| WIKI | FAQ | Tech FAQ | |
 http://csua.com/feed/ | |
| ||||||
| 11/23 |
| 2007/3/20-22 [Computer/SW/SpamAssassin, Computer/SW/Virus] UID:46023 Activity:nil |
3/19 "Most computer attacks originate in U.S."
http://news.yahoo.com/s/ap/20070319/ap_on_hi_te/internet_security_threats
I thought it was South Korea. |
| 2007/3/16-20 [Computer/SW/SpamAssassin] UID:45997 Activity:nil |
3/16 Is there a way to configure spamassassin to delete junk messages from
my /var/mail/{login} spool before I run my mail client program? Thx.
\_ procmail |
| 2007/3/13-14 [Computer/SW/SpamAssassin] UID:45951 Activity:nil |
3/13 Anyways to improve our current spam assassin? |
| 2007/2/4-7 [Academia/Berkeley/CSUA, Computer/SW/SpamAssassin] UID:45651 Activity:nil |
2/4 Does someone have a simple working .procmailrc for the new soda?
I can't seem to get mine working despite trying the suggestions
on the motd.
\_
DEFAULT=/var/mail/USERNAME/
:0fw
| /usr/bin/spamassassin
:0:
* ^X-Spam-Status: Yes
spam/ |
| 2007/1/31-2/3 [Computer/SW/SpamAssassin] UID:45630 Activity:kinda low |
1/31 Can you give us any pointer for setting up spamassassin on csua under
the new mail system? TIA.
\_ What I did is create a .procmailrc file in your homedir with the following
content:
\_ What I did is create a .procmailrc file in your homedir with the
following content:
:0fw
| /usr/local/bin/spamc
:0 hw:
* ^X-Spam-Status: Yes
spam
And what this does is grab the email that SpamAssassin has tagged as
spammail, strip out the body and shove the header info to a file
called 'spam' in your homedir. And delete them from your mail spool.
Works with the new soda (so far).
spammail, strip out the body and shove the header info to a file called
'spam' in your homedir. And delete them from your mail spool. Works with
the new soda (so far).
NOTE that this is just ONE of the many variations on how to do
.procmailrc. STFG for more examples.
\_ In /csua/soda-changes.2007.01, it mentioned that procmail will not
work with the new /var/mail/$USERNAME directory. Have you
tried if you are still receiving non-spam correctly? -op
NOTE that this is just ONE of the many variations on how to do .procmailrc.
STFG for more examples.
\_ ls -l /usr/local/bin/spamc
ls: /usr/local/bin/spamc: No such file or directory
(there is one in /usr/bin but it seems to be failing, any input
I give it it returns 0/0 (error) and filters nada.
\_ I am using /usr/bin/spamc
\_ Which has no spamd to connect to so it fails every time
\_ Well, this is what I have in my .procmailrc, and it
appears to work:
:0fw
| spamc |
| 2007/1/19-25 [Computer/SW/SpamAssassin] UID:45560 Activity:nil |
1/18 http://redtape.msnbc.com/2007/01/spam_is_back_an.html Spam 2.0-- it is back, and worse than ever. |
| 11/23 |
| 2006/11/3-4 [Consumer/CellPhone, Computer/SW/SpamAssassin] UID:45146 Activity:low 62%like:45115 |
11/3 It's here. Cell phone SMS spams. Anyone having problems? How do
you deal with it? I'm paying 10 cents/message. Spammers
need to die.
\_ With Sprint the nice lady offered to block text messages, so I did
\_ But that also blocks non-spam text messages from friends or
alert from your server, etc. What they need to do is stop
charging for received messages and charge/increase fee for
sending a message.
\_ Carry a pager.
\_ I went to my Sprint account page, and I can configure "ACCEPT
ALL" or "BLOCK ALL" except a list of phone numbers, e-mail
e-mail addresses, and domain names.
addresses, and domain names. |
| 2006/11/2-3 [Computer/SW/SpamAssassin] UID:45101 Activity:nil |
11/02 I just got an email (at my work account) from what appears to be a
head-hunter. It is very low on job offer details. Does anyone else
get these? Is it worth it to respond? If I respond, will I be
flooded with these?
\_ The job market is hot for employees now. Head hunter/recruiter
types are hurting. If you're looking for a job, go post your
resume and start applying to listed jobs from real companies.
I wouldn't bother replying to this unless there's something in
particular that caught your eye. Sounds like recruiter spam.
\_ Make sure its a real head hunter / job offer things. Fake ones
would be a real great phishing operation, as a lead-in to
identity theft. I get tons of spam that looks like this is the
intent.
\_ if you are really good, head hunter will *CALL* you instead of
emailing you. They should know it's not cool to send recruiting
information into your WORK email. |
| 2006/10/29-30 [Computer/SW/SpamAssassin] UID:45030 Activity:kinda low |
10/29 Any tips on dealing with the usual nonsense-text-around-embedded-
images spam? I'm running postgrey + spamassassin, and it's catching
about half of them... -John
\_ Are you running Razor2, Pyzor, and other services that contact
a centralized spam repository to filter out even more spams?
\_ No, I will be. A gentleman and a scholar, thanks. -John
\_ There is something unique about those spams. It is possible to
filter them. I'm not allowed to discuss it further. |
| 2006/10/16-18 [Academia/Berkeley/CSUA, Computer/SW/SpamAssassin] UID:44835 Activity:nil |
10/16 I just got my first soda spam reforwarded to my real email address.
I have never given this address to anyone. Thank you who ever gave
out soda addresses on the net.
\_ Have you considered that someone you correspond with may have had
their machine rooted? Also whoever rooted soda a while back could
have snarfed all the account names.
\_ I don't send mail from here but I had forgotten about past soda
break-ins. Thanks for reminding me of that. The idea that
someone here would post email addresses is pretty sickening.
\_ was your real email address written down somewhere on
on soda? Was your soda mail getting forwarded to
your email address? Are you sure it wasn't just
forwarded from soda? I think you might not understand
how forwarding works.
\_ I'll explain: I have a .forward file on soda. It forwards
to my real email address. I have never sent mail from
soda or provided @soda to anyone. My .forward file is
older than some current students. The spam was sent to
my previously unknown and never used @soda address and
then reforwarded via my .forward to my real address. I
think I understand how forwarding works. Thanks for the
help.
\_ And I don't think you understand. So you use
your brand new spanking email address? Do you
\_ yes.
email people with it? EVER? Has anyone ever
\_ yes. \_ yes.
received this email? Do they read it on a computer?
\_ yes. \_ yes.
Viruses infect computers, or so I hear. Some
viruses look for the addressbook of users, and mail
them back to their Russian masters, who then stick
it in their recipient lists to Spam. The only way
to never receive spam is oh I dunno shoot yourself.
\_ And the email wasn't sent to that email address.
It was sent to my soda address which has never
been used and then reforwarded to that address
from here. It is the fact that my soda account
got spam that is the problem because *I* have
never given out my soda address nor used it for
any email transaction. The forwarding isn't the
problem here. It is that the soda address got
spam. The unused, never given out, never provided,
previous unknown soda address got spam. Spam was
sent to my soda address, to my completely unused
and unknown soda address. The soda address that
received the spam, that the spam was address to
was never used on the net. Capiche?
\_ you ever hear of a dictionary attack?
they'll get you eventually.
\_ It's possible but let's see the mail logs
showing the dictionary attack. Maybe I missed
that in the motd.official or the csua minutes.
\_ what's your email address? I want to mail\
you a PNG of /etc/passwd
\_ I'm root@soda.
\_ you realize soda is one of the most
heavily loaded single point mail machines
in the universe?
\_ sure, so? |
| 2006/10/12 [Computer/SW/SpamAssassin] UID:44781 Activity:nil |
10/11 Dear root, what's the possibility of upgrading spamassassin to
something more recent? I think we are running 3.1.0, which is
released on Sept 2005. The most current is 3.1.6 on Oct 2006.
As a side note, anyone getting a lot of spam with an image and
a bunch of "randomish" words after it. sa-learn is obviously
not doing a very good job to learn this kind of spam. |
| 2006/9/22-25 [Computer/SW/WWW/Browsers, Computer/SW/SpamAssassin] UID:44497 Activity:nil 90%like:44493 |
9/22 OpenDNS is looking for someone to write a Thunderbird extension.
http://tinyurl.com/j24ux (rentacoder.com) |
| 2006/9/22 [Computer/SW/WWW/Browsers, Computer/SW/SpamAssassin] UID:44493 Activity:nil 90%like:44497 |
9/22 OpenDNS is looking for someone to write a Thunderbird extension.
http://www.rentacoder.com/RentACoder/misc/BidRequests/ShowBidRequest.asp?lngBidRequestId=532805 |
| 2006/8/21-23 [Computer/SW/SpamAssassin] UID:44079 Activity:nil |
8/21 Recent soda spam 3x usual P?
\_ I haven't noticed. 3x infinity = infinity
\_ We should have the death penalty for spammers. Especially ones who
deliberately try to evade spam filters. Think about it: they
harm millions and millions of people. Add it up: they deserve death.
\_ I've noticed a remarkable jump in the number of spam runs in the
last 2-4 weeks, as have colleagues on a number of systems. -John |
| 2006/8/16-17 [Reference/Law, Computer/SW/SpamAssassin] UID:44031 Activity:nil |
8/16 If you had the power to pass laws to curb spammers, what law(s) would
you pass? I will start:
-Fine $5 for each spam mail sent
\- i dont think it is so much about what law you pass but the
kinds of resources you allocate to enforcement.
\_ One nail from a nailgun in the head for each spam mail sent.
\_ Only pornographic spam is allowed. -average American male
\_ public service. they must copy, by hand, every spam message they
sent out, onto a chalkboard.
\_ eye rape them with tentacles
\_ make them eat a can of spam for every spam they send.
\- i dont think it is so much about what law you pass but the
kinds of resources you allocate to enforcement.
\_ Well, I asked Urotsukidoji and he's just about had it
with tentacle enlargement spam. -John |
| 2006/8/14-16 [Computer/SW/SpamAssassin] UID:43997 Activity:nil |
8/14 I'm a newbie sysadm. Is configuring/installing pyzor and razor
as simple as doing "apt-get install pyzor" and "razor"? I did both
but I don't see any pyzor/razor daemons running. I hate spam and
I want to minimize spam for my users. ok thx. |
| 2006/8/4-6 [Computer/SW/SpamAssassin] UID:43911 Activity:nil |
8/4 I just installed spamassassin using "apt-get install spamassassin"
on my local machine, and spamd is launched. In my .procmailrc,
if I run /usr/bin/spamassassin, is it smart enough to connect to
spamd when it is running, and stand-alone when spamd is not running?
\_ man-ing around, I'm going to guess that it's not smart enough.
after all, that's what spamc is for. You may have to invoke some
spamd detection trickery, and do either spamc or the full
spamassassin. --michener
\_ Yes. -proud American |
| 2006/8/2-6 [Computer/SW/SpamAssassin] UID:43868 Activity:nil |
8/2 How come web sites that praise http://dreamhost.com don't accept additional reviews anymore? I'd like to add negative feedbacks to counter the positive feedbacks but unable to do so. What's up? Here are some examples: http://www.webhostingratings.com (blank interface to add review) http://www.brunescafe.com/content/view/16/2 (can't enter info) There are two others that I've waited 3 days for the approval to go through, even though their web sites say: "Thank you for voicing your opinion about DreamHost, Joe. Your opinion will help other Webmasters in their search for the right Web host. All reviews are manually approved, in order to remove spam. Reviews are typically approved once per day." What the hell is going on? \_ hi im bitter \_ The jews are responsible for all the wars in the world. Are you a jew? -proud American \_ Stop advertising porn sites. -proud New Englander |
| 2006/6/1-4 [Industry/Jobs, Recreation/Humor, Computer/SW/SpamAssassin] UID:43245 Activity:nil |
6/1 Semi randomly generated spam I thought was funny:
Hi there lovely,
This kbind of opportunity comes ones in a clife. I docn't want
to miss it. Do you? I am comcing to your place in few days
and I though may be we can meet each other. If you don't mind
I can send you mcy picture. I am a girbl.
\_ I am a gerbil. |
| 2006/5/31 [Computer/SW/SpamAssassin] UID:43239 Activity:nil |
5/31 I just got a bunch of returned emails which appear to be caused by
someone using my email for spam. Is this caused by someone spoofing
my address, or has my account been comprimised? Anyone else have this
problem recently? -scottyg
\_ Everyone else. It's been mentioned in the motd a couple of
times.
\_ Just wait couple days and it'll slow down/stop. I also used
sa-learn to increase spamassasin's catch rate and also used
procmail to filter out anything "From:" postmaster or mail-
daemon. |
| 2006/5/31-6/3 [Computer/SW/SpamAssassin, Computer/SW] UID:43238 Activity:nil |
5/30 You know those things in magazines (often computer and travel ones)
that is an index card full of numbers that you circle, each of
which corresponds to a company/product so you can get more
information on that product? Is there an online equivalent, at least
for email information? I need a way to send a lot of email to a
certain account. Thanks.
\_ http://yourgiftcard.com, http://offercash.com, http://everyfreegift.com,
http://www.coolsavings.com http://www.giftcertificates.com all worked
dandy. I've neutralized my nemesis' accounts using these
web sites. If you have more, please post them here. Thanks.
\_ Well its not very noble, but you can spam the hell out of an
account if you sign it up for porn sites, or even just enter an
email address in.
\_ Just don't.
