I there Frederic,
I think a geoip module exists. I saw that somewhere. Just take a look
for it.
But I think this is a bad idea. You are right about the analysis, but
geoip filtring is not efficient and may lead to FPs.
Take extra care to the rules you are going to build about it. You may
also ta
Hello Frederic,
Sunday, December 9, 2012, 10:16:08 AM, you wrote:
FDM> the sender IP (Yahoo) is genuine and has a good reputation
Good reputation! Well as a very common source of spam its reputation
is one of the best.
--
Best regards,
Niamhmailto:ni...@fullbore.c
Dear list,
Here is the context.
The French-speaking countries receive tons of e-mails, mostly fraud
attempts, fake lotteries, originating from West-Africa and sent by Yahoomail
users.
Often those messages contain big attachments. The payload (text of the
message) is embedded in a 1MB jpeg with
On 09/17, Kris Deugau wrote:
> As an ISP mail admin, I **CANNOT** afford to block legitimate mail
> from any source, and if I see a report that a legitimate mail was
> blocked by any local rules or DNSBL data, I change the local rule or
> delete the offending local DNSBL entry ASAP.
Some times I e
> *Απο:* Benny Pedersen
> *Προς:* users@spamassassin.apache.org
> *Στάλθηκε:* 4:34 μ.μ. Παρασκευή, 9 Μαρτίου 2012
> *Θεμα:* Re: Trusted Networks and scoring
>
> Den 2012-03-09 09:11, Jari Fredriksson skrev:
>
>> No, SA will scan
I will check next Monday morning, but my feeling is that the @local_domains_acl
is not set.
But according to what is in the NOTE, it is implied that the headers are added
to incoming emails only.
This it not what I want...
P.
Den 2012-03-09 18:33, Peter Tselios skrev:
What do you mean to check at the local_domain? Should it have a
specific value?
headers would only be added to local_domains
# NOTE:
# For backwards compatibility the variable names @local_domains (old)
and
# @local_domains_acl (new) are synon
> check local_domain in amavisd.conf
What do you mean to check at the local_domain? Should it have a specific value?
Den 2012-03-09 17:59, Peter Tselios skrev:
Any ideas?
check local_domain in amavisd.conf
(PS: Sorry to write on the top, but Yahoo! is not very helpful on
that
road to hell is made with bad excuses
Any ideas?
(PS: Sorry to write on the top, but Yahoo! is not very helpful on that :)
Απο: Benny Pedersen
Προς: users@spamassassin.apache.org
Στάλθηκε: 4:34 μ.μ. Παρασκευή, 9 Μαρτίου 2012
Θεμα: Re: Trusted Networks and scoring
Den 2012-03-09 09:11, Jari Fredr
Den 2012-03-09 09:11, Jari Fredriksson skrev:
No, SA will scan messages even if they originate from
trusted_networks,
and X-Spam headers will be added.
most sites bypass scanning of there own mails since its just ham
(permit_mynetworks) in postfix, my point is why not learn ham in bayes ?
Den 2012-03-09 08:50, Peter Tselios skrev:
I noticed that for users originating from my networks, the X-Spam
headers are not added to the messages.
how do you use spamassassin ?, i still not get that ball to see all
here
9.3.2012 9:50, Peter Tselios kirjoitti:
> Good morning,
> I noticed that for users originating from my networks, the X-Spam
> headers are not added to the messages. Is that due to the
> "trusted_networks" settings? If so, does that mean that spamassassin
> does not check them?
> P.
No, SA will sca
Good morning,
I noticed that for users originating from my networks, the X-Spam headers are
not added to the messages. Is that due to the "trusted_networks" settings? If
so, does that mean that spamassassin does not check them?
P.
Finally fixed the problem,
we are using spamass-milter. The regex might have worked if
we were using procmail or mailscanner or some such to scan the
mail with SA but spamass-milter operates on a synthesized
version of the header that sendmail adds, not the real header.
That is because it's a mi
On 8/11/2011 1:25 PM, dar...@chaosreigns.com wrote:
Well, your example email doesn't match either of your rules.
On 08/11, Ted Mittelstaedt wrote:
header LOCAL_AUTH_RCVD Received =~ /^from [^ ]+
\([^)]*\)\s+\(authenticated bits=\d+\)\s+by mail\.wonkulating\.net/
header AUTHBIT0 From =~ /auth
Well, your example email doesn't match either of your rules.
