On Tors, December 18, 2008 01:48, Nelson Serafica wrote:
> And is it ok to put rules also on local.cf
> located on /etc/mail/spamassassin
spamassassin 2>&1 -D --lint | less
shows more info on what files / dirs are used
--
Benny Pedersen
Need more webspace ? http://www.servage.net/?coupon=cust
THanks for the clarification.
On Thu, Dec 18, 2008 at 9:20 AM, mouss wrote:
>
> that's probably the right place. there should be a local.cf file there.
> you can either add your rules in local.cf or put them in a file which
> names ends in ".cf" (for example: site.cf).
>
>
> you can run spamassa
Nelson Serafica a écrit :
> I just want to verify where is the correct directory to put customized
> .cf files. I have downloaded some .cf files and place it on
> /etc/mail/spamassassin.
that's probably the right place. there should be a local.cf file there.
you can either add your rules in local.
On Fri, 12 Dec 2008, Marcin Krol wrote:
John Hardin wrote:
On Thu, 11 Dec 2008, Karsten Br�ckelmann wrote:
> I still recommend initial training, to give Bayes a good kick-start.
Initial _manual_ training.
Define manual: manual picking out spams is plain too labor-intensive.
Manual trai
Marcin Krol wrote on Fri, 12 Dec 2008 10:37:31 +0100:
> Define manual: manual picking out spams is plain too labor-intensive. If
> we redefine "manual" to mean ham coming from authenticated mail, and
> spam coming from spamtraps, I wholeheartedly agree.
The point is that you need to have a corp
John Hardin wrote:
On Thu, 11 Dec 2008, Karsten Br�ckelmann wrote:
I still recommend initial training, to give Bayes a good kick-start.
Initial _manual_ training.
Define manual: manual picking out spams is plain too labor-intensive. If
we redefine "manual" to mean ham coming from authentic
Karsten Bräckelmann wrote:
Well, isn't it better to use them before SA, provided your MTA does have
this feature (I recommend Exim to everyone)?
No -- unless you ultimately trust the RBL to produce a *negligible*
amount of FPs. Every single RBL does have FPs to a highly variable
degree. Instead
Matthias Leisi wrote on Thu, 11 Dec 2008 22:05:34 +0100:
> (and
> are thus likely to be quoted in reply emails)
correctly working email programs leave the signature out from quoting
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
Mark Martinec schrieb:
> or construct custom rules to whitelist (=add negative score points)
> based on some other specific chraracteristic of mail to be passed.
Your own (your companys) street address, phone number, or some hopefully
unique token which you typically add in footers of outgoing e
On Thu, 2008-12-11 at 18:36 +0100, Matus UHLAR - fantomas wrote:
> > > Ned Slider wrote:
> > > > Yes, additional DNSBLs such as psbl and uceprotect can be integrated
> > > > into SA
>
> > On Thu, 2008-12-11 at 15:19 +0100, Marcin Krol wrote:
> > > Well, isn't it better to use them before SA, prov
On Thu, Dec 11, 2008 at 05:57:10PM +, Ned Slider wrote:
>
> Genuine spam traps are great for bayes training as they should contain a
> representative sample of spam your users will be seeing plus you know
> they only contain spam so you don't need to check the contents before
> feeding th
Ned Slider a écrit :
> Genuine spam traps are great for bayes training as they should contain a
> representative sample of spam your users will be seeing plus you know
> they only contain spam so you don't need to check the contents before
> feeding them to bayes to learn :)
>
you must be careful
Marcin Krol wrote:
Matus UHLAR - fantomas wrote:
- blocking at MTA by RBL or other techniques (such as graylisting)
is efficient and effective, but deprives SpamAssassin of spam samples,
so if your resources permit, it is better to let SpamAssassin deal
with all RBLs.
I don't think so. W
Karsten Bräckelmann wrote:
On Thu, 2008-12-11 at 15:19 +0100, Marcin Krol wrote:
Ned Slider wrote:
Yes, additional DNSBLs such as psbl and uceprotect can be integrated
into SA
Well, isn't it better to use them before SA, provided your MTA does have
this feature (I recommend Exim to everyone)?
> > Ned Slider wrote:
> > > Yes, additional DNSBLs such as psbl and uceprotect can be integrated
> > > into SA
> On Thu, 2008-12-11 at 15:19 +0100, Marcin Krol wrote:
> > Well, isn't it better to use them before SA, provided your MTA does have
> > this feature (I recommend Exim to everyone)?