\_ I ended up signing the account up at some home loan websites, which
worked pretty quickly (within minutes). Nothing too excessive,
though, which was nice. -op |
| 2006/5/22-25 [Computer/SW/SpamAssassin] UID:43145 Activity:nil |
5/22 I'm a new sysadm. I'm trying to collect as many spam mails as I
can to build the ultimate sa-learn (spamassassin) database. I'd
like to use this ultimate database to filter out ALL spams, once
and for all, for all of my users. What's the best way to collect
as many spam mails as possible? Thanks.
\_ "once and for all"? so, would your users still be able to check
the spam for false matches?
\_ A collegue of mine has some pretty good, mature anti-spam
mechanisms in lace after playing with various combos. I'll be glad
to put you in touch with him if you post your name. -John
\_ Spam changes over time. If it was possible to do what you're doing
as a one time event it would've been done already. |
| 2006/5/22-25 [Computer/SW/SpamAssassin] UID:43136 Activity:nil |
5/22 I am getting about 150-200 "returned email" notice a day for the
past couple days. Yes, I know my email address is probably used
as the "From:" for spam. Spamassassin is catching about 50%
of them. Should I...
1) Keep using sa-learn to increase the catch rate?
2) Just ignore it and hopefully it'll slow down?
3) Anything else?
\_ If you run the domain, you could work something with spf. -John
\_ You could also do a quickie filter to another folder just to set
it aside just in case there's something you actually want to see,
then delete it all in a week or two if it stops. That's the lazy
way. Of course if it doesn't stop you'll need spf, better filters
and maybe a new email address. I have about 50-60 throw away
addresses now. I've had to disable about 10 of them over the years
because of all the spam. Some of them have been dead for over 5
years and still get spammed every day. (I see it in the logs).
\_ I am getting these too here at soda. Started a few weeks ago I
think. I have been sa-learning them which helped. I think they are
mostly Russian. Smart email servers would not bounce spam back
to the From: address... damn Russians. |
| 2006/5/10 [Computer/SW/SpamAssassin] UID:43009 Activity:nil |
5/10 I just received a bounced email saying I was trying to send an email to
some account that deos not exist. Examining the attached original email
I am sure I did not send out or compose that email. Does that mean someone
has cracked in my account and used it for emailing?
\_ No. It's spam spoofing your email address. Send out a note to people
you care about (but who are generally clueless about the IntarWeb)
telling them to ignore strange messages like that if they say
they're from you. |
| 2006/5/9-10 [Computer/SW/SpamAssassin] UID:42997 Activity:nil |
5/9 Today I got a huge bunch of "mailer-daemon" failure messages due to someone
sending spam with my email in the from:. What's the best way to deal with
that? If I procmail them all to /dev/null then I'd miss real delivery
notifications that are occasionally useful.
\_ I got that too last week for one or two days. Bounce was from
some Italian server, I think. I thought it was just virus spam
(infected .gif attachment) pretending to be bounce notifications. |
| 2006/5/8-9 [Computer/SW/SpamAssassin] UID:42981 Activity:nil |
5/8 Help. After buying something from http://Yahoo.com, I got a pop-up telling me that I got free $50 worth of coupons for Red Lobster, Chilis', and other restaurants. I figured that it's from Yahoo so it's probably trustworthy and answered a few simple questions (Are you a smoker? Do you have diabetes? Do you like sports? etc). Then a few questions turned into a 5 minute survey, that then turned into 500 questions on "Do you want free Newsweek for 3 months? Yes/No" "Do you want to subscribe to Sports Illustrated? Yes/No" "Do you want to try Omaha Steak? Yes/No" So rather than answering 500 questions to get my $50 coupon, I quit my browser. The next day, I got 10 spams to my brand new email account. Today, I got 15 spams. Tomorrow, I'll probably get even more. I can't cancel the list either because they're all from different companies. What should I do? \_ I did an experiment. I simply typed in test email addresses in the following web sites without giving them any more information and got the following results: http://yourgiftcard.com (on average, 3-4 spams a day after a week) http://offercash.com (on average, 2-3 spams a day after a week) <DEAD>everygiftcard.com<DEAD> (on average, 4-5 spams a day after a week) The tests were conducted using separate test Yahoo accounts. Most of the spams were filtered correctly, while many did go through (25% by-passed Yahoo's spam filter). So in short, you just need to be stupid for 5 seconds to receive massive amounts of spam forever. \- why dont you put the admin/technical contacts for those domains on other mailing lists. \_ or, someone else can just type your email to all 3! \_ if it's one of the less irreputable companies, there should be a canspam compliance notice saying why you're getting email. And it should include an opt-out for the marketer that the mailings are being on behalf of. And they will have a global opt-out list that will propagate to the actual senders. |
| 2006/5/2-4 [Computer/SW/SpamAssassin] UID:42891 Activity:nil |
5/2 How would I setup soda to send a bounce message to anybody mailing
me here saying "This email address is retired/ignored due to spam"?
\_ I have set it up on soda before, but now totally forgot the steps
I think it was done with procmail
\_ I think the usual way to do this is to use /usr/bin/vacation
to send a reply to anyone who emails you, and to use procmail
to delete incoming email. (Depending on soda's mail config, you
may need to use procmail to run vacation anyway.) -gm
\_ This definitely used to be the standard way. If you do this
now, though, whenever someone sends spam to your account with
a From address of some innocent third party, you'll end up
sending your replies to them. A better way is to have root
put an entry for your account in /etc/mail/access, with a
custom bounce message -- this way, instead of accepting the
mail, saving it to disk, and then trying to figure out who to
send a reply to, we reject the mail (with your custom message)
during the SMTP exchange. This also reduces the load on soda,
because it means we don't have to process all your incoming
spam or your auto-replies to it. Mail root and we can set
this up for you. --mconst
\_ can you leave a pointer to a sample of this?
\_ Do you mean a sample of what the bounce message will
look like? It's generated by the *sender's* system,
not soda, so it'll look a little different for everyone.
I've put an example in /csua/tmp/bounce-sample, showing
what it looks like from the OCF; you can try sending
mail to kislyuk@soda (or any other disabled account) to
see what it looks like from other systems. You get to
customize the part where it says "Account disabled until
you fix your mail loop". --mconst
\_ I meant an example of the implemetnation.
\_ Oh, sorry -- I just noticed /etc/mail/access
wasn't world-readable. I've fixed it. Anyway,
all you need is a line like this:
To:user@ This account is disabled.
Make sure you have FEATURE(`blacklist_recipients')
in /etc/mail/sendmail.mc. --mconst |
| 2006/5/2-3 [Computer/SW/SpamAssassin] UID:42890 Activity:nil |
5/2 Is any one else getting these BlueFrog/BlueSecurity spam emails?
\_ yes. also getting much larger spam. is the spam filter back
\_ yes. also getting much more spam. is the spam filter back
on yet? root? anyone? |
| 2006/4/27 [Computer/SW/SpamAssassin] UID:42854 Activity:nil |
4/27 I just started using spamassassin recently. And procmail. Yeah I'm
behind the times. Anyway, some spams are just random dictionary
words. Is it even useful to try to sa_learn those? |
| 2006/4/21-23 [Computer/SW/SpamAssassin] UID:42797 Activity:nil |
4/21 This spam made me laugh out loud: re: secks
If we ever contact aliens they will ultimately destroy us
because of our spam. And because we're a bunch of hooting
sex monkeys.
\_ link:tinyurl.com/e45yt |
| 2006/4/19-20 [Reference/History, Computer/SW/SpamAssassin] UID:42786 Activity:nil |
4/19 If there's one thing good about the soda crash, that would be
accumulating fewer spam mails than in the past, and bouncing them
back to their rightful owners.
\_ We'll be sure to let it crash more often in the future. :P |
| 2006/4/15-5/21 [Academia/Berkeley/CSUA, Computer/SW/SpamAssassin] UID:42771 Activity:nil |
4/16 After much late night debugging, soda is now correctly accepting
and sending mail. Spamassassin is working. The queued mail is being
de-queued. |
| 2006/3/13-14 [Computer/SW/SpamAssassin] UID:42212 Activity:nil |
3/13 Help me motd! My soda email account only receives spam! No one
has sent a personal or business related email to my soda account
in over six months. Please help me think of use for my soda account
besides receiving tons of spam and trolling the motd.
--bored alum
\_ Sign your name, and we'll see what we can do.
\_ This is why we all forward our soda mail to our real (doesn't go
down all the time and run out of quota) mail accounts with an
automatic spamassassin bonus rating of 1 or 2. --other alum
\_ Hear, hear. I don't automatically give soda mail +1 / +2,
but I think the Bayesian classifier has detected
the spamminess and effectively does this anyway. |
| 2006/3/6-7 [Computer/SW/SpamAssassin] UID:42109 Activity:nil |
3/6 I haven't used newsgroups in a while, so I thought I'd check it out
I checked out ucb.jobs, and it looks like every post in there are
spam like the ones we get in our spam folder on daily basis. Do
CS students still use newsgroups? Or are they a thing of the past? |
| 2006/2/24-27 [Computer/SW/SpamAssassin] UID:41990 Activity:nil |
2/24 More spam is bypassing our spam blocker.
\_ Give up. Either forward all your email to a Gmail account,
or alternatively forward your email to your Gmail account
with a special header and let Gmail's spam filtering
take care it, and forward the non spam email back to your
soda account, then accept your robotic Gmail masters.
\_ Actually, I do forward all my mail through gmail first - while
it catches quite a bit, spamassassin on csua still does a better
job (in the sense that it catches the ones that gmail let
through incorrectly) |
| 2006/1/1-4 [Computer/SW/Mail, Computer/SW/SpamAssassin] UID:41192 Activity:nil |
1/1 Anyone ever have problems with procmail inserting a '>' in front of
the 'From' field when it forwards email? I haven't been able to
figure out how to prevent this, not find any web info talking about
it. The insertion screws up mail-reading at the forwarded end
(thunderbird does not separate out the subject and other fields any
more). Thanks!
\_ It's probably sendmail, not procmail doing that. And the problem
is probably that you're attaching the original headers in the
message body, instead of in the message header, or another From
header is being added, so sendmail is escaping the From.
\_ Yeah, looking at an email as received at csua and at the
remote forward destination, it looks like in the process of
procmail forwarding it wraps a new set of headers on top of
the email. I thought that it used to work fine without
changing things like this, though? Haven't been able to
find any documentation that shines any light on modifying the
behavior to forward the mail with original headers, though -op |
| 2005/12/19-21 [Computer/SW/SpamAssassin] UID:41076 Activity:nil |
12/19 Have other people been getting spam with paragraph snippets from the
'Bourne Ultimatum' in them? It's very bizarre (I only recognized it
because I recently re-read the book... which makes it very
disturbing?)
\_ what makes that disturbing? do you think they're watching you?
\_ I got some with snippets from Aesop's Fables. Someone's ripping
off ebooks and such.
\_ No, it's just a method to get pass the spam filters. I've seen
ones with Tom Sawyer, etc. ripped off in the past. |
| 2005/12/4 [Computer/SW/SpamAssassin] UID:40848 Activity:nil |
12/3 Procmail is b0rked
\_ What exactly does b0rked mean?
\_ seems to work for me. |
| 2005/11/28-29 [Computer/SW/SpamAssassin] UID:40741 Activity:nil |
11/27 Ever since the reboot today, "spamc" doesn't seem to be doing it's
job. Any idea what's causing this?
\_ Interestingly, it seems to be working as of about an hour after
I posted this. -op
\_ I really don't know, but I think it becomes less effective based
upon load. When soda is bogged down spamc won't run as
thoroughly. -mrauser |
| 2005/11/4-6 [Computer/SW/WWW/Browsers, Computer/SW/SpamAssassin] UID:40442 Activity:nil |
11/4 I just received a piece of spam that's the most threatening I've seen
so far:
"<my-email-addr> is a nonprofit/charity contact email address right?
if so...
WE WILL EMAIL YOUR WEB SITE TO 2,500,00 0PT-IN EMAILS FOR [Free]
http://www.broadcastemailservices.org
......"
\_ they represent a threat to the CSUA. squish them. |
| 2005/9/29-10/3 [Computer/SW/SpamAssassin] UID:39923 Activity:nil |
9/28 So the spam brigade finally found me on here in a way that
annoys me greatly. It was okay before, but now it sucks.
I still use PINE. I am open to any suggestions to please
let me know...do I need to switch to something beside PINE?
Spam Assassin? What? -maxmcc
\_ To respond to all the posts in this thread in the laziest means
possible: Milter plans are in place which will include global
spamassassin and antivirus scanning. We just lack time and
manpower. - jvarga
\_ You need to switch to something besides pine, but not because of
spam.
You can configure SpamAssassin for your account and still use
a bad mail client. -tom
\_ tom, if you aren't going to be helpful, you can at least not
be a jerk. -jrleek
\_ Come on guys give tom a break. tom is in fact being helpful.
Perhaps his words are overly candid and blunt but are not
without merits. The clueless pp obviously needs serious help
and as tom correctly pointed out needs to use spamassassin.
\_ Wouldn't it make more sense to have something more global
where CSUA filters out spam instead of individual users
configuring their own spamassassin files? My .razor and
.spamassassin directories are getting big.
\_ Are you gonna pony up the cash to pay a part time admin
to run this sort of thing? People don't realize that
for any decent sized machine, this sort of service is
a full time endeavor.
\_ Full time to run spamassassin? Isn't this the
sort of experience the students who run soda
need? I mean, some of us can do it for free,
but doesn't that defeat the purpose? Teach a
man to fish and all that.