On 08/11, Ted Mittelstaedt wrote:
> header LOCAL_AUTH_RCVD Received =~ /^from [^ ]+
> \([^)]*\)\s+\(authenticated bits=\d+\)\s+by mail\.wonkulating\.net/
> header AUTHBIT0 From =~ /authenticated bits=0/
> Received: from [192.168.0.4] (
Hi All!
We had a mailserver (mail.wonkulating.net) running Sa 3.2.5 that had
the following constructs in it's config file:
header LOCAL_AUTH_RCVD Received =~ /^from [^ ]+
\([^)]*\)\s+\(authenticated bits=\d+\)\s+by mail\.wonkulating\.net/
describe LOCAL_AUTH_RCVD Message was received loca
In the clamav.cf plugin file the CLAMAV rule is set at default
priority=0, with a score of 0.001
Its other rules are supposed to get really high prioritites,
priority __CLAMAV_PHISH
priority __CLAMAV_PHISH_HEUR
priority __CLAMAV_SANE
priority __CLAMAV_MBL
pri
On Sun, 06 Mar 2011 22:32:02 +0100
Karsten Bräckelmann wrote:
> On Sun, 2011-03-06 at 12:48 -0800, JP Kelly wrote:
> > I'm not familiar enough to tell if an address is forged or not.
> > Here is the scoring from one of the spam messages from
> > autoconf...@amazon.com w
On Sun, 2011-03-06 at 12:48 -0800, JP Kelly wrote:
> I'm not familiar enough to tell if an address is forged or not. Here is
> the scoring from one of the spam messages from autoconf...@amazon.com
> which I suspect tainted AWL:
Nope. The originating IP isn't even close to t
I'm not familiar enough to tell if an address is forged or not.
Here is the scoring from one of the spam messages from autoconf...@amazon.com
which I suspect tainted AWL:
Content analysis details: (29.4 points, 5.0 required)
pts rule name descri
On Sun, 2011-03-06 at 11:39 -0800, JP Kelly wrote:
> Yeah that sender's email address had been forged for a bunch of spam I
> received.
Without reading the following paragraph, I'd immediately suspect a
cracked account, not address forgery. The AWL is limited by address and
originating net-block (
Yeah that sender's email address had been forged for a bunch of spam I received.
I used spamasassin --remove-addr-from-whitelist for that address
Also I did not have internal_networks and trusted_networks lines in my
local.cf, which I added.
Hopefully that will help.
Thanks!
On Mar 6, 2011, at 1
On Sun, 2011-03-06 at 10:51 -0800, JP Kelly wrote:
> I just found an incoming message which is ham but marked as spam.
> It received a score of 14 because it is in the auto white-list.
> Shouldn't it receive a negative score?
http://wiki.apache.org/spamassassin/AwlWrongWay
Despite its name, the A
Not necessarily. AWL both increases and decreases scores, based on
previous emails: http://wiki.apache.org/spamassassin/AutoWhitelist
On 03/06, JP Kelly wrote:
> I just found an incoming message which is ham but marked as spam.
> It received a score of 14 because it is in the auto white-list.
> S
I just found an incoming message which is ham but marked as spam.
It received a score of 14 because it is in the auto white-list.
Shouldn't it receive a negative score?
Content analysis details: (7.1 points, 5.0 required)
pts rule name description
-- --
Am 31.01.2011 14:33, schrieb Giles Coochey:
Makes you wonder how many servers actually accept these messages these
days!!!
all spam traps?
Makes you wonder how many servers actually accept these messages these
days!!!
Jan 31 13:46:56 gate sendmail[28364]: p0VCkkxF028364[1]: Milter add:
header: X-Spam-Status: Yes, score=70.8 required=5.0
tests=ADVANCE_FEE_2_NEW_FORM,\n\tADVANCE_FEE_2_NEW_MONEY,ADVANCE_FEE_3_NEW,ADVANCE_FEE_3_NEW_F
On Mon, 2 Aug 2010 05:51:25 -0700 (PDT)
andrij wrote:
> How many tokens are used by the SA's bayes classifier to
> calculate the probability that the mail is spam/ham?
It varies. It uses all the tokens above a minimum token strength, up to
a maximum of 150.
