Computer SW SpamAssassin - Berkeley CSUA MOTD
Berkeley CSUA MOTD:Computer:SW:SpamAssassin:
Results 151 - 300 of 326   < 1 2 3 >
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2024/12/24 [General] UID:1000 Activity:popular
12/24   

2007/3/20-22 [Computer/SW/SpamAssassin, Computer/SW/Virus] UID:46023 Activity:nil
3/19    "Most computer attacks originate in U.S."
        http://news.yahoo.com/s/ap/20070319/ap_on_hi_te/internet_security_threats
        I thought it was South Korea.
2007/3/16-20 [Computer/SW/SpamAssassin] UID:45997 Activity:nil
3/16    Is there a way to configure spamassassin to delete junk messages from
        my /var/mail/{login} spool before I run my mail client program?  Thx.
        \_ procmail
2007/3/13-14 [Computer/SW/SpamAssassin] UID:45951 Activity:nil
3/13    Anyways to improve our current spam assassin?
2007/2/4-7 [Academia/Berkeley/CSUA, Computer/SW/SpamAssassin] UID:45651 Activity:nil
2/4     Does someone have a simple working .procmailrc for the new soda?
        I can't seem to get mine working despite trying the suggestions
        on the motd.
        \_
        DEFAULT=/var/mail/USERNAME/
        :0fw
        | /usr/bin/spamassassin
        :0:
        * ^X-Spam-Status: Yes
        spam/
2007/1/31-2/3 [Computer/SW/SpamAssassin] UID:45630 Activity:kinda low
1/31    Can you give us any pointer for setting up spamassassin on csua under
        the new mail system?  TIA.
        \_ What I did is create a .procmailrc file in your homedir with the following
           content:
        \_ What I did is create a .procmailrc file in your homedir with the
           following content:

           :0fw
           | /usr/local/bin/spamc

           :0 hw:
           * ^X-Spam-Status: Yes
           spam

           And what this does is grab the email that SpamAssassin has tagged as
           spammail, strip out the body and shove the header info to a file
           called 'spam' in your homedir. And delete them from your mail spool.
           Works with the new soda (so far).
          spammail, strip out the body and shove the header info to a file called
          'spam' in your homedir. And delete them from your mail spool. Works with
          the new soda (so far).

           NOTE that this is just ONE of the many variations on how to do
           .procmailrc.  STFG for more examples.
        \_ In /csua/soda-changes.2007.01, it mentioned that procmail will not
           work with the new /var/mail/$USERNAME directory.  Have you
           tried if you are still receiving non-spam correctly? -op
          NOTE that this is just ONE of the many variations on how to do .procmailrc.
          STFG for more examples.
        \_ ls -l /usr/local/bin/spamc
           ls: /usr/local/bin/spamc: No such file or directory
           (there is one in /usr/bin but it seems to be failing, any input
           I give it it returns 0/0 (error) and filters nada.
           \_ I am using /usr/bin/spamc
            \_ Which has no spamd to connect to so it fails every time
               \_ Well, this is what I have in my .procmailrc, and it
                  appears to work:
                  :0fw
                  | spamc
2007/1/19-25 [Computer/SW/SpamAssassin] UID:45560 Activity:nil
1/18    http://redtape.msnbc.com/2007/01/spam_is_back_an.html
        Spam 2.0-- it is back, and worse than ever.
2006/11/3-4 [Consumer/CellPhone, Computer/SW/SpamAssassin] UID:45146 Activity:low 62%like:45115
11/3    It's here. Cell phone SMS spams. Anyone having problems? How do
        you deal with it? I'm paying 10 cents/message. Spammers
        need to die.
        \_ With Sprint the nice lady offered to block text messages, so I did
           \_ But that also blocks non-spam text messages from friends or
              alert from your server, etc. What they need to do is stop
              charging for received messages and charge/increase fee for
              sending a message.
              \_ Carry a pager.
              \_ I went to my Sprint account page, and I can configure "ACCEPT
                 ALL" or "BLOCK ALL" except a list of phone numbers, e-mail
                 e-mail addresses, and domain names.
                 addresses, and domain names.
2006/11/2-3 [Computer/SW/SpamAssassin] UID:45101 Activity:nil
11/02   I just got an email (at my work account) from what appears to be a
        head-hunter.  It is very low on job offer details.  Does anyone else
        get these?  Is it worth it to respond?  If I respond, will I be
        flooded with these?
        \_ The job market is hot for employees now.  Head hunter/recruiter
           types are hurting.  If you're looking for a job, go post your
           resume and start applying to listed jobs from real companies.
           I wouldn't bother replying to this unless there's something in
           particular that caught your eye.  Sounds like recruiter spam.
        \_ Make sure its a real head hunter / job offer things. Fake ones
           would be a real great phishing operation, as a lead-in to
           identity theft.  I get tons of spam that looks like this is the
           intent.
        \_ if you are really good, head hunter will *CALL* you instead of
           emailing you.  They should know it's not cool to send recruiting
           information into your WORK email.
2006/10/29-30 [Computer/SW/SpamAssassin] UID:45030 Activity:kinda low
10/29   Any tips on dealing with the usual nonsense-text-around-embedded-
        images spam?  I'm running postgrey + spamassassin, and it's catching
        about half of them...  -John
        \_ Are you running Razor2, Pyzor, and other services that contact
           a centralized spam repository to filter out even more spams?
           \_ No, I will be.  A gentleman and a scholar, thanks.  -John
        \_ There is something unique about those spams.  It is possible to
           filter them.  I'm not allowed to discuss it further.
2006/10/16-18 [Academia/Berkeley/CSUA, Computer/SW/SpamAssassin] UID:44835 Activity:nil
10/16   I just got my first soda spam reforwarded to my real email address.
        I have never given this address to anyone.  Thank you who ever gave
        out soda addresses on the net.
        \_ Have you considered that someone you correspond with may have had
           their machine rooted?  Also whoever rooted soda a while back could
           have snarfed all the account names.
           \_ I don't send mail from here but I had forgotten about past soda
              break-ins.  Thanks for reminding me of that.  The idea that
              someone here would post email addresses is pretty sickening.
               \_ was your real email address written down somewhere on
                  on soda?  Was your soda mail getting forwarded to
                  your email address?  Are you sure it wasn't just
                  forwarded from soda?  I think you might not understand
                  how forwarding works.
                  \_ I'll explain: I have a .forward file on soda.  It forwards
                     to my real email address.  I have never sent mail from
                     soda or provided @soda to anyone.  My .forward file is
                     older than some current students.  The spam was sent to
                     my previously unknown and never used @soda address and
                     then reforwarded via my .forward to my real address.  I
                     think I understand how forwarding works.  Thanks for the
                     help.
                     \_ And I don't think you understand.  So you use
                        your brand new spanking email address?  Do you
                                \_ yes.
                        email people with it?  EVER?  Has anyone ever
                                \_ yes.         \_ yes.
                        received this email?  Do they read it on a computer?
                                \_ yes.         \_ yes.
                        Viruses infect computers, or so I hear.  Some
                        viruses look for the addressbook of users, and mail
                        them back to their Russian masters, who then stick
                        it in their recipient lists to Spam.  The only way
                        to never receive spam is oh I dunno shoot yourself.
                        \_ And the email wasn't sent to that email address.
                           It was sent to my soda address which has never
                           been used and then reforwarded to that address
                           from here.  It is the fact that my soda account
                           got spam that is the problem because *I* have
                           never given out my soda address nor used it for
                           any email transaction.  The forwarding isn't the
                           problem here.  It is that the soda address got
                           spam.  The unused, never given out, never provided,
                           previous unknown soda address got spam.  Spam was
                           sent to my soda address, to my completely unused
                           and unknown soda address.  The soda address that
                           received the spam, that the spam was address to
                           was never used on the net.  Capiche?
                           \_ you ever hear of a dictionary attack?
                              they'll get you eventually.
                              \_ It's possible but let's see the mail logs
                                 showing the dictionary attack.  Maybe I missed
                                 that in the motd.official or the csua minutes.
                           \_ what's your email address?  I want to mail\
                              you a PNG of /etc/passwd
                              \_ I'm root@soda.
                           \_ you realize soda is one of the most
                              heavily loaded single point mail machines
                              in the universe?
                              \_ sure, so?
2006/10/12 [Computer/SW/SpamAssassin] UID:44781 Activity:nil
10/11   Dear root, what's the possibility of upgrading spamassassin to
        something more recent?  I think we are running 3.1.0, which is
        released on Sept 2005.  The most current is 3.1.6 on Oct 2006.
        As a side note, anyone getting a lot of spam with an image and
        a bunch of "randomish" words after it.  sa-learn is obviously
        not doing a very good job to learn this kind of spam.
2006/9/22-25 [Computer/SW/WWW/Browsers, Computer/SW/SpamAssassin] UID:44497 Activity:nil 90%like:44493
9/22    OpenDNS is looking for someone to write a Thunderbird extension.
        http://tinyurl.com/j24ux (rentacoder.com)
2006/9/22 [Computer/SW/WWW/Browsers, Computer/SW/SpamAssassin] UID:44493 Activity:nil 90%like:44497
9/22    OpenDNS is looking for someone to write a Thunderbird extension.
        http://www.rentacoder.com/RentACoder/misc/BidRequests/ShowBidRequest.asp?lngBidRequestId=532805
2006/8/21-23 [Computer/SW/SpamAssassin] UID:44079 Activity:nil
8/21    Recent soda spam 3x usual P?
        \_ I haven't noticed.    3x infinity = infinity
        \_ We should have the death penalty for spammers. Especially ones who
           deliberately try to evade spam filters. Think about it: they
           harm millions and millions of people. Add it up: they deserve death.
        \_ I've noticed a remarkable jump in the number of spam runs in the
           last 2-4 weeks, as have colleagues on a number of systems.  -John
2024/12/24 [General] UID:1000 Activity:popular
12/24   

