.tar.gz. If there was no download, the
attempt to hash a nonexistent file would fail without generating a hash
and emitting some error.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https
range: SPF is informative but not probative. These rules somehow got set
intentionally to sabotage-level scores somewhere that only the
amavisd-new process is looking.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently
/(?!\A).*\bdocusign\b.*\n/mi
meta DOCUSIGN_BODY (HAS_SUBJECT && __DOCUSIGN_BODY_NOT1ST) ||
(__DOCUSIGN_BODY_1ST || __DOCUSIGN_BODY_NOT1ST)
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://link
On 3 Feb 2018, at 16:37 (-0500), Bill Cole wrote:
On 2 Feb 2018, at 16:59 (-0500), Kevin A. McGrail wrote:
There is no solution at the moment. The subject is appended to the
body of the text for rule parsing.
The 2nd sentence is wrong: the subject is *prepended* to the body.
Also
to do dumb things.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole
no sense at all and require many more SOA
queries than actually happen.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole
On 11 Feb 2018, at 16:20 (-0500), Antony Stone wrote:
Strange that I can't find SMTP under
www.rfc-editor.org/rfc/std/std-index.txt
though, other than STD0060 and STD0071, which are both extensions.
STD10 is SMTP (RFC821), STD11 is message format(RFC822).
--
Bill Cole
b...@scconsult.com
On 13 Feb 2018, at 9:33, Horváth Szabolcs wrote:
This is a production mail gateway serving since 2015. I saw that a few
messages (both hams and spams) automatically learned by
amavisd/spamassassin. Today's statistics:
3616 autolearn=ham
10076 autolearn=no
2817 autolearn=spam
134
nesses that essentially use their connections in the same ways
as home users, but it's lethal for mail systems. My provider (WOW
Business) does it by default.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work:
.@libero.it>) scritto:
Hi Bill,
this is the result of the command you suggested to type:
feb 16 07:21:09.678 [21824] warn: Use of uninitialized value $_[1]
in hash eleme
nt at Mail/SpamAssassin/Conf/Parser.pm line 571, line 717.
--
Bill Cole
b...@scconsult.com or billc...@
waves
of transient spammers. It makes them hard to pigeonhole either way.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole
On 22 Feb 2018, at 4:15, saqariden wrote:
Hello guys,
i'm using mimedefang with spamassasin, when I test an email with the
command "spamassain -t file.eml", I got results like this:
Dails de l'analyse du message: (-5.8 points, 3.0 requis)
-5.0 RCVD_IN_DNSWL_HI RBL: Sender listed at
On 15 Feb 2018, at 15:33, Gianluca Furnarotto wrote:
Hi,
I am trying to use Bayes with spamassassin, now it seems stop to
learn, and
when I use a command as "sa-learn --dump magic", or "sa-learn --sync",
or other sa-learn commands,
it appears this error:
"Use of uninitialized value $_[1] in
st uneconomic choice available to addressing your root problem.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole
wn system to how IADB results are scored, but those
specific adjustments are probably not fit for most other sites.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole
RECOMMENDED
that the right-hand side contain some domain identifier (either of
the host itself or otherwise) such that the generator of the
message
identifier can guarantee the uniqueness of the left-hand side
within
the scope of that domain. >>
Note the use of RFC2119 terms.
make it break hard.
HOWEVER, the idea of enforcing any standard on MIDs beyond gross format
(e.g.: <[[:ascii:]]{3,996}>) on a system where the admin isn't the sole
user is ludicrous.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsu
On 1 Jan 2018, at 10:33 (-0500), David Jones wrote:
On 01/01/2018 09:29 AM, Bill Cole wrote:
On 1 Jan 2018, at 9:59 (-0500), David Jones wrote:
I think some mail systems will keep the same message-ID per email
thread so your system must reject some replies.
