On 21.04.15 18:49, Quanah Gibson-Mount wrote:
I just wanted to give a thank you to everyone who responded to this
thread. I clearly misunderstood what DCC does, and it now has little
value to me as a scoring item.
I recommend you putting mass senders to whitelist. It's perfect scoring item
Am 22.04.2015 um 12:47 schrieb Matus UHLAR - fantomas:
On 21.04.15 18:49, Quanah Gibson-Mount wrote:
I just wanted to give a thank you to everyone who responded to this
thread. I clearly misunderstood what DCC does, and it now has little
value to me as a scoring item.
I recommend you putting
On 21.04.15 18:49, Quanah Gibson-Mount wrote:
I just wanted to give a thank you to everyone who responded to this
thread. I clearly misunderstood what DCC does, and it now has little
value to me as a scoring item.
Am 22.04.2015 um 12:47 schrieb Matus UHLAR - fantomas:
I recommend you putting
Hi Quanah,
On 22/04/15 02:52, [*] Quanah Gibson-Mount wrote:
--On Tuesday, April 14, 2015 11:05 PM +0100 Steve Freegard
s...@fsl.com wrote:
Just because *you* can't find any sense in it; others might be able to.
For example:
meta __FSL_ANY_BULK ((DCC_CHECK || RAZOR2_CHECK ||
I just wanted to give a thank you to everyone who responded to this thread.
I clearly misunderstood what DCC does, and it now has little value to me as
a scoring item.
--Quanah
--
Quanah Gibson-Mount
Platform Architect
Zimbra, Inc.
Zimbra :: the leader in open source
--On Tuesday, April 14, 2015 11:05 PM +0100 Steve Freegard s...@fsl.com
wrote:
On 14/04/15 19:45, Reindl Harald wrote:
Am 14.04.2015 um 20:26 schrieb Kevin A. McGrail:
On 4/14/2015 2:16 PM, Reindl Harald wrote:
DCC isn't designed to tell you if a message is spam/not-spam. It's a
*BULK*
I don't see why it's not auto generated - perhaps with a cap of 1.5.
On 16.04.15 15:06, John Hardin wrote:
How long are signatures kept in the DCC database? Masscheck uses a
corpus that covers a couple of years. If the DCC signatures expire
within a month or two then that would skew the
On 04/17/2015 01:17 PM, RW wrote:
On Thu, 16 Apr 2015 15:06:42 -0700 (PDT)
John Hardin wrote:
On Thu, 16 Apr 2015, RW wrote:
I don't see why it's not auto generated - perhaps with a cap of 1.5.
How long are signatures kept in the DCC database? Masscheck uses a
corpus that covers a couple
On Thu, 16 Apr 2015 15:06:42 -0700 (PDT)
John Hardin wrote:
On Thu, 16 Apr 2015, RW wrote:
I don't see why it's not auto generated - perhaps with a cap of 1.5.
How long are signatures kept in the DCC database? Masscheck uses a
corpus that covers a couple of years. If the DCC signatures
Vernon, do you have a recommended score for the implementation of
DCC with SA? There are concerns that bulk mail from good senders has
been hit by DCC which is completely by design.
Vernon replied off-list so I wanted to bring the relevant portion back
to the list:
My general suggestion is
Kevin A. McGrail wrote:
Vernon, do you have a recommended score for the implementation of
DCC with SA? There are concerns that bulk mail from good senders has
been hit by DCC which is completely by design.
Vernon replied off-list so I wanted to bring the relevant portion back
to the list:
My
On 04/16/2015 02:15 PM, Mark Martinec wrote:
I don't agree with moving a DCC rule into a __* rule or setting
its score to a near zero. I find DCC hits useful as they are now:
contributing to the overall score, bit not so large as to make
a major effect by themselves.
FWIW; I totally agree
Am 16.04.2015 um 14:55 schrieb Axb:
On 04/16/2015 02:15 PM, Mark Martinec wrote:
I don't agree with moving a DCC rule into a __* rule or setting
its score to a near zero. I find DCC hits useful as they are now:
contributing to the overall score, bit not so large as to make
a major effect by
On 04/16/2015 02:15 PM, Mark Martinec wrote:
I don't agree with moving a DCC rule into a __* rule or setting
its score to a near zero. I find DCC hits useful as they are now:
contributing to the overall score, bit not so large as to make
a major effect by themselves.
