What are the file names?
CentOS is RHEL-based, right? Likely
/etc/rc.d/init,d/spamassassin
/etc/init.d/spamassassin more propably.
John D. Hardin wrote:
On Tue, 25 Sep 2007, feral wrote:
Where is this configuration file?
Probably under /etc/mail/spamassassin
John Hardin wrote:
Look for the command line that starts SA. If "-L" or "--local"
appears, network tests have
On Wed, 26 Sep 2007, John Calvert wrote:
I see no -L or --local anywhere. See below...
# Source spamd configuration.
if [ -f /etc/sysconfig/spamassassin ] ; then
. /etc/sysconfig/spamassassin
fi
You'll also want to look in /etc/sysconfig/spamassassin
--
John Hardin KA7OHZ
John D. Hardin wrote:
On Wed, 26 Sep 2007, John Calvert wrote:
I see no "-L" or "--local" anywhere. See below...
# Source spamd configuration.
if [ -f /etc/sysconfig/spamassassin ] ; then
. /etc/sysconfig/spamassassin
fi
You'll also want to
On Wed, 26 Sep 2007, John Calvert wrote:
I have decided to restart this whole process... setting the bayes
database back to its initial state deleting auto-whitelist file.
Is it good to use a bayes starter DB ? If so, where can I get a
good one.
It's not generally a good idea to use
RE: training. I don't know. My experience w/ SA is that
it just works and I haven't dealt with it at this level yet.
What is strange is that SA appeared to be working fine
for my client, then all of the sudden this spike in spam
occurred... and as I said, 99% of the spams have the
sender
On Mon, 24 Sep 2007, feral wrote:
RE: training. I don't know. My experience w/ SA is that
it just works and I haven't dealt with it at this level yet.
What is strange is that SA appeared to be working fine
for my client, then all of the sudden this spike in spam
occurred... and as I said,
On Tue, 25 Sep 2007, Leon Kolchinsky wrote:
As Dave said it seems that your problem in whitelist
configuration. Please use whitelist_from_rcvd instead of whatever
you are using.
How so? The samples he posted did not say that whitelist rules were
hitting.
--
John Hardin KA7OHZ
John D. Hardin wrote:
On Mon, 24 Sep 2007, feral wrote:
RE: training. I don't know. My experience w/ SA is that
it just works and I haven't dealt with it at this level yet.
What is strange is that SA appeared to be working fine
for my client, then all of the sudden this spike in spam
On Tue, 25 Sep 2007, feral wrote:
Whatever the case, global bayes or not, or even bayes or not, how
could an email with the obvious porn words in the subject (as in
my examples) NOT get flagged?
If bayes was mistrained to consider such words hammy, then BAYES_00
could drag the score back down
John D. Hardin wrote:
On Tue, 25 Sep 2007, feral wrote:
Whatever the case, global bayes or not, or even bayes or not, how
could an email with the obvious porn words in the subject (as in
my examples) NOT get flagged?
If bayes was mistrained to consider such words hammy, then BAYES_00
John D. Hardin wrote:
On Tue, 25 Sep 2007, feral wrote:
Whatever the case, global bayes or not, or even bayes or not, how
could an email with the obvious porn words in the subject (as in
my examples) NOT get flagged?
If bayes was mistrained to consider such words hammy, then BAYES_00
At 11:45 AM 9/25/2007, feral wrote:
X-Spam-Status: No, score=-0.6 required=4.0 tests=BAYES_00,HOT_NASTY,PORN_16
autolearn=no version=3.1.9
So BAYES_00 brought the score down to negative .6 ? Methinks the BAYES is
not
even functional (database absent).
How do I enable network tests?
On Tue, 2007-09-25 at 11:38 -0700, feral wrote:
John D. Hardin wrote:
On Tue, 25 Sep 2007, feral wrote:
Whatever the case, global bayes or not, or even bayes or not, how
could an email with the obvious porn words in the subject (as in
my examples) NOT get flagged?
