|
12/24 |
2007/3/20-22 [Computer/SW/SpamAssassin, Computer/SW/Virus] UID:46023 Activity:nil |
3/19 "Most computer attacks originate in U.S." http://news.yahoo.com/s/ap/20070319/ap_on_hi_te/internet_security_threats I thought it was South Korea. |
12/24 |
2007/3/16-20 [Computer/SW/SpamAssassin] UID:45997 Activity:nil |
3/16 Is there a way to configure spamassassin to delete junk messages from my /var/mail/{login} spool before I run my mail client program? Thx. \_ procmail |
2007/3/13-14 [Computer/SW/SpamAssassin] UID:45951 Activity:nil |
3/13 Anyways to improve our current spam assassin? |
2007/2/4-7 [Academia/Berkeley/CSUA, Computer/SW/SpamAssassin] UID:45651 Activity:nil |
2/4 Does someone have a simple working .procmailrc for the new soda? I can't seem to get mine working despite trying the suggestions on the motd. \_ DEFAULT=/var/mail/USERNAME/ :0fw | /usr/bin/spamassassin :0: * ^X-Spam-Status: Yes spam/ |
2007/1/31-2/3 [Computer/SW/SpamAssassin] UID:45630 Activity:kinda low |
1/31 Can you give us any pointer for setting up spamassassin on csua under the new mail system? TIA. \_ What I did is create a .procmailrc file in your homedir with the following content: \_ What I did is create a .procmailrc file in your homedir with the following content: :0fw | /usr/local/bin/spamc :0 hw: * ^X-Spam-Status: Yes spam And what this does is grab the email that SpamAssassin has tagged as spammail, strip out the body and shove the header info to a file called 'spam' in your homedir. And delete them from your mail spool. Works with the new soda (so far). spammail, strip out the body and shove the header info to a file called 'spam' in your homedir. And delete them from your mail spool. Works with the new soda (so far). NOTE that this is just ONE of the many variations on how to do .procmailrc. STFG for more examples. \_ In /csua/soda-changes.2007.01, it mentioned that procmail will not work with the new /var/mail/$USERNAME directory. Have you tried if you are still receiving non-spam correctly? -op NOTE that this is just ONE of the many variations on how to do .procmailrc. STFG for more examples. \_ ls -l /usr/local/bin/spamc ls: /usr/local/bin/spamc: No such file or directory (there is one in /usr/bin but it seems to be failing, any input I give it it returns 0/0 (error) and filters nada. \_ I am using /usr/bin/spamc \_ Which has no spamd to connect to so it fails every time \_ Well, this is what I have in my .procmailrc, and it appears to work: :0fw | spamc |
2007/1/19-25 [Computer/SW/SpamAssassin] UID:45560 Activity:nil |
1/18 http://redtape.msnbc.com/2007/01/spam_is_back_an.html Spam 2.0-- it is back, and worse than ever. |
2006/11/3-4 [Consumer/CellPhone, Computer/SW/SpamAssassin] UID:45146 Activity:low 62%like:45115 |
11/3 It's here. Cell phone SMS spams. Anyone having problems? How do you deal with it? I'm paying 10 cents/message. Spammers need to die. \_ With Sprint the nice lady offered to block text messages, so I did \_ But that also blocks non-spam text messages from friends or alert from your server, etc. What they need to do is stop charging for received messages and charge/increase fee for sending a message. \_ Carry a pager. \_ I went to my Sprint account page, and I can configure "ACCEPT ALL" or "BLOCK ALL" except a list of phone numbers, e-mail e-mail addresses, and domain names. addresses, and domain names. |
2006/11/2-3 [Computer/SW/SpamAssassin] UID:45101 Activity:nil |
11/02 I just got an email (at my work account) from what appears to be a head-hunter. It is very low on job offer details. Does anyone else get these? Is it worth it to respond? If I respond, will I be flooded with these? \_ The job market is hot for employees now. Head hunter/recruiter types are hurting. If you're looking for a job, go post your resume and start applying to listed jobs from real companies. I wouldn't bother replying to this unless there's something in particular that caught your eye. Sounds like recruiter spam. \_ Make sure its a real head hunter / job offer things. Fake ones would be a real great phishing operation, as a lead-in to identity theft. I get tons of spam that looks like this is the intent. \_ if you are really good, head hunter will *CALL* you instead of emailing you. They should know it's not cool to send recruiting information into your WORK email. |
2006/10/29-30 [Computer/SW/SpamAssassin] UID:45030 Activity:kinda low |
10/29 Any tips on dealing with the usual nonsense-text-around-embedded- images spam? I'm running postgrey + spamassassin, and it's catching about half of them... -John \_ Are you running Razor2, Pyzor, and other services that contact a centralized spam repository to filter out even more spams? \_ No, I will be. A gentleman and a scholar, thanks. -John \_ There is something unique about those spams. It is possible to filter them. I'm not allowed to discuss it further. |
2006/10/16-18 [Academia/Berkeley/CSUA, Computer/SW/SpamAssassin] UID:44835 Activity:nil |
10/16 I just got my first soda spam reforwarded to my real email address. I have never given this address to anyone. Thank you who ever gave out soda addresses on the net. \_ Have you considered that someone you correspond with may have had their machine rooted? Also whoever rooted soda a while back could have snarfed all the account names. \_ I don't send mail from here but I had forgotten about past soda break-ins. Thanks for reminding me of that. The idea that someone here would post email addresses is pretty sickening. \_ was your real email address written down somewhere on on soda? Was your soda mail getting forwarded to your email address? Are you sure it wasn't just forwarded from soda? I think you might not understand how forwarding works. \_ I'll explain: I have a .forward file on soda. It forwards to my real email address. I have never sent mail from soda or provided @soda to anyone. My .forward file is older than some current students. The spam was sent to my previously unknown and never used @soda address and then reforwarded via my .forward to my real address. I think I understand how forwarding works. Thanks for the help. \_ And I don't think you understand. So you use your brand new spanking email address? Do you \_ yes. email people with it? EVER? Has anyone ever \_ yes. \_ yes. received this email? Do they read it on a computer? \_ yes. \_ yes. Viruses infect computers, or so I hear. Some viruses look for the addressbook of users, and mail them back to their Russian masters, who then stick it in their recipient lists to Spam. The only way to never receive spam is oh I dunno shoot yourself. \_ And the email wasn't sent to that email address. It was sent to my soda address which has never been used and then reforwarded to that address from here. It is the fact that my soda account got spam that is the problem because *I* have never given out my soda address nor used it for any email transaction. The forwarding isn't the problem here. It is that the soda address got spam. The unused, never given out, never provided, previous unknown soda address got spam. Spam was sent to my soda address, to my completely unused and unknown soda address. The soda address that received the spam, that the spam was address to was never used on the net. Capiche? \_ you ever hear of a dictionary attack? they'll get you eventually. \_ It's possible but let's see the mail logs showing the dictionary attack. Maybe I missed that in the motd.official or the csua minutes. \_ what's your email address? I want to mail\ you a PNG of /etc/passwd \_ I'm root@soda. \_ you realize soda is one of the most heavily loaded single point mail machines in the universe? \_ sure, so? |
2006/10/12 [Computer/SW/SpamAssassin] UID:44781 Activity:nil |
10/11 Dear root, what's the possibility of upgrading spamassassin to something more recent? I think we are running 3.1.0, which is released on Sept 2005. The most current is 3.1.6 on Oct 2006. As a side note, anyone getting a lot of spam with an image and a bunch of "randomish" words after it. sa-learn is obviously not doing a very good job to learn this kind of spam. |
2006/9/22-25 [Computer/SW/WWW/Browsers, Computer/SW/SpamAssassin] UID:44497 Activity:nil 90%like:44493 |
9/22 OpenDNS is looking for someone to write a Thunderbird extension. http://tinyurl.com/j24ux (rentacoder.com) |
2006/9/22 [Computer/SW/WWW/Browsers, Computer/SW/SpamAssassin] UID:44493 Activity:nil 90%like:44497 |
9/22 OpenDNS is looking for someone to write a Thunderbird extension. http://www.rentacoder.com/RentACoder/misc/BidRequests/ShowBidRequest.asp?lngBidRequestId=532805 |
2006/8/21-23 [Computer/SW/SpamAssassin] UID:44079 Activity:nil |
8/21 Recent soda spam 3x usual P? \_ I haven't noticed. 3x infinity = infinity \_ We should have the death penalty for spammers. Especially ones who deliberately try to evade spam filters. Think about it: they harm millions and millions of people. Add it up: they deserve death. \_ I've noticed a remarkable jump in the number of spam runs in the last 2-4 weeks, as have colleagues on a number of systems. -John |
2006/8/16-17 [Reference/Law, Computer/SW/SpamAssassin] UID:44031 Activity:nil |
8/16 If you had the power to pass laws to curb spammers, what law(s) would you pass? I will start: -Fine $5 for each spam mail sent \- i dont think it is so much about what law you pass but the kinds of resources you allocate to enforcement. \_ One nail from a nailgun in the head for each spam mail sent. \_ Only pornographic spam is allowed. -average American male \_ public service. they must copy, by hand, every spam message they sent out, onto a chalkboard. \_ eye rape them with tentacles \_ make them eat a can of spam for every spam they send. \- i dont think it is so much about what law you pass but the kinds of resources you allocate to enforcement. \_ Well, I asked Urotsukidoji and he's just about had it with tentacle enlargement spam. -John |
2006/8/14-16 [Computer/SW/SpamAssassin] UID:43997 Activity:nil |
8/14 I'm a newbie sysadm. Is configuring/installing pyzor and razor as simple as doing "apt-get install pyzor" and "razor"? I did both but I don't see any pyzor/razor daemons running. I hate spam and I want to minimize spam for my users. ok thx. |
2006/8/4-6 [Computer/SW/SpamAssassin] UID:43911 Activity:nil |
8/4 I just installed spamassassin using "apt-get install spamassassin" on my local machine, and spamd is launched. In my .procmailrc, if I run /usr/bin/spamassassin, is it smart enough to connect to spamd when it is running, and stand-alone when spamd is not running? \_ man-ing around, I'm going to guess that it's not smart enough. after all, that's what spamc is for. You may have to invoke some spamd detection trickery, and do either spamc or the full spamassassin. --michener \_ Yes. -proud American |
2006/8/2-6 [Computer/SW/SpamAssassin] UID:43868 Activity:nil |
8/2 How come web sites that praise http://dreamhost.com don't accept additional reviews anymore? I'd like to add negative feedbacks to counter the positive feedbacks but unable to do so. What's up? Here are some examples: http://www.webhostingratings.com (blank interface to add review) http://www.brunescafe.com/content/view/16/2 (can't enter info) There are two others that I've waited 3 days for the approval to go through, even though their web sites say: "Thank you for voicing your opinion about DreamHost, Joe. Your opinion will help other Webmasters in their search for the right Web host. All reviews are manually approved, in order to remove spam. Reviews are typically approved once per day." What the hell is going on? \_ hi im bitter \_ The jews are responsible for all the wars in the world. Are you a jew? -proud American \_ Stop advertising porn sites. -proud New Englander |
2006/6/1-4 [Industry/Jobs, Recreation/Humor, Computer/SW/SpamAssassin] UID:43245 Activity:nil |
6/1 Semi randomly generated spam I thought was funny: Hi there lovely, This kbind of opportunity comes ones in a clife. I docn't want to miss it. Do you? I am comcing to your place in few days and I though may be we can meet each other. If you don't mind I can send you mcy picture. I am a girbl. \_ I am a gerbil. |
2006/5/31 [Computer/SW/SpamAssassin] UID:43239 Activity:nil |
5/31 I just got a bunch of returned emails which appear to be caused by someone using my email for spam. Is this caused by someone spoofing my address, or has my account been comprimised? Anyone else have this problem recently? -scottyg \_ Everyone else. It's been mentioned in the motd a couple of times. \_ Just wait couple days and it'll slow down/stop. I also used sa-learn to increase spamassasin's catch rate and also used procmail to filter out anything "From:" postmaster or mail- daemon. |
2006/5/31-6/3 [Computer/SW/SpamAssassin, Computer/SW] UID:43238 Activity:nil |
5/30 You know those things in magazines (often computer and travel ones) that is an index card full of numbers that you circle, each of which corresponds to a company/product so you can get more information on that product? Is there an online equivalent, at least for email information? I need a way to send a lot of email to a certain account. Thanks. \_ http://yourgiftcard.com, http://offercash.com, http://everyfreegift.com, http://www.coolsavings.com http://www.giftcertificates.com all worked dandy. I've neutralized my nemesis' accounts using these web sites. If you have more, please post them here. Thanks. \_ Well its not very noble, but you can spam the hell out of an account if you sign it up for porn sites, or even just enter an email address in. \_ Just don't. \_ I ended up signing the account up at some home loan websites, which worked pretty quickly (within minutes). Nothing too excessive, though, which was nice. -op |