\_ Spamassassin is insufficient (perhaps IMO) for
what the person above suggests. Having the CSUA
automatically filter spam would 1) be a time sink
on admins and 2) suck. The greylisting suggestion
below isn't a bad one, but implementing it across
the board (as root of late is wont to do) would,
again, suck.
\_ Seconded. It should also auto-forward all spams to
spam@uce.gov.
\_ Tom may be able to be helpful but he can't not be a jerk.
\_ You can configure SpamAssassin to work with pine. I'll be
happy to send you my configuration if you email me. -jrleek
\_ I got same issue. Someone please give me a pointer on how to
configure procmail... I want to send everything with Windows-1251
encoding to spam...
\_ Does CSUA use greylisting? Might be an idea, worked wonders
for me. -John
\_ care to elaborate on that a bit please?
\_ http://en.wikipedia.org/wiki/Greylisting
Advantage: stops almost all spam today. Disadvantage:
sometimes delays legitimate mail, between a few minutes
and an hour or more. Spammers can mostly circumvent it
if they try.
\_ Greylisting returns a 450 for every mail received and
enforces a delay of some small timeframe. Generally
enforces a delay of a number of minutes. Generally
even a short delay (1-5min) works to kill the fantastic
quantities of spam originating from forged addresses or
spam zombies. As pp said, it delays _all_ mail as well
as blocking mail from misconfigured MTAs that don't
understand 450s. Also what helped us was really severe
rate limiting of mail from all APNIC netblocks (no more
than x mails from a given IP to a given address within y
timeframe) and "cooling down" periods for IPs generating
too many 550s within, say, a minute. Pp is correct
that greylisting does not stop determined spammers, but
generally it's too much effort for most of them. -John
currently it's too much effort for most of them. -John
\_ thanks, john. -kngharv
\_ Poll: Should CSUA adopt greylisting?
Yes: ..
No : ..
\_ Greylisting can be rather heavy on memory usage.
Last I checked, soda doesn't exactly have a lot
of it.
\_ Maybe this should wait until the new soda
is put in place?
\_ How much does it have? How much does it
need? What will it cost?
\_ For me, pre-greylist = ~30 spam per day. post-
grey-list = ~4 spam per day.
\_ Greylisting (or maybe just sendmail) pisses me off.
When you send a multi-recipient e-mail and one recip is
greylisting, all recips after that person block until
it goes through. This could just be sendmail's sucky
sending semantics. --dbushong
\_ How would sendmail's smtp greeting delay compare
for suck/gain tradeoff? --jon |
| 2005/9/2-3 [Computer/SW/Languages, Computer/SW/SpamAssassin] UID:39462 Activity:nil |
9/2 Is it possible to set up an auto-reply on cusa account? How to do it?
Create a .auto-reply file?
\_ man vacation
\_ follow the vacation man, my test account get an auto-reply
containing "|/usr/bin/vacation
(reason: Command line usage error)"
\_ man procmailex
\_ thanks procmail auto-reply worked for me.
\_ How is your loop detection? -tom |
| 2005/8/18-20 [Computer/SW/SpamAssassin] UID:39159 Activity:nil |
8/18 help from procmail wizard. I would like to do two things with
procmail.
1. if the message is encoded in CP-1251, I want to send it to spam
2. if the message is encoded in some other legacy encoding, i would
like to use iconv to convert to utf-8. How to do these? TIA |
| 2005/8/4-5 [Computer/SW/SpamAssassin] UID:38989 Activity:nil |
8/4 Does spamassassin report spam to spam@ftc.gov?
\_ Can't you just bounce it? -John |
| 2005/6/24-27 [Computer/SW/SpamAssassin] UID:38285 Activity:nil |
6/24 In my procmail log file, it says:
csh in malloc(): warning: recursive call
Out of memory.
What is the meaning of this?
\_ helps if you show us your .procmailrc
\_ It's hundreds of lines long. I was thinking it was
not something specific to my .procmailrc but that the
system was just out of memory. Assuming it's something
within my .procmailrc, would could cause a recursive call? |
| 2005/6/20 [Computer/SW/SpamAssassin] UID:38201 Activity:nil |
6/19 Hey does anybody know if hotmail silently discards mails with
>-quoted text? I have sent somebody a fairly important mail
and then a followup ping a week later and have not heard back.
This is a communication of mutual importance and have successfully
traded 3 or so email cycles, so a blowoff is unlikely as is some
complete failure like a blacklist [dont have phone#]. It is possible
there was an emergency and the other party is off-the-grid but am
trying to get a sense of the false positive rate for spam control
on a normal text message for these large email sites.
\_ Suggestion: create a hotmail account and send test messages to it.
How important could your email friend be if email is the only way
you have to communicate with them? If you have a name and city
you can get their phone number.
\_ Hotmail sucks and you're stupid to use it for important stuff. I've
seen their junk filter silently filter stuff (throwaway forum
registrations that I use it for), without putting it in a junk
folder. Turning their spam control off completely might help. |
| 2005/6/7-9 [Computer/SW/SpamAssassin, Computer/SW/Unix] UID:38011 Activity:nil |
6/7 Anyone else use forwarding from procmail & unix mail? I'm
been having a problem with something that used to work.
I forward email from another account to csua via procmail.
Mail headers come with a format that looks like:
From sender@sender.com Tue Jun 7 13:30:20 2005
Status: RO
>From mds Tue Jun 7 13:30:20 2005
...
Normally I use POP for email, but sometimes when I'm in a
rush I use command-line "mail". When I read/delete some
messages and enter 'q', it saves the resulting messages with
a space between the "Status" and ">From" lines. Haven't been
able to find anything via google, but I know that it didn't
previously do this (e.g. a month+ ago). Has anyone else had
the same problem? Thanks!
\_ read your email with mutt like a real man.
\_ Consider setting up a procmail rule to pipe everything through
formail before further processing. -dans |
| 2005/5/4-5 [Computer/SW/SpamAssassin] UID:37515 Activity:nil |
5/3 Procmail question. For messages over, say 1 Meg, I want to
add '[OVERSIZED]' to the subject. The following works,
| sed 's/^\(Subject:\)\(.*\)$/\1 \[OVERSIZED\]\2/'
but, how can I do this if there is no "Subject" field to
begin with?
\_ Changing subject is quickly done using formail.
http://info.ccone.at/INFO/Mail-Archives/procmail/Jan-2002/msg00413.html
From there you should be able to figure out the rest.
\_ Didn't work. -op
\_ This is a similar rule I had, that worked:
:0 c
* ^TO.*(list@uc-hiking-club.berkeley.ca.us)
{
SUBJECT=`formail -xSubject:`
NEWSUBJ="Subject: CHAOS: $SUBJECT"
:0 fhw
| formail -i "$NEWSUBJ"
:0
! address@imap.cs.berkeley.edu
}
\_ Right on! That works. Thanks! -op |
| 2005/5/3-4 [Computer/SW/SpamAssassin] UID:37509 Activity:kinda low |
5/3 Procmail question. For messages over, say 1 Meg, I want to
add '[OVERSIZED]' to the subject, forward the message to another
acct, and send myself a message at csua notifying me of the
oversized message. I have not been able to do this successfully.
It should be something like this:
:0
* > 1000000
{
:0fw
| sed 's/^\(Subject:\)\(.*\)$/\1 \[OVERSIZED\]\2/'
:0
!otheraccount@gmail.com
}
and then somehow I need to email myself the notification.
Also, this wil only work if the message has a Subject field.
How can I do this for the more general case?
\_ Changing subject is quickly done using formail.
http://info.ccone.at/INFO/Mail-Archives/procmail/Jan-2002/msg00413.html
From there you should be able to figure out the rest.
\_ Didn't work. Put a bunch of error messages in my log file,
and got rid of the subject. -op
got rid of the subject, and sent 2 copies of the message to
the other account. -op |
| 2005/4/26-27 [Computer/SW/SpamAssassin] UID:37364 Activity:nil |
4/26 The new version of spamassassin stopped adding "SPAM" to the
subject of spam emails. What can I change in .spamassassin/user_prefs
to make it do this again? Right now, I have the following line:
subject_tag [SPAM]
\_ rewrite_header subject " [SPAM]"
--dbushong |
| 2005/4/13-5/25 [Computer/SW/Languages/Perl, Computer/SW/SpamAssassin] UID:37167 Activity:nil |
4/14 Perl upgraded to 5.6.2. SpamAssassin (spamd/spamc) upgraded to 3.0.2.
moria (and angband, and NPPAngband) installed, for all you really
old-schoolers. |
| 2005/4/2-5 [Computer/SW/SpamAssassin] UID:37044 Activity:nil |
4/2 Anyone getting scads of 'stock pick' spams with some permutation of
(-st0ck52 @ http://Yahoo.com-) as an unsubscribe address? Know a valid
unsubscribe adress for them? I've tried most combinations and no, I
don't care about "don't-respond-or-they'll-know-the-address-is-live"
as a fair number of spammers actually respect unsubsribes. I haven't
managed to get spamassassin to figure these out.
\_ no, but i'm suddenly getting a ton of "your bank account has been
compromised. please verify your password." |
| 2005/4/1-2 [Academia/Berkeley/CSUA, Computer/SW/SpamAssassin] UID:37018 Activity:nil |
4/1 So I keep hearing from people I know that my soda account randomly
bounces email. The only thing I ever get now is spam. Is it time
to retire the soda account for good? Will soda ever be well?
\_ I think /var was full the other day. Some people had trouble
emailing me and I couldn't send email from soda. |
| 2005/3/24-28 [Computer/HW/Memory, Computer/SW/SpamAssassin, Computer/SW/Unix] UID:36849 Activity:nil |
3/24 I have a procmail process on Linux that I would like it to talk
HTTP to a servlet (or any URL for that matter). What is the most
efficient (the smaller the memory footprint, the better) and the
most scalable (we do have heavy email volume) and the most performing
way you can think of? TIA. |
| 2005/2/28-3/1 [Computer/SW/SpamAssassin] UID:36455 Activity:nil |
2/28 Unintended consequences of spam-blocking (and spam of course):
http://news.lp.findlaw.com/andrews/pl/med/20050223/20050223barnes.html
\_ Legit or not, this is almost certainly going to become the "My
dog ate my homework!" excuse for attorneys who missed deadlines
through laziness. |
| 2005/2/23-24 [Computer/SW/SpamAssassin] UID:36388 Activity:low |
2/23 I sometimes receive spams that has apparently nothing to sell, or
messages to spread. What are they for?
\_ spam fishers. If you didn't bounce the mail, you're gonna get
a lot more spams in the future. Sorry.
\_ How do I bounce the mail back to sender in a way that makes it
think my email addr doesn't really exist?
\_ I don't think this is possible (it wasn't last I
checked) but I think it's a feature that needs to be
added.
\_ Forward them to spam@ftc.gov, spam@uce.gov and uce@ftc.gov
(don't know which one is the real one). Better than no
action at all. |
| 2005/2/8 [Computer/SW/SpamAssassin] UID:36101 Activity:moderate |
2/8 How do you guys get rid of spam in this account?
\_ spamassassin -> gmail |
| 2005/1/26 [Computer/Companies/Google, Computer/SW/SpamAssassin] UID:35907 Activity:nil |
1/26 Has anyone else had problems with Gmail not recieving mail? I've had
one person get a delivery failure message and another person say they
sent mail, got no failure notice, and I never recieved it. Is this a
common problem of am I just corresponding with dinks who can't figure
out how to send email?
\_ I had problems when I bounced mail from another account to my gmail.
I never received any failure notice, but didn't receive the mail
either. Forwarding worked. Funny thing was that after trying the
bounce multiple times and fail, I forward, and all of a sudden, the
forwarded mail shows up in gmail along with all of the bounced
mails. That was about a month ago. Bouce seems to work for me now.
\_ No, but gmail filters spam very aggressively, so I get lots of
false positives. Search through your spam folder first.
\_ Neither showed up in spam (I've gotten no spam yet), they just
never got there. |
| 2005/1/20 [Computer/SW/SpamAssassin] UID:35831 Activity:kinda low |
1/20 I am getting spam that doesn't have a "for" header. It has a Received
"By" and "From" header but no "for". Is "for" not required? Does
"legitimate" mail ever not have a for header? If not how would I tell
procmail to filter it, if so, how would I tell spamassassin that it
\_ well, how about the following in your .procmailrc?
# The following deletes anything that doesn't have the right To field.
# However, most mailing lists don't have it either, so you may
# want to rewrite rules.
:0
* !^To: holubtom@csua.berkeley.edu
spam |
| 2005/1/11-12 [Computer/SW/Languages/Perl, Computer/SW/SpamAssassin] UID:35663 Activity:nil |
1/11 How do I set up a spam filter without hosing soda with perl processes?
(something running on soda, not in my Windoze e-mail client) Thanks!
\_ The best you can do is to run spamc (which uses the shared spamd
daemon) instead of running spamassassin directly. |
| 2005/1/11 [Computer/SW/SpamAssassin] UID:35654 Activity:nil |
1/11 FTC Moves to Stop Illegal X-Rated Spamming
http://csua.org/u/anw
"Harrington said the agency located the companies and individuals
through e-mails consumers sent the FTC's data base in the spring."
Wow! I didn't know that spam forwarded to the FTC are actually looked
at. I thought it was a /dev/null to keep the public happy. Can we
make SpamAssasin forward all spam automatically?
\_ Aargh, mixed feelings.... |
| 2005/1/9-11 [Computer/SW/SpamAssassin] UID:35626 Activity:kinda low |
1/9 Why are people so antisocial as to hose soda terribly with
spamassassin processes?