If bayes
On Tue, 25 Sep 2007, feral wrote:
X-Spam-Status: No, score=-0.6 required=4.0 tests=BAYES_00,HOT_NASTY,PORN_16
autolearn=no version=3.1.9
So BAYES_00 brought the score down to negative .6 ?
Probably.
Methinks the BAYES is not even functional (database absent).
It wouldn't give you
On Tue, 25 Sep 2007, feral wrote:
How do I enable network tests?
...and make sure your DNS on that box is configured and working, and
you will probably want to install a local caching DNS server as well.
--
John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
[EMAIL
Hmmm... deepest thread here w/ John Hardin somehow got
broken... nabble hiccup?
So I am posting response here:
Daniel McDonald wrote:
basically, ensure it can resolve DNS. You can force it with
dns_available yes
use_bayes_rules
If you want to turn bayes off:
use_bayes 0
or maybe:
On Tue, 2007-09-25 at 12:15 -0700, feral wrote:
Hmmm... deepest thread here w/ John Hardin somehow got
broken... nabble hiccup?
So I am posting response here:
Daniel McDonald wrote:
basically, ensure it can resolve DNS. You can force it with
dns_available yes
[...]
Where is
I'm pretty close to killfiling Nabble posters.
Nabble is to spamassassin as Google Groups is to usenet.
Seriously.
At 12:15 PM 9/25/2007, feral wrote:
Hmmm... deepest thread here w/ John Hardin somehow got
broken... nabble hiccup?
So I am posting response here:
I am stopping using Nabble and just emailing my
posting and responses.
Evan Platt wrote:
I'm pretty close to killfiling Nabble posters.
Nabble is to spamassassin as Google Groups is to usenet.
Seriously.
At 12:15 PM 9/25/2007, feral wrote:
Hmmm... deepest thread here w/ John Hardin
On Tue, 25 Sep 2007, feral wrote:
Hmmm... deepest thread here w/ John Hardin somehow got
broken... nabble hiccup?
My pruning stuff.
Where is this configuration file?
Probably under /etc/mail/spamassassin
John Hardin wrote:
Look for the command line that starts SA. If -L or --local
On Mon, 24 Sep 2007, feral wrote:
Question: is SA not filtering out these obvious spams because the
name mark is the same as the name on my client's account?
That depends on the rules in use. If a rule like From ~= /mark\@/ with
a high negative score was defined, sure!
Would it be possible
Hi, feral
2007/9/24, feral [EMAIL PROTECTED]:
Sorry if this is a well-known issue... first I have encountered it.
I am using SA 3.1.9 installed on a CentOS Linux system.
One of my clients just noticed a huge spike in spam getting
through, even though SA is turned on for his email account
The only whitelist addresses I have defined for him
are my own email addresses, plus any address @blah.com.
Here are the headers bodies of 3 of the spams that got through
(and are continuing to come through at a high rate):
Return-Path: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
plus any address @blah.com
This is an extremely ill-advised practice; spammers have tried using
@example.com addresses to send to example.com users for years. Hopefully
you're using whitelist_from_rcvd or checking authentication or similar
techniques.
Also, are you using network tests? Assuming
Dave Pooser wrote:
plus any address @blah.com
This is an extremely ill-advised practice; spammers have tried using
@example.com addresses to send to example.com users for years. Hopefully
you're using whitelist_from_rcvd or checking authentication or similar
techniques.
Also, are
On Mon, 24 Sep 2007, feral wrote:
Here are the headers bodies of 3 of the spams that got through
(and are continuing to come through at a high rate):
tests=BAYES_00,HELO_DYNAMIC_IPADDR2
autolearn=no version=3.1.9
tests=BAYES_00,HELO_DYNAMIC_IPADDR2,
HELO_DYNAMIC_SPLIT_IP
RE: training. I don't know. My experience w/ SA is that
it just works and I haven't dealt with it at this level yet.
What is strange is that SA appeared to be working fine
for my client, then all of the sudden this spike in spam
occurred... and as I said, 99% of the spams have the
sender name
28 matches
Mail list logo