2006/8/16-17 [Reference/Law, Computer/SW/SpamAssassin] UID:44031 Activity:nil
8/16    If you had the power to pass laws to curb spammers, what law(s) would
        you pass? I will start:
        -Fine $5 for each spam mail sent
              \- i dont think it is so much about what law you pass but the
                 kinds of resources you allocate to enforcement.
        \_ One nail from a nailgun in the head for each spam mail sent.
        \_ Only pornographic spam is allowed. -average American male
        \_ public service.  they must copy, by hand, every spam message they
           sent out, onto a chalkboard.
           \_ eye rape them with tentacles
        \_ make them eat a can of spam for every spam they send.
              \- i dont think it is so much about what law you pass but the
                 kinds of resources you allocate to enforcement.
                 \_ Well, I asked Urotsukidoji and he's just about had it
                    with tentacle enlargement spam.  -John
2006/8/14-16 [Computer/SW/SpamAssassin] UID:43997 Activity:nil
8/14    I'm a newbie sysadm. Is configuring/installing pyzor and razor
        as simple as doing "apt-get install pyzor" and "razor"? I did both
        but I don't see any pyzor/razor daemons running. I hate spam and
        I want to minimize spam for my users. ok thx.
2006/8/4-6 [Computer/SW/SpamAssassin] UID:43911 Activity:nil
8/4     I just installed spamassassin using "apt-get install spamassassin"
        on my local machine, and spamd is launched. In my .procmailrc,
        if I run /usr/bin/spamassassin, is it smart enough to connect to
        spamd when it is running, and stand-alone when spamd is not running?
        \_ man-ing around, I'm going to guess that it's not smart enough.
           after all, that's what spamc is for. You may have to invoke some
           spamd detection trickery, and do either spamc or the full
           spamassassin. --michener
        \_ Yes. -proud American
2006/8/2-6 [Computer/SW/SpamAssassin] UID:43868 Activity:nil
8/2     How come web sites that praise http://dreamhost.com don't accept
        additional reviews anymore?  I'd like to add negative feedbacks to
        counter the positive feedbacks but unable to do so. What's up?
        Here are some examples:
        http://www.webhostingratings.com (blank interface to add review)
        http://www.brunescafe.com/content/view/16/2 (can't enter info)
        There are two others that I've waited 3 days for the approval to
        go through, even though their web sites say: "Thank you for voicing
        your opinion about DreamHost, Joe.  Your opinion will help other
        Webmasters in their search for the right Web host.  All reviews are
        manually approved, in order to remove spam.  Reviews are typically
        approved once per day." What the hell is going on?
        \_ hi im bitter
        \_ The jews are responsible for all the wars in the world.  Are
           you a jew? -proud American
        \_ Stop advertising porn sites. -proud New Englander
2006/6/1-4 [Industry/Jobs, Recreation/Humor, Computer/SW/SpamAssassin] UID:43245 Activity:nil
6/1     Semi randomly generated spam I thought was funny:
        Hi there lovely,
        This kbind of opportunity comes ones in a clife. I docn't want
        to miss it. Do you? I am comcing to your place in few days
        and I though may be we can meet each other. If you don't mind
        I can send you mcy picture. I am a girbl.
        \_ I am a gerbil.
2006/5/31 [Computer/SW/SpamAssassin] UID:43239 Activity:nil
5/31    I just got a bunch of returned emails which appear to be caused by
        someone using my email for spam.  Is this caused by someone spoofing
        my address, or has my account been comprimised?  Anyone else have this
        problem recently?  -scottyg
        \_ Everyone else.  It's been mentioned in the motd a couple of
           times.
        \_ Just wait couple days and it'll slow down/stop.  I also used
           sa-learn to increase spamassasin's catch rate and also used
           procmail to filter out anything "From:" postmaster or mail-
           daemon.
2006/5/31-6/3 [Computer/SW/SpamAssassin, Computer/SW] UID:43238 Activity:nil
5/30    You know those things in magazines (often computer and travel ones)
        that is an index card full of numbers that you circle, each of
        which corresponds to a company/product so you can get more
        information on that product? Is there an online equivalent, at least
        for email information? I need a way to send a lot of email to a
        certain account. Thanks.
        \_ http://yourgiftcard.com, http://offercash.com, http://everyfreegift.com,
           http://www.coolsavings.com http://www.giftcertificates.com all worked
           dandy. I've neutralized my nemesis' accounts using these
           web sites. If you have more, please post them here. Thanks.
        \_ Well its not very noble, but you can spam the hell out of an
           account if you sign it up for porn sites, or even just enter an
           email address in.
        \_ Just don't.
        \_ I ended up signing the account up at some home loan websites, which
           worked pretty quickly (within minutes). Nothing too excessive,
           though, which was nice. -op
2006/5/22-25 [Computer/SW/SpamAssassin] UID:43145 Activity:nil
5/22    I'm a new sysadm. I'm trying to collect as many spam mails as I
        can to build the ultimate sa-learn (spamassassin) database. I'd
        like to use this ultimate database to filter out ALL spams, once
        and for all, for all of my users. What's the best way to collect
        as many spam mails as possible? Thanks.
        \_ "once and for all"? so, would your users still be able to check
           the spam for false matches?
        \_ A collegue of mine has some pretty good, mature anti-spam
           mechanisms in lace after playing with various combos.  I'll be glad
           to put you in touch with him if you post your name.  -John
        \_ Spam changes over time.  If it was possible to do what you're doing
           as a one time event it would've been done already.
2006/5/22-25 [Computer/SW/SpamAssassin] UID:43136 Activity:nil
5/22    I am getting about 150-200 "returned email" notice a day for the
        past couple days.  Yes, I know my email address is probably used
        as the "From:" for spam.  Spamassassin is catching about 50%
        of them.  Should I...
        1) Keep using sa-learn to increase the catch rate?
        2) Just ignore it and hopefully it'll slow down?
        3) Anything else?
        \_ If you run the domain, you could work something with spf.  -John
        \_ You could also do a quickie filter to another folder just to set
           it aside just in case there's something you actually want to see,
           then delete it all in a week or two if it stops.  That's the lazy
           way.  Of course if it doesn't stop you'll need spf, better filters
           and maybe a new email address.  I have about 50-60 throw away
           addresses now.  I've had to disable about 10 of them over the years
           because of all the spam.  Some of them have been dead for over 5
           years and still get spammed every day.  (I see it in the logs).
        \_ I am getting these too here at soda. Started a few weeks ago I
           think. I have been sa-learning them which helped. I think they are
           mostly Russian. Smart email servers would not bounce spam back
           to the From: address... damn Russians.
2006/5/10 [Computer/SW/SpamAssassin] UID:43009 Activity:nil
5/10    I just received a bounced email saying I was trying to send an email to
        some account that deos not exist.  Examining the attached original email
        I am sure I did not send out or compose that email.  Does that mean someone
        has cracked in my account and used it for emailing?
        \_ No. It's spam spoofing your email address. Send out a note to people
           you care about (but who are generally clueless about the IntarWeb)
           telling them to ignore strange messages like that if they say
           they're from you.
2006/5/9-10 [Computer/SW/SpamAssassin] UID:42997 Activity:nil
5/9     Today I got a huge bunch of "mailer-daemon" failure messages due to someone
        sending spam with my email in the from:. What's the best way to deal with
        that? If I procmail them all to /dev/null then I'd miss real delivery
        notifications that are occasionally useful.
        \_ I got that too last week for one or two days.  Bounce was from
           some Italian server, I think.  I thought it was just virus spam
           (infected .gif attachment) pretending to be bounce notifications.
2006/5/8-9 [Computer/SW/SpamAssassin] UID:42981 Activity:nil
5/8     Help. After buying something from http://Yahoo.com, I got a pop-up
        telling me that I got free $50 worth of coupons for Red
        Lobster, Chilis', and other restaurants. I figured that it's
        from Yahoo so it's probably trustworthy and answered a few
        simple questions (Are you a smoker? Do you have diabetes?
        Do you like sports? etc). Then a few questions turned into
        a 5 minute survey, that then turned into 500 questions on
        "Do you want free Newsweek for 3 months? Yes/No"
        "Do you want to subscribe to Sports Illustrated? Yes/No"
        "Do you want to try Omaha Steak? Yes/No"
        So rather than answering 500 questions to get my $50 coupon,
        I quit my browser. The next day, I got 10 spams to my
        brand new email account. Today, I got 15 spams. Tomorrow,
        I'll probably get even more. I can't cancel the list either
        because they're all from different companies. What should
        I do?
        \_ I did an experiment. I simply typed in test email addresses
           in the following web sites without giving them any more
           information and got the following results:
           http://yourgiftcard.com     (on average, 3-4 spams a day after a week)
           http://offercash.com        (on average, 2-3 spams a day after a week)
           <DEAD>everygiftcard.com<DEAD>    (on average, 4-5 spams a day after a week)
           The tests were conducted using separate test Yahoo accounts.
           Most of the spams were filtered correctly, while many did go
           through (25% by-passed Yahoo's spam filter). So in short,
           you just need to be stupid for 5 seconds to receive massive
           amounts of spam forever.
           \- why dont you put the admin/technical contacts for those
              domains on other mailing lists.
           \_ or, someone else can just type your email to all 3!
        \_ if it's one of the less irreputable companies, there should be
           a canspam compliance notice saying why you're getting email.
           And it should include an opt-out for the marketer that the
           mailings are being on behalf of.  And they will have a global
           opt-out list that will propagate to the actual senders.
2006/5/2-4 [Computer/SW/SpamAssassin] UID:42891 Activity:nil
5/2     How would I setup soda to send a bounce message to anybody mailing
        me here saying "This email address is retired/ignored due to spam"?
        \_ I have set it up on soda before, but now totally forgot the steps
           I think it was done with procmail
           \_ I think the usual way to do this is to use /usr/bin/vacation
              to send a reply to anyone who emails you, and to use procmail
              to delete incoming email. (Depending on soda's mail config, you
              may need to use procmail to run vacation anyway.) -gm
              \_ This definitely used to be the standard way.  If you do this
                 now, though, whenever someone sends spam to your account with
                 a From address of some innocent third party, you'll end up
                 sending your replies to them.  A better way is to have root
                 put an entry for your account in /etc/mail/access, with a
                 custom bounce message -- this way, instead of accepting the
                 mail, saving it to disk, and then trying to figure out who to
                 send a reply to, we reject the mail (with your custom message)
                 during the SMTP exchange.  This also reduces the load on soda,
                 because it means we don't have to process all your incoming
                 spam or your auto-replies to it.  Mail root and we can set
                 this up for you.  --mconst
                 \_ can you leave a pointer to a sample of this?
                    \_ Do you mean a sample of what the bounce message will
                       look like?  It's generated by the *sender's* system,
                       not soda, so it'll look a little different for everyone.
                       I've put an example in /csua/tmp/bounce-sample, showing
                       what it looks like from the OCF; you can try sending
                       mail to kislyuk@soda (or any other disabled account) to
                       see what it looks like from other systems.  You get to
                       customize the part where it says "Account disabled until
                       you fix your mail loop".  --mconst
                       \_ I meant an example of the implemetnation.
                          \_ Oh, sorry -- I just noticed /etc/mail/access
                             wasn't world-readable.  I've fixed it.  Anyway,
                             all you need is a line like this:
                               To:user@  This account is disabled.
                             Make sure you have FEATURE(`blacklist_recipients')
                             in /etc/mail/sendmail.mc.  --mconst
2006/5/2-3 [Computer/SW/SpamAssassin] UID:42890 Activity:nil
5/2     Is any one else getting these BlueFrog/BlueSecurity spam emails?
        \_ yes. also getting much larger spam. is the spam filter back
        \_ yes. also getting much more spam. is the spam filter back
           on yet? root? anyone?
2006/4/27 [Computer/SW/SpamAssassin] UID:42854 Activity:nil
4/27    I just started using spamassassin recently. And procmail. Yeah I'm
        behind the times. Anyway, some spams are just random dictionary
        words. Is it even useful to try to sa_learn those?
2006/4/21-23 [Computer/SW/SpamAssassin] UID:42797 Activity:nil
4/21    This spam made me laugh out loud:   re: secks
        If we ever contact aliens they will ultimately destroy us
        because of our spam. And because we're a bunch of hooting
        sex monkeys.
        \_ link:tinyurl.com/e45yt
2006/4/19-20 [Reference/History, Computer/SW/SpamAssassin] UID:42786 Activity:nil
4/19    If there's one thing good about the soda crash, that would be
        accumulating fewer spam mails than in the past, and bouncing them
        back to their rightful owners.
        \_ We'll be sure to let it crash more often in the future. :P
2006/4/15-5/21 [Academia/Berkeley/CSUA, Computer/SW/SpamAssassin] UID:42771 Activity:nil
4/16    After much late night debugging, soda is now correctly accepting
