--On Monday, December 18, 2006 11:20 PM +0100 Yves Goergen
[EMAIL PROTECTED] wrote:
So now my SA setup is supposed to be broken or what? Well, it still
works so I guess when the next SA version comes out, it'll fix this again.
Depends on how you installed it. Or if you have backups. Back up
I just saw that sa-update pulled a new edition of rules. How can I find out
what changed?
--On Saturday, December 23, 2006 12:43 PM +0100 decoder
[EMAIL PROTECTED] wrote:
Which images are you refering to? If you can put up a sample, then I
can tell you which scanner setting will catch it :)
Does the SA wiki support uploading of images? Perhaps we could have a page
of just
Are there any rules in the current release (or in updates) to score a
message that contains no text parts? I just got a message that had
image/jpeg as its top-level MIME component. But it's almost as bad to get a
multipart that contains neither text/plain nor text/html (or any other text
--On Wednesday, January 24, 2007 2:11 PM +0200 Henrik Krohns
[EMAIL PROTECTED] wrote:
I guess this works until spammers just use a remove the space from
domain method, which pretty much defeats the uri handler. :)
Perhaps a simpler test is to see if the domain is resolvable by the
--On Monday, January 29, 2007 9:03 PM +0100 Magnus Holmgren
[EMAIL PROTECTED] wrote:
So, it is well established that mail from a domain doesn't have to be
sent from the MX for the domain. But the converse should be true,
shouldn't it? I.e. an MX for a domain is normally a legitimate
-- End Forwarded Message --
Forwarded Message
Date: Tuesday, January 30, 2007 11:22 AM -0700
From: Esther Schindler [EMAIL PROTECTED]
To: Kenneth Porter [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: [Dovecot] help a journalist: What do you wish the CIO
Note that I'm not the author of the original message. If you're going to
cc, you should cc her.
Here's the current rule:
body TVD_SILLY_URI_OBFU
m!https?://[a-z0-9-]+\.[a-z0-9-]*[^a-z0-9.:/\s'[EMAIL PROTECTED])-]+[a-z0-9.-]*[a-z]{3}(?:\s|$)!i
If I read this right, it looks for an illegal domain character in the
domain component after the first dot. The new pattern puts a % after the
On Monday, February 05, 2007 9:51 PM + Justin Mason [EMAIL PROTECTED]
wrote:
- (a) It provides an easy way for a spammer to tell if a piece of mail
passes through a SpamAssassin filter, by monitoring hits on their NS.
You could give the URIBL rules first shot at the raw name, then
I don't understand why EXTRA_MPART_TYPE is a spam indicator. It seems to be
required by RFC 2387:
http://www.ietf.org/rfc/rfc2387.txt
Here's the rule, from SA 3.1.7:
header EXTRA_MPART_TYPE Content-Type =~ /(?:\s*multipart\/)?.*
type=/i
describe EXTRA_MPART_TYPE Header has
On Monday, February 05, 2007 10:14 PM -0500 Theo Van Dinter
[EMAIL PROTECTED] wrote:
Yes. There's a whole discussion about this in
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5110
FWIW, lots of RFC compliant things are spam indicators.
So does that mean he can't win?
It does
On Monday, February 05, 2007 11:29 PM -0500 Matt Kettler
[EMAIL PROTECTED] wrote:
It scores 1.091 points, just barely 1/5 of what's recommended as a sane
spam-tag threshold.
Clearly, given the relatively low score, this rule isn't a very strong
spam indicator.
What's the problem? Is it also
On Tuesday, February 06, 2007 8:49 PM +1300 Jason Haar
[EMAIL PROTECTED] wrote:
Hmm - I would assume the opposite. Most people would run SA in DMZes
wouldn't they? And most DMZ design philosophies are that DMZ hosts
should attempt to have near-zero access to internal resources. i.e. no
On Thursday, February 08, 2007 2:04 PM + Martin.Hepworth
[EMAIL PROTECTED] wrote:
I found A LOT of spam tries secondary MX first as a way to circumvent
spam filters..