I have not seen such behavior
On 1 Jan 2018, at 12:47 (-0500), Matus UHLAR - fantomas wrote:
On 1 Jan 2018, at 11:41 (-0500), Matus UHLAR - fantomas wrote:
the gross format in RFCs 822,2822 and 5322 describes message-id
consisting
of local and domain part, thus is must contain "@".
On 01.01.18 12:17, Bill
On 1 Jan 2018, at 14:30 (-0500), Alan Hodgson wrote:
On Mon, 2018-01-01 at 10:29 -0500, Bill Cole wrote:
[...]
HOWEVER, the idea of enforcing any standard on MIDs beyond gross
format
(e.g.: <[[:ascii:]]{3,996}>) on a system where the admin isn't the
sole
user is ludicrous.
I've ha
pecification of "local" and "domain" parts.
Also note that if you demand that MIDs contain '@' with conforming
strings on both sides, you risk losing mail that users want. This is a
mistake I have made.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpy
IMPOSSIBLE* for a receiving system to reliably
determine whether the right-hand part of a MID is a valid host or domain
identifier for the generator of the MID.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking S
On 2 Jan 2018, at 20:39, Alex wrote:
Is it possible to at least enforce that the message-ID has a valid
domain?
Not reliably.
About 1.5% of my personal non-spam email over the past 20 years has had
"localhost" as the right hand side of the MID. This implies a de facto
RFC violation because
are using a Net::DNS of a similar age to the antique SA.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steadier Work: https://linkedin.com/in/billcole
at
region is linked to a URL (MUNGED: hxxps://ssllink(dot)me/1sta) which at
present redirects to a Brazilian domain which yields a 500 reply with a
"bandwidth exceeded" message. Presumably the payload used to be there...
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA
0]gbp)/is
> header__KAM_LOTTO8From =~
> /Lottery|powerball|western.union/i
If you're using KAM.cf, you should set up a mechanism for keeping that file up
to date. This typo was fixed over 2 months ago (as far back as I have online
backups of it) and the current KAM.cf
FOR_FROM is not hitting enough to have a
meaningful score and a pure numeric TLD in the envelope sender would
always hit NO_DNS_FOR_FROM.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steadier Work: https://linkedin.com/in/billcole
And in addition...
On 17 Jul 2018, at 20:00 (-0400), Chip M. wrote:
> 3. Pure numeric TLDs appear to be non existent (so far!)
I expect that this will hold true for a long time.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.
en...) you might even
get them to use specific keywords and/or archival mailboxes and use
those to feed ham training. In a POP3 environment, this is a much harder
problem to solve.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
On 24 Jul 2018, at 13:39, Nick Bright wrote:
On 7/23/2018 11:49 PM, Bill Cole wrote:
The goal is to get a copy of the message that is identical to what SA
saw when it arrived. For IMAP users, this is easiest to get with a
'missed spam' mailbox into which users can move messages for
learning
On 13 Jul 2018, at 14:49, Rupert Gallagher wrote:
A little survey on your local policies...
What do you do when a subject line is longer than 78 characters?
A. Reject
B. Accept as spam
C. Accept
Accept, absent some actual spam sign.
Note that the 78-character recommendation is not
On 30 Aug 2018, at 12:40, Grant Taylor wrote:
> On 08/30/2018 10:16 AM, Bill Cole wrote:
>> It's hard to understand this circumstance based on the generic description.
>>
>> It appears that you have a configuration where a relay is in
>> trusted_networks (i.e.
On 30 Aug 2018, at 15:56, Grant Taylor wrote:
> On 08/30/2018 01:08 PM, Bill Cole wrote:
>> If that MSA is requiring authentication (as it should) and recording that in
>> the Received header (as it should) then as I understand it, the handoff of
>> the message w
On 30 Aug 2018, at 10:01, Matus UHLAR - fantomas wrote:
On 30.08.18 09:49, Kevin A. McGrail wrote:
I feel that you are fighting a bigger battle than one rule in SA.
two rules actually ;-) (with two more possible).