I cannot, I should ask the owner of the e-mails. I tried with databases of
spam and ham e-mails. What is interesting it happened only to the database
of ham emails.
--
View this message in context:
http://old.nabble.com/Bayes-scoring-tp29324885p29325278.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
raw example of one of those mails, not scored by bayes?
Daniel
--
View this message in context:
http://old.nabble.com/Bayes-scoring-tp29324885p29324968.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
context:
http://old.nabble.com/Bayes-scoring-tp29324885p29324885.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
On 5/31/2010 10:51 AM, Dhaval Soni wrote:
> Dear All,
>
> I have installed MailScanner - 4.79 v with sendmail, spamassassin and
> clamav on CentOS. I have also enabled "Spam List" from
> MailScanner.conf and using spamhaus-ZEN for the same. So is it
> possible to give s
On Mon, 31 May 2010, Dhaval Soni wrote:
I have installed MailScanner - 4.79 v with sendmail, spamassassin and
clamav on CentOS. I have also enabled "Spam List" from MailScanner.conf
and using spamhaus-ZEN for the same. So is it possible to give scoring
of those emails which listed i
Dear All,
I have installed MailScanner - 4.79 v with sendmail, spamassassin and clamav
on CentOS. I have also enabled "Spam List" from MailScanner.conf and using
spamhaus-ZEN for the same. So is it possible to give scoring of those emails
which listed in the same ( spamhaus-ZEN )? If ye
--On Wednesday, May 05, 2010 11:29 AM +0200 Matus UHLAR - fantomas
wrote:
do you wipe bayes database often? If not, it's not needed to retrain on
all messages, since they are not forgotten.
I don't recall ever deleting the DB. It's my understanding that sa-learn
remembers which messages it'
> --On Tuesday, May 04, 2010 4:22 AM +0100 RW
> wrote:
>
>> Are you training BAYES? A lot of these are hitting BAYES_50 or even
>> BAYES_00.
On 03.05.10 20:06, Kenneth Porter wrote:
> I've been copying them into my "Uncaught" folder which is run with
> "sa-learn --spam --mbox" each night.
>
>
--On Tuesday, May 04, 2010 4:22 AM +0100 RW
wrote:
Are you training BAYES? A lot of these are hitting BAYES_50 or even
BAYES_00.
I've been copying them into my "Uncaught" folder which is run with
"sa-learn --spam --mbox" each night.
I just noticed that my Uncaught folder is huge and has l
On Mon, 03 May 2010 18:15:51 -0700
Kenneth Porter wrote:
> I've been getting regular spam that advertises a percentage discount
> for ED in the subject line, and names the ED in the From line. It
> consistently fails to breach the 5.0 score line and keeps showing up
> in my regular Inbox. I thin
I've been getting regular spam that advertises a percentage discount for ED
in the subject line, and names the ED in the From line. It consistently
fails to breach the 5.0 score line and keeps showing up in my regular
Inbox. I think I have the latest code and rules. Am I suffering from the
cur
Do not post it here, put it on pastebin. Thanks.
Kai
--
Get your web at Conactive Internet Services: http://www.conactive.com
Thanks for the advice guys.
I will try to get a good sample, however, I will have to tweak some
rulesets to even get it to stay in citadel long enough to view it.
I haven't been able to play with my spamassassin install very much,
other than automating the updates on rules.
Thanks again, an
On Wed, 13 Jan 2010 00:41:00 +0100
Benny Pedersen wrote:
> On Tue 12 Jan 2010 07:48:23 AM CET, Christian Brel wrote
>
> > http://pastebin.com/m66a5a2ae
>
> X-Virus-Status: Infected (Sanesecurity.Junk.25057.UNOFFICIAL)
>
Err, yes - I had already *highlighted* that, it was posted because the
co
On Tue, 12 Jan 2010, Jason Bertoch wrote:
> > > I'm just interested in the kind of java-script(?) munging that has
> > > gone on there and what it is in 'English' for want of a better
> > > phrase.
> > Nothing was munged, it's just random text.
> If so, what's the point to it?
By no means
Jason Bertoch wrote:
> By no means a JS coder, and haven't dug deeper to find out, but couldn't
> it be pre-compiled JS and not just random text?
>
Doubtful. I don't believe JavaScript has a bytecode or any other (except
in some JavaScript engines internal representation) compiled format.