        and sending mail. Spamassassin is working. The queued mail is being
        de-queued.
2006/3/13-14 [Computer/SW/SpamAssassin] UID:42212 Activity:nil
3/13    Help me motd!  My soda email account only receives spam!  No one
        has sent a personal or business related email to my soda account
        in over six months.  Please help me think of use for my soda account
        besides receiving tons of spam and trolling the motd.
         --bored alum
        \_ Sign your name, and we'll see what we can do.
        \_ This is why we all forward our soda mail to our real (doesn't go
           down all the time and run out of quota) mail accounts with an
           automatic spamassassin bonus rating of 1 or 2.  --other alum
           \_ Hear, hear. I don't automatically give soda mail +1 / +2,
              but I think the Bayesian classifier has detected
              the spamminess and effectively does this anyway.
2006/3/6-7 [Computer/SW/SpamAssassin] UID:42109 Activity:nil
3/6     I haven't used newsgroups in a while, so I thought I'd check it out
        I checked out ucb.jobs, and it looks like every post in there are
        spam like the ones we get in our spam folder on daily basis.  Do
        CS students still use newsgroups?  Or are they a thing of the past?
2006/2/24-27 [Computer/SW/SpamAssassin] UID:41990 Activity:nil
2/24    More spam is bypassing our spam blocker.
        \_ Give up.  Either forward all your email to a Gmail account,
           or alternatively forward your email to your Gmail account
           with a special header and let Gmail's spam filtering
           take care it, and forward the non spam email back to your
           soda account, then accept your robotic Gmail masters.
           \_ Actually, I do forward all my mail through gmail first - while
              it catches quite a bit, spamassassin on csua still does a better
              job (in the sense that it catches the ones that gmail let
              through incorrectly)
2006/1/1-4 [Computer/SW/Mail, Computer/SW/SpamAssassin] UID:41192 Activity:nil
1/1     Anyone ever have problems with procmail inserting a '>' in front of
        the 'From' field when it forwards email?  I haven't been able to
        figure out how to prevent this, not find any web info talking about
        it.  The insertion screws up mail-reading at the forwarded end
        (thunderbird does not separate out the subject and other fields any
        more).  Thanks!
        \_ It's probably sendmail, not procmail doing that.  And the problem
           is probably that you're attaching the original headers in the
           message body, instead of in the message header, or another From
           header is being added, so sendmail is escaping the From.
           \_ Yeah, looking at an email as received at csua and at the
              remote forward destination, it looks like in the process of
              procmail forwarding it wraps a new set of headers on top of
              the email.  I thought that it used to work fine without
              changing things like this, though?  Haven't been able to
              find any documentation that shines any light on modifying the
              behavior to forward the mail with original headers, though -op
2005/12/19-21 [Computer/SW/SpamAssassin] UID:41076 Activity:nil
12/19   Have other people been getting spam with paragraph snippets from the
        'Bourne Ultimatum' in them?  It's very bizarre (I only recognized it
        because I recently re-read the book... which makes it very
        disturbing?)
        \_ what makes that disturbing? do you think they're watching you?
        \_ I got some with snippets from Aesop's Fables. Someone's ripping
           off ebooks and such.
        \_ No, it's just a method to get pass the spam filters. I've seen
           ones with Tom Sawyer, etc. ripped off in the past.
2005/12/4 [Computer/SW/SpamAssassin] UID:40848 Activity:nil
12/3    Procmail is b0rked
        \_ What exactly does b0rked mean?
        \_ seems to work for me.
2005/11/28-29 [Computer/SW/SpamAssassin] UID:40741 Activity:nil
11/27   Ever since the reboot today, "spamc" doesn't seem to be doing it's
        job.  Any idea what's causing this?
        \_ Interestingly, it seems to be working as of about an hour after
           I posted this. -op
           \_ I really don't know, but I think it becomes less effective based
              upon load.  When soda is bogged down spamc won't run as
              thoroughly. -mrauser
2005/11/4-6 [Computer/SW/WWW/Browsers, Computer/SW/SpamAssassin] UID:40442 Activity:nil
11/4    I just received a piece of spam that's the most threatening I've seen
        so far:
        "<my-email-addr> is a nonprofit/charity contact email address right?
        if so...
        WE WILL EMAIL YOUR WEB SITE TO 2,500,00 0PT-IN EMAILS FOR [Free]
        http://www.broadcastemailservices.org
        ......"
        \_ they represent a threat to the CSUA.  squish them.
2005/9/29-10/3 [Computer/SW/SpamAssassin] UID:39923 Activity:nil
9/28    So the spam brigade finally found me on here in a way that
        annoys me greatly.  It was okay before, but now it sucks.
        I still use PINE. I am open to any suggestions to please
        let me know...do I need to switch to something beside PINE?
        Spam Assassin?  What?   -maxmcc
        \_ To respond to all the posts in this thread in the laziest means
           possible: Milter plans are in place which will include global
           spamassassin and antivirus scanning.  We just lack time and
           manpower. - jvarga
        \_ You need to switch to something besides pine, but not because of
           spam.
           You can configure SpamAssassin for your account and still use
           a bad mail client.  -tom
           \_ tom, if you aren't going to be helpful, you can at least not
              be a jerk. -jrleek
              \_ Come on guys give tom a break. tom is in fact being helpful.
                 Perhaps his words are overly candid and blunt but are not
                 without merits. The clueless pp obviously needs serious help
                 and as tom correctly pointed out needs to use spamassassin.
                 \_ Wouldn't it make more sense to have something more global
                    where CSUA filters out spam instead of individual users
                    configuring their own spamassassin files? My .razor and
                    .spamassassin directories are getting big.
                    \_ Are you gonna pony up the cash to pay a part time admin
                       to run this sort of thing?  People don't realize that
                       for any decent sized machine, this sort of service is
                       a full time endeavor.
                       \_ Full time to run spamassassin? Isn't this the
                          sort of experience the students who run soda
                          need? I mean, some of us can do it for free,
                          but doesn't that defeat the purpose? Teach a
                          man to fish and all that.
                          \_ Spamassassin is insufficient (perhaps IMO) for
                             what the person above suggests.  Having the CSUA
                             automatically filter spam would 1) be a time sink
                             on admins and 2) suck.  The greylisting suggestion
                             below isn't a bad one, but implementing it across
                             the board (as root of late is wont to do) would,
                             again, suck.
                    \_ Seconded.  It should also auto-forward all spams to
                       spam@uce.gov.
              \_ Tom may be able to be helpful but he can't not be a jerk.
        \_ You can configure SpamAssassin to work with pine.  I'll be
           happy to send you my configuration if you email me. -jrleek
        \_ I got same issue.  Someone please give me a pointer on how to
           configure procmail... I want to send everything with Windows-1251
           encoding to spam...
           \_ Does CSUA use greylisting?  Might be an idea, worked wonders
              for me.  -John
              \_ care to elaborate on that a bit please?
                 \_ http://en.wikipedia.org/wiki/Greylisting
                    Advantage: stops almost all spam today.  Disadvantage:
                    sometimes delays legitimate mail, between a few minutes
                    and an hour or more.  Spammers can mostly circumvent it
                    if they try.
                    \_ Greylisting returns a 450 for every mail received and
                       enforces a delay of some small timeframe.  Generally
                       enforces a delay of a number of minutes.  Generally
                       even a short delay (1-5min) works to kill the fantastic
                       quantities of spam originating from forged addresses or
                       spam zombies.  As pp said, it delays _all_ mail as well
                       as blocking mail from misconfigured MTAs that don't
                       understand 450s.  Also what helped us was really severe
                       rate limiting of mail from all APNIC netblocks (no more
                       than x mails from a given IP to a given address within y
                       timeframe) and "cooling down" periods for IPs generating
                       too many 550s within, say, a minute.  Pp is correct
                       that greylisting does not stop determined spammers, but
                       generally it's too much effort for most of them.  -John
                       currently it's too much effort for most of them.  -John
                       \_ thanks, john.         -kngharv
                       \_ Poll: Should CSUA adopt greylisting?
                          Yes: ..
                          No : ..
                          \_ Greylisting can be rather heavy on memory usage.
                             Last I checked, soda doesn't exactly have a lot
                             of it.
                             \_ Maybe this should wait until the new soda
                                is put in place?
                             \_ How much does it have? How much does it
                                need? What will it cost?
                       \_ For me, pre-greylist = ~30 spam per day.  post-
                          grey-list = ~4 spam per day.
                    \_ Greylisting (or maybe just sendmail) pisses me off.
                       When you send a multi-recipient e-mail and one recip is
                       greylisting, all recips after that person block until
                       it goes through.  This could just be sendmail's sucky
                       sending semantics.   --dbushong
                       \_ How would sendmail's smtp greeting delay compare
                          for suck/gain tradeoff? --jon
2005/9/2-3 [Computer/SW/Languages, Computer/SW/SpamAssassin] UID:39462 Activity:nil
9/2     Is it possible to set up an auto-reply on cusa account?  How to do it?
        Create a .auto-reply file?
        \_ man vacation
          \_ follow the vacation man, my test account get an auto-reply
             containing "|/usr/bin/vacation
                        (reason: Command line usage error)"
        \_ man procmailex
           \_ thanks procmail auto-reply worked for me.
              \_ How is your loop detection?  -tom
2005/8/18-20 [Computer/SW/SpamAssassin] UID:39159 Activity:nil
8/18    help from procmail wizard.  I would like to do two things with
        procmail.
        1. if the message is encoded in CP-1251, I want to send it to spam
        2. if the message is encoded in some other legacy encoding, i would
           like to use iconv to convert to utf-8.  How to do these?  TIA
2005/8/4-5 [Computer/SW/SpamAssassin] UID:38989 Activity:nil
8/4     Does spamassassin report spam to spam@ftc.gov?
        \_ Can't you just bounce it?  -John
2005/6/24-27 [Computer/SW/SpamAssassin] UID:38285 Activity:nil
6/24    In my procmail log file, it says:
                csh in malloc(): warning: recursive call
                Out of memory.
        What is the meaning of this?
        \_ helps if you show us your .procmailrc
          \_ It's hundreds of lines long.  I was thinking it was
             not something specific to my .procmailrc but that the
             system was just out of memory.  Assuming it's something
             within my .procmailrc, would could cause a recursive call?
2005/6/20 [Computer/SW/SpamAssassin] UID:38201 Activity:nil
6/19    Hey does anybody know if hotmail silently discards mails with
        >-quoted text? I have sent somebody a fairly important mail
        and then a followup ping a week later and have not heard back.
        This is a communication of mutual importance and have successfully
        traded 3 or so email cycles, so a blowoff is unlikely as is some
        complete failure like a blacklist [dont have phone#]. It is possible
        there was an emergency and the other party is off-the-grid but am
        trying  to get a sense of the false positive rate for spam control
        on a normal text message for these large email sites.
        \_ Suggestion: create a hotmail account and send test messages to it.
           How important could your email friend be if email is the only way
           you have to communicate with them?  If you have a name and city
           you can get their phone number.
        \_ Hotmail sucks and you're stupid to use it for important stuff. I've
           seen their junk filter silently filter stuff (throwaway forum
           registrations that I use it for), without putting it in a junk
           folder. Turning their spam control off completely might help.
2005/6/7-9 [Computer/SW/SpamAssassin, Computer/SW/Unix] UID:38011 Activity:nil
6/7     Anyone else use forwarding from procmail & unix mail? I'm
        been having a problem with something that used to work.
        I forward email from another account to csua via procmail.
        Mail headers come with a format that looks like:
               From sender@sender.com Tue Jun  7 13:30:20 2005
               Status: RO
               >From mds  Tue Jun  7 13:30:20 2005
                ...
        Normally I use POP for email, but sometimes when I'm in a
        rush I use command-line "mail".  When I read/delete some
        messages and enter 'q', it saves the resulting messages with
        a space between the "Status" and ">From" lines.  Haven't been
        able to find anything via google, but I know that it didn't
        previously do this (e.g. a month+ ago).  Has anyone else had
        the same problem?  Thanks!
        \_ read your email with mutt like a real man.
        \_ Consider setting up a procmail rule to pipe everything through
           formail before further processing. -dans
2005/5/4-5 [Computer/SW/SpamAssassin] UID:37515 Activity:nil
5/3     Procmail question.  For messages over, say 1 Meg, I want to
        add '[OVERSIZED]' to the subject.  The following works,