2006/5/22-25 [Computer/SW/SpamAssassin] UID:43145 Activity:nil |
5/22 I'm a new sysadm. I'm trying to collect as many spam mails as I can to build the ultimate sa-learn (spamassassin) database. I'd like to use this ultimate database to filter out ALL spams, once and for all, for all of my users. What's the best way to collect as many spam mails as possible? Thanks. \_ "once and for all"? so, would your users still be able to check the spam for false matches? \_ A collegue of mine has some pretty good, mature anti-spam mechanisms in lace after playing with various combos. I'll be glad to put you in touch with him if you post your name. -John \_ Spam changes over time. If it was possible to do what you're doing as a one time event it would've been done already. |
2006/5/22-25 [Computer/SW/SpamAssassin] UID:43136 Activity:nil |
5/22 I am getting about 150-200 "returned email" notice a day for the past couple days. Yes, I know my email address is probably used as the "From:" for spam. Spamassassin is catching about 50% of them. Should I... 1) Keep using sa-learn to increase the catch rate? 2) Just ignore it and hopefully it'll slow down? 3) Anything else? \_ If you run the domain, you could work something with spf. -John \_ You could also do a quickie filter to another folder just to set it aside just in case there's something you actually want to see, then delete it all in a week or two if it stops. That's the lazy way. Of course if it doesn't stop you'll need spf, better filters and maybe a new email address. I have about 50-60 throw away addresses now. I've had to disable about 10 of them over the years because of all the spam. Some of them have been dead for over 5 years and still get spammed every day. (I see it in the logs). \_ I am getting these too here at soda. Started a few weeks ago I think. I have been sa-learning them which helped. I think they are mostly Russian. Smart email servers would not bounce spam back to the From: address... damn Russians. |
2006/5/10 [Computer/SW/SpamAssassin] UID:43009 Activity:nil |
5/10 I just received a bounced email saying I was trying to send an email to some account that deos not exist. Examining the attached original email I am sure I did not send out or compose that email. Does that mean someone has cracked in my account and used it for emailing? \_ No. It's spam spoofing your email address. Send out a note to people you care about (but who are generally clueless about the IntarWeb) telling them to ignore strange messages like that if they say they're from you. |
2006/5/9-10 [Computer/SW/SpamAssassin] UID:42997 Activity:nil |
5/9 Today I got a huge bunch of "mailer-daemon" failure messages due to someone sending spam with my email in the from:. What's the best way to deal with that? If I procmail them all to /dev/null then I'd miss real delivery notifications that are occasionally useful. \_ I got that too last week for one or two days. Bounce was from some Italian server, I think. I thought it was just virus spam (infected .gif attachment) pretending to be bounce notifications. |
2006/5/8-9 [Computer/SW/SpamAssassin] UID:42981 Activity:nil |
5/8 Help. After buying something from http://Yahoo.com, I got a pop-up telling me that I got free $50 worth of coupons for Red Lobster, Chilis', and other restaurants. I figured that it's from Yahoo so it's probably trustworthy and answered a few simple questions (Are you a smoker? Do you have diabetes? Do you like sports? etc). Then a few questions turned into a 5 minute survey, that then turned into 500 questions on "Do you want free Newsweek for 3 months? Yes/No" "Do you want to subscribe to Sports Illustrated? Yes/No" "Do you want to try Omaha Steak? Yes/No" So rather than answering 500 questions to get my $50 coupon, I quit my browser. The next day, I got 10 spams to my brand new email account. Today, I got 15 spams. Tomorrow, I'll probably get even more. I can't cancel the list either because they're all from different companies. What should I do? \_ I did an experiment. I simply typed in test email addresses in the following web sites without giving them any more information and got the following results: http://yourgiftcard.com (on average, 3-4 spams a day after a week) http://offercash.com (on average, 2-3 spams a day after a week) <DEAD>everygiftcard.com<DEAD> (on average, 4-5 spams a day after a week) The tests were conducted using separate test Yahoo accounts. Most of the spams were filtered correctly, while many did go through (25% by-passed Yahoo's spam filter). So in short, you just need to be stupid for 5 seconds to receive massive amounts of spam forever. \- why dont you put the admin/technical contacts for those domains on other mailing lists. \_ or, someone else can just type your email to all 3! \_ if it's one of the less irreputable companies, there should be a canspam compliance notice saying why you're getting email. And it should include an opt-out for the marketer that the mailings are being on behalf of. And they will have a global opt-out list that will propagate to the actual senders. |
2006/5/2-4 [Computer/SW/SpamAssassin] UID:42891 Activity:nil |
5/2 How would I setup soda to send a bounce message to anybody mailing me here saying "This email address is retired/ignored due to spam"? \_ I have set it up on soda before, but now totally forgot the steps I think it was done with procmail \_ I think the usual way to do this is to use /usr/bin/vacation to send a reply to anyone who emails you, and to use procmail to delete incoming email. (Depending on soda's mail config, you may need to use procmail to run vacation anyway.) -gm \_ This definitely used to be the standard way. If you do this now, though, whenever someone sends spam to your account with a From address of some innocent third party, you'll end up sending your replies to them. A better way is to have root put an entry for your account in /etc/mail/access, with a custom bounce message -- this way, instead of accepting the mail, saving it to disk, and then trying to figure out who to send a reply to, we reject the mail (with your custom message) during the SMTP exchange. This also reduces the load on soda, because it means we don't have to process all your incoming spam or your auto-replies to it. Mail root and we can set this up for you. --mconst \_ can you leave a pointer to a sample of this? \_ Do you mean a sample of what the bounce message will look like? It's generated by the *sender's* system, not soda, so it'll look a little different for everyone. I've put an example in /csua/tmp/bounce-sample, showing what it looks like from the OCF; you can try sending mail to kislyuk@soda (or any other disabled account) to see what it looks like from other systems. You get to customize the part where it says "Account disabled until you fix your mail loop". --mconst \_ I meant an example of the implemetnation. \_ Oh, sorry -- I just noticed /etc/mail/access wasn't world-readable. I've fixed it. Anyway, all you need is a line like this: To:user@ This account is disabled. Make sure you have FEATURE(`blacklist_recipients') in /etc/mail/sendmail.mc. --mconst |
2006/5/2-3 [Computer/SW/SpamAssassin] UID:42890 Activity:nil |
5/2 Is any one else getting these BlueFrog/BlueSecurity spam emails? \_ yes. also getting much larger spam. is the spam filter back \_ yes. also getting much more spam. is the spam filter back on yet? root? anyone? |
2006/4/27 [Computer/SW/SpamAssassin] UID:42854 Activity:nil |
4/27 I just started using spamassassin recently. And procmail. Yeah I'm behind the times. Anyway, some spams are just random dictionary words. Is it even useful to try to sa_learn those? |
2006/4/21-23 [Computer/SW/SpamAssassin] UID:42797 Activity:nil |
4/21 This spam made me laugh out loud: re: secks If we ever contact aliens they will ultimately destroy us because of our spam. And because we're a bunch of hooting sex monkeys. \_ link:tinyurl.com/e45yt |
2006/4/19-20 [Reference/History, Computer/SW/SpamAssassin] UID:42786 Activity:nil |
4/19 If there's one thing good about the soda crash, that would be accumulating fewer spam mails than in the past, and bouncing them back to their rightful owners. \_ We'll be sure to let it crash more often in the future. :P |
2006/4/15-5/21 [Academia/Berkeley/CSUA, Computer/SW/SpamAssassin] UID:42771 Activity:nil |
4/16 After much late night debugging, soda is now correctly accepting and sending mail. Spamassassin is working. The queued mail is being de-queued. |
2006/3/13-14 [Computer/SW/SpamAssassin] UID:42212 Activity:nil |
3/13 Help me motd! My soda email account only receives spam! No one has sent a personal or business related email to my soda account in over six months. Please help me think of use for my soda account besides receiving tons of spam and trolling the motd. --bored alum \_ Sign your name, and we'll see what we can do. \_ This is why we all forward our soda mail to our real (doesn't go down all the time and run out of quota) mail accounts with an automatic spamassassin bonus rating of 1 or 2. --other alum \_ Hear, hear. I don't automatically give soda mail +1 / +2, but I think the Bayesian classifier has detected the spamminess and effectively does this anyway. |
2006/3/6-7 [Computer/SW/SpamAssassin] UID:42109 Activity:nil |
3/6 I haven't used newsgroups in a while, so I thought I'd check it out I checked out ucb.jobs, and it looks like every post in there are spam like the ones we get in our spam folder on daily basis. Do CS students still use newsgroups? Or are they a thing of the past? |
2006/2/24-27 [Computer/SW/SpamAssassin] UID:41990 Activity:nil |
2/24 More spam is bypassing our spam blocker. \_ Give up. Either forward all your email to a Gmail account, or alternatively forward your email to your Gmail account with a special header and let Gmail's spam filtering take care it, and forward the non spam email back to your soda account, then accept your robotic Gmail masters. \_ Actually, I do forward all my mail through gmail first - while it catches quite a bit, spamassassin on csua still does a better job (in the sense that it catches the ones that gmail let through incorrectly) |
2006/1/1-4 [Computer/SW/Mail, Computer/SW/SpamAssassin] UID:41192 Activity:nil |
1/1 Anyone ever have problems with procmail inserting a '>' in front of the 'From' field when it forwards email? I haven't been able to figure out how to prevent this, not find any web info talking about it. The insertion screws up mail-reading at the forwarded end (thunderbird does not separate out the subject and other fields any more). Thanks! \_ It's probably sendmail, not procmail doing that. And the problem is probably that you're attaching the original headers in the message body, instead of in the message header, or another From header is being added, so sendmail is escaping the From. \_ Yeah, looking at an email as received at csua and at the remote forward destination, it looks like in the process of procmail forwarding it wraps a new set of headers on top of the email. I thought that it used to work fine without changing things like this, though? Haven't been able to find any documentation that shines any light on modifying the behavior to forward the mail with original headers, though -op |
2005/12/19-21 [Computer/SW/SpamAssassin] UID:41076 Activity:nil |
12/19 Have other people been getting spam with paragraph snippets from the 'Bourne Ultimatum' in them? It's very bizarre (I only recognized it because I recently re-read the book... which makes it very disturbing?) \_ what makes that disturbing? do you think they're watching you? \_ I got some with snippets from Aesop's Fables. Someone's ripping off ebooks and such. \_ No, it's just a method to get pass the spam filters. I've seen ones with Tom Sawyer, etc. ripped off in the past. |
2005/12/4 [Computer/SW/SpamAssassin] UID:40848 Activity:nil |
12/3 Procmail is b0rked \_ What exactly does b0rked mean? \_ seems to work for me. |
2005/11/28-29 [Computer/SW/SpamAssassin] UID:40741 Activity:nil |
11/27 Ever since the reboot today, "spamc" doesn't seem to be doing it's job. Any idea what's causing this? \_ Interestingly, it seems to be working as of about an hour after I posted this. -op \_ I really don't know, but I think it becomes less effective based upon load. When soda is bogged down spamc won't run as thoroughly. -mrauser |
2005/11/4-6 [Computer/SW/WWW/Browsers, Computer/SW/SpamAssassin] UID:40442 Activity:nil |
11/4 I just received a piece of spam that's the most threatening I've seen so far: "<my-email-addr> is a nonprofit/charity contact email address right? if so... WE WILL EMAIL YOUR WEB SITE TO 2,500,00 0PT-IN EMAILS FOR [Free] http://www.broadcastemailservices.org ......" \_ they represent a threat to the CSUA. squish them. |
2005/9/29-10/3 [Computer/SW/SpamAssassin] UID:39923 Activity:nil |