On
On Thu, 2008-12-11 at 15:19 +0100, Marcin Krol wrote:
> Ned Slider wrote:
>
> > Yes, additional DNSBLs such as psbl and uceprotect can be integrated
> > into SA
>
> Well, isn't it better to use them before SA, provided your MTA does have
> this feature (I recommend Exim to everyone)?
No -- unle
On Thu, 2008-12-11 at 08:28 -0800, John Hardin wrote:
> On Thu, 11 Dec 2008, Karsten Bräckelmann wrote:
> >>> I still recommend initial training, to give Bayes a good kick-start.
> >>
> >> Initial _manual_ training.
> >
> > Err... Yes! :)
>
> The reason I stressed that is it sounds like the OP tu
On Thu, 11 Dec 2008, Karsten Br�ckelmann wrote:
On Thu, 2008-12-11 at 08:18 -0800, John Hardin wrote:
On Thu, 11 Dec 2008, Karsten Bräckelmann wrote:
I still recommend initial training, to give Bayes a good kick-start.
Initial _manual_ training.
Err... Yes! :)
The reason I stressed that
On Thu, 2008-12-11 at 08:18 -0800, John Hardin wrote:
> On Thu, 11 Dec 2008, Karsten Bräckelmann wrote:
>
> > I still recommend initial training, to give Bayes a good kick-start.
>
> Initial _manual_ training.
Err... Yes! :)
--
char *t="[EMAIL PROTECTED]";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,
On Thu, 2008-12-11 at 16:28 +0100, Marcin Krol wrote:
> Karsten Bräckelmann wrote:
> > Do train false negatives. It does help Bayes, if you train "FN according
> > to Bayes", that is spam that has been caught, but got a low, ham-ish
> > Bayes score.
>
> It seems that I need to brush up on specific
On Thu, 11 Dec 2008, Karsten Br�ckelmann wrote:
I still recommend initial training, to give Bayes a good kick-start.
Initial _manual_ training.
--
John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
[EMAIL PROTECTED]FALaholic #11174 pgpk -a [EMAIL PROTECTED]
key:
Karsten Bräckelmann wrote:
Do train false negatives. It does help Bayes, if you train "FN according
to Bayes", that is spam that has been caught, but got a low, ham-ish
Bayes score.
It seems that I need to brush up on specifics of SA Bayes; so far I have
used only DSPAM from among statistical
Matus UHLAR - fantomas wrote:
- blocking at MTA by RBL or other techniques (such as graylisting)
is efficient and effective, but deprives SpamAssassin of spam samples,
so if your resources permit, it is better to let SpamAssassin deal
with all RBLs.
I don't think so. We get "enough" of sp
On 11.12.08 15:47, Mark Martinec wrote:
> Quality of bayes auto-learning improves if you let all your mail
> pass through SpamAssassin:
>
> - outbound mail is often a high-quality source of ham
> for autolearning;
But when one of your users starts spamming (trojan or wtf), you have problem
and
On Thu, 2008-12-11 at 16:01 +0100, Karsten Bräckelmann wrote:
> On Thu, 2008-12-11 at 15:13 +0100, Marcin Krol wrote:
Forgot to add...
> > No, I just waited until default 200 hams and 200 spams kicked it in. As
> > I mentioned elsewhere, I get a weird effect of correct positives, but
> > relati
On Thu, 2008-12-11 at 15:13 +0100, Marcin Krol wrote:
> Karsten Bräckelmann wrote:
> > Razor is quite good, too. Also Pyzor, though it requires much more
> > resources.
>
> See, my friend who works at a hosting company didn't find Razor to be
> much improvement. Perhaps he misconfigured it or s
Marcin Krol wrote:
> Karsten Bräckelmann wrote:
> >
> > Did you manually (initially) train it
> > with your collected ham and recent (not older than 3 months) spam?
>
> No, I just waited until default 200 hams and 200 spams kicked it in.
> As I mentioned elsewhere, I get a weird effect of correct
Marcin,
> >Did you manually (initially) train it
> > with your collected ham and recent (not older than 3 months) spam?
>
> No, I just waited until default 200 hams and 200 spams kicked it in. As
> I mentioned elsewhere, I get a weird effect of correct positives, but
> relatively many false negati
Marcin Krol wrote:
> Matthias Leisi wrote:
>
> > * If circumstances permit, make use of extensive whitelisting, so
> > that you can increase the score of rules (or maybe lower the
> > threshold after which you consider a message to be spam).
>
> With all due respect, that's risky... My users ofte
> Ned Slider wrote:
> >Also look at setting up Bayes and train it well. A well trained Bayes
> >setup can hit 99% plus spam (for me) and can be highly effective.