Without RDNS, you are running afoul of the postmaster rules of
virtually
f
that work is done. On the other hand, it may be a consequence of SA
parsing rules too harshly and mangling that particular odd RE syntax.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
On 31 Aug 2018, at 4:53, Matus UHLAR - fantomas wrote:
Note that I list internal clients as trusted, not as internal.
Maybe this is the problem.
Yes, maybe...
Long time ago I learned to configure dynamic IP addresses (dialups) as
trusted, but not as internal.
They probably should be
On 31 Aug 2018, at 4:05, Matus UHLAR - fantomas wrote:
On 08/30/2018 10:16 AM, Bill Cole wrote:
It's hard to understand this circumstance based on the generic
description.
It appears that you have a configuration where a relay is in
trusted_networks (i.e. you believe what it asserts
On 30 Aug 2018, at 18:02, Grant Taylor wrote:
> On 08/30/2018 03:50 PM, Bill Cole wrote:
>> That will depend on how that particular MTA constructs its Received headers
>> in relation to the parsing in
>> Mail::SpamAssassin::Message::Metadata::Received, which is non-tr
On 19 Jan 2018, at 10:20 (-0500), Rupert Gallagher wrote:
> Empty Message
You're repeating yourself...
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole
when I see a "To: John" or other
name than mine it's automatically spam, especially when it cannot even
get the gender right.
That can be useful even without a nym in the From header, although it is
helpful to have a tricky name. e.g. no one has ever called me "Willy"
except
than VWoA
had a decade ago, but I doubt that.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole
to worry much about FPs.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole
If you want to use grep, you can pipe the files through an awk
one-liner to unfold the headers.
That works, but it is probably more convenient (if one has the procmail
package installed or can install it easily and doesn't have awk syntax
in the wetware) to use formmail -cs
--
Bill Cole
b
to the DEBUG_README file posted.
The example provided was apparently to a directory (URL ending in '/')
but redirected to a .doc.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com
On 6 Apr 2018, at 8:08, Martin Gregorie wrote:
I'm getting a lot of SORBS lookups rejected due to an "unexpected
RCODE". Is anybody else seeing these?
I'm sure someone is...
There are none of those where I see. If the "unexpected RCODE" is
SERVFAIL, it was likely transient on their end. If
ave a valid reason to believe that your mail
flow fits that divergence.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole
On 10 Apr 2018, at 18:28, Motty Cruz wrote:
reject_rbl_client zen.spamhaus.org,
reject_rbl_client cbl.abuseat.org,
That is redundant. The Zen list includes the CBL and Spamhaus has taken
over operation of the CBL so there's no lag time between them any more.
for def_whitelist_auth.
Messages of this sort make an irrefutable argument for removing the
general pass given to Google in the default ruleset, as it is clearly
based on a use model of the domain which no longer is true.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many
ni
Yes, but it is published in 72_scores.cf with a trivial score:
score URI_TRY_3LD 0.001 0.001 0.001 0.001
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://link
with that name (and mot with a 'T_' or
developer's tag prefix) implies that at some point in the past it was
reliable enough as an indicator of spam to be part of the default set.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses
for either perl or SA.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole
that is an entity with whom you have a
direct relationship.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole
On 17 Apr 2018, at 16:54, John Hardin wrote:
On Tue, 17 Apr 2018, David Jones wrote:
On 04/17/2018 03:29 PM, Kevin A. McGrail wrote:
Dave, why would it go into EPEL? SpamAssassin is a core RPM.
I will be updating my main SA platform servers to CentOS 7 this
summer so this should be good
On 17 Apr 2018, at 18:13, David Jones wrote:
Why hasn't the packaging in RHEL/CentOS been updated to 3.4.1?
At my last job where there were supported RHEL machines, I asked a RH
support person a similar question regarding Postfix and got the answer:
"If you want Fedora, you know where to
On 17 Apr 2018, at 16:38, David Jones wrote:
On 04/17/2018 03:29 PM, Kevin A. McGrail wrote:
Dave, why would it go into EPEL? SpamAssassin is a core RPM.