9/28 So the spam brigade finally found me on here in a way that annoys me greatly. It was okay before, but now it sucks. I still use PINE. I am open to any suggestions to please let me know...do I need to switch to something beside PINE? Spam Assassin? What? -maxmcc \_ To respond to all the posts in this thread in the laziest means possible: Milter plans are in place which will include global spamassassin and antivirus scanning. We just lack time and manpower. - jvarga \_ You need to switch to something besides pine, but not because of spam. You can configure SpamAssassin for your account and still use a bad mail client. -tom \_ tom, if you aren't going to be helpful, you can at least not be a jerk. -jrleek \_ Come on guys give tom a break. tom is in fact being helpful. Perhaps his words are overly candid and blunt but are not without merits. The clueless pp obviously needs serious help and as tom correctly pointed out needs to use spamassassin. \_ Wouldn't it make more sense to have something more global where CSUA filters out spam instead of individual users configuring their own spamassassin files? My .razor and .spamassassin directories are getting big. \_ Are you gonna pony up the cash to pay a part time admin to run this sort of thing? People don't realize that for any decent sized machine, this sort of service is a full time endeavor. \_ Full time to run spamassassin? Isn't this the sort of experience the students who run soda need? I mean, some of us can do it for free, but doesn't that defeat the purpose? Teach a man to fish and all that. \_ Spamassassin is insufficient (perhaps IMO) for what the person above suggests. Having the CSUA automatically filter spam would 1) be a time sink on admins and 2) suck. The greylisting suggestion below isn't a bad one, but implementing it across the board (as root of late is wont to do) would, again, suck. \_ Seconded. It should also auto-forward all spams to spam@uce.gov. \_ Tom may be able to be helpful but he can't not be a jerk. \_ You can configure SpamAssassin to work with pine. I'll be happy to send you my configuration if you email me. -jrleek \_ I got same issue. Someone please give me a pointer on how to configure procmail... I want to send everything with Windows-1251 encoding to spam... \_ Does CSUA use greylisting? Might be an idea, worked wonders for me. -John \_ care to elaborate on that a bit please? \_ http://en.wikipedia.org/wiki/Greylisting Advantage: stops almost all spam today. Disadvantage: sometimes delays legitimate mail, between a few minutes and an hour or more. Spammers can mostly circumvent it if they try. \_ Greylisting returns a 450 for every mail received and enforces a delay of some small timeframe. Generally enforces a delay of a number of minutes. Generally even a short delay (1-5min) works to kill the fantastic quantities of spam originating from forged addresses or spam zombies. As pp said, it delays _all_ mail as well as blocking mail from misconfigured MTAs that don't understand 450s. Also what helped us was really severe rate limiting of mail from all APNIC netblocks (no more than x mails from a given IP to a given address within y timeframe) and "cooling down" periods for IPs generating too many 550s within, say, a minute. Pp is correct that greylisting does not stop determined spammers, but generally it's too much effort for most of them. -John currently it's too much effort for most of them. -John \_ thanks, john. -kngharv \_ Poll: Should CSUA adopt greylisting? Yes: .. No : .. \_ Greylisting can be rather heavy on memory usage. Last I checked, soda doesn't exactly have a lot of it. \_ Maybe this should wait until the new soda is put in place? \_ How much does it have? How much does it need? What will it cost? \_ For me, pre-greylist = ~30 spam per day. post- grey-list = ~4 spam per day. \_ Greylisting (or maybe just sendmail) pisses me off. When you send a multi-recipient e-mail and one recip is greylisting, all recips after that person block until it goes through. This could just be sendmail's sucky sending semantics. --dbushong \_ How would sendmail's smtp greeting delay compare for suck/gain tradeoff? --jon |
2005/9/2-3 [Computer/SW/Languages, Computer/SW/SpamAssassin] UID:39462 Activity:nil |
9/2 Is it possible to set up an auto-reply on cusa account? How to do it? Create a .auto-reply file? \_ man vacation \_ follow the vacation man, my test account get an auto-reply containing "|/usr/bin/vacation (reason: Command line usage error)" \_ man procmailex \_ thanks procmail auto-reply worked for me. \_ How is your loop detection? -tom |
2005/8/18-20 [Computer/SW/SpamAssassin] UID:39159 Activity:nil |
8/18 help from procmail wizard. I would like to do two things with procmail. 1. if the message is encoded in CP-1251, I want to send it to spam 2. if the message is encoded in some other legacy encoding, i would like to use iconv to convert to utf-8. How to do these? TIA |
2005/8/4-5 [Computer/SW/SpamAssassin] UID:38989 Activity:nil |
8/4 Does spamassassin report spam to spam@ftc.gov? \_ Can't you just bounce it? -John |
2005/6/24-27 [Computer/SW/SpamAssassin] UID:38285 Activity:nil |
6/24 In my procmail log file, it says: csh in malloc(): warning: recursive call Out of memory. What is the meaning of this? \_ helps if you show us your .procmailrc \_ It's hundreds of lines long. I was thinking it was not something specific to my .procmailrc but that the system was just out of memory. Assuming it's something within my .procmailrc, would could cause a recursive call? |
2005/6/20 [Computer/SW/SpamAssassin] UID:38201 Activity:nil |
6/19 Hey does anybody know if hotmail silently discards mails with >-quoted text? I have sent somebody a fairly important mail and then a followup ping a week later and have not heard back. This is a communication of mutual importance and have successfully traded 3 or so email cycles, so a blowoff is unlikely as is some complete failure like a blacklist [dont have phone#]. It is possible there was an emergency and the other party is off-the-grid but am trying to get a sense of the false positive rate for spam control on a normal text message for these large email sites. \_ Suggestion: create a hotmail account and send test messages to it. How important could your email friend be if email is the only way you have to communicate with them? If you have a name and city you can get their phone number. \_ Hotmail sucks and you're stupid to use it for important stuff. I've seen their junk filter silently filter stuff (throwaway forum registrations that I use it for), without putting it in a junk folder. Turning their spam control off completely might help. |
2005/6/7-9 [Computer/SW/SpamAssassin, Computer/SW/Unix] UID:38011 Activity:nil |
6/7 Anyone else use forwarding from procmail & unix mail? I'm been having a problem with something that used to work. I forward email from another account to csua via procmail. Mail headers come with a format that looks like: From sender@sender.com Tue Jun 7 13:30:20 2005 Status: RO >From mds Tue Jun 7 13:30:20 2005 ... Normally I use POP for email, but sometimes when I'm in a rush I use command-line "mail". When I read/delete some messages and enter 'q', it saves the resulting messages with a space between the "Status" and ">From" lines. Haven't been able to find anything via google, but I know that it didn't previously do this (e.g. a month+ ago). Has anyone else had the same problem? Thanks! \_ read your email with mutt like a real man. \_ Consider setting up a procmail rule to pipe everything through formail before further processing. -dans |
2005/5/4-5 [Computer/SW/SpamAssassin] UID:37515 Activity:nil |
5/3 Procmail question. For messages over, say 1 Meg, I want to add '[OVERSIZED]' to the subject. The following works, | sed 's/^\(Subject:\)\(.*\)$/\1 \[OVERSIZED\]\2/' but, how can I do this if there is no "Subject" field to begin with? \_ Changing subject is quickly done using formail. http://info.ccone.at/INFO/Mail-Archives/procmail/Jan-2002/msg00413.html From there you should be able to figure out the rest. \_ Didn't work. -op \_ This is a similar rule I had, that worked: :0 c * ^TO.*(list@uc-hiking-club.berkeley.ca.us) { SUBJECT=`formail -xSubject:` NEWSUBJ="Subject: CHAOS: $SUBJECT" :0 fhw | formail -i "$NEWSUBJ" :0 ! address@imap.cs.berkeley.edu } \_ Right on! That works. Thanks! -op |
2005/5/3-4 [Computer/SW/SpamAssassin] UID:37509 Activity:kinda low |
5/3 Procmail question. For messages over, say 1 Meg, I want to add '[OVERSIZED]' to the subject, forward the message to another acct, and send myself a message at csua notifying me of the oversized message. I have not been able to do this successfully. It should be something like this: :0 * > 1000000 { :0fw | sed 's/^\(Subject:\)\(.*\)$/\1 \[OVERSIZED\]\2/' :0 !otheraccount@gmail.com } and then somehow I need to email myself the notification. Also, this wil only work if the message has a Subject field. How can I do this for the more general case? \_ Changing subject is quickly done using formail. http://info.ccone.at/INFO/Mail-Archives/procmail/Jan-2002/msg00413.html From there you should be able to figure out the rest. \_ Didn't work. Put a bunch of error messages in my log file, and got rid of the subject. -op got rid of the subject, and sent 2 copies of the message to the other account. -op |
2005/4/26-27 [Computer/SW/SpamAssassin] UID:37364 Activity:nil |
4/26 The new version of spamassassin stopped adding "SPAM" to the subject of spam emails. What can I change in .spamassassin/user_prefs to make it do this again? Right now, I have the following line: subject_tag [SPAM] \_ rewrite_header subject " [SPAM]" --dbushong |
2005/4/13-5/25 [Computer/SW/Languages/Perl, Computer/SW/SpamAssassin] UID:37167 Activity:nil |
4/14 Perl upgraded to 5.6.2. SpamAssassin (spamd/spamc) upgraded to 3.0.2. moria (and angband, and NPPAngband) installed, for all you really old-schoolers. |
2005/4/2-5 [Computer/SW/SpamAssassin] UID:37044 Activity:nil |
4/2 Anyone getting scads of 'stock pick' spams with some permutation of (-st0ck52 @ http://Yahoo.com-) as an unsubscribe address? Know a valid unsubscribe adress for them? I've tried most combinations and no, I don't care about "don't-respond-or-they'll-know-the-address-is-live" as a fair number of spammers actually respect unsubsribes. I haven't managed to get spamassassin to figure these out. \_ no, but i'm suddenly getting a ton of "your bank account has been compromised. please verify your password." |
2005/4/1-2 [Academia/Berkeley/CSUA, Computer/SW/SpamAssassin] UID:37018 Activity:nil |
4/1 So I keep hearing from people I know that my soda account randomly bounces email. The only thing I ever get now is spam. Is it time to retire the soda account for good? Will soda ever be well? \_ I think /var was full the other day. Some people had trouble emailing me and I couldn't send email from soda. |
2005/3/24-28 [Computer/HW/Memory, Computer/SW/SpamAssassin, Computer/SW/Unix] UID:36849 Activity:nil |
3/24 I have a procmail process on Linux that I would like it to talk HTTP to a servlet (or any URL for that matter). What is the most efficient (the smaller the memory footprint, the better) and the most scalable (we do have heavy email volume) and the most performing way you can think of? TIA. |
2005/2/28-3/1 [Computer/SW/SpamAssassin] UID:36455 Activity:nil |
2/28 Unintended consequences of spam-blocking (and spam of course): http://news.lp.findlaw.com/andrews/pl/med/20050223/20050223barnes.html \_ Legit or not, this is almost certainly going to become the "My dog ate my homework!" excuse for attorneys who missed deadlines through laziness. |
2005/2/23-24 [Computer/SW/SpamAssassin] UID:36388 Activity:low |
2/23 I sometimes receive spams that has apparently nothing to sell, or messages to spread. What are they for? \_ spam fishers. If you didn't bounce the mail, you're gonna get a lot more spams in the future. Sorry. \_ How do I bounce the mail back to sender in a way that makes it think my email addr doesn't really exist? \_ I don't think this is possible (it wasn't last I checked) but I think it's a feature that needs to be added. \_ Forward them to spam@ftc.gov, spam@uce.gov and uce@ftc.gov (don't know which one is the real one). Better than no action at all. |
2005/2/8 [Computer/SW/SpamAssassin] UID:36101 Activity:moderate |
2/8 How do you guys get rid of spam in this account? \_ spamassassin -> gmail |
2005/1/26 [Computer/Companies/Google, Computer/SW/SpamAssassin] UID:35907 Activity:nil |
1/26 Has anyone else had problems with Gmail not recieving mail? I've had one person get a delivery failure message and another person say they sent mail, got no failure notice, and I never recieved it. Is this a common problem of am I just corresponding with dinks who can't figure out how to send email? \_ I had problems when I bounced mail from another account to my gmail. I never received any failure notice, but didn't receive the mail either. Forwarding worked. Funny thing was that after trying the bounce multiple times and fail, I forward, and all of a sudden, the forwarded mail shows up in gmail along with all of the bounced mails. That was about a month ago. Bouce seems to work for me now. \_ No, but gmail filters spam very aggressively, so I get lots of false positives. Search through your spam folder first. \_ Neither showed up in spam (I've gotten no spam yet), they just never got there. |
2005/1/20 [Computer/SW/SpamAssassin] UID:35831 Activity:kinda low |
1/20 I am getting spam that doesn't have a "for" header. It has a Received "By" and "From" header but no "for". Is "for" not required? Does "legitimate" mail ever not have a for header? If not how would I tell procmail to filter it, if so, how would I tell spamassassin that it \_ well, how about the following in your .procmailrc? # The following deletes anything that doesn't have the right To field. # However, most mailing lists don't have it either, so you may # want to rewrite rules. :0 * !^To: holubtom@csua.berkeley.edu spam |
2005/1/11-12 [Computer/SW/Languages/Perl, Computer/SW/SpamAssassin] UID:35663 Activity:nil |
1/11 How do I set up a spam filter without hosing soda with perl processes? (something running on soda, not in my Windoze e-mail client) Thanks! \_ The best you can do is to run spamc (which uses the shared spamd daemon) instead of running spamassassin directly. |
2005/1/11 [Computer/SW/SpamAssassin] UID:35654 Activity:nil |