On 11.12.08 15:19, Marcin Krol wrote:
> Except I found that while it often gets positive identification right,
> it sometimes produces
Ned Slider wrote:
Yes, additional DNSBLs such as psbl and uceprotect can be integrated
into SA
Well, isn't it better to use them before SA, provided your MTA does have
this feature (I recommend Exim to everyone)?
Also look at setting up Bayes and train it well. A well trained Bayes
setup can
Karsten Bräckelmann wrote:
- SURBL and URIBL are extremely effective at identifying spam
They are enabled by default -- unless you are running local tests only.
Did you (or your distro default) disable network tests? If you
specifically had to enable these, you are likely missing more of them.
Matthias Leisi wrote:
* If circumstances permit, make use of extensive whitelisting, so that
you can increase the score of rules (or maybe lower the threshold after
which you consider a message to be spam).
With all due respect, that's risky... My users often get legit mails out
of blue or e
> * If circumstances permit, make use of extensive whitelisting, so that
> you can increase the score of rules (or maybe lower the threshold after
> which you consider a message to be spam).
When whitelisting, never whitelist just based on a plain sender or author
address (such as 'whitelist_from'
On Thu, 2008-12-11 at 12:52 +0100, Marcin Krol wrote:
> Through experimentation I have found that the following techniques are
> highly effective:
> - SURBL and URIBL are extremely effective at identifying spam
They are enabled by default -- unless you are running local tests only.
Did you (or y
Matthias Leisi wrote:
Marcin Krol schrieb:
Is anybody here willing to share other / better techniques and tips?
No silver bullet, only blood, sweat and tears :-)
I agree.
* Create custom rules that to match your uncaught spam (and maybe share
these rules back on this list).
Yes, cust
Marcin Krol schrieb:
Is anybody here willing to share other / better techniques and tips?
No silver bullet, only blood, sweat and tears :-)
* Create custom rules that to match your uncaught spam (and maybe share
these rules back on this list).
* If circumstances permit, make use of extensi
On Fri, Oct 05, 2007 at 11:30:30AM -0700, Tom Bombadil wrote:
> Loren Wilton wrote:
> > I don't know how you would do it in exim (or if you even could) but in
> > theory you could have two SA setups. One would only have the clam
> > plugin enabled and no other rules, and the other would have the f
Jonathan Armitage wrote:
Tom Bombadil wrote:
Thanks for the response Loren, but unfortunately, as far as I know we
can specify the "spamd" directive just once in exim.
I realise we're getting OT here, but there are at least two ways to call
SA from Exim, the built-in hook which you are using
Tom Bombadil wrote:
Thanks for the response Loren, but unfortunately, as far as I know we
can specify the "spamd" directive just once in exim.
I realise we're getting OT here, but there are at least two ways to call
SA from Exim, the built-in hook which you are using, and sa-exim, which
calls
Loren Wilton wrote:
> I don't know how you would do it in exim (or if you even could) but in
> theory you could have two SA setups. One would only have the clam
> plugin enabled and no other rules, and the other would have the full set
> of rules you want. Then you could av scan using the first s
I don't know how you would do it in exim (or if you even could) but in
theory you could have two SA setups. One would only have the clam plugin
enabled and no other rules, and the other would have the full set of rules
you want. Then you could av scan using the first setup, and if that passes,
>
> I don't think you can have SA not spam scan emails over a certain size,
> while still having SA call clamav.
>
Thanks Steven. This is what I wanted to confirm.
Tom Bombadil wrote:
This is not really on-topic for the SA list, but what clamav support are you
missing?
Sorry... I guess I didn't explain myself properly. I don't want to go
off topic talking about exim, but basically clamav failover/load balance
is the problem. We already do what you s
>
> This is not really on-topic for the SA list, but what clamav support are you
> missing?
Sorry... I guess I didn't explain myself properly. I don't want to go
off topic talking about exim, but basically clamav failover/load balance
is the problem. We already do what you suggested, but if cla
> Is there way to do this inside spamassassin, without having the MTA to
> sort it by size? We use exim, and it has a pretty awesome spamassassin
> support, but it has a crappy clamav support.
This is not really on-topic for the SA list, but what clamav support are you
missing? Looks to me like yo
On 10/4/07, Gustavo Baratto <[EMAIL PROTECTED]> wrote:
> Greetings...
>
> I'm coming from a long time using Dspam, so please bear with me if this
> is a stupid question :D
>
> We are planning to use spamassassin with the clamav plugin.