Am 16.04.2015 um 14:55
Am 16.04.2015 um 17:45 schrieb Matus UHLAR - fantomas:
On 04/16/2015 02:15 PM, Mark Martinec wrote:
I don't agree with moving a DCC rule into a __* rule or setting
its score to a near zero. I find DCC hits useful as they are now:
contributing to the overall score, bit not so large as to make
a
On Thu, 16 Apr 2015 07:14:12 -0400
Kevin A. McGrail wrote:
Vernon, do you have a recommended score for the implementation of
DCC with SA? There are concerns that bulk mail from good senders
has been hit by DCC which is completely by design.
Vernon replied off-list so I wanted to bring
On Thu, 16 Apr 2015, RW wrote:
I don't see why it's not auto generated - perhaps with a cap of 1.5.
How long are signatures kept in the DCC database? Masscheck uses a corpus
that covers a couple of years. If the DCC signatures expire within a month
or two then that would skew the masscheck
On 4/14/2015 5:43 PM, John Hardin wrote:
It's not. The 1.1 points is hardcoded:
50_scores.cf:score DCC_CHECK0 1.1 0 1.1
It's reasonable to argue that this score should be informational only,
and that it should only be scored meaningfully in metas.
It doesn't look like
Am 15.04.2015 um 10:24 schrieb Matus UHLAR - fantomas:
Am 14.04.2015 um 20:44 schrieb Dave Pooser:
Finally I would submit that if the phrase sometimes wrong, but never
uncertain sounds like a description of your mailing list posts, it¹s
worth putting the effort in to change that
On 14.04.15
Am 14.04.2015 um 20:44 schrieb Dave Pooser:
Finally I would submit that if the phrase sometimes wrong, but never
uncertain sounds like a description of your mailing list posts, it¹s
worth putting the effort in to change that
On 14.04.15 20:49, Reindl Harald wrote:
nobody is perfect, but if i
Am 14.04.2015 um 19:59 schrieb Quanah Gibson-Mount:
I've noticed that DCC_CHECK is flagging on tons of items that are
clearly not spam. The most recent hit for me today was a release
announcement from the mariadb folks. Overall, it's a trend I'm
routinely seeing where it is flagging a lot of
On 4/14/2015 2:16 PM, Reindl Harald wrote:
DCC isn't designed to tell you if a message is spam/not-spam. It's a
*BULK* indicator. e.g. have lots of people seen this message?
that is simply not true and defeats the purpose
I disagree. That description of DCC seems very accurate to me. See
From: Quanah Gibson-Mount qua...@zimbra.com
Date: Tue, 14 Apr 2015 10:59:28 -0700
I've noticed that DCC_CHECK is flagging on tons of items that are clearly
not spam. The most recent hit for me today was a release announcement from
the mariadb folks. Overall, it's a trend I'm
Quanah,
On 14/04/15 18:59, Quanah Gibson-Mount wrote:
I've noticed that DCC_CHECK is flagging on tons of items that are
clearly not spam. The most recent hit for me today was a release
announcement from the mariadb folks. Overall, it's a trend I'm
routinely seeing where it is flagging a lot
Am 14.04.2015 um 20:11 schrieb Steve Freegard:
Quanah,
On 14/04/15 18:59, Quanah Gibson-Mount wrote:
I've noticed that DCC_CHECK is flagging on tons of items that are
clearly not spam. The most recent hit for me today was a release
announcement from the mariadb folks. Overall, it's a trend
On Tue, 14 Apr 2015, Kevin A. McGrail wrote:
On 4/14/2015 5:05 PM, Steve Freegard wrote:
However - I'll readily agree with you that DCC_CHECK adding score to all
bulk mail isn't that useful, however that is what the mass-checker has
decided works best with the corpus of mail available.
I
DCC isn't designed to tell you if a message is spam/not-spam. It's a
*BULK* indicator. e.g. have lots of people seen this message?
that is simply not true and defeats the purpose
the problem are idiots reporting legit mail as spam
Well, the folks who *run* the DCC servers seem to disagree
On 14 Apr 2015, at 13:59, Quanah Gibson-Mount wrote:
I've noticed that DCC_CHECK is flagging on tons of items that are
clearly not spam. The most recent hit for me today was a release
announcement from the mariadb folks. Overall, it's a trend I'm
routinely seeing where it is flagging a lot
Am 14.04.2015 um 20:26 schrieb Kevin A. McGrail:
On 4/14/2015 2:16 PM, Reindl Harald wrote:
DCC isn't designed to tell you if a message is spam/not-spam. It's a
*BULK* indicator. e.g. have lots of people seen this message?
that is simply not true and defeats the purpose
I disagree.