1/11 FTC Moves to Stop Illegal X-Rated Spamming http://csua.org/u/anw "Harrington said the agency located the companies and individuals through e-mails consumers sent the FTC's data base in the spring." Wow! I didn't know that spam forwarded to the FTC are actually looked at. I thought it was a /dev/null to keep the public happy. Can we make SpamAssasin forward all spam automatically? \_ Aargh, mixed feelings.... |
2005/1/9-11 [Computer/SW/SpamAssassin] UID:35626 Activity:kinda low |
1/9 Why are people so antisocial as to hose soda terribly with spamassassin processes? \_ what is antisocial about using spamassassin? \_ People who don't use spamc, or are runing their own version of spamd instead of using the system process. \_ I used spamc and stopped when the spamd kept dying. \_ Without evil, how would we know good? \_ Now that we know who you are, I know who I am. I'm not a mistake. \_ Would you please explain how not to be evil? --PeterM \_ From my first moments in aspo's cruel crush of demonic love, I have been a slave to evil. |
2005/1/9-10 [Computer/SW/SpamAssassin] UID:35622 Activity:nil |
1/9 I've noticed that quite a few people will have an email address on their resume that says something like "firstname<dot>lastname<at>hostname<dot>com". Is there really any point to this? Are there actually spam programs downloading people's resumes in .pdf and .doc format, extracting the email address and adding it to spam lists? Does anyone have any actual evidence that this threat is real? It seems to me that if it is a real threat, just putting in a bitmap of your real email address without the stupid <dot> and <at> crap would do the same thing in a less annoying way. \_ Yes, the "threat" is real. Spammers troll through newsgroups, webpages, etc. to gather possible addresses. And how would you suggest putting a bitmap into the From field of a newsgroup posting? Also, many of the later viruses scan all files on the infected computer for well-formed email addresses and propogate itself with those addresses as a forged from. There is some speculation (and it seems well founded) that these were released in the wild as yet another way to skim valid email addresses off the net. \_ Thank you. That is useful. I can see how the <at> stuff would be useful for usenet, but I meant that for a resume you could embed a bitmap of your email address if it was in .pdf format with no loss of visual quality. |
2005/1/7-8 [Computer/SW/SpamAssassin] UID:35595 Activity:low |
1/7 So, is TinyP2P really only 15 lines, or should we include the numerous imports? \_ It's written in Python, what do YOU think? \_ I think some humorless people don't get things. -op \_ import spam, spam, spam, spam, spam, spam, spam, spam # I think |
2005/1/7-8 [Computer/SW/SpamAssassin] UID:35594 Activity:nil |
1/7 How do I have spam assasin dump spam to /dev/null? \_ In your .procmailrc, just put /dev/null instead of the name of your spam folder. |
2005/1/1-2 [Computer/SW/SpamAssassin] UID:35510 Activity:high |
12/31 Uh, is it me, or it seems that the spammers are getting better and getting through spamassassin, a lot more frequently in the past few weeks? \_ ifile \_ Alas, no. Most of the things I have getting through SA are dictionary attacks that fuck the Bayesian net. Ifile, which _only_ depends on this will do even worse. \_ Using the two in combination gives near perfect results. \_ What does ifile do that the SA Bayesian code doesn't? \_ Not sure, but I'm not having any problems with spam. The one thing I can claim is that the ifile database is vastly smaller on disk than SA; currently it's < 300Kb. |
2004/12/27-28 [Computer/SW/SpamAssassin] UID:35452 Activity:low |
12/27 Why did spamassassin suddenly stop working? \_ it might not be working for you if you are over quota. \_ I am under quota. \_ Spamassassin has built-in anti-hozer technology. You are a hozer and spamass knows! It doesn't like you! \_ It works again now w/o me changing anything. |
2004/12/25-27 [Computer/SW/SpamAssassin] UID:35439 Activity:nil |
12/25 Anyone else notice spammers being out in full force the last couple of days? The amount of spam that has gotten past the spam filter seem to have increased ten fold. \_ The last two weekends, definitely. I've also seen a number of email services being crushed because of bounces to forged From addresses. Bad shit. --scotsman |
2004/12/18-20 [Computer/SW/SpamAssassin] UID:35350 Activity:nil |
12/18 Why is shit like "replica watches" still getting through SpamAssassin? Aren't the rules updated regularly? And how do I increase the number of points that the Bayesian filter can add? thanks. \_ perldoc Mail::SpamAssassin::Conf As for why, look at the report of tests failed in the message header. It will always be easier to defeat filters than to detect spam; detecting spam is an unbounded problem. -tom \_ Like NMD. |
2004/12/10-11 [Computer/SW/SpamAssassin] UID:35239 Activity:high |
12/9 Does anybody have a bunch of spam (sent to a soda address) I can feed to my Bayes spamassassin routine? -- ulysses \_ /csua/tmp/mail/scotsman/spam.* \_ /csua/tmp/scotsman/mail/spam.* Tons... --scotsman \_ directory does not exist? \_ fixed. \_ wow, thanks! (LOTS of spam indeed!!!) \_ I remember the good old days when most/all of my spams were filtered. Nowadays, I get an average of of 20+ spams a day. :( \_ The server http://zog.net runs on has a combination of a few (fairly conservative) blacklists, Postfix with greylisting, and rate limiting for inbounds coming from any given IP (really harsh limits set for any APNIC IP.) The spams are kept to a tiny minimum, especially after greylisting and setting a 2/second limit for the Asian addresses. -John \_ Got a pointer as to how to set this up??? \_ What do you mean by "set this up". What do you wish to do? -- ulysses \_ Someone set us up the spam! \_ I want to enable bayesian filtering on my mail spool. \_ Oh...The short version is, if you are using SA, it already is unless you've turned it off in your userprefs. SA requires training on a minimum 200 hams & 200 spams before it will begin adding Bayes-based scores, though. You can adjust these minima in the userprefs. Email me if you want to here more or google for sa-learn. -- ulysses want to hear more or google for sa-learn. -- ulysses |
2004/12/4-5 [Computer/SW/SpamAssassin] UID:35169 Activity:nil |
12/3 Is oxford-royale.co.uk valid? Or is this a new spam/phishing scam? |
2004/12/2-4 [Computer/SW/SpamAssassin] UID:35153 Activity:nil |
12/1 If somebody has a procmailrc that *appends* list-serve messages to an existing mailbox file, I would like to see it. I only see how to copy msgs to a dir, each as a separate file. I have STFW and am apparently between two highly separate quanta of procmail fu. --ulysses \_ i don't understand your question. if you don't specify any rules, procmail will filter all your mail into one file. if you specify another rule, it will filter the filtered mail... into a file, appending the new messages to the existing messages in the file. what can't you do? \_ Never mind. I found what has been wrong all this time. It had to with the fact procmail cds to $MAIL as soon as that variable is declared. Thanks. \_ MAIL = /home/username/mail ### bugtraq :0c: * ^List-Id:.*bugtraq.list-id.securityfocus.com.* $MAIL/bugtraq |
2004/11/22-23 [Computer/SW/SpamAssassin] UID:35027 Activity:kinda low |
11/22 wow... first spam utilizing figlet-style letters. bastards ____ ___ /\ _`\ /\_ \ \ \ \L\ \ ___\//\ \ __ __ _ \ \ , / / __`\\ \ \ /\__`\\ \/\'\ \ \ \\ \ /\ \L\ \\_\ \_/\ __/\/> </ \ \_\ \_\ \____//\____\ \____\/\_/\_\ \/_/\/ /\/___/ \/____/\/____/\//\/_/ \_ spamassassin didn't mark this as spam. |
2004/10/28-29 [Computer/SW/Database, Computer/SW/SpamAssassin] UID:34416 Activity:nil |
10/28 Re: "spamassassin going over quota" thread below, I will restate: Try ifile. It's an excellent bayesian filter whose database currently uses less than 230K for me. \_ I tried setting up ifile. It was that much more complicated and didn't work nearly as well as sa once I did. YMMV. Still, if sa is going to consistently involve up to 10M of reference files, I may give it another go. I have only so many hours to burn on this stuff, though. I am not the sysadmin from a couple of days ago who "works 1.5 hours a day". |
2004/10/24-25 [Computer/SW/SpamAssassin] UID:34316 Activity:moderate |
10/24 Is everybody getting spams purportedly from SBC that ask you to click at some http://sbc.m0.net/xxxxxx ? The emails look legit enough and SBC does have my my soda email, but I explicitly opted out from any updates and the link address looks suspicious. \_ It's known as "phishing", is very common (especially to try to collect bank/login details for some official-looking page), and often uses some sort of browser exploit to make you think you're at a legit page (in this case obviously not.) -John \_ <DEAD>m0.net<DEAD> is a domain used by Digital Impact, which is a legit email marketing company that makes suspicious URIs http://www.digitalimpact.com/clientslist.php \_ Don't you just hate it when companies do that? I got a mail from ETRADE through <DEAD>p0.com<DEAD> and thought it was fake, so I forwarded it to security@ and got a reply saying that it's real. No matter. I always go to their site directly and find where I need to go, even when they give me a link. \_ Since I explicitly opted out of everything when I signed up, is SBC risking big fines by spamming me, or is there always an escape clause for big companies? -op \_ What they usually do is add a new class of message that you have to opt out of. It is very unlikely you'll successfully sue them. -tom \_ Maybe you should ask a trial lawyer |
2004/10/23-24 [Computer/SW/SpamAssassin] UID:34313 Activity:kinda low |
10/23 Oh great... now I'm getting tinfoil spam from both the left and the right. All of you please die. Thank you. \_ Didn't CAN-SPAM (or something similar) have some provision allowing for "informative messages" from politicians? Tee hee. -John |
2004/10/23-24 [Computer/SW/SpamAssassin] UID:34310 Activity:nil |
10/23 Okay, I'm now getting a couple of spams per week offering me deals on Rolexes. Wtf? The guys at the gas stations bought computers? |
2004/10/14-16 [Computer/SW/Database, Computer/SW/SpamAssassin] UID:34119 Activity:nil |
10/14 I've been getting some errors trying to mark spam in spamassassin the last few days. "Cannot open bayes databases [...] Inappropriate file type or format." RTFMing seems to indicate that I need to migrate my bays_tok database using the BerkeleyDB db_dump program, but I can't seem to find this executable. Pointers to the program or alternate solutions appreciated. Thanks! \_ db3_dump might be what you're looking for -dwc \_ did they install spamassassin 3.0 on the machine you're using? it seems like in 3.0 the bayes database format changed, so you need to retrain. need to retrain. |
2004/10/7 [Computer/SW/SpamAssassin] UID:33966 Activity:nil |
10/4 There's an email account I created and used for donotcall.gov and today I started getting spam on it. What happened??? |
2004/10/6 [Computer/SW/SpamAssassin] UID:33948 Activity:moderate |
10/6 in honor of Rodney, " i get no respect, i get spam automatically rejecting me for home loans " \_ " i get no respect, i get spam asking me to turn off my webcam" \_ I hear that they're donating his body to science fiction. No respect, I tell you, not even in death. (RIP) \_ "I get no respect, my MOTD trolls don't even get nuked." \_ "I get no respect, <DEAD>Make-my-penis-grow.com<DEAD> thanked me for buying from http://TeenGirlz.com" |
2004/9/26-27 [Computer/SW/Languages, Computer/SW/SpamAssassin] UID:33760 Activity:high |
9/26 What's the line for .forward to send incoming mail via procmail, and _then_ forward to a@b.com? \_ A .forward file isn't powerful enough for that. Do it all from procmail instead, by adding this to the end of your .procmailrc: :0 ! a@b.com \_ That will eventually create a mail loop that's not detectable by sendmail. \_ Erk, cool, thanks. Any way around this? -op \_ i use the following in my .procmailrc... if this can still create a mail loop, please let me know how to fix it: :0c: *!^FROM_MAILER ! a@b.com \_ Use something like this: :0f *!^X-Loop: yourname@csua.berkeley.edu | formail -A"X-Loop: yourname@csua.berkeley.edu" :0ac ! a@b.com Some comments: 1) there is no need to use locks since you're not writing to a file. 2) The "X-Loop: yourname@csua.berkeley.edu" header keeps track of whether this message has been forwarded before. 3) You can combine this with any other rules you have on your mind. 4) these two recipes must be listed strictly in this order (see the meaning of "a" flag). I have been using the plain "!" recipe without any checks before and got burned many times and as a mail sysadmin I have seen lots of users get burned by this too. The problems usually start when the <DEAD>b.com<DEAD> refuses to accept mail for some reason. Then sendmail will attempt to deliver the bounced message to your mail box. But since you have a procmail rule that tries to forward everything to the other host, it will keep forwarding mail until your csua account goes over quota. Your *!^FROM_MAILER rule might work fine for this purpose too, but it will fail to forward messages that were mail errors that didn't appear as a result of a failed mail forwarding attempt. \_ thanks! -FROM_MAILER guy |
2004/9/20 [Computer/SW/SpamAssassin] UID:33631 Activity:nil |
9/20 If I create an online comment form, do I have to worry about a robots.txt to prevent spiders from sending lots of blank comments? \_ Don't worry about it, robots don't do "submit". \_ More accurately, the robots that pay attention to a robots.txt file don't do submit. However, many blogs are being inundated with comment spam from robots. I think some of the popular weblogging software has tools to minimize this. |