\_ what is antisocial about using spamassassin?
\_ People who don't use spamc, or are runing their own version of
spamd instead of using the system process.
\_ I used spamc and stopped when the spamd kept dying.
\_ Without evil, how would we know good?
\_ Now that we know who you are, I know who I am. I'm not a mistake.
\_ Would you please explain how not to be evil? --PeterM
\_ From my first moments in aspo's cruel crush of demonic love, I have
been a slave to evil. |
| 2005/1/9-10 [Computer/SW/SpamAssassin] UID:35622 Activity:nil |
1/9 I've noticed that quite a few people will have an email address on
their resume that says something like
"firstname<dot>lastname<at>hostname<dot>com". Is there really any
point to this? Are there actually spam programs downloading people's
resumes in .pdf and .doc format, extracting the email address and
adding it to spam lists? Does anyone have any actual evidence that
this threat is real? It seems to me that if it is a real threat,
just putting in a bitmap of your real email address without the
stupid <dot> and <at> crap would do the same thing in a less annoying
way.
\_ Yes, the "threat" is real. Spammers troll through newsgroups,
webpages, etc. to gather possible addresses. And how would you
suggest putting a bitmap into the From field of a newsgroup
posting? Also, many of the later viruses scan all files on the
infected computer for well-formed email addresses and propogate
itself with those addresses as a forged from. There is some
speculation (and it seems well founded) that these were released
in the wild as yet another way to skim valid email addresses off
the net.
\_ Thank you. That is useful. I can see how the <at> stuff would
be useful for usenet, but I meant that for a resume you could
embed a bitmap of your email address if it was in .pdf format
with no loss of visual quality. |
| 2005/1/7-8 [Computer/SW/SpamAssassin] UID:35595 Activity:low |
1/7 So, is TinyP2P really only 15 lines, or should we include the numerous
imports?
\_ It's written in Python, what do YOU think?
\_ I think some humorless people don't get things. -op
\_ import spam, spam, spam, spam, spam, spam, spam, spam # I think |
| 2005/1/7-8 [Computer/SW/SpamAssassin] UID:35594 Activity:nil |
1/7 How do I have spam assasin dump spam to /dev/null?
\_ In your .procmailrc, just put /dev/null instead of the name of
your spam folder. |
| 2005/1/1-2 [Computer/SW/SpamAssassin] UID:35510 Activity:high |
12/31 Uh, is it me, or it seems that the spammers are getting better and
getting through spamassassin, a lot more frequently in the past
few weeks?
\_ ifile
\_ Alas, no. Most of the things I have getting through SA are
dictionary attacks that fuck the Bayesian net. Ifile, which
_only_ depends on this will do even worse.
\_ Using the two in combination gives near perfect results.
\_ What does ifile do that the SA Bayesian code doesn't?
\_ Not sure, but I'm not having any problems with spam.
The one thing I can claim is that the ifile database
is vastly smaller on disk than SA; currently it's
< 300Kb. |
| 2004/12/27-28 [Computer/SW/SpamAssassin] UID:35452 Activity:low |
12/27 Why did spamassassin suddenly stop working?
\_ it might not be working for you if you are over quota.
\_ I am under quota.
\_ Spamassassin has built-in anti-hozer technology. You
are a hozer and spamass knows! It doesn't like you!
\_ It works again now w/o me changing anything. |
| 2004/12/25-27 [Computer/SW/SpamAssassin] UID:35439 Activity:nil |
12/25 Anyone else notice spammers being out in full force the last couple
of days? The amount of spam that has gotten past the spam filter
seem to have increased ten fold.
\_ The last two weekends, definitely. I've also seen a number
of email services being crushed because of bounces to forged
From addresses. Bad shit. --scotsman |
| 2004/12/18-20 [Computer/SW/SpamAssassin] UID:35350 Activity:nil |
12/18 Why is shit like "replica watches" still getting through SpamAssassin?
Aren't the rules updated regularly? And how do I increase the number
of points that the Bayesian filter can add? thanks.
\_ perldoc Mail::SpamAssassin::Conf
As for why, look at the report of tests failed in the message
header. It will always be easier to defeat filters than to
detect spam; detecting spam is an unbounded problem. -tom
\_ Like NMD. |
| 2004/12/10-11 [Computer/SW/SpamAssassin] UID:35239 Activity:high |
12/9 Does anybody have a bunch of spam (sent to a soda address) I can feed
to my Bayes spamassassin routine? -- ulysses
\_ /csua/tmp/mail/scotsman/spam.*
\_ /csua/tmp/scotsman/mail/spam.*
Tons... --scotsman
\_ directory does not exist?
\_ fixed.
\_ wow, thanks! (LOTS of spam indeed!!!)
\_ I remember the good old days when most/all of my spams were
filtered. Nowadays, I get an average of of 20+ spams a day. :(
\_ The server http://zog.net runs on has a combination of a few (fairly
conservative) blacklists, Postfix with greylisting, and rate
limiting for inbounds coming from any given IP (really harsh
limits set for any APNIC IP.) The spams are kept to a tiny
minimum, especially after greylisting and setting a 2/second
limit for the Asian addresses. -John
\_ Got a pointer as to how to set this up???
\_ What do you mean by "set this up". What do you wish to do?
-- ulysses
\_ Someone set us up the spam!
\_ I want to enable bayesian filtering on my mail spool.
\_ Oh...The short version is, if you are using SA, it already
is unless you've turned it off in your userprefs. SA
requires training on a minimum 200 hams & 200 spams before
it will begin adding Bayes-based scores, though. You can
adjust these minima in the userprefs. Email me if you
want to here more or google for sa-learn. -- ulysses
want to hear more or google for sa-learn. -- ulysses |
| 2004/12/4-5 [Computer/SW/SpamAssassin] UID:35169 Activity:nil |
12/3 Is oxford-royale.co.uk valid? Or is this a new spam/phishing scam? |
| 2004/12/2-4 [Computer/SW/SpamAssassin] UID:35153 Activity:nil |
12/1 If somebody has a procmailrc that *appends* list-serve messages to an
existing mailbox file, I would like to see it. I only see how to copy
msgs to a dir, each as a separate file. I have STFW and am apparently
between two highly separate quanta of procmail fu. --ulysses
\_ i don't understand your question. if you don't specify
any rules, procmail will filter all your mail into one file.
if you specify another rule, it will filter the filtered mail...
into a file, appending the new messages to the existing
messages in the file. what can't you do?
\_ Never mind. I found what has been wrong all this time. It had to
with the fact procmail cds to $MAIL as soon as that variable is
declared. Thanks.
\_ MAIL = /home/username/mail
### bugtraq
:0c:
* ^List-Id:.*bugtraq.list-id.securityfocus.com.*
$MAIL/bugtraq |
| 2004/11/22-23 [Computer/SW/SpamAssassin] UID:35027 Activity:kinda low |
11/22 wow... first spam utilizing figlet-style letters. bastards
____ ___
/\ _`\ /\_ \
\ \ \L\ \ ___\//\ \ __ __ _
\ \ , / / __`\\ \ \ /\__`\\ \/\'\
\ \ \\ \ /\ \L\ \\_\ \_/\ __/\/> </
\ \_\ \_\ \____//\____\ \____\/\_/\_\
\/_/\/ /\/___/ \/____/\/____/\//\/_/
\_ spamassassin didn't mark this as spam. |
| 2004/10/28-29 [Computer/SW/Database, Computer/SW/SpamAssassin] UID:34416 Activity:nil |
10/28 Re: "spamassassin going over quota" thread below, I will restate:
Try ifile. It's an excellent bayesian filter whose database currently
uses less than 230K for me.
\_ I tried setting up ifile. It was that much more complicated and
didn't work nearly as well as sa once I did. YMMV. Still, if sa is
going to consistently involve up to 10M of reference files, I may
give it another go. I have only so many hours to burn on this stuff,
though. I am not the sysadmin from a couple of days ago who "works
1.5 hours a day". |
| 2004/10/24-25 [Computer/SW/SpamAssassin] UID:34316 Activity:moderate |
10/24 Is everybody getting spams purportedly from SBC that ask you to click
at some http://sbc.m0.net/xxxxxx ? The emails look legit enough and
SBC does have my my soda email, but I explicitly opted out from any
updates and the link address looks suspicious.
\_ It's known as "phishing", is very common (especially to try to
collect bank/login details for some official-looking page), and
often uses some sort of browser exploit to make you think you're
at a legit page (in this case obviously not.) -John
\_ <DEAD>m0.net<DEAD> is a domain used by Digital Impact, which is a legit email
marketing company that makes suspicious URIs
http://www.digitalimpact.com/clientslist.php
\_ Don't you just hate it when companies do that? I got a mail
from ETRADE through <DEAD>p0.com<DEAD> and thought it was fake, so I
forwarded it to security@ and got a reply saying that it's
real. No matter. I always go to their site directly and find
where I need to go, even when they give me a link.
\_ Since I explicitly opted out of everything when I signed up,
is SBC risking big fines by spamming me, or is there always
an escape clause for big companies? -op
\_ What they usually do is add a new class of message that
you have to opt out of. It is very unlikely you'll
successfully sue them. -tom
\_ Maybe you should ask a trial lawyer |
| 2004/10/23-24 [Computer/SW/SpamAssassin] UID:34313 Activity:kinda low |
10/23 Oh great... now I'm getting tinfoil spam from both the left and
the right. All of you please die. Thank you.
\_ Didn't CAN-SPAM (or something similar) have some provision allowing
for "informative messages" from politicians? Tee hee. -John |
| 2004/10/23-24 [Computer/SW/SpamAssassin] UID:34310 Activity:nil |
10/23 Okay, I'm now getting a couple of spams per week offering me deals
on Rolexes. Wtf? The guys at the gas stations bought computers? |
| 2004/10/14-16 [Computer/SW/Database, Computer/SW/SpamAssassin] UID:34119 Activity:nil |
10/14 I've been getting some errors trying to mark spam in spamassassin
the last few days. "Cannot open bayes databases [...]
Inappropriate file type or format." RTFMing seems to indicate
that I need to migrate my bays_tok database using the BerkeleyDB
db_dump program, but I can't seem to find this executable. Pointers
to the program or alternate solutions appreciated. Thanks!
\_ db3_dump might be what you're looking for -dwc
\_ did they install spamassassin 3.0 on the machine you're using?
it seems like in 3.0 the bayes database format changed, so you
need to retrain.
need to retrain. |
| 2004/10/7 [Computer/SW/SpamAssassin] UID:33966 Activity:nil |
10/4 There's an email account I created and used for donotcall.gov
and today I started getting spam on it. What happened??? |
| 2004/10/6 [Computer/SW/SpamAssassin] UID:33948 Activity:moderate |
10/6 in honor of Rodney, " i get no respect, i get spam automatically
rejecting me for home loans "
\_ " i get no respect, i get spam asking me to turn off my webcam"
\_ I hear that they're donating his body to science fiction. No
respect, I tell you, not even in death. (RIP)
\_ "I get no respect, my MOTD trolls don't even get nuked."
\_ "I get no respect, <DEAD>Make-my-penis-grow.com<DEAD> thanked me for buying
from http://TeenGirlz.com" |
| 2004/9/26-27 [Computer/SW/Languages, Computer/SW/SpamAssassin] UID:33760 Activity:high |
9/26 What's the line for .forward to send incoming mail via procmail,
and _then_ forward to a@b.com?
\_ A .forward file isn't powerful enough for that. Do it all from
procmail instead, by adding this to the end of your .procmailrc:
:0
! a@b.com
\_ That will eventually create a mail loop that's not detectable
by sendmail.
\_ Erk, cool, thanks. Any way around this? -op
\_ i use the following in my .procmailrc... if this can still create a
mail loop, please let me know how to fix it:
:0c:
*!^FROM_MAILER
! a@b.com
\_ Use something like this:
:0f
*!^X-Loop: yourname@csua.berkeley.edu
| formail -A"X-Loop: yourname@csua.berkeley.edu"
:0ac
! a@b.com
Some comments: 1) there is no need to use locks since you're
not writing to a file. 2) The "X-Loop: yourname@csua.berkeley.edu"
header keeps track of whether this message has been forwarded
before. 3) You can combine this with any other rules you have on
your mind. 4) these two recipes must be listed strictly in this
order (see the meaning of "a" flag).
I have been using the plain "!" recipe without any checks before
and got burned many times and as a mail sysadmin I have seen lots
of users get burned by this too. The problems usually start when
the <DEAD>b.com<DEAD> refuses to accept mail for some reason. Then sendmail
will attempt to deliver the bounced message to your mail box. But
since you have a procmail rule that tries to forward everything
to the other host, it will keep forwarding mail until your csua
account goes over quota. Your *!^FROM_MAILER rule might work
fine for this purpose too, but it will fail to forward messages
that were mail errors that didn't appear as a result of a failed
mail forwarding attempt.
\_ thanks! -FROM_MAILER guy |
| 2004/9/20 [Computer/SW/SpamAssassin] UID:33631 Activity:nil |
9/20 If I create an online comment form, do I have to worry about a
robots.txt to prevent spiders from sending lots of blank comments?
\_ Don't worry about it, robots don't do "submit".