Franc
On Tue 12 Jan 2010 07:48:23 AM CET, Christian Brel wrote
http://pastebin.com/m66a5a2ae
X-Virus-Status: Infected (Sanesecurity.Junk.25057.UNOFFICIAL)
--
xpoint http://www.unicom.com/pw/reply-to-harmful.html
I'm just interested in the kind of java-script(?) munging that has
gone on there and what it is in 'English' for want of a better
phrase.
Nothing was munged, it's just random text.
If so, what's the point to it?
By no means a JS coder, and haven't dug deeper to find out, but couldn't
it be p
John Hardin wrote:
> On Tue, 12 Jan 2010, Per Jessen wrote:
>
>> Christian Brel wrote:
>>
>>> On Tue, 2010-01-12 at 10:44 +0100, Matus UHLAR - fantomas wrote:
>>> On 12.01.10 06:48, Christian Brel wrote:
> http://pastebin.com/m66a5a2ae
>
> Anyone seen script like that?
>>>
>>> I'm jus
On Tue, 12 Jan 2010 10:56:09 -0800 (PST)
John Hardin wrote:
> On Tue, 12 Jan 2010, Per Jessen wrote:
>
> > Christian Brel wrote:
> >
> >> On Tue, 2010-01-12 at 10:44 +0100, Matus UHLAR - fantomas wrote:
> >> On 12.01.10 06:48, Christian Brel wrote:
> http://pastebin.com/m66a5a2ae
>
> >
On Tue, 12 Jan 2010, Per Jessen wrote:
Christian Brel wrote:
On Tue, 2010-01-12 at 10:44 +0100, Matus UHLAR - fantomas wrote:
On 12.01.10 06:48, Christian Brel wrote:
http://pastebin.com/m66a5a2ae
Anyone seen script like that?
I'm just interested in the kind of java-script(?) munging that
On Tue, 12 Jan 2010 12:15:41 +0100
Per Jessen wrote:
> Christian Brel wrote:
>
> > On Tue, 2010-01-12 at 10:44 +0100, Matus UHLAR - fantomas wrote:
> > On 12.01.10 06:48, Christian Brel wrote:
> >> > http://pastebin.com/m66a5a2ae
> >> >
> >> > Anyone seen script like that?
> >>
> >> IT's the k
Christian Brel wrote:
> On Tue, 2010-01-12 at 10:44 +0100, Matus UHLAR - fantomas wrote:
> On 12.01.10 06:48, Christian Brel wrote:
>> > http://pastebin.com/m66a5a2ae
>> >
>> > Anyone seen script like that?
>>
>> IT's the kind of content that should be captured by clamav imho.
>> clamav does hav
On Tue, 2010-01-12 at 10:44 +0100, Matus UHLAR - fantomas wrote:
On 12.01.10 06:48, Christian Brel wrote:
> > http://pastebin.com/m66a5a2ae
> >
> > Anyone seen script like that?
>
> IT's the kind of content that should be captured by clamav imho.
> clamav does have some kind og javascript decopdi
Matus UHLAR - fantomas wrote:
> On 12.01.10 06:48, Christian Brel wrote:
>> http://pastebin.com/m66a5a2ae
>>
>> Anyone seen script like that?
>
> IT's the kind of content that should be captured by clamav imho.
It's plain spam - personally I don't want clamav to deal with spam.
> clamav does h
On 12.01.10 06:48, Christian Brel wrote:
> http://pastebin.com/m66a5a2ae
>
> Anyone seen script like that?
IT's the kind of content that should be captured by clamav imho.
clamav does have some kind og javascript decopding engine.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantoma
Christian Brel wrote:
> http://pastebin.com/m66a5a2ae
>
> Anyone seen script like that?
Yeah, I saw a couple of those last week.
/Per Jessen, Zürich
On Tue, 15 Dec 2009, Chris Santerre wrote:
A few months back there was a wave of spam coming from abused Polish .pl
TLD.
It seems iContact uses random generated directories in thier tracking URLs
that contain a period. Yup... you guessed it... incontact/a.pl/
means it hits the rule.
The
On Tue, 15 Dec 2009 14:37:15 -0500
Chris Santerre wrote:
> It seems iContact uses random generated directories in thier tracking
> URLs that contain a period. Yup... you guessed it...