           | sed 's/^\(Subject:\)\(.*\)$/\1 \[OVERSIZED\]\2/'

        but, how can I do this if there is no "Subject" field to
        begin with?
        \_ Changing subject is quickly done using formail.
        http://info.ccone.at/INFO/Mail-Archives/procmail/Jan-2002/msg00413.html
           From there you should be able to figure out the rest.
          \_ Didn't work.  -op
            \_ This is a similar rule I had, that worked:
                :0 c
                * ^TO.*(list@uc-hiking-club.berkeley.ca.us)
                {
                        SUBJECT=`formail -xSubject:`
                        NEWSUBJ="Subject: CHAOS: $SUBJECT"
                       :0 fhw
                       | formail -i "$NEWSUBJ"
                       :0
                       ! address@imap.cs.berkeley.edu
                }
           \_ Right on!  That works.  Thanks!  -op
2005/5/3-4 [Computer/SW/SpamAssassin] UID:37509 Activity:kinda low
5/3     Procmail question.  For messages over, say 1 Meg, I want to
        add '[OVERSIZED]' to the subject, forward the message to another
        acct, and send myself a message at csua notifying me of the
        oversized message.  I have not been able to do this successfully.
        It should be something like this:

           :0
           * > 1000000
           {
           :0fw
           | sed 's/^\(Subject:\)\(.*\)$/\1 \[OVERSIZED\]\2/'
           :0
           !otheraccount@gmail.com
           }

        and then somehow I need to email myself the notification.
        Also, this wil only work if the message has a Subject field.
        How can I do this for the more general case?
        \_ Changing subject is quickly done using formail.
        http://info.ccone.at/INFO/Mail-Archives/procmail/Jan-2002/msg00413.html
           From there you should be able to figure out the rest.
          \_ Didn't work.  Put a bunch of error messages in my log file,
             and got rid of the subject.  -op
             got rid of the subject, and sent 2 copies of the message to
             the other account.  -op
2005/4/26-27 [Computer/SW/SpamAssassin] UID:37364 Activity:nil
4/26    The new version of spamassassin stopped adding "SPAM" to the
        subject of spam emails.  What can I change in .spamassassin/user_prefs
        to make it do this again?  Right now, I have the following line:

                subject_tag [SPAM]
        \_ rewrite_header subject " [SPAM]"
           --dbushong
2005/4/13-5/25 [Computer/SW/Languages/Perl, Computer/SW/SpamAssassin] UID:37167 Activity:nil
4/14    Perl upgraded to 5.6.2. SpamAssassin (spamd/spamc) upgraded to 3.0.2.
        moria (and angband, and NPPAngband) installed, for all you really
        old-schoolers.
2005/4/2-5 [Computer/SW/SpamAssassin] UID:37044 Activity:nil
4/2     Anyone getting scads of 'stock pick' spams with some permutation of
        (-st0ck52 @ http://Yahoo.com-) as an unsubscribe address?  Know a valid
        unsubscribe adress for them?  I've tried most combinations and no, I
        don't care about "don't-respond-or-they'll-know-the-address-is-live"
        as a fair number of spammers actually respect unsubsribes.  I haven't
        managed to get spamassassin to figure these out.
        \_ no, but i'm suddenly getting a ton of "your bank account has been
           compromised. please verify your password."
2005/4/1-2 [Academia/Berkeley/CSUA, Computer/SW/SpamAssassin] UID:37018 Activity:nil
4/1     So I keep hearing from people I know that my soda account randomly
        bounces email.  The only thing I ever get now is spam.  Is it time
        to retire the soda account for good?  Will soda ever be well?
        \_ I think /var was full the other day.  Some people had trouble
           emailing me and I couldn't send email from soda.
2005/3/24-28 [Computer/HW/Memory, Computer/SW/SpamAssassin, Computer/SW/Unix] UID:36849 Activity:nil
3/24    I have a procmail process on Linux that I would like it to talk
        HTTP to a servlet (or any URL for that matter).  What is the most
        efficient (the smaller the memory footprint, the better) and the
        most scalable (we do have heavy email volume) and the most performing
        way you can think of?  TIA.
2005/2/28-3/1 [Computer/SW/SpamAssassin] UID:36455 Activity:nil
2/28    Unintended consequences of spam-blocking (and spam of course):
        http://news.lp.findlaw.com/andrews/pl/med/20050223/20050223barnes.html
        \_ Legit or not, this is almost certainly going to become the "My
           dog ate my homework!" excuse for attorneys who missed deadlines
           through laziness.
2005/2/23-24 [Computer/SW/SpamAssassin] UID:36388 Activity:low
2/23    I sometimes receive spams that has apparently nothing to sell, or
        messages to spread.  What are they for?
        \_ spam fishers. If you didn't bounce the mail, you're gonna get
           a lot more spams in the future. Sorry.
           \_ How do I bounce the mail back to sender in a way that makes it
              think my email addr doesn't really exist?
              \_ I don't think this is possible (it wasn't last I
                 checked) but I think it's a feature that needs to be
                 added.
                 \_ Forward them to spam@ftc.gov, spam@uce.gov and uce@ftc.gov
                    (don't know which one is the real one).  Better than no
                    action at all.
2005/2/8 [Computer/SW/SpamAssassin] UID:36101 Activity:moderate
2/8     How do you guys get rid of spam in this account?
        \_ spamassassin -> gmail
2005/1/26 [Computer/Companies/Google, Computer/SW/SpamAssassin] UID:35907 Activity:nil
1/26    Has anyone else had problems with Gmail not recieving mail?  I've had
        one person get a delivery failure message and another person say they
        sent mail, got no failure notice, and I never recieved it.  Is this a
        common problem of am I just corresponding with dinks who can't figure
        out how to send email?
        \_ I had problems when I bounced mail from another account to my gmail.
           I never received any failure notice, but didn't receive the mail
           either.  Forwarding worked.  Funny thing was that after trying the
           bounce multiple times and fail, I forward, and all of a sudden, the
           forwarded mail shows up in gmail along with all of the bounced
           mails.  That was about a month ago.  Bouce seems to work for me now.
        \_ No, but gmail filters spam very aggressively, so I get lots of
           false positives. Search through your spam folder first.
           \_ Neither showed up in spam (I've gotten no spam yet), they just
              never got there.
2005/1/20 [Computer/SW/SpamAssassin] UID:35831 Activity:kinda low
1/20    I am getting spam that doesn't have a "for" header.  It has a Received
        "By" and "From" header but no "for".   Is "for" not required?  Does
        "legitimate" mail ever not have a for header?  If not how would I tell
        procmail to filter it, if so, how would I tell spamassassin that it
        \_ well, how about the following in your .procmailrc?
# The following deletes anything that doesn't have the right To field.
# However, most mailing lists don't have it either, so you may
# want to rewrite rules.
:0
* !^To: holubtom@csua.berkeley.edu
spam
2005/1/11-12 [Computer/SW/Languages/Perl, Computer/SW/SpamAssassin] UID:35663 Activity:nil
1/11    How do I set up a spam filter without hosing soda with perl processes?
        (something running on soda, not in my Windoze e-mail client)  Thanks!
        \_ The best you can do is to run spamc (which uses the shared spamd
           daemon) instead of running spamassassin directly.
2005/1/11 [Computer/SW/SpamAssassin] UID:35654 Activity:nil
1/11    FTC Moves to Stop Illegal X-Rated Spamming
        http://csua.org/u/anw
        "Harrington said the agency located the companies and individuals
        through e-mails consumers sent the FTC's data base in the spring."
        Wow!  I didn't know that spam forwarded to the FTC are actually looked
        at.  I thought it was a /dev/null to keep the public happy.  Can we
        make SpamAssasin forward all spam automatically?
        \_ Aargh, mixed feelings....
2005/1/9-11 [Computer/SW/SpamAssassin] UID:35626 Activity:kinda low
1/9     Why are people so antisocial as to hose soda terribly with
        spamassassin processes?
        \_ what is antisocial about using spamassassin?
           \_ People who don't use spamc, or are runing their own version of
              spamd instead of using the system process.
              \_ I used spamc and stopped when the spamd kept dying.
        \_ Without evil, how would we know good?
           \_ Now that we know who you are, I know who I am. I'm not a mistake.
        \_ Would you please explain how not to be evil?  --PeterM
        \_ From my first moments in aspo's cruel crush of demonic love, I have
           been a slave to evil.
2005/1/9-10 [Computer/SW/SpamAssassin] UID:35622 Activity:nil
1/9     I've noticed that quite a few people will have an email address on
        their resume that says something like
        "firstname<dot>lastname<at>hostname<dot>com".  Is there really any
        point to this?  Are there actually spam programs downloading people's
        resumes in .pdf and .doc format, extracting the email address and
        adding it to spam lists?  Does anyone have any actual evidence that
        this threat is real?  It seems to me that if it is a real threat,
        just putting in a bitmap of your real email address without the
        stupid <dot> and <at> crap would do the same thing in a less annoying
        way.
        \_ Yes, the "threat" is real.  Spammers troll through newsgroups,
           webpages, etc. to gather possible addresses.  And how would you
           suggest putting a bitmap into the From field of a newsgroup
           posting?  Also, many of the later viruses scan all files on the
           infected computer for well-formed email addresses and propogate
           itself with those addresses as a forged from.  There is some
           speculation (and it seems well founded) that these were released
           in the wild as yet another way to skim valid email addresses off
           the net.
           \_ Thank you.  That is useful.  I can see how the <at> stuff would
              be useful for usenet, but I meant that for a resume you could
              embed a bitmap of your email address if it was in .pdf format
              with no loss of visual quality.
2005/1/7-8 [Computer/SW/SpamAssassin] UID:35595 Activity:low
1/7     So, is TinyP2P really only 15 lines, or should we include the numerous
        imports?
        \_ It's written in Python, what do YOU think?
           \_ I think some humorless people don't get things. -op
           \_ import spam, spam, spam, spam, spam, spam, spam, spam # I think
2005/1/7-8 [Computer/SW/SpamAssassin] UID:35594 Activity:nil
1/7     How do I have spam assasin dump spam to /dev/null?
        \_ In your .procmailrc, just put /dev/null instead of the name of
           your spam folder.
2005/1/1-2 [Computer/SW/SpamAssassin] UID:35510 Activity:high
12/31   Uh, is it me, or it seems that the spammers are getting better and
        getting through spamassassin, a lot more frequently in the past
        few weeks?
        \_ ifile
           \_ Alas, no.  Most of the things I have getting through SA are
              dictionary attacks that fuck the Bayesian net.  Ifile, which
              _only_ depends on this will do even worse.
              \_ Using the two in combination gives near perfect results.
                 \_ What does ifile do that the SA Bayesian code doesn't?
                    \_ Not sure, but I'm not having any problems with spam.
                       The one thing I can claim is that the ifile database
                       is vastly smaller on disk than SA; currently it's
                       < 300Kb.
2004/12/27-28 [Computer/SW/SpamAssassin] UID:35452 Activity:low
12/27   Why did spamassassin suddenly stop working?
        \_ it might not be working for you if you are over quota.
           \_ I am under quota.
              \_ Spamassassin has built-in anti-hozer technology.  You
                 are a hozer and spamass knows!  It doesn't like you!
                 \_ It works again now w/o me changing anything.
2004/12/25-27 [Computer/SW/SpamAssassin] UID:35439 Activity:nil
12/25   Anyone else notice spammers being out in full force the last couple
        of days? The amount of spam that has gotten past the spam filter
        seem to have increased ten fold.
        \_ The last two weekends, definitely.  I've also seen a number
           of email services being crushed because of bounces to forged
           From addresses.  Bad shit.  --scotsman
2004/12/18-20 [Computer/SW/SpamAssassin] UID:35350 Activity:nil
12/18   Why is shit like "replica watches" still getting through SpamAssassin?
        Aren't the rules updated regularly? And how do I increase the number
        of points that the Bayesian filter can add? thanks.
        \_ perldoc Mail::SpamAssassin::Conf
           As for why, look at the report of tests failed in the message
           header.  It will always be easier to defeat filters than to
           detect spam; detecting spam is an unbounded problem.  -tom
           \_ Like NMD.
2004/12/10-11 [Computer/SW/SpamAssassin] UID:35239 Activity:high
12/9    Does anybody have a bunch of spam (sent to a soda address) I can feed
        to my Bayes spamassassin routine? -- ulysses
        \_ /csua/tmp/mail/scotsman/spam.*
        \_ /csua/tmp/scotsman/mail/spam.*
           Tons...  --scotsman
           \_ directory does not exist?
              \_ fixed.
                 \_ wow, thanks! (LOTS of spam indeed!!!)
        \_ I remember the good old days when most/all of my spams were
           filtered.  Nowadays, I get an average of of 20+ spams a day.  :(
           \_ The server http://zog.net runs on has a combination of a few (fairly
              conservative) blacklists, Postfix with greylisting, and rate
              limiting for inbounds coming from any given IP (really harsh
              limits set for any APNIC IP.)  The spams are kept to a tiny
              minimum, especially after greylisting and setting a 2/second
              limit for the Asian addresses.  -John
        \_ Got a pointer as to how to set this up???
           \_ What do you mean by "set this up". What do you wish to do?
              -- ulysses
              \_ Someone set us up the spam!
              \_ I want to enable bayesian filtering on my mail spool.
                 \_ Oh...The short version is, if you are using SA, it already
                    is unless you've turned it off in your userprefs. SA
                    requires training on a minimum 200 hams & 200 spams before
                    it will begin adding Bayes-based scores, though. You can
                    adjust these minima in the userprefs. Email me if you
                    want to here more or google for sa-learn. -- ulysses
                    want to hear more or google for sa-learn. -- ulysses
2004/12/4-5 [Computer/SW/SpamAssassin] UID:35169 Activity:nil
12/3    Is oxford-royale.co.uk valid?  Or is this a new spam/phishing scam?
2004/12/2-4 [Computer/SW/SpamAssassin] UID:35153 Activity:nil
12/1    If somebody has a procmailrc that *appends* list-serve messages to an
        existing mailbox file, I would like to see it. I only see how to copy
        msgs to a dir, each as a separate file. I have STFW and am apparently
        between two highly separate quanta of procmail fu. --ulysses
        \_ i don't understand your question.   if you don't specify
           any rules, procmail will filter all your mail into one file.
           if you specify another rule, it will filter the filtered mail...
           into a file, appending the new messages to the existing
           messages in the file.  what can't you do?
           \_ Never mind. I found what has been wrong all this time. It had to
              with the fact procmail cds to $MAIL as soon as that variable is
              declared. Thanks.
        \_ MAIL = /home/username/mail
           ### bugtraq
           :0c:
           * ^List-Id:.*bugtraq.list-id.securityfocus.com.*
           $MAIL/bugtraq
2004/11/22-23 [Computer/SW/SpamAssassin] UID:35027 Activity:kinda low
11/22 wow... first spam utilizing figlet-style letters. bastards
     ____            ___
    /\  _`\         /\_ \
    \ \ \L\ \    ___\//\ \      __  __  _
     \ \ ,  /   / __`\\ \ \   /\__`\\ \/\'\
      \ \ \\ \ /\ \L\ \\_\ \_/\  __/\/>  </
       \ \_\ \_\ \____//\____\ \____\/\_/\_\
        \/_/\/ /\/___/ \/____/\/____/\//\/_/
        \_ spamassassin didn't mark this as spam.
2004/10/28-29 [Computer/SW/Database, Computer/SW/SpamAssassin] UID:34416 Activity:nil
10/28   Re: "spamassassin going over quota" thread below, I will restate:
        Try ifile.  It's an excellent bayesian filter whose database currently
        uses less than 230K for me.
        \_ I tried setting up ifile. It was that much more complicated and
           didn't work nearly as well as sa once I did. YMMV. Still, if sa is
           going to consistently involve up to 10M of reference files, I may
           give it another go. I have only so many hours to burn on this stuff,
           though. I am not the sysadmin from a couple of days ago who "works
           1.5 hours a day".
2004/10/24-25 [Computer/SW/SpamAssassin] UID:34316 Activity:moderate
10/24   Is everybody getting spams purportedly from SBC that ask you to click
        at some http://sbc.m0.net/xxxxxx ? The emails look legit enough and
        SBC does have my my soda email, but I explicitly opted out from any
        updates and the link address looks suspicious.
        \_ It's known as "phishing", is very common (especially to try to
           collect bank/login details for some official-looking page), and
           often uses some sort of browser exploit to make you think you're
           at a legit page (in this case obviously not.)  -John
        \_ <DEAD>m0.net<DEAD> is a domain used by Digital Impact, which is a legit email
           marketing company that makes suspicious URIs
           http://www.digitalimpact.com/clientslist.php
           \_ Don't you just hate it when companies do that?  I got a mail
              from ETRADE through <DEAD>p0.com<DEAD> and thought it was fake, so I
              forwarded it to security@ and got a reply saying that it's
              real.  No matter.  I always go to their site directly and find
              where I need to go, even when they give me a link.
              \_ Since I explicitly opted out of everything when I signed up,
                 is SBC risking big fines by spamming me, or is there always
                 an escape clause for big companies?  -op
                 \_ What they usually do is add a new class of message that
                    you have to opt out of.  It is very unlikely you'll
                    successfully sue them.  -tom
                 \_ Maybe you should ask a trial lawyer
2004/10/23-24 [Computer/SW/SpamAssassin] UID:34313 Activity:kinda low
10/23   Oh great... now I'm getting tinfoil spam from both the left and
        the right.  All of you please die.  Thank you.
        \_ Didn't CAN-SPAM (or something similar) have some provision allowing
           for "informative messages" from politicians?  Tee hee.  -John
2004/10/23-24 [Computer/SW/SpamAssassin] UID:34310 Activity:nil
10/23   Okay, I'm now getting a couple of spams per week offering me deals
        on Rolexes.  Wtf?  The guys at the gas stations bought computers?
2004/10/14-16 [Computer/SW/Database, Computer/SW/SpamAssassin] UID:34119 Activity:nil
10/14   I've been getting some errors trying to mark spam in spamassassin
        the last few days. "Cannot open bayes databases [...]
        Inappropriate file type or format." RTFMing seems to indicate
        that I need to migrate my bays_tok database using the BerkeleyDB
        db_dump program, but I can't seem to find this executable. Pointers
        to the program or alternate solutions appreciated. Thanks!
        \_ db3_dump might be what you're looking for -dwc
        \_ did they install spamassassin 3.0 on the machine you're using?
           it seems like in 3.0 the bayes database format changed, so you
           need to retrain.