2004/9/8 [Reference/RealEstate, Computer/SW/SpamAssassin] UID:33421 Activity:nil |
9/8 Can someone please explain the following spam that I just received: "Any prime minister can bounce apartment building beyond marzipan, but it takes a real freight train to sheriff living with.Any short order cook can seek related to satellite, but it takes a real bubble to toward midwife.And befriend the dark side of her philosopher." ??? What is this an advertisement for? \_ umm, that's just some random text to fool spam filters. the real pitch is probably an html attachment or graphic or something. \_ Nothing was attached. \_ It's most likely an address miner. It didn't get bounced, so it was sent to a valid address. \_ No need to send any text in that case. |
2004/8/30 [Computer/SW/SpamAssassin] UID:33226 Activity:high |
8/30 I just got a spam that included references to Empedocles and Anaxagoras in order to get past the spam filter (it obviously got through). \_ You need a permit to hold a protest in a public park. \_ Are you sure it wasn't just email from psb? |
2004/8/9 [Computer/SW/SpamAssassin] UID:32773 Activity:kinda low |
8/9 I am looking for tools which removes email attachments from the mailbox while leave the rest of the email text intact. Does such thing exists? \_ what mail format? \_ command line or graphical? you can do this with procmail \_ You can also do it with mutt. \_ procmail \_ standard RFC-compliant mailbox format. I thought about procmail. I would like to do the following: change all HTML to text (lynx), all the WORD document into pure text. and... use iconv to change non latin character set to UTF8. Procmail wizard... show me example(s) please? --OP |
2004/8/6 [Computer/SW/SpamAssassin] UID:32747 Activity:moderate |
8/6 I'm sending a reminder mail out with cron. So I used the: mail recpiant@nowhere.com < email command. This works but I don't get a subject. How can I send my email with a subject? No, this isn't Spam. -jrleek \_ mail -s "Make money fast" recpiant@nowhere.com < email \_ but make sure you are using /usr/ucb/mail since /usr/bin/mail doesn't have the -s option \_ as if any spammer is doing that. \_ Well I needed a sample subject line so I decided to make fun of his assertation that he wasn't spammming. |
2004/8/6 [Computer/SW/SpamAssassin] UID:32734 Activity:nil |
8/5 spamassassin 2.64 installed; bugs to mconst. |
2004/7/19-20 [Computer/SW/SpamAssassin] UID:32365 Activity:high |
7/19 Why SpamAssassin is totally doomed: http://cockeyed.com/lessons/viagra/viagra.html \_ This was already posted, and it was stupid the first time. \_ AFAIK, this is the third time someone posts this link. (first one was months ago) \_ I don't know about you, but I found Spamassassin does a pretty good job as it is. \_ anyone who tried to combine Chinese Word segmentation methods and spamassassin so it can be used to filter out Chinese junk? |
2004/7/3 [Computer/SW/SpamAssassin] UID:31153 Activity:very high |
7/3 Does Soda's spamd check against Razor and DCC? On my own server, I was getting 20-30 spams per day and when I added DNS/RBL checks, now I get about 2/week. I rarely get Spam on soda, so I'm guessing the answer is yes. \_ read the spamassassin score. the answer is there. |
2004/7/2-4 [Computer/SW/SpamAssassin] UID:31126 Activity:high |
7/2 I notice that in my .spamassassin directory, there is a 5 Meg file called bayes_toks. I _do_ understand why it is there. But, there is another 5 Meg file called bayes_toks.expire84232. And there are 4 other bayes_toks.expire files of varying size. Why are they there? Can I delete them? My spamassassin dir takes up nearly 13 Megs. I gather that the expire files can be deleted. I believe that I hit my hard quota while spamc was running, leaving these orphaned files. Assuming this to be the case, how do I stop spamc from auto-learning? \_ So, I noticed that in my messages that were classified as spam, it said "autolearn=no", but in those classified as ham, it said "autolearn=ham", so I thought that the expire files are created while it's trying to auto-learn. But in fact, it seems that it's when I receive spam (at least in one case) that it creates the expire files. What is it doing when it is creating bayes_toks.expire files and how do I get it to stop? I just want it to filter my mail. Why should it create any files? I can sa-learn it on my own time. -op \_ autolearn=no means spamassassin doesn't know whether it is spam or ham. You need to train spamassasin manually with that message. According to the global setting in /usr/local/share/spamassassin/10_misc.cf Any mail with score > 12 is learnt as spam. Any mail with score < 0.1 is learnt as ham. \_ http://csua.org/u/80t \_ this is a good example of why url shortening can be bad. \_ I don't think it's terribly bad, but if it makes you feel better, I've changed the result page for shortcutting so it shows Title: link for easy copy-and-pasting of the whole thing. It won't necessarily end up shorter than the original that way, but it will possibly be more informative. --dbushong that way, but it will possibly be more informative. --dbushong |
2004/6/30-7/1 [Computer/SW/SpamAssassin] UID:31102 Activity:high |
6/30 http://www.mailinator.net/mailinator/Welcome.do Can be very useful. After http://bugmenot.com, this looks like a very neat site. \_ This is cool. You might also like http://spamgourmet.com (which doesn't make your email public, and doesn't delete it after a few hours; however, it does require you to sign up). \_ or sneakemail. \_ I don't get it. Why not just create a specific spam account and use that for these throwaway things? Seems easier than dealing with these services. |
2004/6/30-7/1 [Computer/SW/WWW/Browsers, Computer/SW/SpamAssassin] UID:31094 Activity:nil |
6/30 Gmail Q: I already got my first peice of uncaught spam. I'm not 100% sure from the subject, though, so I want to open it. I don't want to read any images from their server (obvi) and I don't see a config setting for that. Is there one that I have just missed? \_ gmail doesn't seem to show me images by default anyways. \_ You can't use lynx or elinks? |
2004/6/30 [Computer/SW/SpamAssassin] UID:31080 Activity:insanely high |
6/30 Fucking spammers. Even after using spamassassin and using sa-learn on every single spam I get, I still get about 10 a day. I seriously hope those guys get a nice ass raping in jail. \_ Thanks for sharing. \_ I firmly believe that the only solution to the spam problem will be vigilantism. And I mean hiring a guy named Vinny to go break a spammer's thumbs. \_ fuck vinny, send in the special forces \_ We used to talk about this in grad school a lot, going to find the script kiddies who broke into our machines. We thought we'd figure out who it is (== snot-nosed 14 year old from Ohio), take a roadtrip, and surprise the kid's parents when they'd come home and find their kid duct-taped, spreadeagled, upside down attached to their garage door. \_ Cf. The Big Lebowski \_ why are you workstations on public net? NAT is exists in part to protect people like you from yourselves on the dangerous public network you're not ready for. \_ You can still click a mouse without a thumb. \_ "If you disable your enemy's hand, he cannot press a button. Medic!". \_ I run something that works. All that's slipped through in the last month are 3 0 body messages and 2 spams. So keep looking, maybe you'll find a spam filter that works for you. \_ I use SA. About 1 spam per week makes it to my inbox. The rest goes to my spam folder. About 1 ham per month gets in the spam box. \_ You manually go search for ham among hundreds of messages? |
2004/6/22-23 [Computer/SW/SpamAssassin] UID:30961 Activity:nil |
6/22 How do I get rid of the header of a message in procmail? I want to take only the body of a message and save it to a file/folder. \_ Use ":0 b" at the beginning of the rule instead of just ":0". |
2004/6/22 [Computer/SW/SpamAssassin] UID:30949 Activity:high |
6/22 Simple mail question: How do I set up .forward to only forward mail that has passed my spamassassin filter? (I want a copy of my mail to go to my yahoo account) \_ Read up on procmail \_ set up procmail to stick all email flagged as spam in your spam folder on soda (or stick it in /dev/null) and have your last procmail rule be 'forward your mail to your yahoo account' \_ Got it, thanks! Procmail is sweet. \_ How can you have unix based email and not use procmail? \_ Was using it but had cut and paste a recipe together, finally took the time to read up on it some more \_ Excellent. The motd is a good place for procmail help if you're not asking RTFM questions. |
2004/6/18-19 [Computer/SW/SpamAssassin] UID:30913 Activity:high |
6/18 Goddammit! What is up with soda's spam blocking??? 50 German messages in a day! Didn't happen last week! \_ you only got 50? lucky you. i'm getting 300/day... \_ Try saving a bunch of them (at least 50) to a file, and run sa-learn --mbox --spam filename \_ and I'm getting them at work now... \_ Forward all of them to uce@ftc.gov. |
2004/6/17 [Computer/SW/SpamAssassin] UID:30856 Activity:very high |
6/17 Is spamassassin broken?? I'm getting tons of German messages in my mailbox (yes, I have the proper .procmailrc set up). This is recent as of this week. \_ No, Spamassassin just sucks. But seriously, the german spam has taken a lot of antispam people by surprise. Run them through SA's Bayes filter. A few should do it. \_ SA caught the German spam for me. SA has worked great for me for years. I don't understand what the rest of you are doing to make SA not work. \_ Geben Sie ihr grosseres etwas! |
2004/6/16 [Computer/SW/SpamAssassin, Computer/SW/Unix] UID:30838 Activity:very high |
6/16 It's not in any way against CSUA policy to have procmail check your quota each time it runs, is it? \_ Why would it be? \_ I think the quota file might be a bit of a chokepoint for the filesystem; probably bad if everybody were to do it. Perhaps try du -d1 instead? \_ du -d1 is way more impact than quota. -tom \_ Yeah, wow. Use your head: with quotas on every filesystem op results in a quota check; how can it be high overhead? \_ Please correct me if/where I'm wrong: quota files are maintained at the root of each file system, and, empirically, I've noticed that quota results are cached: quota -v; rm reallyBigFile; quota -v; sleep; quota -v; I imagine this cache resides at the FS root as well, so hundreds of users x hundreds of spams = 1000s of writes to the quota cache = possibly slow disk access. Different cases possible with softupdates and/or kernel-based memory cache. \_ Quotas are kept in memory, in the kernel; you can access them with the quotactl system call. There are quota files at the root of each filesystem too, but they're only used to initialize the kernel's quota information at boot time. Since it's all stored in memory, updating the quota information when you create and remove files is trivial. You only see delays because soft updates is delaying the actual writes to your files, and thus delaying the quota updates too -- on systems without soft updates, quotas update instantly. --mconst \_ you could have verified this yourself by using the "time" command to see that du -d1 takes an order of magnitude longer than quota, instead of sounding off like a moron. -tom \_ great way to encourage discussion. you rock! \_ That suggests that although writing/deleting lots of spam could load the system (which we already know) lots of people reading the quota file will probably not be a big load, or at least not any worse than reading a file of spam-filtering rules. \_ depends on your personality \_ I'll take this discussion as "No, it's not against policy". \_ you can take it that way (i would) but just be sure you don't end up a hoser; that's the policy you need to worry about here. - erikk |
2004/6/12-14 [Computer/SW/SpamAssassin, Computer/SW/Unix] UID:30772 Activity:high 64%like:30791 |
6/12 I'm going to switch my dsl provider this month and the new guys don't offer webmail. Does anyone know of a cheap (~ $5/mo) web mail provider who is reasonably reliable? I've been told to take a look at .Mac, but I'd like to hear other suggestions. tia. \_ I use http://totalchoicehosting.com and have mail (imap, pop3, webmail) as well as www and ftp. Starts at $4/mo. \_ thanks I'll take a look. \_ gmail \_ I'm not interested in free services that read your email and stick stupid ads in the messages. I also don't want to have a bunch of junk cluttering up the web ui. \_ the ui is really nice, not cluttered, the ads are very subtle, and it doesn't _read_ your mail, unless you think just having your data on their servers means "reading"... it's on-the-fly keyword triggers, not "reading." \_ How is the spam filtering on gmail? \_ Are you either a google employee or a friend of one who is likely to materially gain from friends-and-family options in the IPO? On-fly-the keyword triggers means they had to scan my mail. I don't care if they did it when it came in, when it was sitting on their servers or "on-the-fly" when I read it. They're still reading for content. \_ wow, so what do you think the other webmails do when they scan for viruses? Or is that somehow, not reading the content? \_ they're scanning for my benefit for something I would do for myself. google is scanning for their benefit to insert ads which is something i would not do for myself. the difference should be obvious to anyone not likely to gain financially from google's sucess. again, are you an employee or other person likely to benefit from the google ipo or other google successes? \_ I guess I wouldn't be scanning my mail, since I don't run windows.... but no, I don't have any stake in google at all. \_ Followup. Has anyone heard of http://his.com or webserve.ca? Both seem to provide web mail for around $5/mo. |