>
> So, basically we need spamd to virus scan all messages, and
Miguel wrote:
Dear All, im using SA in a central system wide dedicated filter, so i
dont have any account in it, the "clean" emails are forwarded to the
final destination servers.
In this scenario, nobody will be training SA, so, does it make sense
to use the bayesian filter at all? ,or SA will
On 4 Apr 2007, at 17:11, Bart Schaefer wrote:
On 4/3/07, JOYDEEP <[EMAIL PROTECTED]> wrote:
how can I configure spamassassin to look after the spam and ham
folder
of all the cyrus mail boxes,
so that all the users has their own spamassasin trainer ? it is
something like white box and black bo
On 4/3/07, JOYDEEP <[EMAIL PROTECTED]> wrote:
how can I configure spamassassin to look after the spam and ham folder
of all the cyrus mail boxes,
so that all the users has their own spamassasin trainer ? it is
something like white box and black box per user
could any one kindly suggest me how to
You cannot configure SA to do that. And if you had read the docs you would have
known that.
The reason you have not gotten an answer to this question twice is that you
just as well could have asked the civil engineers forum how to quickly and
easily build an airplane.
-Sietse
From: JOYDEEP
From: Michael W Cocke [mailto:[EMAIL PROTECTED]
>
> For what it's worth, on the system here I have a special directory on
> the server set up, and when the users get a spam message they do a
> 'save as ascii text file' to that directory. sa-learn runs thru that
> directory every half hour. Just a
For what it's worth, on the system here I have a special directory on
the server set up, and when the users get a spam message they do a
'save as ascii text file' to that directory. sa-learn runs thru that
directory every half hour. Just a thought.
Mike-
On Fri, 24 Nov 2006 15:39:35 +, you
Andrew Sykes wrote:
> Matt,
>
> Thank you, that makes things a lot clearer, is there any way to utilise
> forwarded messages or is it a lost cause?
>
In general, no... In some situations you can make use of how a
particular mail client does its forwarding, but you'd need to really
look at what t
Matt,
Thank you, that makes things a lot clearer, is there any way to utilise
forwarded messages or is it a lost cause?
Thanks
Andrew
On Fri, 2006-11-24 at 10:22 -0500, Matt Kettler wrote:
> Andrew Sykes wrote:
> > Hi,
> >
> > I'm writing some code to integrate SpamAssassin with Apache JAMES.
>
Andrew Sykes wrote:
> Hi,
>
> I'm writing some code to integrate SpamAssassin with Apache JAMES.
>
> I want to setup an address to allow me to pipe spam into sa-learn. I
> have a prototype of this working fine, but would like to allow various
> webmail client users to be able to forward spam messag
Thanks for that! I kinda was heading in that direction. Now at the risk of sounding really stupid. How can I figure that out? I know we are running MailScanner, and spamassassin is setup through MailScanner to scan the mail.
Thanks for the answers. You are great!
On Fri, 2006-07-21 at
"Golden, James" <[EMAIL PROTECTED]>
wrote on 07/21/2006 10:07:33 AM:
> Hi all,
>
> I just took over the administration of spamassassin, since my
> coworker moved on. I'm not really familiar with a lot of this.
The
> problem I am having is this:
>
> A user has a legitimatly high AWL score (be
On Friday 21 July 2006 16:07, Golden, James wrote:
> Hi all,
>
> I just took over the administration of spamassassin, since my coworker
> moved on. I'm not really familiar with a lot of this. The problem I am
> having is this:
>
> A user has a legitimatly high AWL score (because of rules determin
Radoslaw Zielinski writes:
> Gary Forrest - Netnorth <[EMAIL PROTECTED]> [06-06-2006 15:52]:
> [...]
> > This sort of works, in that the email receives a negative score.
> > The problem is SA still spends time checking the email ( taking 3-12 seconds
> > to scan )
>
> Well, there was that short-c
Hi David / Other kind people who replied
Details are our setup
FreeBSD 6.1
Sendmail 8.13.6 - complied from source
Spam Assassin 3.1.1 - installed from FreeBSD ports
spamass-milter-0.3.0_1 - installed from FreeBSD ports
clamav-0.88.2_1 - installed from FreeBSD ports
clamav-milter - installed from
On Tue, 6 Jun 2006, Gary Forrest - Netnorth wrote:
> Hi All
>
> We have been using SA v3.1.1, all seems to work well :)
> ( FreeBSD 6.1, Sendmail 8.13.6 & few milters )
>
> Is it possible to get SA not to scan inbound email addressed to certain
> domain names.