I don't think there's anything that prohibits you from listing a server
multiple times, so you could include your
--On Monday, February 12, 2007 12:50 PM -0800 Kelson [EMAIL PROTECTED]
wrote:
In other words, what can adequately replace text/html in the
non-plaintext multipart/alternative section such that HTML becomes
irrelevant for legitimate uses? Microsoft Word? PDF? RTF? Any of
those would be
--On Tuesday, February 13, 2007 12:28 PM +1300 Philip Seccombe
[EMAIL PROTECTED] wrote:
Whitelisting @mms1.telstra.com would be best wouldn't it?
Rather than change rules and end up letting through spam with numbers in
the email address etc
Big things there seem to be all numbers in email
Forwarded Message
Date: Thursday, February 15, 2007 5:28 PM -0700
From: Esther Schindler [EMAIL PROTECTED]
To: Esther Schindler [EMAIL PROTECTED]
Subject: My fighting spam article is live!
Thanks SO much for your help.
I had a huge number of responses, so not
http://it.slashdot.org/it/07/02/17/1932247.shtml
Here's a mention of Spamassassin:
http://it.slashdot.org/comments.pl?sid=222936cid=18062012
I'm looking for an MTA I can install in an all-Windows SOHO. Open source
and free preferable. Ideally with hooks for SpamAssassin. (At home I have a
Linux box with sendmail, but a friend has no Linux on his LAN.)
One personal flag for me that seems to be a good spam indicator is all-caps
From and Subject header content. For example:
Subject: NOTIFICATION OF BEQUEST
From: BROWN WALTER ASSOCIATES [EMAIL PROTECTED]
This scored on SUBJ_ALL_CAPS but I'm wondering if anyone's gotten good
results from a
On Wednesday, March 14, 2007 11:19 AM + Justin Mason [EMAIL PROTECTED]
wrote:
(found via the fastmail blog. cool!)
Indeed. What other large, popular, headless, and easily-acquired Perl
applications exist? (I'd guess most other large Perl apps are web-based and
hence wouldn't be
--On Friday, March 23, 2007 3:10 PM + Justin Mason [EMAIL PROTECTED]
wrote:
So when are the betas of the (STILL TODO ;)'s coming out? :-)
Doc has promised to do them really soon. ;)
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5382
And according to that bug, it's now in the
--On Sunday, August 26, 2007 11:31 AM +0200 Kai Schaetzl
[EMAIL PROTECTED] wrote:
For instance the two MX
setup where one machine is behind a firewall and a gateway machine is
first MX and forwards to the machine behind the firewall. This is an
accepted setup. Couldn't I achieve the same
--On Sunday, August 26, 2007 5:31 PM -0700 Marc Perkel [EMAIL PROTECTED]
wrote:
If you have one MX and you create a fake low MX and a fake high MX (or
many fake high MX) about 75% to 95% of your spam goes away. It's that
simple.
I can do better. If I unplug my network cable, 100% of my spam
--On Wednesday, August 29, 2007 1:58 AM -0400 Aaron Wolfe
[EMAIL PROTECTED] wrote:
The first 24 hours seemed promising. However today (tues) we have two
false positives, including one of their banks (!) and a small business
that is their long time customer.
It's scary that a bank has such a
--On Thursday, June 09, 2005 11:03 AM -0400 Steven Dickenson
[EMAIL PROTECTED] wrote:
We run bind with no zones on our SA gateway to serve as a DNS cache.
Helps take a load off DNS lookups for common hosts. You can easily do
this with any other DNS daemon as well. Google for caching
--On Thursday, June 09, 2005 10:25 AM -0600 Bob Proulx [EMAIL PROTECTED]
wrote:
Kenneth Porter wrote:
If it's a Red Hat system (including Fedora), just install the
caching-nameserver RPM. It pulls in BIND and installs appropriate config
files. Then edit resolv.conf to point to localhost
--On Saturday, June 11, 2005 7:03 PM +0200 Stefan Ewert [EMAIL PROTECTED]
wrote:
here ist my resolv.conf:
nameserver 127.0.0.1
nameserver 217.237.151.161
nameserver 217.237.151.33
after every reboot, localhost is in first place, so every querie takes
some time before the second nameserver
--On Saturday, June 11, 2005 7:46 PM +0200 Stefan Ewert [EMAIL PROTECTED]
wrote:
this is a single pc, so i think its better to use a nameserver from the
www. i dont have a local nameserver running( i think ;). do i need a
local nameserver?