> incontact/a.pl/ means it hits the rule. I've contacted them
> about the folly. They seemed receptive.
A few months back there was a wave of spam coming from abused Polish .pl
TLD. I know a few of you who don't do business with that area have written
rules to tag as spam. Many might even use .ru for russian spam if they don't
do business with them. Well today I had an FP.
It seems iContact uses ra
On Mon, 2009-12-07 at 16:00 +0100, Yet Another Ninja wrote:
> On 12/7/2009 3:42 PM, rich...@buzzhost.co.uk wrote:
> > http://pastebin.com/m7c1c17d
> >
> > Interesting insofar as it appears to be whitelisted??? Is this some kind
> > of well known US email or hosting service?
> >
> > Sane missed it
On 12/7/2009 3:42 PM, rich...@buzzhost.co.uk wrote:
http://pastebin.com/m7c1c17d
Interesting insofar as it appears to be whitelisted??? Is this some kind
of well known US email or hosting service?
Sane missed it, the dnsbl's have missed it and the content filtering has
missed it. So it's a tast
http://pastebin.com/m7c1c17d
Interesting insofar as it appears to be whitelisted??? Is this some kind
of well known US email or hosting service?
Sane missed it, the dnsbl's have missed it and the content filtering has
missed it. So it's a tasty morsel of spam :-)
Thomas Harold wrote:
> On 11/30/2009 9:27 PM, Thomas Harold wrote:
>> While looking at the scores in 50_scores.cf, I noticed the following:
>>
>> score DATE_IN_FUTURE_03_06 2.303 0.416 1.461 0.274
>> score DATE_IN_FUTURE_06_12 3.099 3.099 2.136 1.897
>> score DATE_IN_FUTURE_12_24 3.300 3.299 3.000
On 11/30/2009 9:27 PM, Thomas Harold wrote:
While looking at the scores in 50_scores.cf, I noticed the following:
score DATE_IN_FUTURE_03_06 2.303 0.416 1.461 0.274
score DATE_IN_FUTURE_06_12 3.099 3.099 2.136 1.897
score DATE_IN_FUTURE_12_24 3.300 3.299 3.000 2.189
score DATE_IN_FUTURE_24_48 3.
While looking at the scores in 50_scores.cf, I noticed the following:
score DATE_IN_FUTURE_03_06 2.303 0.416 1.461 0.274
score DATE_IN_FUTURE_06_12 3.099 3.099 2.136 1.897
score DATE_IN_FUTURE_12_24 3.300 3.299 3.000 2.189
score DATE_IN_FUTURE_24_48 3.599 2.800 3.599 3.196
score DATE_IN_FUTURE_48
On Sat, 2009-10-31 at 08:05 -0500, Chris wrote:
> On Sat, 2009-10-31 at 12:53 +, rich...@buzzhost.co.uk wrote:
> > On Sat, 2009-10-31 at 07:29 -0500, Chris wrote:
> > > On Sat, 2009-10-31 at 07:46 +, rich...@buzzhost.co.uk wrote:
> > > > http://pastebin.com/m53a550ce
> > > >
> > > > Somewh
On Sat, 2009-10-31 at 12:53 +, rich...@buzzhost.co.uk wrote:
> On Sat, 2009-10-31 at 07:29 -0500, Chris wrote:
> > On Sat, 2009-10-31 at 07:46 +, rich...@buzzhost.co.uk wrote:
> > > http://pastebin.com/m53a550ce
> > >
> > > Somewhat unfortunately seen coming out of The Dana-Farber Cancer
>
On Sat, 2009-10-31 at 07:29 -0500, Chris wrote:
> On Sat, 2009-10-31 at 07:46 +, rich...@buzzhost.co.uk wrote:
> > http://pastebin.com/m53a550ce
> >
> > Somewhat unfortunately seen coming out of The Dana-Farber Cancer
> > Institute.
> >
> > Looking at it objectively there is little for a filt
On Sat, 2009-10-31 at 07:46 +, rich...@buzzhost.co.uk wrote:
> http://pastebin.com/m53a550ce
>
> Somewhat unfortunately seen coming out of The Dana-Farber Cancer
> Institute.
