bits) of each
color channel. That way you get what is
2) to combat the images with subtle differences, develop a checksum
method that ignores the lower (3 or 4 bits? out of 8 bits) of each color
channel. That way you get what is essentially a very high
Won't work. White on black and black on white are both quite readable, and
will fail the
On Aug 1, 2006, at 8:55 PM, Loren Wilton wrote:
2) to combat the images with subtle differences, develop a checksum
method that ignores the lower (3 or 4 bits? out of 8 bits) of each
color channel. That way you get what is essentially a very high
Won't work. White on black and black on
John Rudd wrote:
Um, how exactly will they fail?
How about a nice black white speckled image with red text on it?
BTW I think the OCR approach is unlikely to succeed due to processing
constraints.
Derek
majority of mails I receive has a big image on the top, sometimes
combined from multiple image files, containing a lot of text I don't
want to read (stocks info and the like), followed by some lines of
Try the rulesemporium stock rules.
Loren
Hi there,
I'm running SpamAssassin on my mailbox and rejecting anything above a
score of 10. But lately the spam volume increases again. The bug
majority of mails I receive has a big image on the top, sometimes
combined from multiple image files, containing a lot of text I don't
want to read
On Sunday 16 July 2006 06:00, John Andersen wrote:
On Saturday 15 July 2006 08:49 pm, jdow wrote:
Somehow I figure a better than 1200:1 scoring ratio is a pretty lopsided
win for SpamAssassin.
And yet, in spite of your statistics, there is more spam than ever.
Some estimates are that in
Visit http://www.rulesemporium.com/ and read up on the various sets of
rules these fine people maintain. Many of them do very well with image
only spam or image over nonsense text spam as well as stock spam.
For these types of spam it is also imperative that you have the standard
set of block
Title: RE: Why is there so much hype behind Image spam
-Original Message-
From: Bart Schaefer [mailto:[EMAIL PROTECTED]]
Sent: Sunday, July 16, 2006 11:06 PM
To: users@spamassassin.apache.org
Subject: Re: Why is there so much hype behind Image spam
On 7/16/06, John
On Sun, 16 Jul 2006, John Andersen wrote:
On Sunday 16 July 2006 06:35 am, Shane Williams wrote:
I never realized SpamAssassin was started back in 1994. What version
number was that? I'd say it was definitely ahead of its time, since I
almost never got email spam until around 1996-1997
The
Shane Williams wrote:
On Sun, 16 Jul 2006, John Andersen wrote:
On Sunday 16 July 2006 06:35 am, Shane Williams wrote:
I never realized SpamAssassin was started back in 1994. What version
number was that? I'd say it was definitely ahead of its time, since I
almost never got email spam until
been with that ISP since the Pleistocene I just inserted 10 years
as an approximation.
And since you're also confusing SA with SpamBouncer, the reasonable
conclusion here is that you have no idea what you're talking about.
:-D
As for the image spam, like the article says: Spammers
From: John Andersen [EMAIL PROTECTED]
And yet, in spite of your statistics, there is more spam than ever.
Some estimates are that in excess of 95% of all email is spam.
They're trying harder. We ARE keeping it out of user's mailboxes. I
consider that a win. I consider it a real win that they
On Jul 16, 2006, at 1:00 AM, John Andersen wrote:
And yet, in spite of your statistics, there is more spam than ever.
Some estimates are that in excess of 95% of all email is spam.
I'm unconvinced of this -- my spam load has leveled off at 200 per
day. On the order of 1 per week makes it
On Sat, 15 Jul 2006, John Andersen wrote:
On Saturday 15 July 2006 08:49 pm, jdow wrote:
Somehow I figure a better than 1200:1 scoring ratio is a pretty lopsided
win for SpamAssassin.
And yet, in spite of your statistics, there is more spam than ever.
Some estimates are that in excess of
On Sunday 16 July 2006 06:35 am, Shane Williams wrote:
I never realized SpamAssassin was started back in 1994. What version
number was that? I'd say it was definitely ahead of its time, since I
almost never got email spam until around 1996-1997
The comment was off-hand and not researched.
On Sunday 16 July 2006 06:44 am, Faisal N Jawdat wrote:
On Jul 16, 2006, at 1:00 AM, John Andersen wrote:
And yet, in spite of your statistics, there is more spam than ever.
Some estimates are that in excess of 95% of all email is spam.
I'm unconvinced of this -- my spam load has leveled
John Andersen wrote:
The comment was off-hand and not researched. One of my earliest
ISPs recommended Spamassassin when it was just a bunch of scripts
written by some woman who's name escapes me.
That must have been Justine. ;)
On 7/16/06, John Andersen [EMAIL PROTECTED] wrote:
The comment was off-hand and not researched. One of my earliest
ISPs recommended Spamassassin when it was just a bunch of scripts
written by some woman who's name escapes me.
I suspect you're thinking of SpamBouncer. Catherine A. Hampton.
I'd have said the tools were the spammers and the image spams their
implements - but that'd just be semantics :-}
On Sat, 15 Jul 2006 04:08:51 -0700, Loren Wilton
[EMAIL PROTECTED] wrote:
marketing.. or should I expect a huge deluge of Image spam this weekend
Maybe. Who knows.
Image spam has
Subject: Re: Why is there so much hype behind Image spam
Date: Saturday 15 July 2006 08:15 pm
From: John Andersen [EMAIL PROTECTED]
To: spamassassin-users@incubator.apache.org
On Saturday 15 July 2006 03:08 am, Loren Wilton wrote:
and if spammers weren't so
incompetent in general it would
From: John Andersen [EMAIL PROTECTED]
On Saturday 15 July 2006 03:08 am, Loren Wilton wrote:
and if spammers weren't so
incompetent in general it would be even harder than it is.
An odd comment, especially for a project like Spamassassin which
has had to run full out for the last dozen years
On Saturday 15 July 2006 08:49 pm, jdow wrote:
Somehow I figure a better than 1200:1 scoring ratio is a pretty lopsided
win for SpamAssassin.
And yet, in spite of your statistics, there is more spam than ever.
Some estimates are that in excess of 95% of all email is spam.
If it didn't pay, no
[2]: checksumming image spam
And to me that sounds like me running a Small Business Server I
should be alrighht?
Yes, absolutely.
--Sandy
Paul Matthews wrote:
And to me that sounds like me running a Small Business
Server I should be alrighht?
Yes, absolutely.
--Sandy
When I want to test that spam assassin it working it's fairly easy,
look in the header information or user the gtude command
Or do some tcpdumping on ports UDP 6277 (DCC) and TCP 2703 (Razor2)
-Sietse
From: Bowie Bailey [mailto:[EMAIL PROTECTED]
Sent: Wed 24-May-06 15:24
To: users@spamassassin.apache.org
Subject: RE: Re[2]: checksumming image spam
Paul Matthews wrote
Razor is also a good check, but it only free for personal use
(same as dcc): http://razor.sourceforge.net
Razor compile and install is a bit more difficult than dcc or
pyzor, as it might need a whole lot of perl modules
(depending on what is already there), so better get your CPAN
right and
And to me that sounds like me running a Small Business Server I
should be alrighht?
Yes, absolutely.
--Sandy
And to me that sounds like me running a Small Business Server I
should be alrighht?
Yes, absolutely.
--Sandy
When I want to test that spam assassin it working it's fairly easy, look
in the header information or user the gtude command
http://spamassassin.apache.org/gtube/
But what
201 - 300 of 326 matches
Mail list logo