           need to retrain.
2004/10/7 [Computer/SW/SpamAssassin] UID:33966 Activity:nil
10/4    There's an email account I created and used for donotcall.gov
        and today I started getting spam on it. What happened???
2004/10/6 [Computer/SW/SpamAssassin] UID:33948 Activity:moderate
10/6    in honor of Rodney, " i get no respect, i get spam automatically
        rejecting me for home loans "
        \_ " i get no respect, i get spam asking me to turn off my webcam"
        \_ I hear that they're donating his body to science fiction. No
           respect, I tell you, not even in death. (RIP)
        \_ "I get no respect, my MOTD trolls don't even get nuked."
        \_ "I get no respect, <DEAD>Make-my-penis-grow.com<DEAD> thanked me for buying
            from http://TeenGirlz.com"
2004/9/26-27 [Computer/SW/Languages, Computer/SW/SpamAssassin] UID:33760 Activity:high
9/26    What's the line for .forward to send incoming mail via procmail,
        and _then_ forward to a@b.com?
        \_ A .forward file isn't powerful enough for that.  Do it all from
           procmail instead, by adding this to the end of your .procmailrc:

               :0
               ! a@b.com
               \_ That will eventually create a mail loop that's not detectable
                  by sendmail.
                 \_ Erk, cool, thanks.  Any way around this?  -op
        \_ i use the following in my .procmailrc... if this can still create a
           mail loop, please let me know how to fix it:
           :0c:
           *!^FROM_MAILER
           ! a@b.com
           \_ Use something like this:

              :0f
              *!^X-Loop: yourname@csua.berkeley.edu
              | formail -A"X-Loop: yourname@csua.berkeley.edu"