\_ More accurately, the robots that pay attention to a robots.txt
file don't do submit. However, many blogs are being inundated
with comment spam from robots. I think some of the popular
weblogging software has tools to minimize this. |
| 2004/9/8 [Reference/RealEstate, Computer/SW/SpamAssassin] UID:33421 Activity:nil |
9/8 Can someone please explain the following spam that I just received:
"Any prime minister can bounce apartment building beyond marzipan, but
it takes a real freight train to sheriff living with.Any short order
cook can seek related to satellite, but it takes a real bubble to
toward midwife.And befriend the dark side of her philosopher."
??? What is this an advertisement for?
\_ umm, that's just some random text to fool spam filters. the real
pitch is probably an html attachment or graphic or something.
\_ Nothing was attached.
\_ It's most likely an address miner. It didn't get bounced, so it was
sent to a valid address.
\_ No need to send any text in that case. |
| 2004/8/30 [Computer/SW/SpamAssassin] UID:33226 Activity:high |
8/30 I just got a spam that included references to Empedocles and
Anaxagoras in order to get past the spam filter (it obviously
got through).
\_ You need a permit to hold a protest in a public park.
\_ Are you sure it wasn't just email from psb? |
| 2004/8/9 [Computer/SW/SpamAssassin] UID:32773 Activity:kinda low |
8/9 I am looking for tools which removes email attachments from the
mailbox while leave the rest of the email text intact. Does such
thing exists?
\_ what mail format?
\_ command line or graphical? you can do this with procmail
\_ You can also do it with mutt.
\_ procmail
\_ standard RFC-compliant mailbox format. I thought about
procmail. I would like to do the following: change all
HTML to text (lynx), all the WORD document into pure text.
and... use iconv to change non latin character set to UTF8.
Procmail wizard... show me example(s) please? --OP |
| 2004/8/6 [Computer/SW/SpamAssassin] UID:32747 Activity:moderate |
8/6 I'm sending a reminder mail out with cron. So I used the:
mail recpiant@nowhere.com < email command.
This works but I don't get a subject. How can I send my email
with a subject? No, this isn't Spam. -jrleek
\_ mail -s "Make money fast" recpiant@nowhere.com < email
\_ but make sure you are using /usr/ucb/mail since /usr/bin/mail
doesn't have the -s option
\_ as if any spammer is doing that.
\_ Well I needed a sample subject line so I decided to make fun
of his assertation that he wasn't spammming. |
| 2004/8/6 [Computer/SW/SpamAssassin] UID:32734 Activity:nil |
8/5 spamassassin 2.64 installed; bugs to mconst. |
| 2004/7/19-20 [Computer/SW/SpamAssassin] UID:32365 Activity:high |
7/19 Why SpamAssassin is totally doomed:
http://cockeyed.com/lessons/viagra/viagra.html
\_ This was already posted, and it was stupid the first time.
\_ AFAIK, this is the third time someone posts this link.
(first one was months ago)
\_ I don't know about you, but I found Spamassassin does a pretty
good job as it is.
\_ anyone who tried to combine Chinese Word segmentation methods
and spamassassin so it can be used to filter out Chinese junk? |
| 2004/7/3 [Computer/SW/SpamAssassin] UID:31153 Activity:very high |
7/3 Does Soda's spamd check against Razor and DCC? On my own server, I was
getting 20-30 spams per day and when I added DNS/RBL checks, now I get
about 2/week. I rarely get Spam on soda, so I'm guessing the answer is
yes.
\_ read the spamassassin score. the answer is there. |
| 2004/7/2-4 [Computer/SW/SpamAssassin] UID:31126 Activity:high |
7/2 I notice that in my .spamassassin directory, there is a 5
Meg file called bayes_toks. I _do_ understand why it is there.
But, there is another 5 Meg file called bayes_toks.expire84232.
And there are 4 other bayes_toks.expire files of varying
size. Why are they there? Can I delete them? My spamassassin dir
takes up nearly 13 Megs. I gather that the expire files can be
deleted. I believe that I hit my hard quota while spamc was
running, leaving these orphaned files. Assuming this to be the
case, how do I stop spamc from auto-learning?
\_ So, I noticed that in my messages that were classified as spam,
it said "autolearn=no", but in those classified as ham, it said
"autolearn=ham", so I thought that the expire files are created
while it's trying to auto-learn. But in fact, it seems that it's
when I receive spam (at least in one case) that it creates the
expire files. What is it doing when it is creating
bayes_toks.expire files and how do I get it to stop? I just
want it to filter my mail. Why should it create any files? I
can sa-learn it on my own time. -op
\_ autolearn=no means spamassassin doesn't know whether it is spam or
ham. You need to train spamassasin manually with that message.
According to the global setting in
/usr/local/share/spamassassin/10_misc.cf
Any mail with score > 12 is learnt as spam.
Any mail with score < 0.1 is learnt as ham.
\_ http://csua.org/u/80t
\_ this is a good example of why url shortening can be bad.
\_ I don't think it's terribly bad, but if it makes you feel
better, I've changed the result page for shortcutting so it
shows Title: link for easy copy-and-pasting of the whole
thing. It won't necessarily end up shorter than the original
that way, but it will possibly be more informative. --dbushong
that way, but it will possibly be more informative.
--dbushong |
| 2004/6/30-7/1 [Computer/SW/SpamAssassin] UID:31102 Activity:high |
6/30 http://www.mailinator.net/mailinator/Welcome.do Can be very useful. After http://bugmenot.com, this looks like a very neat site. \_ This is cool. You might also like http://spamgourmet.com (which doesn't make your email public, and doesn't delete it after a few hours; however, it does require you to sign up). \_ or sneakemail. \_ I don't get it. Why not just create a specific spam account and use that for these throwaway things? Seems easier than dealing with these services. |
| 2004/6/30-7/1 [Computer/SW/WWW/Browsers, Computer/SW/SpamAssassin] UID:31094 Activity:nil |
6/30 Gmail Q: I already got my first peice of uncaught spam.
I'm not 100% sure from the subject, though, so I want to open it.
I don't want to read any images from their server (obvi) and I don't
see a config setting for that. Is there one that I have just missed?
\_ gmail doesn't seem to show me images by default anyways.
\_ You can't use lynx or elinks? |
| 2004/6/30 [Computer/SW/SpamAssassin] UID:31080 Activity:insanely high |
6/30 Fucking spammers. Even after using spamassassin and using sa-learn
on every single spam I get, I still get about 10 a day. I seriously
hope those guys get a nice ass raping in jail.
\_ Thanks for sharing.
\_ I firmly believe that the only solution to the spam problem will be
vigilantism. And I mean hiring a guy named Vinny to go break a
spammer's thumbs.
\_ fuck vinny, send in the special forces
\_ We used to talk about this in grad school a lot, going to find
the script kiddies who broke into our machines. We thought we'd
figure out who it is (== snot-nosed 14 year old from Ohio),
take a roadtrip, and surprise the kid's parents when they'd
come home and find their kid duct-taped, spreadeagled, upside
down attached to their garage door.
\_ Cf. The Big Lebowski
\_ why are you workstations on public net? NAT is exists in
part to protect people like you from yourselves on the
dangerous public network you're not ready for.
\_ You can still click a mouse without a thumb.
\_ "If you disable your enemy's hand, he cannot press a button.
Medic!".
\_ I run something that works. All that's slipped through in the
last month are 3 0 body messages and 2 spams. So keep looking,
maybe you'll find a spam filter that works for you.
\_ I use SA. About 1 spam per week makes it to my inbox. The rest
goes to my spam folder. About 1 ham per month gets in the spam box.
\_ You manually go search for ham among hundreds of messages? |
| 2004/6/22-23 [Computer/SW/SpamAssassin] UID:30961 Activity:nil |
6/22 How do I get rid of the header of a message in procmail? I want
to take only the body of a message and save it to a file/folder.
\_ Use ":0 b" at the beginning of the rule instead of just ":0". |
| 2004/6/22 [Computer/SW/SpamAssassin] UID:30949 Activity:high |
6/22 Simple mail question: How do I set up .forward to only forward mail
that has passed my spamassassin filter? (I want a copy of my mail to
go to my yahoo account)
\_ Read up on procmail
\_ set up procmail to stick all email flagged as spam in your spam
folder on soda (or stick it in /dev/null) and have your last
procmail rule be 'forward your mail to your yahoo account'
\_ Got it, thanks! Procmail is sweet.
\_ How can you have unix based email and not use procmail?
\_ Was using it but had cut and paste a recipe together,
finally took the time to read up on it some more
\_ Excellent. The motd is a good place for procmail help
if you're not asking RTFM questions. |
| 2004/6/18-19 [Computer/SW/SpamAssassin] UID:30913 Activity:high |
6/18 Goddammit! What is up with soda's spam blocking??? 50 German messages
in a day! Didn't happen last week!
\_ you only got 50? lucky you. i'm getting 300/day...
\_ Try saving a bunch of them (at least 50) to a file, and run
sa-learn --mbox --spam filename
\_ and I'm getting them at work now...
\_ Forward all of them to uce@ftc.gov. |
| 2004/6/17 [Computer/SW/SpamAssassin] UID:30856 Activity:very high |
6/17 Is spamassassin broken?? I'm getting tons of German messages in my
mailbox
(yes, I have the proper .procmailrc set up). This is recent as of
this week.
\_ No, Spamassassin just sucks. But seriously, the german spam has
taken a lot of antispam people by surprise. Run them through SA's
Bayes filter. A few should do it.
\_ SA caught the German spam for me. SA has worked great for me for
years. I don't understand what the rest of you are doing to
make SA not work.
\_ Geben Sie ihr grosseres etwas! |
| 2004/6/16 [Computer/SW/SpamAssassin, Computer/SW/Unix] UID:30838 Activity:very high |
6/16 It's not in any way against CSUA policy to have procmail check
your quota each time it runs, is it?
\_ Why would it be?
\_ I think the quota file might be a bit of a chokepoint for the
filesystem; probably bad if everybody were to do it. Perhaps
try du -d1 instead?
\_ du -d1 is way more impact than quota. -tom
\_ Yeah, wow. Use your head: with quotas on every filesystem
op results in a quota check; how can it be high overhead?
\_ Please correct me if/where I'm wrong: quota files are
maintained at the root of each file system, and,
empirically, I've noticed that quota results are cached:
quota -v; rm reallyBigFile; quota -v; sleep; quota -v;
I imagine this cache resides at the FS root as well, so
hundreds of users x hundreds of spams = 1000s of writes
to the quota cache = possibly slow disk access.
Different cases possible with softupdates and/or
kernel-based memory cache.
\_ Quotas are kept in memory, in the kernel; you can
access them with the quotactl system call. There
are quota files at the root of each filesystem too,
but they're only used to initialize the kernel's
quota information at boot time.
Since it's all stored in memory, updating the quota
information when you create and remove files is
trivial. You only see delays because soft updates
is delaying the actual writes to your files, and thus
delaying the quota updates too -- on systems without
soft updates, quotas update instantly. --mconst
\_ you could have verified this yourself by using the
"time" command to see that du -d1 takes an order of
magnitude longer than quota, instead of sounding off
like a moron. -tom
\_ great way to encourage discussion. you rock!
\_ That suggests that although writing/deleting lots of
spam could load the system (which we already know)
lots of people reading the quota file will probably
not be a big load, or at least not any worse than
reading a file of spam-filtering rules.
\_ depends on your personality
\_ I'll take this discussion as "No, it's not against policy".
\_ you can take it that way (i would) but just be sure you don't
end up a hoser; that's the policy you need to worry about
here. - erikk |
| 2004/6/12-14 [Computer/SW/SpamAssassin, Computer/SW/Unix] UID:30772 Activity:high 64%like:30791 |
6/12 I'm going to switch my dsl provider this month and the new guys don't
offer webmail. Does anyone know of a cheap (~ $5/mo) web mail provider
who is reasonably reliable? I've been told to take a look at .Mac, but
I'd like to hear other suggestions. tia.
\_ I use http://totalchoicehosting.com and have mail (imap, pop3, webmail) as
well as www and ftp. Starts at $4/mo.
\_ thanks I'll take a look.
\_ gmail
\_ I'm not interested in free services that read your email and
stick stupid ads in the messages. I also don't want to have
a bunch of junk cluttering up the web ui.
\_ the ui is really nice, not cluttered, the ads are very
subtle, and it doesn't _read_ your mail, unless you think
just having your data on their servers means "reading"...
it's on-the-fly keyword triggers, not "reading."
\_ How is the spam filtering on gmail?
\_ Are you either a google employee or a friend of one who is
likely to materially gain from friends-and-family options
in the IPO? On-fly-the keyword triggers means they had to
scan my mail. I don't care if they did it when it came in,
when it was sitting on their servers or "on-the-fly" when
I read it. They're still reading for content.
\_ wow, so what do you think the other webmails do when
they scan for viruses? Or is that somehow, not reading
the content?
\_ they're scanning for my benefit for something I would
do for myself. google is scanning for their benefit
to insert ads which is something i would not do for
myself. the difference should be obvious to anyone
not likely to gain financially from google's sucess.
again, are you an employee or other person likely
to benefit from the google ipo or other google
successes?
\_ I guess I wouldn't be scanning my mail, since
I don't run windows.... but no, I don't have
any stake in google at all.
\_ Followup. Has anyone heard of http://his.com or webserve.ca? Both seem
to provide web mail for around $5/mo. |
| 2004/6/11 [Academia/Berkeley/CSUA/Motd, Computer/SW/SpamAssassin] UID:30756 Activity:nil |
6/11 Anybody know what's the story with all this new German spam?
At least it is easy to filter.
\_ Now that you have discovered the German spam we will have to kil
you.
\_ you deleted my post. Please use motdedit if you're not going
to be careful.