Hehe, this just came up and a wiki page was
--On Sunday, June 12, 2005 12:49 AM +0100 Michele Neylon:: Blacknight
[EMAIL PROTECTED] wrote:
Kenneth Porter wrote:
Why are you listing anything besides 127.0.0.1? That's only useful if
your local nameserver is down. In that case just make another
resolve.conf to install until you fix your
--On Friday, June 17, 2005 7:56 PM -0700 Justin Mason [EMAIL PROTECTED] wrote:
URL:
http://SpamAssassin.apache.org/devel/
How about including a link on the regular download page to the devel page?
I usually go there first when looking for a new version. It should probably
go near the end,
--On Sunday, June 19, 2005 8:16 PM -0400 Theo Van Dinter
[EMAIL PROTECTED] wrote:
OVERALL% SPAM% HAM% S/ORANK SCORE NAME
How does one read this chart? (Ideally I'm looking for an answer in the
wiki, but I couldn't find one there. I thought it might be in the FAQ or
under
--On Wednesday, June 29, 2005 6:45 PM -0700 Justin Mason [EMAIL PROTECTED]
wrote:
- added PostgreSQL, MySQL 4.1+, and local SDBM file Bayes storage
modules. SQL storage is now recommended for Bayes, instead of DB_File.
NDBM_File support has been dropped due to a major bug in that module.
--On Thursday, June 30, 2005 12:48 AM -0400 Dan Mahoney, System Admin
[EMAIL PROTECTED] wrote:
Personally, in trying to migrate thousands of per-user bayes into SQL, I
found that it a) took forever and b) consumed so much memory that I just
found it an easier approach to say screw it and
--On Thursday, June 30, 2005 12:31 AM -0500 Michael Parker
[EMAIL PROTECTED] wrote:
Sure, here is a basic procedure:
http://wiki.apache.org/spamassassin/BayesMigration
Great, that looks very helpful.
The page starts with There are now multiple backend storage modules
What is now? With
(Quoted in full for Warren, the Fedora contact.)
--On Tuesday, July 12, 2005 12:06 AM -0700 jdow [EMAIL PROTECTED] wrote:
Justin Mason wrote:
fyi, if you're using Fedora Core --
http://blog.dave.org.uk/archives/000715.html
totally unconfirmed, but worth noting in case that really is the
Reply from Warren:
Kenneth,
Thanks for alerting to me to this. I tried to post to the list, but it
appears to be extremely slow or down at the moment or something.
jdow wrote:
Justin Mason wrote:
fyi, if you're using Fedora Core --
http://blog.dave.org.uk/archives/000715.html
totally
We sometimes joke about the grisly nature of our favorite software's name,
but apparently someone's finally made it real:
http://mosnews.com/commentary/2005/07/26/spamassassin.shtml
Russian Media Hails Spammer’s Murder
Anton Nossik
MosNews.Com
Russia’s most (in)famous spammer, Vardan
--On Friday, August 05, 2005 6:03 PM -0700 Loren Wilton
[EMAIL PROTECTED] wrote:
I think a lot of mail/news programs assume that the subject body starts
immediately after Subject: , unless the character immediately after the
colon isn't a space, in which case the subject starts there.
--On Saturday, August 06, 2005 4:18 PM -0700 jdow [EMAIL PROTECTED]
wrote:
By that I meant that telnet localhost pop3 followed by an retr 1
(once logged in) showed the spaces normalized to exactly one in all cases.
That's interesting... I just went checking my uncaught spam folder for
--On Saturday, August 13, 2005 6:58 PM -0400 Theo Van Dinter
[EMAIL PROTECTED] wrote:
On Sat, Aug 13, 2005 at 03:07:14PM +0530, Ramprasad A Padmanabhan wrote:
When I build the rpm from the spec file ( on fedora core 3 ) the
spamassassin-tools rpm is not created. Was it not a part of SA.
The
--On Wednesday, August 17, 2005 6:28 PM +0700 Dhanny Kosasih
[EMAIL PROTECTED] wrote:
I use MySQL to store bayesian value, may i store all configuration in
MySQL (system wide configuration and user spesific configuration) ?