              :0ac
              ! a@b.com

              Some comments: 1) there is no need to use locks since you're
              not writing to a file. 2) The "X-Loop: yourname@csua.berkeley.edu"
              header keeps track of whether this message has been forwarded
              before.  3) You can combine this with any other rules you have on
              your mind. 4) these two recipes must be listed strictly in this
              order (see the meaning of "a" flag).
              I have been using the plain "!" recipe without any checks before
              and got burned many times and as a mail sysadmin I have seen lots
              of users get burned by this too. The problems usually start when
              the <DEAD>b.com<DEAD> refuses to accept mail for some reason.  Then sendmail
              will attempt to deliver the bounced message to your mail box. But
              since you have a procmail rule that tries to forward everything
              to the other host, it will keep forwarding mail until your csua
              account goes over quota.  Your *!^FROM_MAILER rule might work
              fine for this purpose too, but it will fail to forward messages
              that were mail errors that didn't appear as a result of a failed
              mail forwarding attempt.
              \_ thanks! -FROM_MAILER guy
2004/9/20 [Computer/SW/SpamAssassin] UID:33631 Activity:nil
9/20    If I create an online comment form, do I have to worry about a
        robots.txt to prevent spiders from sending lots of blank comments?
        \_ Don't worry about it, robots don't do "submit".
           \_ More accurately, the robots that pay attention to a robots.txt
              file don't do submit. However, many blogs are being inundated
              with comment spam from robots.  I think some of the popular
              weblogging software has tools to minimize this.
2004/9/8 [Reference/RealEstate, Computer/SW/SpamAssassin] UID:33421 Activity:nil
9/8     Can someone please explain the following spam that I just received:
        "Any prime minister can bounce apartment building beyond marzipan, but
        it takes a real freight train to sheriff living with.Any short order
        cook can seek related to satellite, but it takes a real bubble to
        toward midwife.And befriend the dark side of her philosopher."
        ??? What is this an advertisement for?
        \_ umm, that's just some random text to fool spam filters. the real
           pitch is probably an html attachment or graphic or something.
           \_ Nothing was attached.
        \_ It's most likely an address miner.  It didn't get bounced, so it was
           sent to a valid address.
           \_ No need to send any text in that case.
2004/8/30 [Computer/SW/SpamAssassin] UID:33226 Activity:high
8/30    I just got a spam that included references to Empedocles and
        Anaxagoras in order to get past the spam filter (it obviously
        got through).
                 \_ You need a permit to hold a protest in a public park.
        \_ Are you sure it wasn't just email from psb?
2004/8/9 [Computer/SW/SpamAssassin] UID:32773 Activity:kinda low
8/9     I am looking for tools which removes email attachments from the
        mailbox while leave the rest of the email text intact.  Does such
        thing exists?
        \_ what mail format?
        \_ command line or graphical?  you can do this with procmail
           \_ You can also do it with mutt.
        \_ procmail
           \_ standard RFC-compliant mailbox format.  I thought about
              procmail.  I would like to do the following:  change all
              HTML to text (lynx), all the WORD document into pure text.
              and... use iconv to change non latin character set to UTF8.
              Procmail wizard... show me example(s) please?  --OP
2004/8/6 [Computer/SW/SpamAssassin] UID:32747 Activity:moderate
8/6     I'm sending a reminder mail out with cron.  So I used the:
        mail recpiant@nowhere.com < email         command.
        This works but I don't get a subject.  How can I send my email
        with a subject?  No, this isn't Spam.  -jrleek
        \_ mail -s "Make money fast" recpiant@nowhere.com < email
           \_ but make sure you are using /usr/ucb/mail since /usr/bin/mail
              doesn't have the -s option
           \_ as if any spammer is doing that.
              \_ Well I needed a sample subject line so I decided to make fun
                 of his assertation that he wasn't spammming.
2004/8/6 [Computer/SW/SpamAssassin] UID:32734 Activity:nil
8/5     spamassassin 2.64 installed; bugs to mconst.
2004/7/19-20 [Computer/SW/SpamAssassin] UID:32365 Activity:high
7/19    Why SpamAssassin is totally doomed:
        http://cockeyed.com/lessons/viagra/viagra.html
        \_ This was already posted, and it was stupid the first time.
           \_ AFAIK, this is the third time someone posts this link.
              (first one was months ago)
        \_ I don't know about you, but I found Spamassassin does a pretty
           good job as it is.
        \_ anyone who tried to combine Chinese Word segmentation methods
           and spamassassin so it can be used to filter out Chinese junk?
2004/7/3 [Computer/SW/SpamAssassin] UID:31153 Activity:very high
7/3     Does Soda's spamd check against Razor and DCC? On my own server, I was
        getting 20-30 spams per day and when I added DNS/RBL checks, now I get
        about 2/week. I rarely get Spam on soda, so I'm guessing the answer is
        yes.
        \_ read the spamassassin score. the answer is there.
2004/7/2-4 [Computer/SW/SpamAssassin] UID:31126 Activity:high
7/2     I notice that in my .spamassassin directory, there is a 5
        Meg file called bayes_toks.  I _do_ understand why it is there.
        But, there is another 5 Meg file called bayes_toks.expire84232.
        And there are 4 other bayes_toks.expire files of varying
        size.  Why are they there?  Can I delete them?  My spamassassin dir
        takes up nearly 13 Megs.  I gather that the expire files can be
        deleted.  I believe that I hit my hard quota while spamc was
        running, leaving these orphaned files.  Assuming this to be the
        case, how do I stop spamc from auto-learning?
         \_ So, I noticed that in my messages that were classified as spam,
            it said "autolearn=no", but in those classified as ham, it said
            "autolearn=ham", so I thought that the expire files are created
            while it's trying to auto-learn.  But in fact, it seems that it's
            when I receive spam (at least in one case) that it creates the
            expire files.  What is it doing when it is creating
            bayes_toks.expire files and how do I get it to stop?  I just
            want it to filter my mail.  Why should it create any files?  I
            can sa-learn it on my own time.  -op
        \_ autolearn=no means spamassassin doesn't know whether it is spam or
           ham.  You need to train spamassasin manually with that message.
           According to the global setting in
           /usr/local/share/spamassassin/10_misc.cf
           Any mail with score > 12 is learnt as spam.
           Any mail with score < 0.1 is learnt as ham.
        \_ http://csua.org/u/80t
           \_ this is a good example of why url shortening can be bad.
              \_ I don't think it's terribly bad, but if it makes you feel
                 better, I've changed the result page for shortcutting so it
                 shows Title: link for easy copy-and-pasting of the whole
                 thing.  It won't necessarily end up shorter than the original
                 that way, but it will possibly be more informative.  --dbushong
                 that way, but it will possibly be more informative.
                --dbushong
2004/6/30-7/1 [Computer/SW/SpamAssassin] UID:31102 Activity:high
6/30    http://www.mailinator.net/mailinator/Welcome.do
        Can be very useful. After http://bugmenot.com, this looks like a very
        neat site.
        \_ This is cool.  You might also like http://spamgourmet.com (which doesn't
           make your email public, and doesn't delete it after a few hours;
           however, it does require you to sign up).
           \_ or sneakemail.
        \_ I don't get it. Why not just create a specific spam account and use
           that for these throwaway things? Seems easier than dealing with
           these services.
2004/6/30-7/1 [Computer/SW/WWW/Browsers, Computer/SW/SpamAssassin] UID:31094 Activity:nil
6/30    Gmail Q:   I already got my first peice of uncaught spam.
        I'm not 100% sure from the subject, though, so I want to open it.
        I don't want to read any images from their server (obvi) and I don't
        see a config setting for that.  Is there one that I have just missed?
        \_ gmail doesn't seem to show me images by default anyways.
        \_ You can't use lynx or elinks?
2004/6/30 [Computer/SW/SpamAssassin] UID:31080 Activity:insanely high
6/30    Fucking spammers. Even after using spamassassin and using sa-learn
        on every single spam I get, I still get about 10 a day. I seriously
        hope those guys get a nice ass raping in jail.
        \_ Thanks for sharing.
        \_ I firmly believe that the only solution to the spam problem will be
           vigilantism.  And I mean hiring a guy named Vinny to go break a
           spammer's thumbs.
                \_ fuck vinny, send in the special forces
           \_ We used to talk about this in grad school a lot, going to find
              the script kiddies who broke into our machines. We thought we'd
              figure out who it is (== snot-nosed 14 year old from Ohio),
              take a roadtrip, and surprise the kid's parents when they'd
              come home and find their kid duct-taped, spreadeagled, upside
              down attached to their garage door.
              \_ Cf. The Big Lebowski
              \_ why are you workstations on public net?  NAT is exists in
                 part to protect people like you from yourselves on the
                 dangerous public network you're not ready for.
           \_ You can still click a mouse without a thumb.
              \_ "If you disable your enemy's hand, he cannot press a button.
                  Medic!".
        \_ I run something that works.  All that's slipped through in the
           last month are 3 0 body messages and 2 spams.  So keep looking,
           maybe you'll find a spam filter that works for you.
        \_ I use SA.  About 1 spam per week makes it to my inbox.  The rest
           goes to my spam folder.  About 1 ham per month gets in the spam box.
           \_ You manually go search for ham among hundreds of messages?
2004/6/22-23 [Computer/SW/SpamAssassin] UID:30961 Activity:nil
6/22    How do I get rid of the header of a message in procmail?  I want
        to take only the body of a message and save it to a file/folder.
        \_ Use ":0 b" at the beginning of the rule instead of just ":0".
2004/6/22 [Computer/SW/SpamAssassin] UID:30949 Activity:high
6/22    Simple mail question: How do I set up .forward to only forward mail
        that has passed my spamassassin filter?  (I want a copy of my mail to
        go to my yahoo account)
        \_ Read up on procmail
        \_ set up procmail to stick all email flagged as spam in your spam
           folder on soda (or stick it in /dev/null) and have your last
           procmail rule be 'forward your mail to your yahoo account'
           \_ Got it, thanks!  Procmail is sweet.
              \_ How can you have unix based email and not use procmail?
                \_ Was using it but had cut and paste a recipe together,
                   finally took the time to read up on it some more
                   \_ Excellent.  The motd is a good place for procmail help
                      if you're not asking RTFM questions.
2004/6/18-19 [Computer/SW/SpamAssassin] UID:30913 Activity:high
6/18    Goddammit! What is up with soda's spam blocking??? 50 German messages
        in a day! Didn't happen last week!
        \_ you only got 50?  lucky you.  i'm getting 300/day...
           \_ Try saving a bunch of them (at least 50) to a file, and run
              sa-learn --mbox --spam filename
        \_ and I'm getting them at work now...
        \_ Forward all of them to uce@ftc.gov.
2004/6/17 [Computer/SW/SpamAssassin] UID:30856 Activity:very high
6/17    Is spamassassin broken?? I'm getting tons of German messages in my
        mailbox
        (yes, I have the proper .procmailrc set up). This is recent as of
        this week.
        \_ No, Spamassassin just sucks.  But seriously, the german spam has
           taken a lot of antispam people by surprise.  Run them through SA's
           Bayes filter.  A few should do it.
           \_ SA caught the German spam for me.  SA has worked great for me for
              years.  I don't understand what the rest of you are doing to
              make SA not work.
        \_ Geben Sie ihr grosseres etwas!
2004/6/16 [Computer/SW/SpamAssassin, Computer/SW/Unix] UID:30838 Activity:very high
6/16    It's not in any way against CSUA policy to have procmail check
        your quota each time it runs, is it?
        \_ Why would it be?
           \_ I think the quota file might be a bit of a chokepoint for the
              filesystem; probably bad if everybody were to do it.  Perhaps
              try du -d1 instead?
              \_ du -d1 is way more impact than quota.  -tom
              \_ Yeah, wow.  Use your head: with quotas on every filesystem
                 op results in a quota check; how can it be high overhead?
                 \_ Please correct me if/where I'm wrong: quota files are
                    maintained at the root of each file system, and,
                    empirically, I've noticed that quota results are cached:
                     quota -v; rm reallyBigFile; quota -v; sleep; quota -v;
                    I imagine this cache resides at the FS root as well, so
                    hundreds of users x hundreds of spams = 1000s of writes
                    to the quota cache = possibly slow disk access.
                    Different cases possible with softupdates and/or
                    kernel-based memory cache.
                    \_ Quotas are kept in memory, in the kernel; you can
                       access them with the quotactl system call.  There
                       are quota files at the root of each filesystem too,
                       but they're only used to initialize the kernel's
                       quota information at boot time.

                       Since it's all stored in memory, updating the quota
                       information when you create and remove files is
                       trivial.  You only see delays because soft updates
                       is delaying the actual writes to your files, and thus
                       delaying the quota updates too -- on systems without
                       soft updates, quotas update instantly.  --mconst
                    \_ you could have verified this yourself by using the
                       "time" command to see that du -d1 takes an order of
                       magnitude longer than quota, instead of sounding off
                       like a moron.  -tom
                       \_ great way to encourage discussion.  you rock!
                    \_ That suggests that although writing/deleting lots of
                       spam could load the system (which we already know)
                       lots of people reading the quota file will probably
                       not be a big load, or at least not any worse than
                       reading a file of spam-filtering rules.
        \_ depends on your personality
        \_ I'll take this discussion as "No, it's not against policy".
           \_ you can take it that way (i would) but just be sure you don't
              end up a hoser; that's the policy you need to worry about
              here. - erikk
2004/6/12-14 [Computer/SW/SpamAssassin, Computer/SW/Unix] UID:30772 Activity:high 64%like:30791
6/12    I'm going to switch my dsl provider this month and the new guys don't
        offer webmail. Does anyone know of a cheap (~ $5/mo) web mail provider
        who is reasonably reliable? I've been told to take a look at .Mac, but
        I'd like to hear other suggestions. tia.
        \_ I use http://totalchoicehosting.com and have mail (imap, pop3, webmail) as
           well as www and ftp.  Starts at $4/mo.
           \_ thanks I'll take a look.
        \_ gmail
           \_ I'm not interested in free services that read your email and
              stick stupid ads in the messages. I also don't want to have
              a bunch of junk cluttering up the web ui.
              \_ the ui is really nice, not cluttered, the ads are very
                 subtle, and it doesn't _read_ your mail, unless you think
                 just having your data on their servers means "reading"...
                 it's on-the-fly keyword triggers, not "reading."
                 \_ How is the spam filtering on gmail?
                 \_ Are you either a google employee or a friend of one who is
                    likely to materially gain from friends-and-family options
                    in the IPO?  On-fly-the keyword triggers means they had to
                    scan my mail.  I don't care if they did it when it came in,
                    when it was sitting on their servers or "on-the-fly" when
                    I read it.  They're still reading for content.
                    \_ wow, so what do you think the other webmails do when
                       they scan for viruses?  Or is that somehow, not reading
                       the content?
                       \_ they're scanning for my benefit for something I would
                          do for myself.  google is scanning for their benefit
                          to insert ads which is something i would not do for
                          myself.  the difference should be obvious to anyone
                          not likely to gain financially from google's sucess.
                          again, are you an employee or other person likely
                          to benefit from the google ipo or other google
                          successes?
                          \_ I guess I wouldn't be scanning my mail, since
                             I don't run windows.... but no, I don't have
                             any stake in google at all.
        \_ Followup. Has anyone heard of http://his.com or webserve.ca? Both seem
           to provide web mail for around $5/mo.
2004/6/11 [Academia/Berkeley/CSUA/Motd, Computer/SW/SpamAssassin] UID:30756 Activity:nil
6/11    Anybody know what's the story with all this new German spam?
        At least it is easy to filter.
        \_ Now that you have discovered the German spam we will have to kil
           you.
           \_ you deleted my post.  Please use motdedit if you're not going
              to be careful.
              \_ do you have any idea what happened to the last guy that whined
                 about his post and motdedit?
2004/5/29-31 [Computer/SW/SpamAssassin] UID:30489 Activity:moderate
5/29    Using the required_hits field in spamassassin sorts between spam
        and ham.  Suppose I want it sorted into 3 ways.  Anything over 10
        is considered definately spam and deleted.  Anything between 4 and
        10 is considered maybe spam and saved to a file.  And anything
        less than 4 passes through.  How can I do this?
        \_ With a procmail recipe that looks for 10 or more "*"s in the
           spam hits header line and /dev/nulls those.
            \_ Thanks!
        \_ http://csua.com/?entry=11401
           Specific usage
            \_ why the 7th '\' in that example?
        \_ if you need help chaining the rules
           http://inst.eecs.berkeley.edu/cgi-bin/pub.cgi?file=procmail.help
                \_ Thanks.  I understand why there are 6 '*'s, each
                   preceeded by a '\', but why is there a 7th '\' at the
                   end?
                   \_ Looks like a typo to me
2004/5/27-28 [Computer/SW/SpamAssassin] UID:30456 Activity:moderate
5/27    Spammer sentenced to 3.5 to 7 years.
        http://www.reuters.com/newsArticle.jhtml?storyID=5278816
        \_ Yay!  Does he get a free ass raping?  Maybe he needs some
           m'ed'is(in3 40r mak-in(g h}i{s pe-ep&pee bi^gg$er!
        \_ Wasn't that the idiot who couldn't even make any money off his
           crappy identity theft/spamming scheme?
        \_ perhaps a better sentence would be to make them stay in jail until
           they've read every single email they ever sent out.
           \_ that's not harsh enough.
2004/5/25-26 [Computer/SW/SpamAssassin] UID:30419 Activity:very high
5/25    Has anyone noticed spamassassin missing quite a few recently?
        \_ yes, many.  Been gathering them to train the bayesian filter,
           hope that will help.  It's been quite a while since the last
           release...
        \_ Just installed the most recent yesterday and it's 20/20 correct and
           no false positives of about 75 in.
           \_ do you mean 2.63, or is 3.0 out?
              \_ 2.63.  I briefly considered 3.0alpha/beta but I prefer that
                 it just work.
2004/5/25-26 [Computer/SW/SpamAssassin] UID:30410 Activity:high
5/25    Phish to break up.  YAY!
        http://www.cnn.com/2004/SHOWBIZ/Music/05/25/phish.breakup.ap/index.html
        \_ But think of the poor acid dealers!
           \_ There's always more users.  No one ever OD'd on acid.
2004/5/24 [Computer/SW/SpamAssassin] UID:30389 Activity:high
5/24    If Mlocal is configured to use procmail, it will use my .procmailrc
        file without explicitly piping to procmail via .forward, right?
        \_ It's sort of the wrong question (You don't configure Mlocal to
           use procmail.  You add Mprocmail.) but yes.
2004/5/21 [Computer/SW/SpamAssassin] UID:30341 Activity:kinda low
5/21    In the following procmail example (found on a procmail help page),
        is there any reason for the extra ':' on the first line.  What file
        is being locked?  Even if one of the actions were writing to a
        file, wouldn't it be sufficient to just have the extra ':' right
        before that particular command, and NOT before the '{'?
                :0:  # forward jokes to my wossamatta u. account
                * ^From.*bob
                * ^Subject:.*(joke|funny)
                {
                :0 c
                ! rocky@wossamatta.edu