>
> Looking at it objectively there is little for a filter to go on other
> than the words:
>
> username password fol
On Fri, 25 Sep 2009 12:32:35 + (UTC)
ArtemGr wrote:
> Benny Pedersen junc.org> writes:
> > my former own mailhost have changed from spamassassin to dspam, less
> > work for him and his users, and definaly lees work for his low
> > budget quad xeon intel server with 6Gb ram and alot of
> > d
Benny Pedersen junc.org> writes:
> fuzzyocr stop scanning if spam score is over a limit, why scan
> ocr when spamassassin can do it without ocr ?
Good to know.
> it could maybe be a option to make spamassassin stop scanning in
> generic if spam score is high ?
>
> there is alot of plugins tha
On tor 24 sep 2009 10:59:35 CEST, ArtemGr wrote
Do you have measurements, or are you just imagining things?
OCR-ing all the graphic attachments might be much slower
than your usual spamassasin run.
DCC and Pyzor checks might introduce large delays as well.
fuzzyocr stop scanning if spam score i
table.
>>
>
> You haven't read Matt's explanation of why it wasn't a good idea, did you?
>
> There are rules with negative scores, which can puch the score back to the
> ham, e.g. whitelist. Would you like to stop scoring before e.g. whitelist is
> checked?
>
*You* obviously haven't read my message, which explains how this *can*
be done safely.
Matus UHLAR - fantomas fantomas.sk> writes:
> > That rises the question, whether the basic detections can be turned off.
> >
> > I found the following options:
> > skip_rbl_checks 1
> > dns_available no
> > use_bayes 0
> > use_bayes_rules 0
> > bayes_auto_learn 0
> > - but I do not see an option
Matus UHLAR - fantomas fantomas.sk> writes:
> You haven't read Matt's explanation of why it wasn't a good idea, did you?
>
> There are rules with negative scores, which can puch the score back to the
> ham, e.g. whitelist. Would you like to stop scoring before e.g.
> ArtemGr gmail.com> writes:
> > I would like to configure Spamassassin to only do certain tests
> > when the "required_score" is not yet reached.
> > For example, do the usual rule-based and bayesian tests first,
> > and if the score is lower than the "required_score",
> > then do the DCC and RAZ
e are rules with negative scores, which can puch the score back to the
ham, e.g. whitelist. Would you like to stop scoring before e.g. whitelist is
checked?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Var
ArtemGr gmail.com> writes:
> I would like to configure Spamassassin to only do certain tests
> when the "required_score" is not yet reached.
> For example, do the usual rule-based and bayesian tests first,
> and if the score is lower than the "required_score",
> then do the DCC and RAZOR2 tests.
>
Matt Kettler verizon.net> writes:
> In theory, a feature could be added to let you do something like this
> (SA doesn't have this feature, but I'm proposing it could be added):
That would be a nice optimization: most of the spam we receive have a >10 score.
It seems a real waste of resource to pe
, this introduced a problem
where it could cause false positives. A nonspam message might hit
several spam rules early in the processing, and drive the score over the
abort threshold, causing it to be tagged as spam. However, this could
prevent it from matching negative scoring rules that would push
I would like to configure Spamassassin to only do certain tests
when the "required_score" is not yet reached.
For example, do the usual rule-based and bayesian tests first,
and if the score is lower than the "required_score",
then do the DCC and RAZOR2 tests.
Is it possible?
drkwc writes:
> New Spamassassin nb qs:
>
> On the configuration panel, I have SpamAssassin set to mark as spam any
> email scoring 5 or above.
>
> I have a rule set in Outlook Express to route those to a SpamAssassin SPAM
> folder.
>
> Now, I'm wondering, can I A
Thanks, Rob. So it looks like Hostgator has neutered Spamassassin.
--
View this message in context:
http://www.nabble.com/Can-I-auto-delete-emails-scoring-10-and-above%2C-yet-mark-as-spam-those-5-and-above--tp25463989p25479369.html
Sent from the SpamAssassin - Users mailing list archive at
drkwc wrote:
Hostgator told me that with their setup, using their SpamAssassin controls,
I can't set two concurrent rules. i.e. I can't tell SpamAssassin to
autodelete any mail with a score of 10 or higher and also tell it to mark as
[SPAM] and deliver any mail with a score between 5 and 10.