Am 14.04.2015 um 20:44 schrieb Dave Pooser:
Finally I would submit that if the phrase sometimes wrong, but never
uncertain sounds like a description of your mailing list posts, it¹s
worth putting the effort in to change that
nobody is perfect, but if i would be uncertain i just won't say
On 4/14/2015 2:45 PM, Reindl Harald wrote:
because i can't find any sense in give bulk mail just because it is
bulk mail - indepdendent of subscribed, double-optin and what not - a
penalty
however, the real problem of all the hashing services is the way how
personalized parts get stripped
John Hardin wrote:
[...] The 1.1 points is hardcoded:
50_scores.cf:score DCC_CHECK0 1.1 0 1.1
It's reasonable to argue that this score should be informational only,
and that it should only be scored meaningfully in metas.
Steve Freegard wrote:
However - I'll readily agree with
On 4/14/2015 5:05 PM, Steve Freegard wrote:
However - I'll readily agree with you that DCC_CHECK adding score to
all bulk mail isn't that useful, however that is what the mass-checker
has decided works best with the corpus of mail available.
I am not sure DCC is masschecked, to be honest...
On 14/04/15 19:45, Reindl Harald wrote:
Am 14.04.2015 um 20:26 schrieb Kevin A. McGrail:
On 4/14/2015 2:16 PM, Reindl Harald wrote:
DCC isn't designed to tell you if a message is spam/not-spam. It's a
*BULK* indicator. e.g. have lots of people seen this message?
that is simply not true
Am 14.04.2015 um 19:59 schrieb Quanah Gibson-Mount:
I've noticed that DCC_CHECK is flagging on tons of items that are
clearly not spam. The most recent hit for me today was a release
announcement from the mariadb folks. Overall, it's a trend I'm
routinely seeing where it is flagging a lot of
That worked but your right it has no effect on the autolearn=spam. Any idea
how I get it to autolearn all email to a given address as spam?
Matt
score USER_IN_BLACKLIST_TO 100.0
or whatever score you want
Dunno if the bayes auto-learner works with blacklist_to rules; it doesn't
work with some
every night around 2:am we pump it through sa-learn and
then : the mbox. Just make sure you use the correct permissions when
doing this.
HTH,
Gary
-Original Message-
From: Matt [mailto:[EMAIL PROTECTED]
Sent: Monday, March 28, 2005 7:31 AM
To: [EMAIL PROTECTED]
Subject: Re: Effectiveness
On 3/28/2005 9:30 AM, Matt wrote:
That worked but your right it has no effect on the autolearn=spam. Any idea
how I get it to autolearn all email to a given address as spam?
can you pipe incoming mail for that account to sa-learn?
--
Eric A. Hall
Eric A. Hall wrote:
On 3/28/2005 9:30 AM, Matt wrote:
That worked but your right it has no effect on the autolearn=spam. Any idea
how I get it to autolearn all email to a given address as spam?
can you pipe incoming mail for that account to sa-learn?
Even if you were to alter the tflags for the
On 3/28/2005 2:07 PM, Daryl C. W. O'Shea wrote:
Better yet, is to not even bother running mail for that account through
SpamAssassin in the first place and instead just pipe it to sa-learn.
No point in filtering mail that you are positive is 100% spam.
except that he wants to blacklist for
Eric A. Hall wrote:
On 3/28/2005 2:07 PM, Daryl C. W. O'Shea wrote:
Better yet, is to not even bother running mail for that account through
SpamAssassin in the first place and instead just pipe it to sa-learn.
No point in filtering mail that you are positive is 100% spam.
except that he wants
On 3/26/2005 4:47 PM, Matt wrote:
blacklist_to appears to add 10 points to spam score. I would like to
change it so it adds 20 points. How would I do that? Reason being
that way blacklist_to messages will always be scored high enough to
trigger them to be bayes auto_learn spam.