                :0
                | lpr -Pacsps
                }
2004/5/20-21 [Computer/SW/SpamAssassin] UID:30333 Activity:high
5/20    Stupid procmail question from a procmail newbie:
        Sometimes a line has ':0'.  Sometimes it's ':0c:'.
        What's the significance of the 2nd ':'?
        \_ http://www.zer0.org/procmail/mini-faq.html#syntax-colon
           \_ Thanks!  -op
        \_ OK, so this isn't working for me.  I want, under a certain
           condition, for a message to go to a certain folder AND be
           forwarded to a certain address.  I have:
                :0
                * condition
                {
                :0c:
                ${MAILDIR}/file
                :0
                !name@domain.com
                }
            Any idea why this doesn't do what I want it to?
            \_ Are you sure your condition is correct?
                 \_ Yeah.  It actually works.  I was confused.  The problem
                    is in the log file.  It only seems to log the last
                    command.  So, in the case above, it logs that it
                    forwarded the mail, but not that it saved it to the
                    file.  It would be nice to log both, not only the
                    latter.
                        \_ There's a "VERBOSE" option for .procmailrc which
                           should come in handy.  Just turn it off when you're
                           done or bounces will show to senders.
                        \_ You can use AND clauses
                             \_ Isn't that only for the condition?  Or can
                                one use that for the actions too?
                :0
                * condition
                !name@domain.com
                        :0 A:
                        ${MAILDIR}/file
                   \_ This doesn't work, but thanks.  It only logs the
                      1st action, and it doesn't seem to even do the 2nd.
            \_ I'm getting a lot of SPAM at root on one of my computers.
               Is there a good procmail rule to say "only accept mail
               from my domain, say http://berkeley.edu, and unqualified names,
               like those that may orginate on the local machine?
                :0 :
                * ^From:.*berkeley.edu
                $MAILDIR

                # send all other mail to dev null
                :0
                /dev/null
                \_ Wont this trash mail that come from just "root" with no
                   @ sign in the From field?
                   \_ special case it.
2004/5/11-12 [Computer/SW/SpamAssassin] UID:30173 Activity:high
5/11    Is there a sure way to sign an email up for lots of spam?
        \_ yeah I need to know too, my roomate fucked my my car and wouldn't
           pay for it
        \_ go sign up for a bunch of downloads online (quicktime, real audio,
           http://downloads.com, etc.), put down his email, then click "Yes, send
           me more information via email!"
           \_ But I want to have really BAD hardcore spams showing there,
              not just some legitimate but annoying promotinal offers.
                \_ try porn sites, posting to newsgroups. maybe try
                   signing up for a hotmail account (which is a magnet
                   for spam) and then have it forwarded to his email
                   accout.
        \_ troll some newsgroups.
           \_ How do I tracelessly forge email address?  Doesn't my ip
              get recorded and sent along as part of the header?
              \_ what do you care?  do you think spammers check for spoofed
                 headers when they try to harvest email addresses?
                 \_ Well, maybe someone will google his email addr and find
                    a forged posting under his name.
2004/5/6 [Politics/Domestic/California, Politics/Domestic/President/Bush, Computer/SW/SpamAssassin] UID:30047 Activity:high
5/6     Guys guys, PLEASE!!! 1 or 2 political posts are ok, but 8-10 posts
        on why Bush sucks, how his rating's decr, what he's doing wrong,
        that even the Rep. are losing faith, etc etc. is just too much.
        Most of the Sodans already hate eBush and are not gonna vote
        for him anyways, why not post something interesting and original?
        We have enough trash and spam to deal with already, please be nice
        and stop the motd spam.
        \_ learn to ignore shit if you don't want to read it.
        \_ Learn how to nuke the motd.
2004/5/3-4 [Computer/SW/SpamAssassin] UID:29966 Activity:insanely high
5/3     I just got some spam saying that Ed Meese is running for
        President. Is this true?
        \_ I just got some spam saying, "UR DIKI IZ 2SMAL $D GIRLZ!  UZE V'I
           AG'ReA FRUM M3 2 MAEK B1G DIKI!!".  Is this true?
           \_ What will Warren Buffet say about this?
2004/5/3-4 [Computer/SW/SpamAssassin] UID:29963 Activity:high
5/3     How good is gmail's sperm filtering?  I've considered stress-testing it
        but it seems a shame to spoil a spam-free account for an experiment.
        \_ you could make a sneakemail address and have it temporarily forward
           spam to your gmail account. --jameslin
        \_ I don't think gmail can filter any sperms.
2004/4/26-27 [Computer/SW/SpamAssassin] UID:13395 Activity:nil
4/26    Someone is using my domain as a return address to send a whole
        lot of spam (if the bounce messages I am receiving are any
        indication of quantity).  I know this because I receive any
        mail sent to my domain.  Is there anything that I can do about
        this?  The bounce messages are annoying but I am most concerned
        that I will end up on many spam filter black lists as a result.
        Thanks for your useful and humorous suggestions,
                \--mrehrer
        \_ many bounce messages contain the bounced message attached,
           complete with headers. this lets you have some idea of who
           is behind the spam. if you can shut down enough of their
           accounts, maybe they'll get the message and pick on someone
           less troublesome.
           \_ rofl... do you really think they keep their accounts a long
              time in any case?  Do you really think they know, or even care
              who reports them?  No.  They PLAN on having throw away emails,
              hosts, spam relays, etc.
              \_ rofl... you're an idiot. note the part where i said maybe.
                 a lot of this does depend on the particular circumstances,
                 but most spammers do have to perpetually try to stay one step
                 ahead, so why have more meddling than necessary if they can
                 just pick on an easier mark? op may want to try a service
                 like spamcop with a little more clout than the average joe.
           \_ If they're being hosted at a Good place, then sure, you might
              have a chance of shutting them down.  If they're on your system,
              then sure, you can shut them down completely.  If they're just
              using your domain as the nominal return address, and they're not
              hosted by a Good place, you may very well be SOL.  Unless, of
              course, you can find their Snail Mail address and make it
              physically unbearable to continue.
              \_ You may want to contact Matt Seidl (seidl@soda). He involved
                 himself in a lengthy lawsuit over exactly this sort of thing
                 a number of years ago. I don't know how his efforts panned
                 out. He used to keep a web page following events. -- ulysses
                 \_ http://www.wraith.com/seidl/lawsuit
2004/4/26 [Computer/SW/SpamAssassin] UID:13387 Activity:nil
4/26    Most spams/frauds are easy to spot, but what if someone from Africa
        wrote you with professing interest in buying stuff that your biz
        advertises?  Should one discount everything from Africa?
        \_ Has anyone ever actually replied to one of those spam emails
           asking for help transferring funds?  What happens when you contact
           them?  Do they then ask you for some money?
           \_ there are actually whole websites devoted to this topic. there
              are pictures of these people posing with the nigerians too.
              stfw for 419 related stuff.
           \_ http://419eaters.com is my favorite.
        \_ I would personally not take the risk, since it is probably 90%
           likely to be a scam. But if you do decide to do business with
           an unsolicited customer from overseas, make sure you have cash
           in hand before sending merchandise. Not a cashiers check, either.
           \_ Seconded.  You could also use an escrow agent.
              \_ Use http://www.escrow.com I was ripped off by a phoney escrow
                 agent that a seller suggested to me.
           \_ What's wrong with a cashier's check?
              \_ They can be faked.  Even if your bank puts the money in your
                 account, then can still take it back if the check comes back
                 phoney.
                 \_ Damn!  I didn't believe this, googled a bit.  That's pretty
                    depressing, so many gotchas out there... *sigh*
                    http://www.craigslist.org/about/scams.html  So is there any
                    way to quickly check whether a cashier's check is valid or
                    not?  Why can't this be immediate?
                 \_ Did you hear about the guy who got $100K in cash from
                    a phony check?
                    \_ Yeah! And then she dried her dog off in the microwave
                       oven and he exploded and turned into an alien and ate
                       her spine!
                       \_ Uhm, it's actually a pretty well documented story.
                 \_ I always thought cashier's check is as good as cash, and
                    that when I send out one I always assumed it's gone.
                    Guess regulations are always designed so that only
                    criminals can take advantage of it.
2004/4/20 [Computer/SW/SpamAssassin] UID:13278 Activity:nil
4/20    I got this on a spam's subject: "cum like a port actor".  What is a
        "port actor?"
        \_ Port actors will destabilitze the whole middle east.
        \_ If it's anything like aft actor, I'd be amazed.
        \_ It's someone who performs a porn star-boarding.
2004/4/19 [Computer/SW/SpamAssassin] UID:13270 Activity:nil
4/18    How are the bayes_seen and bayes_toks files updated in my homedir?
        (I filter my mail through spamc).
        \_ spamd changes to your uid and updates them.  This assumes that
           bayes_auto_learn is turned on in spamassassin's
           configuration file, and that a piece of spam is above the
           bayes_auto_learn_threshold_spam value or, conversely, a piece of
           nonspam is below the bayes_auto_learn_threshold_nonspam value.
           If they're not set to your liking in the systemwide spamassassin
           configuration file, you can turn them on in your
           ~/.spamassassin/user_prefs file.  Of course, auto learning doesn't
           do much good since it's only going to learn stuff that is
           *definitely* spam or *definitely* not spam, and spamassassin
           can already identify those.  Consider manually running
           sa-learn --spam on your spam folder if you have one,
           and sa-learn --ham on your non-spam folders.  It really helps.
           -dans
2004/4/6 [Computer/SW/SpamAssassin] UID:13028 Activity:low
4/6     Did something happen recently to spamassassin which causes it to
        put annotated spam in your inbox instead of your ~/spam directory?
        \_ Check yer quota dude.
2004/4/5-6 [Computer/SW/SpamAssassin] UID:13026 Activity:nil
4/5     [spam is not intriguing]
        \_ Everthing happens according to God's holy plan. There is a deeper
           message to your spam that you would realize if you only opened
           your heart.
2004/4/2-3 [Computer/SW/Languages/Misc, Computer/SW/SpamAssassin] UID:12993 Activity:nil
4/2     Interesting.  Now I'm seeing spams that consist entirely of HTML
        mail containing Javascript code that reads characters from a
        numerical array - the spam consists of little more than a list of
        numbers.  Funny that spam detection techniques have slowly pushed
        the spammers into making their mail illegible.
        \_ but that's easy enough to filter.  what legitimate reason is there
           to allow javascript in email? (heck, I still think there are few
           good reasons for HTML mail at all...)
           \_ I think rich-text-format is good enough.  No need to go HTML.
           \_ there was never any reason to allow html in email.  or really
              i should say the disadvantages overwhelm the minor advantages.
2004/4/1-2 [Computer/SW/SpamAssassin] UID:12980 Activity:high
4/1     Spammer gets seven years in prison:
        http://uk.news.yahoo.com/040402/325/eq4ri.html
        \_ Should be shot.
2004/3/19-20 [Computer/SW/SpamAssassin] UID:12760 Activity:nil
3/19    I now have a 10mb LSPAM file.  Can I get rid of this thing so I don't
        have worry about my quota anymore?
        \_ man rm
        \_ Were you trying to amass a decent body of spam, or is that just
           the result of using ifile/spamassassin?  If a), then just train
           your categorizer and delete.  Otherwise, delete.
2004/3/18 [Computer/Companies/Yahoo, Computer/SW/SpamAssassin] UID:29873 Activity:moderate
3/18    How is it that I attach a 167k jpeg to send via yahoo, and once
        it's attached, it's now 222k?
        \_ because it encodes the file in a format that isn't as compact
           \_ So when yahoo or hotmail says there is a 500k limit on the
              size of an attachment, are they referring to the original, or
              the encoded version?
        \_ because it came in contact with one of the spam mails advertising
           to grow your member.
2004/3/16 [Computer/SW/SpamAssassin] UID:12697 Activity:nil
3/16    How do I tell spamassassin that if it sees certain subject, To:
        field, or whatever, to increase the number of spam points?
        \_ Put it in your user_prefs. RTFM.
2004/3/16 [Computer/SW/SpamAssassin] UID:12694 Activity:high
3/16    If you knew someone was a spammer (a stranger), would you
        want to beat the person up?
        \_ was it good spam or bad spam?
           \_ can any spam be good?
              \_ spam & eggs. yum.
        \_ I'd throw a can of SPAM through their window.
           \_ And waste a perfectly good can of spam?
              \_ there's an infinite supply. no worries.
        \_ Here is an interesting question to full time spammers (people who
           get paid writing and sending spam). WHAT THE HELL WERE YOU THINKING
           KNOWING THAT YOU'VE ANNOYED 99% OF THE PEOPLE?
           \_ I'm laughing on my way to the bank with the fortune I made from
              the other 1%.
              \_ I believe if just 1 in 100,000 respond, they profit. And there
                 is no shortage of people who will do anything for a bigger
                 penis.
              \_ Are you on the ROKSO list of known spammers?
            \_ Are there full time spammer on csua?  I remember at least one
               member had a list of all soda email addresses on his web page.
                \ REALLY?  I hope he was squished, right?
        \_ I would want to kill them. I believe in vigilante action against
           spammers.
2004/3/15-16 [Computer/SW/SpamAssassin] UID:12665 Activity:nil
3/14    Right, so spamassassin, while working like a charm, has generated a
        2.5mb bayes_toks file.  If I delete this, will I have undone every
        bit of learning the program has done?
        \_ umm, obviously?
        \_ no, it's only a backup.  the real data is stored in zero-point
           energy fields.
2004/3/6-7 [Computer/SW/Security, Computer/SW/SpamAssassin] UID:12550 Activity:kinda low
3/5     This is fantastic.  Free instant access no verification email account.
        See the page for details.
        http://www.mailinator.com/mailinator/Welcome.do
        \_ The first time a spammer runs a dictionary attack against them,
           they are toast.
           \_ Mmmm... pointless comment.
           \_ not my problem.  it works right now.  why would a spammer bother?
              everyone is  a potential DOS victim on the net.
              \_ gee, why would a spammer bother to set up a bunch of free
                 access no verification email accounts?  I can't imagine...
2004/3/4-5 [Computer/SW/SpamAssassin] UID:12514 Activity:nil
3/4     When was the last time you were fooled in opening a spam?
        How were you fooled?
        \_ A couple weeks ago.  Name was familiar, and subject was "hey".
           \_ spamassassin didn't catch it?
                \_ spamassassin is no god.  it works pretty well.  I haven't
                   seen any filter can filter out spam 100% and easy to set
                   up.  My spams cerntainly got cut down dramatically.  Only
                   a few keeps fall through no matter how I keep using sa-learn
                   on them.  But it is definitely way better than when I only
                   used procmail to filter them.
        \_ That Osama game sent via AIM a few weeks ago.
        \_ An eBay scam a month or two ago.  It looked like it really was from
           eBay, but the URL wasn't a real eBay survey.  I was pissed at myself
           for clicking on the link because I'm sure it verified my email.  Oh
           well, haven't seen an increase in spam in spite of my worries.
           \_ don't worry, you will.
2004/3/3 [Computer/SW/Virus, Computer/SW/SpamAssassin] UID:29850 Activity:nil
3/3     HAHAHA.  This virus mail was funny enough that I had to share:
        Dear user of http://Berkeley.EDU,