\_ do you have any idea what happened to the last guy that whined
about his post and motdedit? |
| 2004/5/29-31 [Computer/SW/SpamAssassin] UID:30489 Activity:moderate |
5/29 Using the required_hits field in spamassassin sorts between spam
and ham. Suppose I want it sorted into 3 ways. Anything over 10
is considered definately spam and deleted. Anything between 4 and
10 is considered maybe spam and saved to a file. And anything
less than 4 passes through. How can I do this?
\_ With a procmail recipe that looks for 10 or more "*"s in the
spam hits header line and /dev/nulls those.
\_ Thanks!
\_ http://csua.com/?entry=11401
Specific usage
\_ why the 7th '\' in that example?
\_ if you need help chaining the rules
http://inst.eecs.berkeley.edu/cgi-bin/pub.cgi?file=procmail.help
\_ Thanks. I understand why there are 6 '*'s, each
preceeded by a '\', but why is there a 7th '\' at the
end?
\_ Looks like a typo to me |
| 2004/5/27-28 [Computer/SW/SpamAssassin] UID:30456 Activity:moderate |
5/27 Spammer sentenced to 3.5 to 7 years.
http://www.reuters.com/newsArticle.jhtml?storyID=5278816
\_ Yay! Does he get a free ass raping? Maybe he needs some
m'ed'is(in3 40r mak-in(g h}i{s pe-ep&pee bi^gg$er!
\_ Wasn't that the idiot who couldn't even make any money off his
crappy identity theft/spamming scheme?
\_ perhaps a better sentence would be to make them stay in jail until
they've read every single email they ever sent out.
\_ that's not harsh enough. |
| 2004/5/25-26 [Computer/SW/SpamAssassin] UID:30419 Activity:very high |
5/25 Has anyone noticed spamassassin missing quite a few recently?
\_ yes, many. Been gathering them to train the bayesian filter,
hope that will help. It's been quite a while since the last
release...
\_ Just installed the most recent yesterday and it's 20/20 correct and
no false positives of about 75 in.
\_ do you mean 2.63, or is 3.0 out?
\_ 2.63. I briefly considered 3.0alpha/beta but I prefer that
it just work. |
| 2004/5/25-26 [Computer/SW/SpamAssassin] UID:30410 Activity:high |
5/25 Phish to break up. YAY!
http://www.cnn.com/2004/SHOWBIZ/Music/05/25/phish.breakup.ap/index.html
\_ But think of the poor acid dealers!
\_ There's always more users. No one ever OD'd on acid. |
| 2004/5/24 [Computer/SW/SpamAssassin] UID:30389 Activity:high |
5/24 If Mlocal is configured to use procmail, it will use my .procmailrc
file without explicitly piping to procmail via .forward, right?
\_ It's sort of the wrong question (You don't configure Mlocal to
use procmail. You add Mprocmail.) but yes. |
| 2004/5/21 [Computer/SW/SpamAssassin] UID:30341 Activity:kinda low |
5/21 In the following procmail example (found on a procmail help page),
is there any reason for the extra ':' on the first line. What file
is being locked? Even if one of the actions were writing to a
file, wouldn't it be sufficient to just have the extra ':' right
before that particular command, and NOT before the '{'?
:0: # forward jokes to my wossamatta u. account
* ^From.*bob
* ^Subject:.*(joke|funny)
{
:0 c
! rocky@wossamatta.edu
:0
| lpr -Pacsps
} |
| 2004/5/20-21 [Computer/SW/SpamAssassin] UID:30333 Activity:high |
5/20 Stupid procmail question from a procmail newbie:
Sometimes a line has ':0'. Sometimes it's ':0c:'.
What's the significance of the 2nd ':'?
\_ http://www.zer0.org/procmail/mini-faq.html#syntax-colon
\_ Thanks! -op
\_ OK, so this isn't working for me. I want, under a certain
condition, for a message to go to a certain folder AND be
forwarded to a certain address. I have:
:0
* condition
{
:0c:
${MAILDIR}/file
:0
!name@domain.com
}
Any idea why this doesn't do what I want it to?
\_ Are you sure your condition is correct?
\_ Yeah. It actually works. I was confused. The problem
is in the log file. It only seems to log the last
command. So, in the case above, it logs that it
forwarded the mail, but not that it saved it to the
file. It would be nice to log both, not only the
latter.
\_ There's a "VERBOSE" option for .procmailrc which
should come in handy. Just turn it off when you're
done or bounces will show to senders.
\_ You can use AND clauses
\_ Isn't that only for the condition? Or can
one use that for the actions too?
:0
* condition
!name@domain.com
:0 A:
${MAILDIR}/file
\_ This doesn't work, but thanks. It only logs the
1st action, and it doesn't seem to even do the 2nd.
\_ I'm getting a lot of SPAM at root on one of my computers.
Is there a good procmail rule to say "only accept mail
from my domain, say http://berkeley.edu, and unqualified names,
like those that may orginate on the local machine?
:0 :
* ^From:.*berkeley.edu
$MAILDIR
# send all other mail to dev null
:0
/dev/null
\_ Wont this trash mail that come from just "root" with no
@ sign in the From field?
\_ special case it. |
| 2004/5/11-12 [Computer/SW/SpamAssassin] UID:30173 Activity:high |
5/11 Is there a sure way to sign an email up for lots of spam?
\_ yeah I need to know too, my roomate fucked my my car and wouldn't
pay for it
\_ go sign up for a bunch of downloads online (quicktime, real audio,
http://downloads.com, etc.), put down his email, then click "Yes, send
me more information via email!"
\_ But I want to have really BAD hardcore spams showing there,
not just some legitimate but annoying promotinal offers.
\_ try porn sites, posting to newsgroups. maybe try
signing up for a hotmail account (which is a magnet
for spam) and then have it forwarded to his email
accout.
\_ troll some newsgroups.
\_ How do I tracelessly forge email address? Doesn't my ip
get recorded and sent along as part of the header?
\_ what do you care? do you think spammers check for spoofed
headers when they try to harvest email addresses?
\_ Well, maybe someone will google his email addr and find
a forged posting under his name. |
| 2004/5/6 [Politics/Domestic/California, Politics/Domestic/President/Bush, Computer/SW/SpamAssassin] UID:30047 Activity:high |
5/6 Guys guys, PLEASE!!! 1 or 2 political posts are ok, but 8-10 posts
on why Bush sucks, how his rating's decr, what he's doing wrong,
that even the Rep. are losing faith, etc etc. is just too much.
Most of the Sodans already hate eBush and are not gonna vote
for him anyways, why not post something interesting and original?
We have enough trash and spam to deal with already, please be nice
and stop the motd spam.
\_ learn to ignore shit if you don't want to read it.
\_ Learn how to nuke the motd. |
| 2004/5/3-4 [Computer/SW/SpamAssassin] UID:29966 Activity:insanely high |
5/3 I just got some spam saying that Ed Meese is running for
President. Is this true?
\_ I just got some spam saying, "UR DIKI IZ 2SMAL $D GIRLZ! UZE V'I
AG'ReA FRUM M3 2 MAEK B1G DIKI!!". Is this true?
\_ What will Warren Buffet say about this? |
| 2004/5/3-4 [Computer/SW/SpamAssassin] UID:29963 Activity:high |
5/3 How good is gmail's sperm filtering? I've considered stress-testing it
but it seems a shame to spoil a spam-free account for an experiment.
\_ you could make a sneakemail address and have it temporarily forward
spam to your gmail account. --jameslin
\_ I don't think gmail can filter any sperms. |
| 2004/4/26-27 [Computer/SW/SpamAssassin] UID:13395 Activity:nil |
4/26 Someone is using my domain as a return address to send a whole
lot of spam (if the bounce messages I am receiving are any
indication of quantity). I know this because I receive any
mail sent to my domain. Is there anything that I can do about
this? The bounce messages are annoying but I am most concerned
that I will end up on many spam filter black lists as a result.
Thanks for your useful and humorous suggestions,
\--mrehrer
\_ many bounce messages contain the bounced message attached,
complete with headers. this lets you have some idea of who
is behind the spam. if you can shut down enough of their
accounts, maybe they'll get the message and pick on someone
less troublesome.
\_ rofl... do you really think they keep their accounts a long
time in any case? Do you really think they know, or even care
who reports them? No. They PLAN on having throw away emails,
hosts, spam relays, etc.
\_ rofl... you're an idiot. note the part where i said maybe.
a lot of this does depend on the particular circumstances,
but most spammers do have to perpetually try to stay one step
ahead, so why have more meddling than necessary if they can
just pick on an easier mark? op may want to try a service
like spamcop with a little more clout than the average joe.
\_ If they're being hosted at a Good place, then sure, you might
have a chance of shutting them down. If they're on your system,
then sure, you can shut them down completely. If they're just
using your domain as the nominal return address, and they're not
hosted by a Good place, you may very well be SOL. Unless, of
course, you can find their Snail Mail address and make it
physically unbearable to continue.
\_ You may want to contact Matt Seidl (seidl@soda). He involved
himself in a lengthy lawsuit over exactly this sort of thing
a number of years ago. I don't know how his efforts panned
out. He used to keep a web page following events. -- ulysses
\_ http://www.wraith.com/seidl/lawsuit |
| 2004/4/26 [Computer/SW/SpamAssassin] UID:13387 Activity:nil |
4/26 Most spams/frauds are easy to spot, but what if someone from Africa
wrote you with professing interest in buying stuff that your biz
advertises? Should one discount everything from Africa?
\_ Has anyone ever actually replied to one of those spam emails
asking for help transferring funds? What happens when you contact
them? Do they then ask you for some money?
\_ there are actually whole websites devoted to this topic. there
are pictures of these people posing with the nigerians too.
stfw for 419 related stuff.
\_ http://419eaters.com is my favorite.
\_ I would personally not take the risk, since it is probably 90%
likely to be a scam. But if you do decide to do business with
an unsolicited customer from overseas, make sure you have cash
in hand before sending merchandise. Not a cashiers check, either.
\_ Seconded. You could also use an escrow agent.
\_ Use http://www.escrow.com I was ripped off by a phoney escrow
agent that a seller suggested to me.
\_ What's wrong with a cashier's check?
\_ They can be faked. Even if your bank puts the money in your
account, then can still take it back if the check comes back
phoney.
\_ Damn! I didn't believe this, googled a bit. That's pretty
depressing, so many gotchas out there... *sigh*
http://www.craigslist.org/about/scams.html So is there any
way to quickly check whether a cashier's check is valid or
not? Why can't this be immediate?
\_ Did you hear about the guy who got $100K in cash from
a phony check?
\_ Yeah! And then she dried her dog off in the microwave
oven and he exploded and turned into an alien and ate
her spine!
\_ Uhm, it's actually a pretty well documented story.
\_ I always thought cashier's check is as good as cash, and
that when I send out one I always assumed it's gone.
Guess regulations are always designed so that only
criminals can take advantage of it. |
| 2004/4/20 [Computer/SW/SpamAssassin] UID:13278 Activity:nil |
4/20 I got this on a spam's subject: "cum like a port actor". What is a
"port actor?"
\_ Port actors will destabilitze the whole middle east.
\_ If it's anything like aft actor, I'd be amazed.
\_ It's someone who performs a porn star-boarding. |
| 2004/4/19 [Computer/SW/SpamAssassin] UID:13270 Activity:nil |
4/18 How are the bayes_seen and bayes_toks files updated in my homedir?
(I filter my mail through spamc).
\_ spamd changes to your uid and updates them. This assumes that
bayes_auto_learn is turned on in spamassassin's
configuration file, and that a piece of spam is above the
bayes_auto_learn_threshold_spam value or, conversely, a piece of
nonspam is below the bayes_auto_learn_threshold_nonspam value.
If they're not set to your liking in the systemwide spamassassin
configuration file, you can turn them on in your
~/.spamassassin/user_prefs file. Of course, auto learning doesn't
do much good since it's only going to learn stuff that is
*definitely* spam or *definitely* not spam, and spamassassin
can already identify those. Consider manually running
sa-learn --spam on your spam folder if you have one,
and sa-learn --ham on your non-spam folders. It really helps.
-dans |
| 2004/4/6 [Computer/SW/SpamAssassin] UID:13028 Activity:low |
4/6 Did something happen recently to spamassassin which causes it to
put annotated spam in your inbox instead of your ~/spam directory?
\_ Check yer quota dude. |
| 2004/4/5-6 [Computer/SW/SpamAssassin] UID:13026 Activity:nil |
4/5 [spam is not intriguing]
\_ Everthing happens according to God's holy plan. There is a deeper
message to your spam that you would realize if you only opened
your heart. |
| 2004/4/2-3 [Computer/SW/Languages/Misc, Computer/SW/SpamAssassin] UID:12993 Activity:nil |
4/2 Interesting. Now I'm seeing spams that consist entirely of HTML
mail containing Javascript code that reads characters from a
numerical array - the spam consists of little more than a list of
numbers. Funny that spam detection techniques have slowly pushed
the spammers into making their mail illegible.
\_ but that's easy enough to filter. what legitimate reason is there
to allow javascript in email? (heck, I still think there are few
good reasons for HTML mail at all...)
\_ I think rich-text-format is good enough. No need to go HTML.
\_ there was never any reason to allow html in email. or really
i should say the disadvantages overwhelm the minor advantages. |
| 2004/4/1-2 [Computer/SW/SpamAssassin] UID:12980 Activity:high |
4/1 Spammer gets seven years in prison:
http://uk.news.yahoo.com/040402/325/eq4ri.html
\_ Should be shot. |
| 2004/3/19-20 [Computer/SW/SpamAssassin] UID:12760 Activity:nil |
3/19 I now have a 10mb LSPAM file. Can I get rid of this thing so I don't
have worry about my quota anymore?