2004/6/11 [Academia/Berkeley/CSUA/Motd, Computer/SW/SpamAssassin] UID:30756 Activity:nil |
6/11 Anybody know what's the story with all this new German spam? At least it is easy to filter. \_ Now that you have discovered the German spam we will have to kil you. \_ you deleted my post. Please use motdedit if you're not going to be careful. \_ do you have any idea what happened to the last guy that whined about his post and motdedit? |
2004/5/29-31 [Computer/SW/SpamAssassin] UID:30489 Activity:moderate |
5/29 Using the required_hits field in spamassassin sorts between spam and ham. Suppose I want it sorted into 3 ways. Anything over 10 is considered definately spam and deleted. Anything between 4 and 10 is considered maybe spam and saved to a file. And anything less than 4 passes through. How can I do this? \_ With a procmail recipe that looks for 10 or more "*"s in the spam hits header line and /dev/nulls those. \_ Thanks! \_ http://csua.com/?entry=11401 Specific usage \_ why the 7th '\' in that example? \_ if you need help chaining the rules http://inst.eecs.berkeley.edu/cgi-bin/pub.cgi?file=procmail.help \_ Thanks. I understand why there are 6 '*'s, each preceeded by a '\', but why is there a 7th '\' at the end? \_ Looks like a typo to me |
2004/5/27-28 [Computer/SW/SpamAssassin] UID:30456 Activity:moderate |
5/27 Spammer sentenced to 3.5 to 7 years. http://www.reuters.com/newsArticle.jhtml?storyID=5278816 \_ Yay! Does he get a free ass raping? Maybe he needs some m'ed'is(in3 40r mak-in(g h}i{s pe-ep&pee bi^gg$er! \_ Wasn't that the idiot who couldn't even make any money off his crappy identity theft/spamming scheme? \_ perhaps a better sentence would be to make them stay in jail until they've read every single email they ever sent out. \_ that's not harsh enough. |
2004/5/25-26 [Computer/SW/SpamAssassin] UID:30419 Activity:very high |
5/25 Has anyone noticed spamassassin missing quite a few recently? \_ yes, many. Been gathering them to train the bayesian filter, hope that will help. It's been quite a while since the last release... \_ Just installed the most recent yesterday and it's 20/20 correct and no false positives of about 75 in. \_ do you mean 2.63, or is 3.0 out? \_ 2.63. I briefly considered 3.0alpha/beta but I prefer that it just work. |
2004/5/25-26 [Computer/SW/SpamAssassin] UID:30410 Activity:high |
5/25 Phish to break up. YAY! http://www.cnn.com/2004/SHOWBIZ/Music/05/25/phish.breakup.ap/index.html \_ But think of the poor acid dealers! \_ There's always more users. No one ever OD'd on acid. |
2004/5/24 [Computer/SW/SpamAssassin] UID:30389 Activity:high |
5/24 If Mlocal is configured to use procmail, it will use my .procmailrc file without explicitly piping to procmail via .forward, right? \_ It's sort of the wrong question (You don't configure Mlocal to use procmail. You add Mprocmail.) but yes. |
2004/5/21 [Computer/SW/SpamAssassin] UID:30341 Activity:kinda low |
5/21 In the following procmail example (found on a procmail help page), is there any reason for the extra ':' on the first line. What file is being locked? Even if one of the actions were writing to a file, wouldn't it be sufficient to just have the extra ':' right before that particular command, and NOT before the '{'? :0: # forward jokes to my wossamatta u. account * ^From.*bob * ^Subject:.*(joke|funny) { :0 c ! rocky@wossamatta.edu :0 | lpr -Pacsps } |
2004/5/20-21 [Computer/SW/SpamAssassin] UID:30333 Activity:high |
5/20 Stupid procmail question from a procmail newbie: Sometimes a line has ':0'. Sometimes it's ':0c:'. What's the significance of the 2nd ':'? \_ http://www.zer0.org/procmail/mini-faq.html#syntax-colon \_ Thanks! -op \_ OK, so this isn't working for me. I want, under a certain condition, for a message to go to a certain folder AND be forwarded to a certain address. I have: :0 * condition { :0c: ${MAILDIR}/file :0 !name@domain.com } Any idea why this doesn't do what I want it to? \_ Are you sure your condition is correct? \_ Yeah. It actually works. I was confused. The problem is in the log file. It only seems to log the last command. So, in the case above, it logs that it forwarded the mail, but not that it saved it to the file. It would be nice to log both, not only the latter. \_ There's a "VERBOSE" option for .procmailrc which should come in handy. Just turn it off when you're done or bounces will show to senders. \_ You can use AND clauses \_ Isn't that only for the condition? Or can one use that for the actions too? :0 * condition !name@domain.com :0 A: ${MAILDIR}/file \_ This doesn't work, but thanks. It only logs the 1st action, and it doesn't seem to even do the 2nd. \_ I'm getting a lot of SPAM at root on one of my computers. Is there a good procmail rule to say "only accept mail from my domain, say http://berkeley.edu, and unqualified names, like those that may orginate on the local machine? :0 : * ^From:.*berkeley.edu $MAILDIR # send all other mail to dev null :0 /dev/null \_ Wont this trash mail that come from just "root" with no @ sign in the From field? \_ special case it. |
2004/5/11-12 [Computer/SW/SpamAssassin] UID:30173 Activity:high |
5/11 Is there a sure way to sign an email up for lots of spam? \_ yeah I need to know too, my roomate fucked my my car and wouldn't pay for it \_ go sign up for a bunch of downloads online (quicktime, real audio, http://downloads.com, etc.), put down his email, then click "Yes, send me more information via email!" \_ But I want to have really BAD hardcore spams showing there, not just some legitimate but annoying promotinal offers. \_ try porn sites, posting to newsgroups. maybe try signing up for a hotmail account (which is a magnet for spam) and then have it forwarded to his email accout. \_ troll some newsgroups. \_ How do I tracelessly forge email address? Doesn't my ip get recorded and sent along as part of the header? \_ what do you care? do you think spammers check for spoofed headers when they try to harvest email addresses? \_ Well, maybe someone will google his email addr and find a forged posting under his name. |
2004/5/6 [Politics/Domestic/California, Politics/Domestic/President/Bush, Computer/SW/SpamAssassin] UID:30047 Activity:high |
5/6 Guys guys, PLEASE!!! 1 or 2 political posts are ok, but 8-10 posts on why Bush sucks, how his rating's decr, what he's doing wrong, that even the Rep. are losing faith, etc etc. is just too much. Most of the Sodans already hate eBush and are not gonna vote for him anyways, why not post something interesting and original? We have enough trash and spam to deal with already, please be nice and stop the motd spam. \_ learn to ignore shit if you don't want to read it. \_ Learn how to nuke the motd. |
2004/5/3-4 [Computer/SW/SpamAssassin] UID:29966 Activity:insanely high |
5/3 I just got some spam saying that Ed Meese is running for President. Is this true? \_ I just got some spam saying, "UR DIKI IZ 2SMAL $D GIRLZ! UZE V'I AG'ReA FRUM M3 2 MAEK B1G DIKI!!". Is this true? \_ What will Warren Buffet say about this? |
2004/5/3-4 [Computer/SW/SpamAssassin] UID:29963 Activity:high |
5/3 How good is gmail's sperm filtering? I've considered stress-testing it but it seems a shame to spoil a spam-free account for an experiment. \_ you could make a sneakemail address and have it temporarily forward spam to your gmail account. --jameslin \_ I don't think gmail can filter any sperms. |
2004/4/26-27 [Computer/SW/SpamAssassin] UID:13395 Activity:nil |
4/26 Someone is using my domain as a return address to send a whole lot of spam (if the bounce messages I am receiving are any indication of quantity). I know this because I receive any mail sent to my domain. Is there anything that I can do about this? The bounce messages are annoying but I am most concerned that I will end up on many spam filter black lists as a result. Thanks for your useful and humorous suggestions, \--mrehrer \_ many bounce messages contain the bounced message attached, complete with headers. this lets you have some idea of who is behind the spam. if you can shut down enough of their accounts, maybe they'll get the message and pick on someone less troublesome. \_ rofl... do you really think they keep their accounts a long time in any case? Do you really think they know, or even care who reports them? No. They PLAN on having throw away emails, hosts, spam relays, etc. \_ rofl... you're an idiot. note the part where i said maybe. a lot of this does depend on the particular circumstances, but most spammers do have to perpetually try to stay one step ahead, so why have more meddling than necessary if they can just pick on an easier mark? op may want to try a service like spamcop with a little more clout than the average joe. \_ If they're being hosted at a Good place, then sure, you might have a chance of shutting them down. If they're on your system, then sure, you can shut them down completely. If they're just using your domain as the nominal return address, and they're not hosted by a Good place, you may very well be SOL. Unless, of course, you can find their Snail Mail address and make it physically unbearable to continue. \_ You may want to contact Matt Seidl (seidl@soda). He involved himself in a lengthy lawsuit over exactly this sort of thing a number of years ago. I don't know how his efforts panned out. He used to keep a web page following events. -- ulysses \_ http://www.wraith.com/seidl/lawsuit |
2004/4/26 [Computer/SW/SpamAssassin] UID:13387 Activity:nil |
4/26 Most spams/frauds are easy to spot, but what if someone from Africa wrote you with professing interest in buying stuff that your biz advertises? Should one discount everything from Africa? \_ Has anyone ever actually replied to one of those spam emails asking for help transferring funds? What happens when you contact them? Do they then ask you for some money? \_ there are actually whole websites devoted to this topic. there are pictures of these people posing with the nigerians too. stfw for 419 related stuff. \_ http://419eaters.com is my favorite. \_ I would personally not take the risk, since it is probably 90% likely to be a scam. But if you do decide to do business with an unsolicited customer from overseas, make sure you have cash in hand before sending merchandise. Not a cashiers check, either. \_ Seconded. You could also use an escrow agent. \_ Use http://www.escrow.com I was ripped off by a phoney escrow agent that a seller suggested to me. \_ What's wrong with a cashier's check? \_ They can be faked. Even if your bank puts the money in your account, then can still take it back if the check comes back phoney. \_ Damn! I didn't believe this, googled a bit. That's pretty depressing, so many gotchas out there... *sigh* http://www.craigslist.org/about/scams.html So is there any way to quickly check whether a cashier's check is valid or not? Why can't this be immediate? \_ Did you hear about the guy who got $100K in cash from a phony check? \_ Yeah! And then she dried her dog off in the microwave oven and he exploded and turned into an alien and ate her spine! \_ Uhm, it's actually a pretty well documented story. \_ I always thought cashier's check is as good as cash, and that when I send out one I always assumed it's gone. Guess regulations are always designed so that only criminals can take advantage of it. |
2004/4/20 [Computer/SW/SpamAssassin] UID:13278 Activity:nil |
4/20 I got this on a spam's subject: "cum like a port actor". What is a "port actor?" \_ Port actors will destabilitze the whole middle east. \_ If it's anything like aft actor, I'd be amazed. \_ It's someone who performs a porn star-boarding. |
2004/4/19 [Computer/SW/SpamAssassin] UID:13270 Activity:nil |
4/18 How are the bayes_seen and bayes_toks files updated in my homedir? (I filter my mail through spamc). \_ spamd changes to your uid and updates them. This assumes that bayes_auto_learn is turned on in spamassassin's configuration file, and that a piece of spam is above the bayes_auto_learn_threshold_spam value or, conversely, a piece of nonspam is below the bayes_auto_learn_threshold_nonspam value. If they're not set to your liking in the systemwide spamassassin configuration file, you can turn them on in your ~/.spamassassin/user_prefs file. Of course, auto learning doesn't do much good since it's only going to learn stuff that is *definitely* spam or *definitely* not spam, and spamassassin can already identify those. Consider manually running sa-learn --spam on your spam folder if you have one, and sa-learn --ham on your non-spam folders. It really helps. -dans |
2004/4/6 [Computer/SW/SpamAssassin] UID:13028 Activity:low |
4/6 Did something happen recently to spamassassin which causes it to put annotated spam in your inbox instead of your ~/spam directory? \_ Check yer quota dude. |
2004/4/5-6 [Computer/SW/SpamAssassin] UID:13026 Activity:nil |
4/5 [spam is not intriguing] \_ Everthing happens according to God's holy plan. There is a deeper message to your spam that you would realize if you only opened your heart. |
2004/4/2-3 [Computer/SW/Languages/Misc, Computer/SW/SpamAssassin] UID:12993 Activity:nil |