> We have looked at the various white
A handful of our email addresses get excessive amounts of spam, due to a
webmaster who put them on the website for a year or so...
I created a forwarding alias in the postfix virtual file to forward them
to a devnull alias. But SA (amavisd, actually) was still checking each
one. With a hig
Gary Forrest - Netnorth <[EMAIL PROTECTED]> [06-06-2006 15:52]:
[...]
> This sort of works, in that the email receives a negative score.
> The problem is SA still spends time checking the email ( taking 3-12 seconds
> to scan )
Well, there was that short-circuit idea (with implementation), but it
Gary Forrest - Netnorth wrote:
Hi All
We have been using SA v3.1.1, all seems to work well :)
( FreeBSD 6.1, Sendmail 8.13.6 & few milters )
Is it possible to get SA not to scan inbound email addressed to certain
domain names.
Yes, but not with SA itself.
We have looked at the various whit
Matt Kettler wrote:
> Peter Marshall wrote:
>
>> What do I have to put in the local.cf file to tell spam assasin to
>> mark a particular email as spam ?
>>
>
> Depends on what charachteristics of the email you're interested in
> picking up on.
More approaches I forgot to mention..
If you
Peter Marshall wrote:
> What do I have to put in the local.cf file to tell spam assasin to
> mark a particular email as spam ?
Depends on what charachteristics of the email you're interested in
picking up on.
If you merely want to blacklist all mail from the sender, you want to
use a blacklist_fr
-François Conil <[EMAIL PROTECTED]> escribió: ->Para: [EMAIL PROTECTED]>De: François Conil <[EMAIL PROTECTED]>>Fecha: 19/12/2005 17:14>cc: users@spamassassin.apache.org>Asunto: Re: Newbie question>>[EMAIL PROTECTED] wrote:>> I'm using SpamAssa
[EMAIL PROTECTED] wrote:
I'm using SpamAssassin 2.6, Postfix and Amavis
-François Conil <[EMAIL PROTECTED]> escribió: -
>Para: [EMAIL PROTECTED]
>De: François Conil
>Fecha: 19/12/2005 16:27
>Asunto: Re: Newbie question
>
>[EMAIL PROTECTED] wrote:
I'm using SpamAssassin 2.6, Postfix and Amavis-François Conil <[EMAIL PROTECTED]> escribió: ->Para: [EMAIL PROTECTED]>De: François Conil <[EMAIL PROTECTED]>>Fecha: 19/12/2005 16:27>Asunto: Re: Newbie question>>[EMAIL PROTECTED] wrote:>> Sorr
Sorry, what I want is to discard all messages RECEIVED to adresses like TEST_nnn or TESTnnn (where nnn may be any numeric sequence from 000 to 999).[EMAIL PROTECTED] escribió: ->Para: users@spamassassin.apache.org>De: [EMAIL PROTECTED]>Fecha: 19/12/2005 16:13>Asunto: Newbie question>>Hi All,>I'
If you don't plan on using AWL, you shouldn't have any difficulty with the
debian 3.0.2 package.
The only memory problems I experienced with SA, Amavis, and Postfix were
related to large AWL files.
Because I use AWL (or ASS as the case may be), I've updated my servers to
3.0.3.
RO
- Origi
At 02:30 PM 2/22/2005, Jim Willsher wrote:
But SA doesn't seem to be checking the RBLs.
I've looked at the page at
http://wiki.apache.org/spamassassin/UsingNetworkTests
But my /etc/rc.d/init.d/spamassassin file doesn't cntain the -L or --local
entries anywhere
Do you have Net::DNS installed?
try r
At 02:57 PM 1/19/2005, [EMAIL PROTECTED] wrote:
I am looking at adding some rulesets from SARE and we are planning on
putting them in the /usr/share/spamassassin directory (I know they get
overwritten when upgrading...). I don't see anywhere that spamassassin is
calling the sets in that directory,
Put your rules in /etc/mail/spamassassin
they wont get written over
> From: [EMAIL PROTECTED]
> Date: Wed, 19 Jan 2005 13:57:30 -0600
> To: users@spamassassin.apache.org
> Subject: newbie question about adding rules
>
> I am looking at adding some rulesets from SARE and we
On Wed, Sep 22, 2004 at 03:08:23PM +0200, Maurice Lucas wrote:
> debug: bayes: no dbs present, cannot tie DB R/O:
> /tmp/spamd-4331-init/.spamassassin/bayes_toks
> debug: Score set 1 chosen.
>
> With 4331 my current PID of spamassassin.
> Is there a way to force spamassassin to write bayes_toks t
76 matches
Mail list logo