Oh yeh. I guess because it's been so long since we had an update and
my main boxes are running CentOS/SL 6.9 that I forgot it was a
and spamd can't even TRY to use because
it refuses to run as root and drops to 'nobody' if run by root. With a
global bayes_path, the bayes_* files will become owned by root and
everything else trying to use them (i.e. everything) will fail.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA
On 27 Mar 2018, at 10:24, Robert Boyl wrote:
Guys,
Do you usually tune up Lots of money rule? Strange, our
spamassassin/EFA
scores 0 and false negative. Imho it should score at least something,
few
people would write Million dollars in an email, why not add up score?
LOTS_OF_MONEY 0.00
' will give you all the
details. Figuring out what spamd is using is less simple (and
system-specific) but since you've been maintaining a system by hand for
a long time I expect you'll be able to figure out how to do so safely.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA
(\w+) (\w+) (\w+) <\1.\2.\3/
And assuming it can be done, is it *worthwhile* to do it?
Not a clue. Maybe worth a try?
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole
're adventurous, from the SVN
'trunk' that will eventually yield v4.0.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole
Index: lib/Mail/
On 19 Mar 2018, at 11:29, Sebastian Arcus wrote:
I've been seeing a number of false positives recently from
T_DKIM_INVALID with Gmail emails. Are some Gmail servers
misconfigured, or could something be going on at my end? The DKIM
record which is flagged as invalid is below:
DKIM-Signature:
On 5 Mar 2018, at 15:14, David Jones wrote:
FYI This could be something for KAM.cf potentially...
I have seen a few of these this morning that would be scoring just
under the default SA threshold of 5.0 and are just under my
MailScanner 6.0 threshold.
https://pastebin.com/r2eZJaef
I am
use RFC1918 IPs
and a generic name in a non-resolvable domain doesn't matter: SA cannot
trust these because the chain of trust and working DNS is already
broken.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently See
On 27 Jun 2018, at 22:17, J Doe wrote:
I went back to “man Mail::SpamAssassin::Conf” and can see mention
of the shortcircuit plugin . . . is there more documentation (perhaps
in another man or perldoc), where the shortcircuit keyword is
mentioned ?
perldoc
to connect to?
The man pages for spamc and spamd can help you understand how to
determine the answers to these questions.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steadier Work: https://linkedin.com
On 22 Oct 2018, at 11:08, Cecil Westerhof wrote:
"Bill Cole" writes:
On 21 Oct 2018, at 21:14, Cecil Westerhof wrote:
When executing spamc I do not get output and the exit status is 74
(EX_IOERR: IO error).
This would be the result of spamc not being able to communicate
On 19 Oct 2018, at 9:37, Alex wrote:
Hi,
Should we be adding 3 points for just this, or is there never a reason
users should be using /wp-admin in their URLs?
The score is coming out of RuleQA, so the score is derived empirically,
not by a logical process based in arbitrary axioms.
That
On 17 Oct 2018, at 14:27, Markus Kolb wrote:
Hi,
what is the status of ARC Support
(https://tools.ietf.org/html/draft-ietf-dmarc-arc-protocol-16)?
It is not supported in any way in SA as of 3.4.2 and I am unaware of
anyone proposing an operational model for supporting it. There is no
for the fact that people discuss criminality in non-spam.
Personally, I just zeroed the score for that on my personal system.
Thanks for bringing it to light.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Available For Hire
On 29 Oct 2018, at 9:55, Anders Gustafsson wrote:
Is there such a rule already in 3.3.x?
Do not run SpamAssassin 3.3.x. It is not safe. There have been multiple
serious security bugs fixed in the 3.4.x series.
However, the rules for 3.3.x and 3.4.x are identical. And yes, the rule
On 5 Nov 2018, at 9:44, RW wrote:
I created an A-record at Namecheap for a_b.mydomain.tld and
neither firefox nor chromium had a problem with it.