Two wiki pages I found:
--On Wednesday, August 17, 2005 6:28 PM +0700 Dhanny Kosasih
[EMAIL PROTECTED] wrote:
I use MySQL to store bayesian value, may i store all configuration in
MySQL (system wide configuration and user spesific configuration) ?
Another online page:
--On Wednesday, August 17, 2005 10:54 AM -0700 Dan Kohn [EMAIL PROTECTED]
wrote:
Since people are always using these lists to complain about bugs, I just
wanted to briefly mention how well 3.01rc1 is working for me.
Ditto. I'm particularly pleased with the fuzzy stuff for matching
--On Tuesday, September 06, 2005 12:38 AM -0700 List Mail User
[EMAIL PROTECTED] wrote:
You have the unfortunate luck of being on the cutting edge
of the spam runs, most of these domains are now in 4 or 5 SURBL
lists, which will give you scores of close to 12 alone.
Greylisting would
--On Tuesday, September 20, 2005 11:11 AM +1200 Tom Munro Glass
[EMAIL PROTECTED] wrote:
Thanks for the reply Rick but this hasn't helped. Firstly, most of my
users are not allowed to login so I can't use su.
You can try su -c. I don't think that needs a shell, as it's the syntax
used to
--On Monday, September 19, 2005 10:35 PM -0700 Loren Wilton
[EMAIL PROTECTED] wrote:
Ie a test for
lots of divs that have been floated left and contain lots of breaks?
Really bad thing to test for. FPs all over the place.
What kind of legitimate MUA spews crap like that?
--On Friday, September 23, 2005 9:54 AM -0500 Herb Martin
[EMAIL PROTECTED] wrote:
I have been using dev builds and each RC for
a month or more and love it. It runs smoother
and with fewer oddities than 3.04 etc.
I have been on 3.10 since a couple of days after
the release (it only took that
Lately I've been seeing quite a bit of uncaught spam with a link to
uk.geocities.com. Using 3.1.0 release with net tests. Here's my uncaught
(false negatives) folder for October (which I feed nightly into sa-learn):
http://home.sewingwitch.com:8000/Stuff/Uncaught-200510.mbox
Been getting a few of these:
From: {%NAME_FROM} [EMAIL PROTECTED]
To: {%NAME_TO} [EMAIL PROTECTED]
Anyone have a rule to nuke them?
--On Friday, October 28, 2005 2:07 PM -0400 Ryan O'Neil
[EMAIL PROTECTED] wrote:
We currently have a fedora core 2 server running Sendmail, SpamAssassin
2.63.
I'd like to upgrade to the newest version of SA 3.1.0 I'm aware that
some of the user prefs and local.cf will need changed afterwards.
--On Sunday, November 13, 2005 11:26 PM + Craig McLean
[EMAIL PROTECTED] wrote:
Ok, well if you read my last message, I've indicated a better way than
appending the whole thing in. Just include it using a line like:
include(`/usr/share/sendmail-cf/hack/block_bad_helo.m4')dnl
to your
--On Sunday, November 20, 2005 6:31 PM +0100 Kai Schaetzl
[EMAIL PROTECTED] wrote:
1.7 SARE_SPEC_LEO_LINE04 RAW: common Leo body text
That's the only non-RBL non-SURBL rule you're hitting on. It can be found
here:
http://www.rulesemporium.com/rules/70_sare_specific.cf
Why isn't it
--On Wednesday, November 23, 2005 10:07 AM -0500 Bowie Bailey
[EMAIL PROTECTED] wrote:
It's always good to have multiple layers. We have ClamAV on the mail
server and Symantec Corporate Edition on the desktops. I haven't had
any problems with Clam. We had a few Sober.U get through before
--On Thursday, January 06, 2005 9:06 PM -0800 Dan Hollis [EMAIL PROTECTED]
wrote:
It would ease migrating to 3.0.x a great deal for many sites to support
backwards compatibility. Instead, stuff breaks. This is why people are
so hesitant to move to php5, perl6 etc. spamassassin should not follow
--On Tuesday, January 11, 2005 9:36 PM -0800 Loren Wilton
[EMAIL PROTECTED] wrote:
But the trick here is that at least one or more releases will contain both
features. This is different than saying feature X will be replaced at
the next major release. We'll tell you what to use in its place in
--On Saturday, January 15, 2005 6:25 AM -0800 Loren Wilton
[EMAIL PROTECTED] wrote:
Personally I block anything that I can find a window.status= in. They
are all phish as near as I can tell.