\_ man rm
\_ Were you trying to amass a decent body of spam, or is that just
the result of using ifile/spamassassin? If a), then just train
your categorizer and delete. Otherwise, delete. |
| 2004/3/18 [Computer/Companies/Yahoo, Computer/SW/SpamAssassin] UID:29873 Activity:moderate |
3/18 How is it that I attach a 167k jpeg to send via yahoo, and once
it's attached, it's now 222k?
\_ because it encodes the file in a format that isn't as compact
\_ So when yahoo or hotmail says there is a 500k limit on the
size of an attachment, are they referring to the original, or
the encoded version?
\_ because it came in contact with one of the spam mails advertising
to grow your member. |
| 2004/3/16 [Computer/SW/SpamAssassin] UID:12697 Activity:nil |
3/16 How do I tell spamassassin that if it sees certain subject, To:
field, or whatever, to increase the number of spam points?
\_ Put it in your user_prefs. RTFM. |
| 2004/3/16 [Computer/SW/SpamAssassin] UID:12694 Activity:high |
3/16 If you knew someone was a spammer (a stranger), would you
want to beat the person up?
\_ was it good spam or bad spam?
\_ can any spam be good?
\_ spam & eggs. yum.
\_ I'd throw a can of SPAM through their window.
\_ And waste a perfectly good can of spam?
\_ there's an infinite supply. no worries.
\_ Here is an interesting question to full time spammers (people who
get paid writing and sending spam). WHAT THE HELL WERE YOU THINKING
KNOWING THAT YOU'VE ANNOYED 99% OF THE PEOPLE?
\_ I'm laughing on my way to the bank with the fortune I made from
the other 1%.
\_ I believe if just 1 in 100,000 respond, they profit. And there
is no shortage of people who will do anything for a bigger
penis.
\_ Are you on the ROKSO list of known spammers?
\_ Are there full time spammer on csua? I remember at least one
member had a list of all soda email addresses on his web page.
\ REALLY? I hope he was squished, right?
\_ I would want to kill them. I believe in vigilante action against
spammers. |
| 2004/3/15-16 [Computer/SW/SpamAssassin] UID:12665 Activity:nil |
3/14 Right, so spamassassin, while working like a charm, has generated a
2.5mb bayes_toks file. If I delete this, will I have undone every
bit of learning the program has done?
\_ umm, obviously?
\_ no, it's only a backup. the real data is stored in zero-point
energy fields. |
| 2004/3/6-7 [Computer/SW/Security, Computer/SW/SpamAssassin] UID:12550 Activity:kinda low |
3/5 This is fantastic. Free instant access no verification email account.
See the page for details.
http://www.mailinator.com/mailinator/Welcome.do
\_ The first time a spammer runs a dictionary attack against them,
they are toast.
\_ Mmmm... pointless comment.
\_ not my problem. it works right now. why would a spammer bother?
everyone is a potential DOS victim on the net.
\_ gee, why would a spammer bother to set up a bunch of free
access no verification email accounts? I can't imagine... |
| 2004/3/4-5 [Computer/SW/SpamAssassin] UID:12514 Activity:nil |
3/4 When was the last time you were fooled in opening a spam?
How were you fooled?
\_ A couple weeks ago. Name was familiar, and subject was "hey".
\_ spamassassin didn't catch it?
\_ spamassassin is no god. it works pretty well. I haven't
seen any filter can filter out spam 100% and easy to set
up. My spams cerntainly got cut down dramatically. Only
a few keeps fall through no matter how I keep using sa-learn
on them. But it is definitely way better than when I only
used procmail to filter them.
\_ That Osama game sent via AIM a few weeks ago.
\_ An eBay scam a month or two ago. It looked like it really was from
eBay, but the URL wasn't a real eBay survey. I was pissed at myself
for clicking on the link because I'm sure it verified my email. Oh
well, haven't seen an increase in spam in spite of my worries.
\_ don't worry, you will. |
| 2004/3/3 [Computer/SW/Virus, Computer/SW/SpamAssassin] UID:29850 Activity:nil |
3/3 HAHAHA. This virus mail was funny enough that I had to share:
Dear user of http://Berkeley.EDU,
Your e-mail account will be disabled because of improper using in
next three days, if you are still wishing to use it, please,
resign your account information.
Pay attention on attached file.
["attached file" is something called Document.zip]
\_ Kind of interesting to see a worm combined with a phishing scam. |
| 2004/2/12 [Computer/SW/SpamAssassin] UID:12224 Activity:nil |
2/11 What is the efficient soda way to use SpamAssassin? I have
7MB of related files in my home directory, which seems
silly. a big spamassassin file, and then soem big files
in .spamassassin/
\_ ifile
\_ man spam
\_ hey thanks, dickwads. Even more helpful though would
be a direct answer. |
| 2004/2/10 [Finance/Shopping, Computer/SW/SpamAssassin] UID:12185 Activity:kinda low |
2/9 I'm planning to go to New Zealand at the very end of December. Can
you recommend a local (Bay Area) travel agency?
\_ Why bother with a travel agency? I've never understood this.
\_ They can often get you better fares since they have
allocations of cheap tickets long after you cannot buy them
retail.
\_ Good luck getting cheap tickets to new zealand for the
end of December.
\_ I got good prices from Air New Zealand's web site for my Nov.
trip. Dec is more, but you should at least try there and make
sure you can't get the ticks there cheaper than through an agent.
But they do kinda spam the address I gave them. -crebbs
\_ ANZ has a $999 roundtrip special running until Nov. to celebrate
adding SFO to their route, but no specials after that. I'll
keep an eye on them, though, thank you. --OP
\_ Don't forget to bring your ozone layer.
\_ At least I don't have to bring my own Hobbit clothing:
link:csua.org/u/5xe (jpg) |
| 2004/2/6-7 [Computer/SW/SpamAssassin] UID:12145 Activity:nil |
2/6 I got a 'phishing' spam email. The phishing site gets DNS and
registration from Yahoo Domains. I've tried emailing Yahoo to get them
to revoke the registration, but no luck, and their phone trees are
designed to prevent me from talking to anyone. Anyone know the super
secret email or abuse phone numbers?
\_ (408) 349-3300 x 0
\_ Tried that without the extension and got the runaround....
Ok, they gave me a different phone number that really just points
to another branch of the same phone tree. That tree just sent me
to a person who said "I can't do anything. Send us email."
No wonder most companies sue first and ask questions later. |
| 2004/2/6 [Computer/SW/SpamAssassin] UID:12141 Activity:nil |
2/6 procmail folks: I'd like to filter a mail iff it matches 2 dif rules
the below doesn't work, what should i do? (besides rtfm :)
:0
* ^From: Mail Delivery Subsystem*
* *Dis address be full, (myguysforward_address@@yahoo.com)*
mail/trash
\_ Put one rule and then in an inside block put the other rule.
I don't know how deep procmail rules can go, but your case is
easily handled. |
| 2004/1/31-2/1 [Computer/SW/SpamAssassin] UID:12048 Activity:nil |
1/30 Has anyone else been getting these creepy messages/spams from Word
Of Mouth Connection? They say "someone is requesting information on
you," but in order to find out who, you have to pay money. Seems like
a total scam, and a seemingly very effective one as it plays on your
natural paranoia.
\_ sounds just like the secret crush/admirer spam.
\_ Yes. And I've blocked about 12 of their domains so far. It's just
spam shit. Here's my sendmail access file so the rest of you can
avoid adding them one at a time:
\_ http://www.choam.org/tbp/weblog/2003/11/26/000132
womc.info REJECT
http://womc.net REJECT
http://womc.com REJECT
wordofmouthconnection.info REJECT
<DEAD>wordofmouthconnection.net<DEAD> REJECT
http://wordofmouthconnection.com REJECT
wordofmouthreports.info REJECT
<DEAD>wordofmouthreports.com<DEAD> REJECT
<DEAD>wordofmouthreports.net<DEAD> REJECT
<DEAD>wordofmouthconnections.org<DEAD> REJECT
<DEAD>wordofmouthconnections.com<DEAD> REJECT
http://wordofmouthconnections.net REJECT
<DEAD>wominfo.net<DEAD> REJECT
<DEAD>wominfo.org<DEAD> REJECT
<DEAD>wominfo.com<DEAD> REJECT |
| 2004/1/31-2/1 [Computer/SW/SpamAssassin] UID:12047 Activity:nil |
1/30 So, if i'm using spamassassin -p /my/prefs/file and want to change to
spamc, can I? I maned spamc and didn't see a analogous flag.
\_ Currently, you can't; the protocol spamc uses to talk to spamd
doesn't include any way to specify which prefs file to use.
This wouldn't be too hard to add, though, if you think it would
be useful -- let me know. --mconst |
| 2004/1/28-29 [Computer/SW/SpamAssassin] UID:11989 Activity:nil |
1/28 invoke 'spamc' and not 'spamassassin' from your .procmailrc
11:19AM up 15 days, 18:26, 155 users, load averages: 4.69, 3.58, 3.22
grep -Hs spamassassin `locate /.procmailrc | grep 'procmailrc$'`
\_ is spamc reliable now?
\_ No problems with it since I started using it (2 months ago)
\_ If spamd crashes then I get a deluge of spam.
\_ If spamd crashes mail ROOT. |
| 2004/1/21 [Computer/SW/SpamAssassin] UID:11866 Activity:nil |
1/21 spamassassin is failing to tag messages like the following:
"Genierc and Sepur Viarga (Caiils) available oinlne!
Most trusted online source!
Cilais or (Spuer Vagira)
takes afecft right away & lasts 24-36 huors!
FOR SUEPR VAIRGA TOCUH HERE
Genierc Virgaa
costs 60% less! save a lot of $.
FOR VIGARA TOCUH HERE"
What are some ways to deal with this? I've tried blacklisting but
it's getting futile because they keep changing their address. Thanks,
-desperately failing
\_ check the headers of some of these messages for the Habeas header.
there is a viagra spammer abusing the header right now. SA honors
the header and deducts ~8 points. If this is true, disable habeas.
\_ It's not using habeas, it's just not scoring high.
X-Spam-Status: No, hits=x.x required=5.0 tests=HTML_20_30,HTML_MESSAGE
\_ retrain
\_ no, because at the end of these mails they put random
common valid words and training would increase the
chance of false positive making spamassassin less powerful.
If I'm not wrong, spammers are getting smarter and smarter
and as long as we have to worry about these things, they're
winning the war
\_ Nuke the site from orbit. Its the only way to be sure.
\_ I have the same spams and use SA too and I've noticed that while the
spellings change, 'TOCUH HERE' stays the same.
\_ Until it doesn't...
\_ sounds like some kind of typo count would be very good at spam ID
\_ I used motdedit and you overwrote my post. Bad sodan!
\_ I used me, too. you got the wrong guy. The guy who overwrote
your post posted this: "is that what he really did? And ..."
\_ But then drunk people can't send email!
\_ I hate spam but occasionally I get one that totally cracks me up and
that almost makes the rest worthwhile. Anyone else enjoy the
'white trash sluts' spam a little too much? |
| 2004/1/21 [Computer/SW/SpamAssassin] UID:11859 Activity:nil |
1/20 I'm started to get perfectly legit looking spam (not in black list,
not in Razor, not in SpamCop, etc etc). Look:
X-Spam-Status: No, hits=2.8 required=5.0
tests=HTML_10_20,HTML_MESSAGE,NORMAL_HTTP_TO_IP
version=2.55
I even use sa-learn on --ham and --spam mboxes, and it was cool
for a while till recently. What should I start doing?
\_ Upgrading to a more recent spamassassin version might help (the
current release is 2.63).
\_ just continue to ignore me: i'm using a very old version and
don't have these problems. you know why? no one is tweaking
their spam to my version. go ahead, get on the upgrade
treadmill. see what i care.
\_ Unplug and chill. |
| 2004/1/20 [Computer/SW/SpamAssassin] UID:11853 Activity:high |
1/20 spam filter poll. did you use only one and are happy, or have
you tried one, then switched to the other, and are happy?
spamassassin: ..
\_ Constantly need to tweak .spamassassin/user_prefs
ifile: ..
\_ Blocks 60 per day with 1 false positive every couple of
months. -scotsman
\_ been usin' ifile, but I get soo much spam it what it lets
through is still ridiculous.
\_ Do you retrain? -scotsman
ifile, then spamassassin:
spamassassin, then ifile:
none of them work:
misc:
SA, then ifile, then SA+ifile: very happy. If SA+ifile thinks it's
spam, then it's spam. If just ifile thinks it's spam, it's almost
certainly (95%) spam.
\_ just a comment on false positives. One false positive a month
is bad. Why? Who wants to go through their whole spam folder
daily looking for false positives? If you get to the point
where you don't double-check for false positives, that means
false positives = unreceived personal email = very bad.
\_ going through a spam folder every few days is a lot less of
a pain in the butt than having all your real email squished
inbetween the spam. It takes like 30 seconds to scan the
subjects and say "nope, all spam, nuke it".