Am Mittwoch, 16. September 2009 02:33:27 schrieb drkwc:
> New Spamassassin nb qs:
>
> On the configuration panel, I have SpamAssassin set to mark as spam any
> email scoring 5 or above.
>
> I have a rule set in Outlook Express to route those to a SpamAssassin SPAM
>
ator's bad. You can
have the spam score markup in the mail several different ways. Once you
know the score and have an adequate tool for the task you could, if you
wanted humor in your life, delete all messages scoring between 10 and
50. (Spams that score that high are often quite funny.) With
drkwc wrote:
> My "Why" is that I get 1,500-plus spams daily on some of my older domains.
One thing you should double check is that you are blocking all
dictionary attack e-mails. What I mean is that a certain percentage of
spams are making wild guesses at the particular recipient's e-mail
address
to
autodelete any mail with a score of 10 or higher and also tell it to mark as
[SPAM] and deliver any mail with a score between 5 and 10.
So, for now, I'm told I can't do what I want it to do.
--
View this message in context:
http://www.nabble.com/Can-I-auto-delete-emails-scor
>> Is it possible to score particular words differently based on
>> recipient address?
>>
>> We have a postfix/maia mailguard/spamassassin setup here hosting
>> numerous domains.One particular domain holder (A school) wishes all
>> emails containing particular keywords to be blocked, however, som
On Wed, 16 Sep 2009, Jeremy Brooking wrote:
> Is it possible to score particular words differently based on
> recipient address?
>
> We have a postfix/maia mailguard/spamassassin setup here hosting
> numerous domains.One particular domain holder (A school) wishes all
> emails containing particula
Hi,
Is it possible to score particular words differently based on recipient address?
We have a postfix/maia mailguard/spamassassin setup here hosting numerous
domains.One particular domain holder (A school) wishes all emails containing
particular keywords to be blocked, however, some of those k
From: "jdow"
Sent: Tuesday, 2009/September/15 20:06
From: "drkwc"
Sent: Tuesday, 2009/September/15 17:33
New Spamassassin nb qs:
On the configuration panel, I have SpamAssassin set to mark as spam any
email scoring 5 or above.
Not within SpamAssassin.
I have a
From: "drkwc"
Sent: Tuesday, 2009/September/15 17:33
New Spamassassin nb qs:
On the configuration panel, I have SpamAssassin set to mark as spam any
email scoring 5 or above.
Not within SpamAssassin.
I have a rule set in Outlook Express to route those to a SpamAssassin SPAM
fold
OK, thanks, John. It is cPanel. I'll contact my host and see if they can
answer.
Best,
kwc
--
View this message in context:
http://www.nabble.com/Can-I-auto-delete-emails-scoring-10-and-above%2C-yet-mark-as-spam-those-5-and-above--tp25463989p25464101.html
Sent from the SpamAssassin -
On Tue, 15 Sep 2009, drkwc wrote:
On the configuration panel,
SpamAssassin _has_ no configuration panel. That is some third-party tool.
You will have to contact the support resource for whatever control panel
tool (possibly cpanel?) that you're using.
Sorry we can't help...
--
John Hardi
New Spamassassin nb qs:
On the configuration panel, I have SpamAssassin set to mark as spam any
email scoring 5 or above.
I have a rule set in Outlook Express to route those to a SpamAssassin SPAM
folder.
Now, I'm wondering, can I ALSO set the auto-delete function to delete -- at
server
I've opened the:
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6203
you can add your e-mail address as a CC if you want.
> is the dkim awl not solveing it in 3.3 ?
Only if a mail has a valid DKIM signature and the feature is enabled
( auto_whitelist_distinguish_signed 1 ) and AWL datab
> -Original Message-
> From: --[ UxBoD ]-- [mailto:ux...@splatnix.net]
> Sent: Monday, 14 September 2009 11:27 p.m.
> To: Matus UHLAR - fantomas
> Cc: users@spamassassin.apache.org
> Subject: Re: Non scoring 'Bank Deposit' spam
>
> - "Matus UHLA
On man 14 sep 2009 15:46:22 CEST, Mark Martinec wrote
Benny, I very much agree with you, the /16 is too wide, and I've
seen cases where good and bad sites share the same /16 address range.
is the dkim awl not solveing it in 3.3 ?
why is spf not added ?
Would you please open a problem report
301 - 400 of 1335 matches
Mail list logo