Add this
Thanks. That fixed all my troubles!
Matt
I'd just add...
dns_available yes
...to your local.cf file.
This server connects to the Internet through an ATT managed Cisco 3640
so the network should be up instantly. Although it runs as its own DNS
server. Perhaps named is not fully up when SPMAD
blacklist_to appears to add 10 points to spam score. I would like to
change it so it adds 20 points. How would I do that? Reason being that way
blacklist_to messages will always be scored high enough to trigger them to
be bayes auto_learn spam.
Matt
Add them to your cf with a blacklist_to
Matt wrote:
This server connects to the Internet through an ATT managed Cisco
3640 so the network should be up instantly. Although it runs as its
own DNS server. Perhaps named is not fully up when SPMAD starts?
Is there something like cron.fiveminutesafterbootup that I can do a
spamd
Matt wrote:
This server connects to the Internet through an ATT managed Cisco 3640
so the network should be up instantly. Although it runs as its own DNS
server. Perhaps named is not fully up when SPMAD starts?
Is there something like cron.fiveminutesafterbootup that I can do a
spamd restart
From: Daryl C. W. O'Shea [EMAIL PROTECTED]
Matt wrote:
This server connects to the Internet through an ATT managed Cisco 3640
so the network should be up instantly. Although it runs as its own DNS
server. Perhaps named is not fully up when SPMAD starts?
Is there something like
On Wednesday, March 23, 2005, 12:47:12 PM, Matt Matt wrote:
extra rules from www.rulesemporium.com/rules, auto updated with
rules_du_jour.
make sure the surbl URI-RBL's are active.
They are. Which rule sets should I choose from those below? This domain is
for a small ISP so has a
PROTECTED]
Sent: Wednesday, March 23, 2005 10:35 PM
To: [EMAIL PROTECTED]
Subject: Re: Effectiveness
On Wednesday, March 23, 2005, 12:47:12 PM, Matt Matt wrote:
extra rules from www.rulesemporium.com/rules, auto updated with
rules_du_jour.
make sure the surbl URI-RBL's are active
I think your right. SURBL seems to have quit. It was working since I
installed 3.0.2 since it was a real battle getting it to all work. The NET
stuff it required was a real pain getting all installed. Anyway, I can only
guess that sometime between then and now a reboot changed something or
least I see no more URIBL in SPAM headers anymore. Any ideas?
spamassassin -D
See what it is complaining about to not be able to use net tests.
Loren
Ahmmm, when is the network coming up vis a vis the time spamassassin
comes up? This is a problem I have marked for myself when the 3.0.2
machine goes up as the firewall/caching DNS machine as well. I suspect
that spamd coming up before the main network comes up is a problem. And
I discovered that
This server connects to the Internet through an ATT managed Cisco 3640 so
the network should be up instantly. Although it runs as its own DNS server.
Perhaps named is not fully up when SPMAD starts?
Is there something like cron.fiveminutesafterbootup that I can do a spamd
restart in?
Matt
Matt
extra rules from www.rulesemporium.com/rules, auto updated with
rules_du_jour.
make sure the surbl URI-RBL's are active.
--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300
Matt wrote:
When I first updated to Spamassassin 3.0.2 in December it worked great
Matt wrote:
When I first updated to Spamassassin 3.0.2 in December it worked
great and stopped 95% of my junk. Now its down to about 65%
SURBL is very effective for me. Maybe your Bayes is out of whack? Try
deleting the DB and letting it reinitialize.
It sure would be nice if the rules
It was cleared 6 days ago. It has 958 messages in it now. So its about 160
messages a day and not any good ones. Not quite as many as I originally
thought but still a lot. The previous owner had the email account
completely disabled for a couple years due to the spam. I renabled it just
extra rules from www.rulesemporium.com/rules, auto updated with
rules_du_jour.
make sure the surbl URI-RBL's are active.
They are. Which rule sets should I choose from those below? This domain is
for a small ISP so has a diversity of users.
Thanks.
Matt
# Here are some of the rulesets
On 3/23/2005 12:01 PM, Matt wrote:
Another thing is I have several domains. One is from our dialup ISP 10
years old. It has several email addresses that are dead and receive
nothing but junk and lots of it. About 20 pieces or more an hour. Is
there anyway I can use these to improve the
58 matches
Mail list logo