That's interesting and unfortunate because 'a_b' is unequivocally a
violation of the syntax for hostnames. It may be acceptable as a DNS
label,
On 5 Nov 2018, at 20:04, RW wrote:
On Mon, 05 Nov 2018 23:37:59 +0100
Benny Pedersen wrote:
https://en.wikipedia.org/wiki/Private_network
why are this network not default internal_networks trusted_networks
msa_networks
They are if you let SA guess your networks. If you specify the
a message with regular text in an HTML part
encoded as entities and then scanned a message with the same text as
text, and I got a 1.000 Bayes score (BAYES_999) for the second one. YMMV
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com
. But that IS just a guess: I haven't
traced the code.
Empirically, I had SA learn a message with regular text in an HTML part
encoded as entities and then scanned a message with the same text as
text, and I got a 1.000 Bayes score (BAYES_999) for the second one. YMMV
--
Bill Cole
b...@scconsult.com
> on all the GeoIP stuff?
Giovanni mostly.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Available For Hire: https://linkedin.com/in/billcole
the
other 3 places that it needs to match.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Available For Hire: https://linkedin.com/in/billcole
On 15 Nov 2018, at 7:52, RW wrote:
On Thu, 15 Nov 2018 01:22:00 -0500
Bill Cole wrote:
On 14 Nov 2018, at 20:11, Alex wrote:
Where is it getting these long hostname strings from?
There's a bunch of garbage HTML using invisible text (font-size: 0)
between tiny bits of visible text to break
h
intends to generate widespread collateral damage.
Of course, I could be wrong. You could test how wrong I might be with
this:
clear_uridnsbl_skip_domain googleapis.com
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Availabl
d dumb
bounce models were when I talked about the master config file for Postfix on
the Postfix Users list, the same week that someone was spamvertising URLs under
master (dot) cf.
--
Bill Cole
signature.asc
Description: OpenPGP digital signature
domain names that could
have CNAME or DNAME records mapping them to working hostnames.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Available For Hire: https://linkedin.com/in/billcole
On 4 Nov 2018, at 14:48, Matus UHLAR - fantomas wrote:
On 4 Nov 2018, at 11:45, Grant Taylor wrote:
Why does it matter if there's a naming collision between DNS domain
names and file names?
Bill Cole skrev den 2018-11-04 19:25:
Discussion of config files for SpamAssassin and Postfix has
On 2 Oct 2018, at 9:36, Rob McEwen wrote:
SIDE NOTE: I don't think there was any domain my message that was
blacklisted on URIBL - so I can't explain the "URIBL_BLOCKED", but
that only scored 0.001, so that was innocuous. I suspect that that
rule is malfunctioning on their end, and then they
I suspect that that
rule is malfunctioning on their end, and then they changed the score
to .001 - so just please ignore that for the purpose of this
discussion.
On 02.10.18 11:48, Bill Cole wrote:
No, "URIBL_BLOCKED" means that the URIBL DNS returned a value that is
supposed to be a mes
On 23 Sep 2018, at 10:56 (-0400), Jari Fredriksson wrote:
> What is this binary?
It's a core FreeBSD utility used to fetch remote files.
> I could not find any package providing this… I need it for debian (Raspbian)
> and CentOS 7.
As Kevin noted, you do not.
--
Bill Cole
b...@scco
added useful functionality. Substantial
parts of the default ruleset are wrapped in version checks because they
demand 3.4.x features.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Available For Hire: https://linkedin.com
On 15 Jan 2019, at 11:08, Grant Taylor wrote:
Does anybody know off the top of their head—don't dig, I'll do that
later—what might cause SpamAssassin to apply SPF processing to
earlier Received: headers (lower in the message source)?
Check both the contents and documentation of
On 15 Jan 2019, at 12:15, Grant Taylor wrote:
> On 01/15/2019 09:24 AM, Kevin A. McGrail wrote:
>> What is your glue for SA? Is it getting the received header you are
>> expecting in time for the parsing?
>
> Both SA and my spfmilter are are milters on the same inbound Internet edge
> MTA.