4/2 Interesting. Now I'm seeing spams that consist entirely of HTML mail containing Javascript code that reads characters from a numerical array - the spam consists of little more than a list of numbers. Funny that spam detection techniques have slowly pushed the spammers into making their mail illegible. \_ but that's easy enough to filter. what legitimate reason is there to allow javascript in email? (heck, I still think there are few good reasons for HTML mail at all...) \_ I think rich-text-format is good enough. No need to go HTML. \_ there was never any reason to allow html in email. or really i should say the disadvantages overwhelm the minor advantages. |
2004/4/1-2 [Computer/SW/SpamAssassin] UID:12980 Activity:high |
4/1 Spammer gets seven years in prison: http://uk.news.yahoo.com/040402/325/eq4ri.html \_ Should be shot. |
2004/3/19-20 [Computer/SW/SpamAssassin] UID:12760 Activity:nil |
3/19 I now have a 10mb LSPAM file. Can I get rid of this thing so I don't have worry about my quota anymore? \_ man rm \_ Were you trying to amass a decent body of spam, or is that just the result of using ifile/spamassassin? If a), then just train your categorizer and delete. Otherwise, delete. |
2004/3/18 [Computer/Companies/Yahoo, Computer/SW/SpamAssassin] UID:29873 Activity:moderate |
3/18 How is it that I attach a 167k jpeg to send via yahoo, and once it's attached, it's now 222k? \_ because it encodes the file in a format that isn't as compact \_ So when yahoo or hotmail says there is a 500k limit on the size of an attachment, are they referring to the original, or the encoded version? \_ because it came in contact with one of the spam mails advertising to grow your member. |
2004/3/16 [Computer/SW/SpamAssassin] UID:12697 Activity:nil |
3/16 How do I tell spamassassin that if it sees certain subject, To: field, or whatever, to increase the number of spam points? \_ Put it in your user_prefs. RTFM. |
2004/3/16 [Computer/SW/SpamAssassin] UID:12694 Activity:high |
3/16 If you knew someone was a spammer (a stranger), would you want to beat the person up? \_ was it good spam or bad spam? \_ can any spam be good? \_ spam & eggs. yum. \_ I'd throw a can of SPAM through their window. \_ And waste a perfectly good can of spam? \_ there's an infinite supply. no worries. \_ Here is an interesting question to full time spammers (people who get paid writing and sending spam). WHAT THE HELL WERE YOU THINKING KNOWING THAT YOU'VE ANNOYED 99% OF THE PEOPLE? \_ I'm laughing on my way to the bank with the fortune I made from the other 1%. \_ I believe if just 1 in 100,000 respond, they profit. And there is no shortage of people who will do anything for a bigger penis. \_ Are you on the ROKSO list of known spammers? \_ Are there full time spammer on csua? I remember at least one member had a list of all soda email addresses on his web page. \ REALLY? I hope he was squished, right? \_ I would want to kill them. I believe in vigilante action against spammers. |
2004/3/15-16 [Computer/SW/SpamAssassin] UID:12665 Activity:nil |
3/14 Right, so spamassassin, while working like a charm, has generated a 2.5mb bayes_toks file. If I delete this, will I have undone every bit of learning the program has done? \_ umm, obviously? \_ no, it's only a backup. the real data is stored in zero-point energy fields. |
2004/3/6-7 [Computer/SW/Security, Computer/SW/SpamAssassin] UID:12550 Activity:kinda low |
3/5 This is fantastic. Free instant access no verification email account. See the page for details. http://www.mailinator.com/mailinator/Welcome.do \_ The first time a spammer runs a dictionary attack against them, they are toast. \_ Mmmm... pointless comment. \_ not my problem. it works right now. why would a spammer bother? everyone is a potential DOS victim on the net. \_ gee, why would a spammer bother to set up a bunch of free access no verification email accounts? I can't imagine... |
2004/3/4-5 [Computer/SW/SpamAssassin] UID:12514 Activity:nil |
3/4 When was the last time you were fooled in opening a spam? How were you fooled? \_ A couple weeks ago. Name was familiar, and subject was "hey". \_ spamassassin didn't catch it? \_ spamassassin is no god. it works pretty well. I haven't seen any filter can filter out spam 100% and easy to set up. My spams cerntainly got cut down dramatically. Only a few keeps fall through no matter how I keep using sa-learn on them. But it is definitely way better than when I only used procmail to filter them. \_ That Osama game sent via AIM a few weeks ago. \_ An eBay scam a month or two ago. It looked like it really was from eBay, but the URL wasn't a real eBay survey. I was pissed at myself for clicking on the link because I'm sure it verified my email. Oh well, haven't seen an increase in spam in spite of my worries. \_ don't worry, you will. |
2004/3/3 [Computer/SW/Virus, Computer/SW/SpamAssassin] UID:29850 Activity:nil |
3/3 HAHAHA. This virus mail was funny enough that I had to share: Dear user of http://Berkeley.EDU, Your e-mail account will be disabled because of improper using in next three days, if you are still wishing to use it, please, resign your account information. Pay attention on attached file. ["attached file" is something called Document.zip] \_ Kind of interesting to see a worm combined with a phishing scam. |
2004/2/12 [Computer/SW/SpamAssassin] UID:12224 Activity:nil |
2/11 What is the efficient soda way to use SpamAssassin? I have 7MB of related files in my home directory, which seems silly. a big spamassassin file, and then soem big files in .spamassassin/ \_ ifile \_ man spam \_ hey thanks, dickwads. Even more helpful though would be a direct answer. |
2004/2/10 [Finance/Shopping, Computer/SW/SpamAssassin] UID:12185 Activity:kinda low |
2/9 I'm planning to go to New Zealand at the very end of December. Can you recommend a local (Bay Area) travel agency? \_ Why bother with a travel agency? I've never understood this. \_ They can often get you better fares since they have allocations of cheap tickets long after you cannot buy them retail. \_ Good luck getting cheap tickets to new zealand for the end of December. \_ I got good prices from Air New Zealand's web site for my Nov. trip. Dec is more, but you should at least try there and make sure you can't get the ticks there cheaper than through an agent. But they do kinda spam the address I gave them. -crebbs \_ ANZ has a $999 roundtrip special running until Nov. to celebrate adding SFO to their route, but no specials after that. I'll keep an eye on them, though, thank you. --OP \_ Don't forget to bring your ozone layer. \_ At least I don't have to bring my own Hobbit clothing: link:csua.org/u/5xe (jpg) |
2004/2/6-7 [Computer/SW/SpamAssassin] UID:12145 Activity:nil |
2/6 I got a 'phishing' spam email. The phishing site gets DNS and registration from Yahoo Domains. I've tried emailing Yahoo to get them to revoke the registration, but no luck, and their phone trees are designed to prevent me from talking to anyone. Anyone know the super secret email or abuse phone numbers? \_ (408) 349-3300 x 0 \_ Tried that without the extension and got the runaround.... Ok, they gave me a different phone number that really just points to another branch of the same phone tree. That tree just sent me to a person who said "I can't do anything. Send us email." No wonder most companies sue first and ask questions later. |
2004/2/6 [Computer/SW/SpamAssassin] UID:12141 Activity:nil |
2/6 procmail folks: I'd like to filter a mail iff it matches 2 dif rules the below doesn't work, what should i do? (besides rtfm :) :0 * ^From: Mail Delivery Subsystem* * *Dis address be full, (myguysforward_address@@yahoo.com)* mail/trash \_ Put one rule and then in an inside block put the other rule. I don't know how deep procmail rules can go, but your case is easily handled. |
2004/1/31-2/1 [Computer/SW/SpamAssassin] UID:12048 Activity:nil |
1/30 Has anyone else been getting these creepy messages/spams from Word Of Mouth Connection? They say "someone is requesting information on you," but in order to find out who, you have to pay money. Seems like a total scam, and a seemingly very effective one as it plays on your natural paranoia. \_ sounds just like the secret crush/admirer spam. \_ Yes. And I've blocked about 12 of their domains so far. It's just spam shit. Here's my sendmail access file so the rest of you can avoid adding them one at a time: \_ http://www.choam.org/tbp/weblog/2003/11/26/000132 womc.info REJECT http://womc.net REJECT http://womc.com REJECT wordofmouthconnection.info REJECT <DEAD>wordofmouthconnection.net<DEAD> REJECT http://wordofmouthconnection.com REJECT wordofmouthreports.info REJECT <DEAD>wordofmouthreports.com<DEAD> REJECT <DEAD>wordofmouthreports.net<DEAD> REJECT <DEAD>wordofmouthconnections.org<DEAD> REJECT <DEAD>wordofmouthconnections.com<DEAD> REJECT http://wordofmouthconnections.net REJECT <DEAD>wominfo.net<DEAD> REJECT <DEAD>wominfo.org<DEAD> REJECT <DEAD>wominfo.com<DEAD> REJECT |
2004/1/31-2/1 [Computer/SW/SpamAssassin] UID:12047 Activity:nil |
1/30 So, if i'm using spamassassin -p /my/prefs/file and want to change to spamc, can I? I maned spamc and didn't see a analogous flag. \_ Currently, you can't; the protocol spamc uses to talk to spamd doesn't include any way to specify which prefs file to use. This wouldn't be too hard to add, though, if you think it would be useful -- let me know. --mconst |
2004/1/28-29 [Computer/SW/SpamAssassin] UID:11989 Activity:nil |
1/28 invoke 'spamc' and not 'spamassassin' from your .procmailrc 11:19AM up 15 days, 18:26, 155 users, load averages: 4.69, 3.58, 3.22 grep -Hs spamassassin `locate /.procmailrc | grep 'procmailrc$'` \_ is spamc reliable now? \_ No problems with it since I started using it (2 months ago) \_ If spamd crashes then I get a deluge of spam. \_ If spamd crashes mail ROOT. |
2004/1/21 [Computer/SW/SpamAssassin] UID:11866 Activity:nil |
1/21 spamassassin is failing to tag messages like the following: "Genierc and Sepur Viarga (Caiils) available oinlne! Most trusted online source! Cilais or (Spuer Vagira) takes afecft right away & lasts 24-36 huors! FOR SUEPR VAIRGA TOCUH HERE Genierc Virgaa costs 60% less! save a lot of $. FOR VIGARA TOCUH HERE" What are some ways to deal with this? I've tried blacklisting but it's getting futile because they keep changing their address. Thanks, -desperately failing \_ check the headers of some of these messages for the Habeas header. there is a viagra spammer abusing the header right now. SA honors the header and deducts ~8 points. If this is true, disable habeas. \_ It's not using habeas, it's just not scoring high. X-Spam-Status: No, hits=x.x required=5.0 tests=HTML_20_30,HTML_MESSAGE \_ retrain \_ no, because at the end of these mails they put random common valid words and training would increase the chance of false positive making spamassassin less powerful. If I'm not wrong, spammers are getting smarter and smarter and as long as we have to worry about these things, they're winning the war \_ Nuke the site from orbit. Its the only way to be sure. \_ I have the same spams and use SA too and I've noticed that while the spellings change, 'TOCUH HERE' stays the same. \_ Until it doesn't... \_ sounds like some kind of typo count would be very good at spam ID \_ I used motdedit and you overwrote my post. Bad sodan! \_ I used me, too. you got the wrong guy. The guy who overwrote your post posted this: "is that what he really did? And ..." \_ But then drunk people can't send email! \_ I hate spam but occasionally I get one that totally cracks me up and that almost makes the rest worthwhile. Anyone else enjoy the 'white trash sluts' spam a little too much? |
2004/1/21 [Computer/SW/SpamAssassin] UID:11859 Activity:nil |
1/20 I'm started to get perfectly legit looking spam (not in black list, not in Razor, not in SpamCop, etc etc). Look: X-Spam-Status: No, hits=2.8 required=5.0 tests=HTML_10_20,HTML_MESSAGE,NORMAL_HTTP_TO_IP version=2.55 I even use sa-learn on --ham and --spam mboxes, and it was cool for a while till recently. What should I start doing? \_ Upgrading to a more recent spamassassin version might help (the current release is 2.63). \_ just continue to ignore me: i'm using a very old version and don't have these problems. you know why? no one is tweaking their spam to my version. go ahead, get on the upgrade treadmill. see what i care. \_ Unplug and chill. |
2004/1/20 [Computer/SW/SpamAssassin] UID:11853 Activity:high |
1/20 spam filter poll. did you use only one and are happy, or have you tried one, then switched to the other, and are happy? spamassassin: .. \_ Constantly need to tweak .spamassassin/user_prefs ifile: .. \_ Blocks 60 per day with 1 false positive every couple of months. -scotsman \_ been usin' ifile, but I get soo much spam it what it lets through is still ridiculous. \_ Do you retrain? -scotsman ifile, then spamassassin: spamassassin, then ifile: none of them work: misc: SA, then ifile, then SA+ifile: very happy. If SA+ifile thinks it's spam, then it's spam. If just ifile thinks it's spam, it's almost certainly (95%) spam. \_ just a comment on false positives. One false positive a month is bad. Why? Who wants to go through their whole spam folder daily looking for false positives? If you get to the point where you don't double-check for false positives, that means false positives = unreceived personal email = very bad. \_ going through a spam folder every few days is a lot less of a pain in the butt than having all your real email squished inbetween the spam. It takes like 30 seconds to scan the subjects and say "nope, all spam, nuke it". \_ Well, duh. If I were depending on email for my job, I wouldn't run a spam filter. But my soda mail is just personal email, and anyone who sends there has my cell number, so it's simply a convenience to use a spam filter. If a false positive is a big deal, don't filter at all. Nothing gives 0 false positives. -scotsman \_ ifile gives way more false positives than spamassassin, so if that's your concern, you shouldn't use ifile. In my experience, ifile also lets way more spam through, but because it's Bayseian it depends on the type of spam and regular mail you get. -tom \_ Combining SA+ifile (SA blocks score 5 or higher) has never given me a false positive. I might as well be sending that to /dev/null. I do review the stuff that one xor the other flags as spam, which turns up 1 false-positive every 3-4 months \_ SA works great, as long as the version is recent. I use SA here and SA + yahoo junk mail filter on my well account, which I give out to marketers. \_ spamprobe works well for me. in the three months i've been using it, it has not had a false positive. to me, this is very important because i don't want to spend time to going through the spam folder looking for that one non-spam email. its false negative rate is comparable to ifile in my experience. the one downside is that the db file is ridiculously huge. |