\_ Well, duh. If I were depending on email for my job, I wouldn't
run a spam filter. But my soda mail is just personal email,
and anyone who sends there has my cell number, so it's simply
a convenience to use a spam filter. If a false positive is
a big deal, don't filter at all. Nothing gives 0 false
positives. -scotsman
\_ ifile gives way more false positives than spamassassin,
so if that's your concern, you shouldn't use ifile. In my
experience, ifile also lets way more spam through, but
because it's Bayseian it depends on the type of spam and
regular mail you get. -tom
\_ Combining SA+ifile (SA blocks score 5 or higher) has never
given me a false positive. I might as well be sending that
to /dev/null. I do review the stuff that one xor the other
flags as spam, which turns up 1 false-positive every 3-4
months
\_ SA works great, as long as the version is recent. I use
SA here and SA + yahoo junk mail filter on my well account,
which I give out to marketers.
\_ spamprobe works well for me. in the three months i've been
using it, it has not had a false positive. to me, this is very
important because i don't want to spend time to going through
the spam folder looking for that one non-spam email. its false
negative rate is comparable to ifile in my experience. the one
downside is that the db file is ridiculously huge. |
| 2004/1/19-20 [Computer/SW/SpamAssassin] UID:11837 Activity:very high |
1/19 Procmail Question: I'm trying to figure out how to use '{}' for
spam filtering. I want to delete everything with a score of 6 or
higher, but put other stuff into a spam folder. What I have is
below, any pointers/tips would be appreciated. tia.
:0
* ^X-spam-status: Yes
{
:0 w: $SPAMFOLDER/$LOCKEXT
* ^X-Spam-Level: \*\*\*\*\*\*
/dev/null
:0 w: $SPAMFOLDER/$LOCKEXT
$SPAMFOLDER/.
}
\_ Looks ok at first glance. Test it and if it works, great. I don't
use named lock files. Unless you get a *lot* of mail you probably
don't either. Oh yeah, you can do better than scanning the whole
message. RTFM to get the syntax for checking only headers.
\_ IIRC, procmail only examines headers by default. I believe
that checking the body requires an explicit flag. It's in the
procmailrc man page, and the op seems smart enough so he/she
can probably figure it out. |
| 2004/1/14-15 [Computer/SW/SpamAssassin] UID:11775 Activity:nil |
1/13 So I put "blacklist_from mailbride.ru" and it's still getting through,
and spam assassin didn't treat it any different (the point system
didn't change). What's up with that?
\_ you didn't RTFM.
# Whitelist and blacklist addresses are now file-glob-style patterns, so
# "friend@somewhere.com", "*@isp.com", or "*.domain.net" will all work. |
| 2004/1/7-8 [Computer/SW/SpamAssassin] UID:11711 Activity:very high |
1/7 Anyone else having problems with email sent from csua being
considered Yahoo spam?
\_ Their spam detection has been going whacko for weeks. They
have some major people pissed at them for it. --scotsman
\_ Hmm, yup. Never had a problem before sending email from here to my
yahoo account before until just now. Even marking as "Not Spam"
doesn't help.
\_ I think spam filters mark messages with "Not Spam" as spam.
\_ I think we're talking about two different things. In Yahoo
Mail, when you're in your Bulk Folder, you can click on a
message and click the button "Not Spam". And supposedly,
the spam filtering engine learns from this and won't mark
this email address as spam again in the future.
\_ Yahoo has rejected csua email a couple times in the past,
thinking that soda.csua was an open relay. Check the motd
archive.
yahoo account before until just now. Even marking as "Not Spam"
doesn't help.
\_ They block all sorts of shit seemingly at random. It's for your
own good. Just stop using Yahoo.
e/7 I haven't been doing very much career-maintenance (don't know J2EE,
.NET, web services, etc.). What are the preferred ways (by employers)
to pick up experience in current stuff?
\_ by employers, buy your own books. by employee, get them to pay for
\_ Nice catch-22! You get the "uselessly stupid reply" award
for the week!
classes, books etc.
\_ Sorry, I should have specified that I meant "prospective
employers."
\_ get a job using the current stuff.
\_ Nice catch-22! You get the "uselessly stupid reply" award
for the week!
\_ .Net = .Dead
\_ I'm actually seeing a lot of jobs for people with experience
with .NET and SQL Server. -op
\_ my father in law has been a software engineer at a big
insurance company for the last 25 years, and he's being
forced to learn .net by his employer. of course, this same
company is forcing their new hires to learn COBOL also.
\_ where at? - turin
\_ various posts on craigslist
\_ thanks
\_ get Microsoft Certifications (MCSD) |
| 2004/1/6 [Computer/SW/Mail, Computer/SW/SpamAssassin] UID:11693 Activity:nil |
1/6 I wanna post to newsgroups but not with my real email address
due to spam. What are some ways to get around it? Thanks.
\_ hack your nntp client!
\_ why are you using a client that uses your real email? go sign
up for a real usenet service if you care or use a bogus spam-only
email address. |
| 2004/1/2-11 [Computer/SW/SpamAssassin] UID:11646 Activity:low 54%like:10317 |
1/2 SpamAssassin 2.61 installed (finally); bugs to mconst.
\_ if you specified "| spamassassin" in your .procmailrc recipe,
please change to "| spamc" instead -- it is lighter weight/faster.
\_ now that sa does bayesian analysis, what are the pros of ifile?
\_ It's the standard.
\_ Who thinks that, other than you? Do you have URL or
anything suggesting that "it's the standard"?
\_ like IDS, it is better to us spam catchers that are NOT
the standard. -phuqm
\_ Spam Assassin rocks... Say goodbye to the Nigerian scam, toner,
FREE VIAGRA, and the lot. Awesome.
\_ Thanks, joshk
\_ 3 days of spam-free inbox and counting. Thank you!
\_ It's only a matter of time before those fuckers figure out how
to get past the filters again.
\_ I'm loving it! It's great, Thanks.
\_ Damnit. My brain immediately coughed up McDonald's. Yay America!
\_ Thanks.
\_ I did this. The next day there was lots of spam and no indication
that spamassassin had been working. I also see nothing via ps
to indicate a spamassassassin-related process running. I'm
switching back to the old executable line because I know it
works.
\_ please don't do that: spamc and spamd work together,
and they are much more efficient. If everybody ran
"| spamassassin" like you do, soda would be really slow.
/usr/local/bin/spamc man spam ps aux | grep spamd
\_ If it worked for me as you have it here, I would use it.
It doesn't, so I don't.
\_ Not to mention, spamc is forked by procmail only at the
receipt of new mail- it's pretty transient. RTFM.
\_ Uh-huh, but spamd or some such should show up via
'ps -aux' regardless.
\_ try 'ps -auxww' you ingrate.
\_ How dare you post useful information! (thanks)
\_ IFile still catches about 50% more of my spam than SA
\_ SA caught 137 spams for me with one false positive.
No spam got through for me. -ausman
\_ I also switched from spamassassin to spamc and there was
no indication it worked. Maybe that's why it's so fast!
\_ spac is a standalone program, no need to call perl
was that your problem? it bit me
that spamassassin had been working. I'm switching back to the old
executable line because I know it works.
\_ Could you please send me mail, so I can try to figure
out what's going wrong? --mconst
\_ I'll try switching to spamc again today. If it appears to
not be working when I check mail tomorrow, I'll mail you
then. Thanks.
\_ okay, here's exactly what you do, put these in your
.procmailrc before your other recipes:
:0fw
| spamc
:0:
* ^X-Spam-Status: Yes
<spam-folder-name>
======================
next if you have any spams that fall through, you sa-learn
to teach SA to filter those. See man sa-learn
\_ two stupid questions:
1. is there a better way to invoke procmail than through .forward?
2. is there a better way to disable the report text with spamc than
spamc -c ?
\_ 1. you don't need .forward at all, just .procmailrc
2. man Mail::SpamAssassin::Conf, or just put "report_safe 0" in
~/.spamassassin/user_prefs
\_ 1. what calls procmail then?
2. man Mail::SpamAssassin::Conf
-> No manual entry for Mail::SpamAssassin::Conf
\_ I'm having a problem with sa-learn, it keeps telling me:
soda [34] sa-learn --spam /tmp/uncaughtspam_20040109
Learned from 0 message(s) (1 message(s) examined).
However, I have over 250 spam messages in the file. -gsu
\_ RTFM: "sa-learn --spam --mbox /path/to/mbox"
\_ I RTFM and the man page must be out of date because it says:
Use this tool to teach SpamAssassin about these samples,
like so:
sa-learn --spam /path/to/spam/folder
sa-learn --ham /path/to/ham/folder
Thanks though, because --mbox works.
\_ notice that the example says /path/to/spam/folder, NOT
/path/to/spam/mboxfile. Without --mbox, it's expecting you
to point it to a folder containing each message as a
file. |
| 2003/12/31 [Computer/SW/SpamAssassin] UID:11624 Activity:nil |
12/30 What's the best way to sign up for spam mail? I want to set an account
that collects spam for analysis, thanks.
\_ post to usenet, post your resume (fake one, obviously) to the net,
put your email on some mailing lists, and the best way is to
put your email on some maillist lists, and the best way is to
respond to any spams you do get from these other sources.
\_ Best way is to post e-mail address on web pages that are linked to
from sites already in the search engines. |
| 2003/12/29-30 [Computer/SW/OS, Computer/SW/SpamAssassin] UID:11602 Activity:nil |
12/28 I have been seeing lots of messages like this one in my .procmail/log
file recently:
## procmail: Kernel-lock failed
## procmail: Kernel-unlock failed
I think this started happening after the last reboot. Could it
be hapening because something went wrong with soda patches?
Was a new kernel patch installed before reboot?
\_ Check if you have a random filename.lock file in your delivery
directory.
\_ The last reboot was only because of a hang...nothing changed.
\_ That doesn't mean nothing changed.
\_ no software was modified. sure the date changed. so did
the phase of the moon, fuckwad.
\_ you don't know that. you can't know that. and no need to
be childish about it. you're just wrong. accept and
move on. |
| 2003/12/26-27 [Computer/SW/SpamAssassin] UID:11595 Activity:nil |
12/26 SpamAssassin on soda in SERIOUS need of upgrade to latest version.
Got 36 spams in my inbox just since yesterday.
\_ Have you e-mailed root or VP and offered?
\_ I use the latest version and I STILL get a lot of spams. It seems
as if the spammers are getting smarter and smarter with their
spam contents that get flagged with very little points. *SIGH*
Fighting spam is like fighting AIDS. You think you can get rid
of it permanently with the tri-cocktail dosage, and BAMM! It
comes back and you have no choice but to use other drugs to
suppress it, and the cycle goes on and on...
\_ sounds like you didn't turn on the bayesian classifier.
\_ I mostly having problem with Blomingdale spam. and Bayesian
filter is not doing the job.
\_ I use an ancient version and it works fine. User error. |
| 2003/12/19-20 [Computer/SW/SpamAssassin] UID:11527 Activity:nil |
12/18 SpamAssassin failed to block 54 spam emails since yesterday. What
happened?
\_ It doesn't help that csua's version is more than half a year
old... (2.54)
\_ Yeah, since last week or so, SpamAssassin hasn't been doing
quite as well as it had been previously for me. I noticed that
the number of spams i've been getting has increased, but so
has their form. I'm hoping SpamAssassin adjusts soon to the
new spam styles.
\_ I've noticed a lot of spams with a score of 0.
Methinks spamers are testing against recent releases of SA.
\_ Duh. One of the main reasons SA is useless in the long run.
\_ yeah, just like anti-virus software is useless. Get a
clue.
\_ It's all about economics. Spammers have an economic
incentive to get that mail through, so they'll take
the time. Viruses seem to be more for the intellectual
challenge, or immature dick waving. I deal with this
stuff every day, man. --scotsman
\_ Except for those trojans which are used to insert
spam into your folder.
\_ Latest subject heading i've received:
"you have a small weeinner and need to do something"
\_ I wrote a quick tutorial on using ifile + spamassassin together.
The combo works well because if one filter misses, the other
catches it. And if both label a message spam, then you can be
quite certain that it's not a false positive.
/csua/tmp/ifile_tutorial -- mjm
\_ Thank you, but I'm confused on step 2. Where do I put these
lines?
\_ Sorry, you just run them from the command line.
You'll need at least one piece of spam to learn on,
more is better.
\_ should be labeled ifile+spamassassin+PINE |
| 2003/12/16 [Computer/SW/SpamAssassin] UID:11467 Activity:kinda low |
12/16 Anyone here speak procmail? Can you please tell me what the
following means:
procmail -f someone@somewhere.com -t -Y -a -d mylocaluser
this is from a 'ps'. mylocaluser is a user on my box.
[formatd]
\_ it's all in the man pages. that's all anyone else here would do. |
| 2003/12/12-13 [Computer/SW/SpamAssassin] UID:29715 Activity:kinda low 66%like:11422 |
12/12 Has anyone used ask (active spam killer) before?
http://www.punani.net
\_ I'd much rather have an active spammer killer.
\_ Why do you hate capitalism?
\_ Because I love communism. |
| 2003/12/12 [Computer/SW/SpamAssassin] UID:11422 Activity:nil 66%like:29715 |
12/12 Has anyone used ask (active spam killer) before?
http://www.paganini.net/ask/index.html
\_ I'd much rather have an active spammer killer.
\_ Why do you hate capitalism? |
| 2003/12/10-11 [Computer/SW/SpamAssassin] UID:11401 Activity:nil |
12/9 How do I change .procmailrc so that if spamassassin flags it with
50 points or over, it will go to /dev/null instead of mail/spam?
\_ This has been asked about 3 times in the past few months.
:0
* ^X-Spam-Level: \*\*\*\*\*\*\
/dev/null
This will nullify anything with 6 points or over |
| 11/23 |