>
>
On 15 Jan 2019, at 14:24, Grant Taylor wrote:
> On 01/15/2019 11:39 AM, Bill Cole wrote:
>> This strikes me as a flaw in whatever milter you're using. Some (e.g.
>> MIMEDefang) milters deal with the fact that they don't get a local Received
>> header by constructing on
On 15 Jan 2019, at 15:05, Grant Taylor wrote:
> I will investigate to see if spamass-milter can fabricate a satisfactory
> Received: header.
A quick look at the issue tracker for it implies that it does so. A milter that
actually works with SA really needs to.
Unfortunately, it is a nuisance
that the data file is re-read for each scan, so no
restart is needed. even if I'm mis-reading, it would be re-read for each
new spamd child process (or mimedefang worker) so a restart would not be
*needed* if you can tolerate a delay until children are respawned.
--
Bill Cole
b...@scconsult.com
[Pulling this conversation back on-list where I can misinform everyone
publicly]
On 22 Jan 2019, at 5:04, Ian Evans wrote:
On Tue, Jan 22, 2019 at 2:15 AM Bill Cole <
sausers-20150...@billmail.scconsult.com> wrote:
[snip]
Note that because the plugin is disabled by default, the d
On 9 Dec 2018, at 18:23, Chris Pollock wrote:
> On Sun, 2018-12-09 at 13:06 -0500, Bill Cole wrote:
>> On 9 Dec 2018, at 12:04, Chris Pollock wrote:
>>
>>> This is probably very trivial and doesn't affect anything except
>>> maybe
>>> the size of t
On 10 Dec 2018, at 13:28, ozgurerdogan wrote:
Can you give me some more step by step for :
"set up your own local published ruleset source and configure your
instances to include that in their rule sources for the standard
sa-update
processing (will require managing DNS entries and generating
On 13 Dec 2018, at 16:24, Chris Pollock wrote:
> On Thu, 2018-12-13 at 15:14 -0600, Chris Pollock wrote:
>> On Tue, 2018-12-11 at 19:00 -0500, Bill Cole wrote:
>>> On 11 Dec 2018, at 16:37, Chris Pollock wrote:
>>>
>>>> On Mon, 201
On 20 Dec 2018, at 11:55, Marcus Schopen wrote:
> Am Donnerstag, den 20.12.2018, 12:35 +0100 schrieb Marcus Schopen:
>> Hi,
>>
>> I get a warning, when updating the channel:
>>
>> --
>> config: warning: description exists for non-existent rule EXCUSE_24
>>
>> channel: lint check of update
On 20 Dec 2018, at 13:41, Bill Cole wrote:
This should now be fixed for the next rules update.
And, On 20 Dec 2018, at 17:04, (ignoring an explicit Reply-To header in
a direct message to me!) Frank Giesecke wrote:
How can I force the rules update?
You cannot. The "rules upda
On 20 Dec 2018, at 17:54, Bill Cole wrote:
If you cannot wait 5 more hours and have an updated SVN checkout of
the 'trunk' code, you can run:
make clean ; echo |perl Makefile.PL ; make build_rules
That will leave a proper set of rules files in the rules/ directory.
If you copy rules
On 20 Dec 2018, at 17:56, Kevin A. McGrail wrote:
We've had a few occurrences of essentially the same problem (a bad
rules package due to an ignored lint failure in a nightly update)
over
the past few years. In addition to correcting the problematic rule I
have also fixed the script which
On 21 Dec 2018, at 15:57, Michael Orlitzky wrote:
> On 12/20/18 7:00 PM, Bill Cole wrote:
>>
>> mkdir /tmp/saupdate-1849156
>
> Never use a fixed path under /tmp =)
Fine:
#!/bin/sh
cd `mktemp -d -t HappyMichael???`
curl -O http://sa-update.spamassassin.org/1849156.tar
unreadable to me.
The text/plain part is garbage, but the text/html part renders to a
mostly readable phish.
--
Bill Cole
301 - 400 of 923 matches
Mail list logo