No false positives? If not, you might enter a bugzilla to get it entered as
an official rule. I'd love
--On Tuesday, January 18, 2005 11:38 PM -0500 Theo Van Dinter
[EMAIL PROTECTED] wrote:
Not very reliable though. They get most of the 400+ that work is
hosting on 1 IP, 0 of the 80+ on 3 other IPs, and only 2 of the 10+
I have on my personal server.
Check out the latest ntop (http://ntop.org).
--On Wednesday, January 26, 2005 9:45 AM + Martin Hepworth
[EMAIL PROTECTED] wrote:
install Net::DNS. Doing this from CPAN is normally best as the RPMs tend
to hide it in odd places that aren't in the default path.
perl -MCPAN -eshell
install Net::DNS
Or build the RPM from CPAN using
--On Wednesday, February 02, 2005 9:38 PM -0500 Rob McEwen
[EMAIL PROTECTED] wrote:
I couldn't tell from the article... but are SMTP Servers which REQUIRE
password authentication for sending immune from this particular type of
spam? Or does the system somehow route the spam through a person's
--On Thursday, February 03, 2005 1:43 PM -0500 Rob McEwen
[EMAIL PROTECTED] wrote:
Even though that may be correct in theory, isn't there one-way encryption
involved for these passwords? (you know, the kind which can't be retrieved
by anyone, only reset). But even if that is not the case,
--On Tuesday, February 15, 2005 3:31 PM -0500 Chris Santerre
[EMAIL PROTECTED] wrote:
Looks like 419'er are using instant messaging to get people now! Funny
conversation that a friend of mine had. Worth the read.
http://www.merchantsoverseas.com/wwwroot/gorilla/funny419.txt
(Friends name
Score from 3.0.0 without any custom rules:
Content analysis details: (12.9 points, 5.0 required)
pts rule name description
--
2.2 TO_MALFORMED To: has a malformed address
0.0 BAYES_50
--On Thursday, February 24, 2005 6:07 PM -0500 Phil Barnett
[EMAIL PROTECTED] wrote:
i or l = [|ííiil1]
a = [EMAIL PROTECTED]
e = [eé3]
o = [o0]
It seems like this is getting overly-complicated. Are there any libraries
for doing fuzzy string matching and obfuscation detection that could be
--On Sunday, February 27, 2005 11:48 AM -0500 Phil Barnett [EMAIL PROTECTED]
wrote:
All you have requested here is for someone else to do the complicated
stuff and make it easy for you. Someone has to get the code as complex
as it needs to be. If not you, then the guy that makes the library
--On Sunday, February 27, 2005 7:46 PM -0800 Loren Wilton
[EMAIL PROTECTED] wrote:
He has a point. A complicated regex is complicated, and that can mean
slow. It also by definition means incomprehensible to humans, and so
has to be generated by a tool, and then not touched or looked at.
http://humorix.org/articles/2005/03/spam/
--On Thursday, March 10, 2005 7:23 AM -0800 List Mail User
[EMAIL PROTECTED] wrote:
They mostly use Joker, who has *very* good policies for killing
domains like this. You should complain and file at wdprs.internic.net.
They create about a dozen new domains a week, but have been
--On Thursday, March 10, 2005 10:38 AM -0800 List Mail User
[EMAIL PROTECTED] wrote:
There is no DNS, but you can often get the data by directly querying
whois.internic.net
But that's not scalable if every mail server queries the registry's whois
server. It's worse if the mail servers don't
--On Friday, March 18, 2005 3:17 PM +0100 Alexander Bochmann
[EMAIL PROTECTED] wrote:
It shurely doesn't make sense if the secondary MX is
under your control, but there are many setups where
the ISP or someone else runs a backup MX for his
customer's domains as a service. With this
--On Friday, March 18, 2005 10:24 AM -0800 Kelson [EMAIL PROTECTED] wrote:
But if you're relaying to someone, and *they* reject it, now you have to
decide whether to generate a DSN or not.