2004/1/19-20 [Computer/SW/SpamAssassin] UID:11837 Activity:very high |
1/19 Procmail Question: I'm trying to figure out how to use '{}' for spam filtering. I want to delete everything with a score of 6 or higher, but put other stuff into a spam folder. What I have is below, any pointers/tips would be appreciated. tia. :0 * ^X-spam-status: Yes { :0 w: $SPAMFOLDER/$LOCKEXT * ^X-Spam-Level: \*\*\*\*\*\* /dev/null :0 w: $SPAMFOLDER/$LOCKEXT $SPAMFOLDER/. } \_ Looks ok at first glance. Test it and if it works, great. I don't use named lock files. Unless you get a *lot* of mail you probably don't either. Oh yeah, you can do better than scanning the whole message. RTFM to get the syntax for checking only headers. \_ IIRC, procmail only examines headers by default. I believe that checking the body requires an explicit flag. It's in the procmailrc man page, and the op seems smart enough so he/she can probably figure it out. |
2004/1/14-15 [Computer/SW/SpamAssassin] UID:11775 Activity:nil |
1/13 So I put "blacklist_from mailbride.ru" and it's still getting through, and spam assassin didn't treat it any different (the point system didn't change). What's up with that? \_ you didn't RTFM. # Whitelist and blacklist addresses are now file-glob-style patterns, so # "friend@somewhere.com", "*@isp.com", or "*.domain.net" will all work. |
2004/1/7-8 [Computer/SW/SpamAssassin] UID:11711 Activity:very high |
1/7 Anyone else having problems with email sent from csua being considered Yahoo spam? \_ Their spam detection has been going whacko for weeks. They have some major people pissed at them for it. --scotsman \_ Hmm, yup. Never had a problem before sending email from here to my yahoo account before until just now. Even marking as "Not Spam" doesn't help. \_ I think spam filters mark messages with "Not Spam" as spam. \_ I think we're talking about two different things. In Yahoo Mail, when you're in your Bulk Folder, you can click on a message and click the button "Not Spam". And supposedly, the spam filtering engine learns from this and won't mark this email address as spam again in the future. \_ Yahoo has rejected csua email a couple times in the past, thinking that soda.csua was an open relay. Check the motd archive. yahoo account before until just now. Even marking as "Not Spam" doesn't help. \_ They block all sorts of shit seemingly at random. It's for your own good. Just stop using Yahoo. e/7 I haven't been doing very much career-maintenance (don't know J2EE, .NET, web services, etc.). What are the preferred ways (by employers) to pick up experience in current stuff? \_ by employers, buy your own books. by employee, get them to pay for \_ Nice catch-22! You get the "uselessly stupid reply" award for the week! classes, books etc. \_ Sorry, I should have specified that I meant "prospective employers." \_ get a job using the current stuff. \_ Nice catch-22! You get the "uselessly stupid reply" award for the week! \_ .Net = .Dead \_ I'm actually seeing a lot of jobs for people with experience with .NET and SQL Server. -op \_ my father in law has been a software engineer at a big insurance company for the last 25 years, and he's being forced to learn .net by his employer. of course, this same company is forcing their new hires to learn COBOL also. \_ where at? - turin \_ various posts on craigslist \_ thanks \_ get Microsoft Certifications (MCSD) |
2004/1/6 [Computer/SW/Mail, Computer/SW/SpamAssassin] UID:11693 Activity:nil |
1/6 I wanna post to newsgroups but not with my real email address due to spam. What are some ways to get around it? Thanks. \_ hack your nntp client! \_ why are you using a client that uses your real email? go sign up for a real usenet service if you care or use a bogus spam-only email address. |
2004/1/2-11 [Computer/SW/SpamAssassin] UID:11646 Activity:low 54%like:10317 |
1/2 SpamAssassin 2.61 installed (finally); bugs to mconst. \_ if you specified "| spamassassin" in your .procmailrc recipe, please change to "| spamc" instead -- it is lighter weight/faster. \_ now that sa does bayesian analysis, what are the pros of ifile? \_ It's the standard. \_ Who thinks that, other than you? Do you have URL or anything suggesting that "it's the standard"? \_ like IDS, it is better to us spam catchers that are NOT the standard. -phuqm \_ Spam Assassin rocks... Say goodbye to the Nigerian scam, toner, FREE VIAGRA, and the lot. Awesome. \_ Thanks, joshk \_ 3 days of spam-free inbox and counting. Thank you! \_ It's only a matter of time before those fuckers figure out how to get past the filters again. \_ I'm loving it! It's great, Thanks. \_ Damnit. My brain immediately coughed up McDonald's. Yay America! \_ Thanks. \_ I did this. The next day there was lots of spam and no indication that spamassassin had been working. I also see nothing via ps to indicate a spamassassassin-related process running. I'm switching back to the old executable line because I know it works. \_ please don't do that: spamc and spamd work together, and they are much more efficient. If everybody ran "| spamassassin" like you do, soda would be really slow. /usr/local/bin/spamc man spam ps aux | grep spamd \_ If it worked for me as you have it here, I would use it. It doesn't, so I don't. \_ Not to mention, spamc is forked by procmail only at the receipt of new mail- it's pretty transient. RTFM. \_ Uh-huh, but spamd or some such should show up via 'ps -aux' regardless. \_ try 'ps -auxww' you ingrate. \_ How dare you post useful information! (thanks) \_ IFile still catches about 50% more of my spam than SA \_ SA caught 137 spams for me with one false positive. No spam got through for me. -ausman \_ I also switched from spamassassin to spamc and there was no indication it worked. Maybe that's why it's so fast! \_ spac is a standalone program, no need to call perl was that your problem? it bit me that spamassassin had been working. I'm switching back to the old executable line because I know it works. \_ Could you please send me mail, so I can try to figure out what's going wrong? --mconst \_ I'll try switching to spamc again today. If it appears to not be working when I check mail tomorrow, I'll mail you then. Thanks. \_ okay, here's exactly what you do, put these in your .procmailrc before your other recipes: :0fw | spamc :0: * ^X-Spam-Status: Yes <spam-folder-name> ====================== next if you have any spams that fall through, you sa-learn to teach SA to filter those. See man sa-learn \_ two stupid questions: 1. is there a better way to invoke procmail than through .forward? 2. is there a better way to disable the report text with spamc than spamc -c ? \_ 1. you don't need .forward at all, just .procmailrc 2. man Mail::SpamAssassin::Conf, or just put "report_safe 0" in ~/.spamassassin/user_prefs \_ 1. what calls procmail then? 2. man Mail::SpamAssassin::Conf -> No manual entry for Mail::SpamAssassin::Conf \_ I'm having a problem with sa-learn, it keeps telling me: soda [34] sa-learn --spam /tmp/uncaughtspam_20040109 Learned from 0 message(s) (1 message(s) examined). However, I have over 250 spam messages in the file. -gsu \_ RTFM: "sa-learn --spam --mbox /path/to/mbox" \_ I RTFM and the man page must be out of date because it says: Use this tool to teach SpamAssassin about these samples, like so: sa-learn --spam /path/to/spam/folder sa-learn --ham /path/to/ham/folder Thanks though, because --mbox works. \_ notice that the example says /path/to/spam/folder, NOT /path/to/spam/mboxfile. Without --mbox, it's expecting you to point it to a folder containing each message as a file. |
2003/12/31 [Computer/SW/SpamAssassin] UID:11624 Activity:nil |
12/30 What's the best way to sign up for spam mail? I want to set an account that collects spam for analysis, thanks. \_ post to usenet, post your resume (fake one, obviously) to the net, put your email on some mailing lists, and the best way is to put your email on some maillist lists, and the best way is to respond to any spams you do get from these other sources. \_ Best way is to post e-mail address on web pages that are linked to from sites already in the search engines. |
2003/12/29-30 [Computer/SW/OS, Computer/SW/SpamAssassin] UID:11602 Activity:nil |
12/28 I have been seeing lots of messages like this one in my .procmail/log file recently: ## procmail: Kernel-lock failed ## procmail: Kernel-unlock failed I think this started happening after the last reboot. Could it be hapening because something went wrong with soda patches? Was a new kernel patch installed before reboot? \_ Check if you have a random filename.lock file in your delivery directory. \_ The last reboot was only because of a hang...nothing changed. \_ That doesn't mean nothing changed. \_ no software was modified. sure the date changed. so did the phase of the moon, fuckwad. \_ you don't know that. you can't know that. and no need to be childish about it. you're just wrong. accept and move on. |
2003/12/26-27 [Computer/SW/SpamAssassin] UID:11595 Activity:nil |
12/26 SpamAssassin on soda in SERIOUS need of upgrade to latest version. Got 36 spams in my inbox just since yesterday. \_ Have you e-mailed root or VP and offered? \_ I use the latest version and I STILL get a lot of spams. It seems as if the spammers are getting smarter and smarter with their spam contents that get flagged with very little points. *SIGH* Fighting spam is like fighting AIDS. You think you can get rid of it permanently with the tri-cocktail dosage, and BAMM! It comes back and you have no choice but to use other drugs to suppress it, and the cycle goes on and on... \_ sounds like you didn't turn on the bayesian classifier. \_ I mostly having problem with Blomingdale spam. and Bayesian filter is not doing the job. \_ I use an ancient version and it works fine. User error. |
2003/12/19-20 [Computer/SW/SpamAssassin] UID:11527 Activity:nil |
12/18 SpamAssassin failed to block 54 spam emails since yesterday. What happened? \_ It doesn't help that csua's version is more than half a year old... (2.54) \_ Yeah, since last week or so, SpamAssassin hasn't been doing quite as well as it had been previously for me. I noticed that the number of spams i've been getting has increased, but so has their form. I'm hoping SpamAssassin adjusts soon to the new spam styles. \_ I've noticed a lot of spams with a score of 0. Methinks spamers are testing against recent releases of SA. \_ Duh. One of the main reasons SA is useless in the long run. \_ yeah, just like anti-virus software is useless. Get a clue. \_ It's all about economics. Spammers have an economic incentive to get that mail through, so they'll take the time. Viruses seem to be more for the intellectual challenge, or immature dick waving. I deal with this stuff every day, man. --scotsman \_ Except for those trojans which are used to insert spam into your folder. \_ Latest subject heading i've received: "you have a small weeinner and need to do something" \_ I wrote a quick tutorial on using ifile + spamassassin together. The combo works well because if one filter misses, the other catches it. And if both label a message spam, then you can be quite certain that it's not a false positive. /csua/tmp/ifile_tutorial -- mjm \_ Thank you, but I'm confused on step 2. Where do I put these lines? \_ Sorry, you just run them from the command line. You'll need at least one piece of spam to learn on, more is better. \_ should be labeled ifile+spamassassin+PINE |
2003/12/16 [Computer/SW/SpamAssassin] UID:11467 Activity:kinda low |
12/16 Anyone here speak procmail? Can you please tell me what the following means: procmail -f someone@somewhere.com -t -Y -a -d mylocaluser this is from a 'ps'. mylocaluser is a user on my box. [formatd] \_ it's all in the man pages. that's all anyone else here would do. |
2003/12/12-13 [Computer/SW/SpamAssassin] UID:29715 Activity:kinda low 66%like:11422 |
12/12 Has anyone used ask (active spam killer) before? http://www.punani.net \_ I'd much rather have an active spammer killer. \_ Why do you hate capitalism? \_ Because I love communism. |
2003/12/12 [Computer/SW/SpamAssassin] UID:11422 Activity:nil 66%like:29715 |
12/12 Has anyone used ask (active spam killer) before? http://www.paganini.net/ask/index.html \_ I'd much rather have an active spammer killer. \_ Why do you hate capitalism? |
2003/12/10-11 [Computer/SW/SpamAssassin] UID:11401 Activity:nil |
12/9 How do I change .procmailrc so that if spamassassin flags it with 50 points or over, it will go to /dev/null instead of mail/spam? \_ This has been asked about 3 times in the past few months. :0 * ^X-Spam-Level: \*\*\*\*\*\*\ /dev/null This will nullify anything with 6 points or over |
12/24 |