Using MIMEDefang I don't reject for mail relayed from my secondary:
--On Friday, March 18, 2005 2:55 PM -0500 Pierre Thomson
[EMAIL PROTECTED] wrote:
I tried the trick with a tertiary entry matching the primary, but it
didn't reduce the spam at the secondary very much.
It would be useful to figure out why this is so. Did you use the same host
name for both
--On Tuesday, April 12, 2005 7:29 PM -0400 Matt Kettler
[EMAIL PROTECTED] wrote:
I don't see them (yahoo) marketing it as an anti-spam solution. They
market it as a tool to solve problems that anti-spam efforts face
(spoofing).
http://antispam.yahoo.com/domainkeys/
Wouldn't it be better to host
Is there a way to process an mbox folder to add the full report
unconditionally to all the messages in it?
I've got an Uncaught IMAP folder that I drag all the day's missed spam to
for a nightly sa-learn run. I'd like to be able to inspect the messages in
the morning to see the full score
--On Tuesday, May 17, 2005 11:59 AM +0200 Menno van Bennekom
[EMAIL PROTECTED] wrote:
It has been said before but I still would appreciate it very much if ISP's
would only allow SMTP traffic to go through the provider's mail-servers,
not directly from dsl/cable to the Internet.
It would stop
--On Friday, May 20, 2005 9:07 AM -0400 Jennifer Lai [EMAIL PROTECTED]
wrote:
I'm setting up SpamAssassin by following the instructions on this
website,
http://www.firstpr.com.au/web-mail/Postfix-SA-Anomy-Maildrop/
http://www.firstpr.com.au/web-mail/Postfix-SA-Anomy-Maildrop/
You're using
--On Friday, June 03, 2005 7:20 AM +0300 Nabil Sabry
[EMAIL PROTECTED] wrote:
I have been recently added to this tool.
BOTH the IT team and the ISP claim they know nothing about it!
Is there any means to know who added me?
Check the entire message, including all the headers. There should be
Personally I'd recommend updating to 3.0.3 but some admins need to stay
with the old stuff. For those interested in moving up to v3, see this page:
http://wiki.apache.org/spamassassin/UpgradingVersion
Forwarded Message
Date: Saturday, June 04, 2005 3:26 PM -0400
From:
--On Monday, September 13, 2004 1:42 PM -0700 John Hardin
[EMAIL PROTECTED] wrote:
The way the SMTP protocol is constructed, the client opens a connection
and waits for a welcome banner before sending data. If the connection is
tarpitted immediately, then the client never receives the welcome
--On Tuesday, September 14, 2004 2:14 PM -0700 Bret Miller
[EMAIL PROTECTED] wrote:
I use Outlook so I don't have a lot of options for sorting like some
other apps do.
I coulda sworn the last time I looked at it that Outlook supported multiple
folders. Does it not have the ability to recognize
--On Tuesday, September 14, 2004 10:00 PM +0100 Michele Neylon::Blacknight
Solutions [EMAIL PROTECTED] wrote:
As I already said, other lists allow people to choose.
What list software (including version) do those lists use? Is this a
per-subscriber option or do you mean the choice is for the
--On Tuesday, September 14, 2004 2:57 PM -0700 Bret Miller
[EMAIL PROTECTED] wrote:
Which then means I have to keep track of a dozen folders, which is
something I don't need to do for the very few messages on this list that
are even remotely relevant.
How do you determine relevance? When I open
--On Tuesday, September 14, 2004 5:09 PM -0400 Jim Maul [EMAIL PROTECTED]
wrote:
If someone replies to a message i sent to the list, and they happen to
hit reply-all both the list and i will get a copy. Filtering on listid
will send 1 to the list box i have set up and 1 copy to my inbox. First
--On Tuesday, September 14, 2004 3:06 PM -0700 Pat Lashley
[EMAIL PROTECTED] wrote:
It can be a problem for people with limited display space for
the Subject: line. The significant part can be pushed right
off the edge.
I suspect a lot of people don't recognize this issue because we've all
--On Thursday, September 23, 2004 10:31 AM -0400 Chris Santerre
[EMAIL PROTECTED] wrote:
Reisstinnng urge to crack joke..feeling rising..so .so
difficult to not.arghhh.p.. *pop*
I think there's a pill for that. And even if there's not, someone should
soon
--On Friday, September 24, 2004 11:33 AM -0400 Steve Prior
[EMAIL PROTECTED] wrote:
In case anyone else is going to run into this, sometime
yesterday speakeasy.net implemented default SPF records
for all of their DNS hosting customers.
I don't see it for the two domains they host for me. I did a
--On Tuesday, September 28, 2004 8:43 PM -0700 Erik Wickstrom
[EMAIL PROTECTED] wrote:
Just wanted to get your opinion on whether or not I should have RBL
activated? I have read some mixed opinions so far. Does it create
alot of false positives (vice versa)?
To see an example of why using an
I've found that the Dovecot IMAP server (also apparently UW-IMAP)
canonicalizes subject lines in message lists by reducing all runs of
white space to a single space. This kills the utility of white space
padding in the _SCORE( )_ header rewriting macro in preserving columns for
numerical
--On Saturday, October 23, 2004 3:35 PM -0700 einheit
[EMAIL PROTECTED] wrote:
Those sorts of honor-system viruses for unix are quite common, but
hardly ever work, up to now, since they require someone with both root
access to a unix system, and a lack of sophistication, two qualities
which have
--On Monday, October 25, 2004 12:56 PM -0400 Christopher X. Candreva
[EMAIL PROTECTED] wrote:
Thanks. So the DNSBL checks run, just not 'make test'.
Right. The issue is with installation-time tests, not rules. There's a bug
in a low-level Perl module that's only exercised at make test time.
Just a heads-up for the ClamAV users on the list:
http://sourceforge.net/forum/forum.php?thread_id=1174326forum_id=420492
People who are hammering the database servers too frequently risk being
blacklisted. The latest freshclam supports a DNS-based check that's much
nicer to the servers, so use
--On Saturday, November 27, 2004 12:42 PM -0800 jdow [EMAIL PROTECTED]
wrote:
I nearly cried when I took that machine down.
I know what you mean. I always feel like I'm shooting my dog when I have to
bounce the system. Right now I've got a game server suffering a couple of
WINE zombies because
A screensaver that DDoS's spammer websites:
http://www.theregister.co.uk/2004/11/26/lycos_europe_spam_blitz/
http://makelovenotspam.com/intl/
http://www.google.com/search?num=100hl=enlr=safe=offq=lycos+make+love+not+spambtnG=Search
Been getting a bunch of these lately, and they're falling on either side of
the 5.0 margin. Two that came in under 5.0 today have unusual
characteristics: The Bayes score on one is 60% and scores higher than one
with an 80% Bayes score. You can see my current uncaught corpus here:
--On Friday, December 10, 2004 7:52 PM -0800 Jeff Chan [EMAIL PROTECTED]
wrote:
But Get a capable html e-mailer could also be generic
text for non-MIME or non-HTML capable mail clients to see.
It's highly lame (especially when messages should be in
plain text IMO), but it could appear in hams.
I got a flurry of these this morning, and they keep coming back. Has anyone
come up with some good rules for these? Obviously both test and keep in
the subject line. What else? The overall HTML structure looks pretty
consistent, so perhaps something that matches on that pattern? I'm seeing a
--On Monday, December 13, 2004 5:08 AM -0800 Loren Wilton
[EMAIL PROTECTED] wrote:
Flurry of which? No attachment, at least here.
Sorry, I see so many of these (5 a day or more) that I assume everyone's
been flooded by them.
Example attached.---BeginMessage---
--On Monday, December 13, 2004 5:10 PM + Duncan Hill
[EMAIL PROTECTED] wrote:
Enable URIBLs and you should probably start catching it.
URIBL's were enabled. I checked my SA folder and found one on the 7th, so
I'm wondering if something broke in looking them up. That was the day I
rebooted
--On Tuesday, December 14, 2004 10:43 AM -0500 Matt Kettler
[EMAIL PROTECTED] wrote:
I'd start off simple...
spamassassin --lint -D
See what that can tell you. If that's showing network tests working, try
adding -D to spamd's start up (note: spamd not spamc) and check your
syslogs.
101 - 200 of 343 matches
Mail list logo