        Your e-mail account  will be disabled because of improper  using  in
        next three  days, if you are still  wishing  to  use it, please,
        resign your account information.

        Pay attention on attached file.
        ["attached file" is something called Document.zip]
        \_ Kind of interesting to see a worm combined with a phishing scam.
2004/2/12 [Computer/SW/SpamAssassin] UID:12224 Activity:nil
2/11    What is the efficient soda way to use SpamAssassin?  I have
        7MB of related files in my home directory, which seems
        silly.  a big spamassassin file, and then soem big files
        in .spamassassin/
        \_ ifile
        \_ man spam
          \_ hey thanks, dickwads.  Even more helpful though would
             be a direct answer.
2004/2/10 [Finance/Shopping, Computer/SW/SpamAssassin] UID:12185 Activity:kinda low
2/9     I'm planning to go to New Zealand at the very end of December. Can
        you recommend a local (Bay Area) travel agency?
        \_ Why bother with a travel agency?  I've never understood this.
           \_ They can often get you better fares since they have
               allocations of cheap tickets long after you cannot buy them
               retail.
                \_ Good luck getting cheap tickets to new zealand for the
                   end of December.
        \_ I got good prices from Air New Zealand's web site for my Nov.
           trip.  Dec is more, but you should at least try there and make
           sure you can't get the ticks there cheaper than through an agent.
           But they do kinda spam the address I gave them.  -crebbs
           \_ ANZ has a $999 roundtrip special running until Nov. to celebrate
              adding SFO to their route, but no specials after that.  I'll
              keep an eye on them, though, thank you. --OP
        \_ Don't forget to bring your ozone layer.
           \_ At least I don't have to bring my own Hobbit clothing:
              link:csua.org/u/5xe (jpg)
2004/2/6-7 [Computer/SW/SpamAssassin] UID:12145 Activity:nil
2/6     I got a 'phishing' spam email.  The phishing site gets DNS and
        registration from Yahoo Domains.  I've tried emailing Yahoo to get them
        to revoke the registration, but no luck, and their phone trees are
        designed to prevent me from talking to anyone.  Anyone know the super
        secret email or abuse phone numbers?
        \_ (408) 349-3300 x 0
           \_ Tried that without the extension and got the runaround....
              Ok, they gave me a different phone number that really just points
              to another branch of the same phone tree.  That tree just sent me
              to a person who said "I can't do anything.  Send us email."
              No wonder most companies sue first and ask questions later.
2004/2/6 [Computer/SW/SpamAssassin] UID:12141 Activity:nil
2/6     procmail folks:  I'd like to filter a mail iff it matches 2 dif rules
        the below doesn't work, what should i do? (besides rtfm :)
:0
* ^From: Mail Delivery Subsystem*
* *Dis address be full, (myguysforward_address@@yahoo.com)*
mail/trash
        \_ Put one rule and then in an inside block put the other rule.
           I don't know how deep procmail rules can go, but your case is
           easily handled.
2004/1/31-2/1 [Computer/SW/SpamAssassin] UID:12048 Activity:nil
1/30  Has anyone else been getting these creepy messages/spams from Word
      Of Mouth Connection?  They say "someone is requesting information on
      you," but in order to find out who, you have to pay money.  Seems like
      a total scam, and a seemingly very effective one as it plays on your
      natural paranoia.
      \_ sounds just like the secret crush/admirer spam.
      \_ Yes.  And I've blocked about 12 of their domains so far.  It's just
         spam shit.  Here's my sendmail access file so the rest of you can
         avoid adding them one at a time:
      \_ http://www.choam.org/tbp/weblog/2003/11/26/000132

womc.info       REJECT
http://womc.net        REJECT
http://womc.com        REJECT
wordofmouthconnection.info      REJECT
<DEAD>wordofmouthconnection.net<DEAD>       REJECT
http://wordofmouthconnection.com       REJECT
wordofmouthreports.info         REJECT
<DEAD>wordofmouthreports.com<DEAD>          REJECT
<DEAD>wordofmouthreports.net<DEAD>          REJECT
<DEAD>wordofmouthconnections.org<DEAD>      REJECT
<DEAD>wordofmouthconnections.com<DEAD>      REJECT
http://wordofmouthconnections.net      REJECT
<DEAD>wominfo.net<DEAD>     REJECT
<DEAD>wominfo.org<DEAD>     REJECT
<DEAD>wominfo.com<DEAD>     REJECT
2004/1/31-2/1 [Computer/SW/SpamAssassin] UID:12047 Activity:nil
1/30  So, if i'm using spamassassin -p /my/prefs/file and want to change to
      spamc, can I?  I maned spamc and didn't see a analogous flag.
        \_ Currently, you can't; the protocol spamc uses to talk to spamd
           doesn't include any way to specify which prefs file to use.
           This wouldn't be too hard to add, though, if you think it would
           be useful -- let me know.  --mconst
2004/1/28-29 [Computer/SW/SpamAssassin] UID:11989 Activity:nil
1/28    invoke 'spamc' and not 'spamassassin' from your .procmailrc

        11:19AM  up 15 days, 18:26, 155 users, load averages: 4.69, 3.58, 3.22

        grep -Hs spamassassin `locate /.procmailrc | grep 'procmailrc$'`
        \_ is spamc reliable now?
           \_ No problems with it since I started using it (2 months ago)
              \_ If spamd crashes then I get a deluge of spam.
                 \_ If spamd crashes mail ROOT.
2004/1/21 [Computer/SW/SpamAssassin] UID:11866 Activity:nil
1/21    spamassassin is failing to tag messages like the following:
        "Genierc and Sepur Viarga (Caiils) available oinlne!
        Most trusted online source!
        Cilais or (Spuer Vagira)
        takes afecft right away & lasts 24-36 huors!
        FOR SUEPR VAIRGA TOCUH HERE
        Genierc Virgaa
        costs 60% less! save a lot of $.
        FOR VIGARA TOCUH HERE"
        What are some ways to deal with this? I've tried blacklisting but
        it's getting futile because they keep changing their address. Thanks,
                                                -desperately failing
        \_ check the headers of some of these messages for the Habeas header.
           there is a viagra spammer abusing the header right now. SA honors
           the header and deducts ~8 points. If this is true, disable habeas.
           \_ It's not using habeas, it's just not scoring high.
          X-Spam-Status: No, hits=x.x required=5.0 tests=HTML_20_30,HTML_MESSAGE
        \_ retrain
                \_ no, because at the end of these mails they put random
                   common valid words and training would increase the
                   chance of false positive making spamassassin less powerful.
                   If I'm not wrong, spammers are getting smarter and smarter
                   and as long as we have to worry about these things, they're
                   winning the war
                   \_ Nuke the site from orbit.  Its the only way to be sure.
        \_ I have the same spams and use SA too and I've noticed that while the
           spellings change, 'TOCUH HERE' stays the same.
           \_ Until it doesn't...
        \_ sounds like some kind of typo count would be very good at spam ID
           \_ I used motdedit and you overwrote my post.  Bad sodan!
              \_ I used me, too. you got the wrong guy.  The guy who overwrote
                 your post posted this: "is that what he really did? And ..."
           \_ But then drunk people can't send email!
        \_ I hate spam but occasionally I get one that totally cracks me up and
           that almost makes the rest worthwhile. Anyone else enjoy the
           'white trash sluts' spam a little too much?
2004/1/21 [Computer/SW/SpamAssassin] UID:11859 Activity:nil
1/20    I'm started to get perfectly legit looking spam (not in black list,
        not in Razor, not in SpamCop, etc etc). Look:
         X-Spam-Status: No, hits=2.8 required=5.0
                        tests=HTML_10_20,HTML_MESSAGE,NORMAL_HTTP_TO_IP
                        version=2.55
        I even use sa-learn on --ham and --spam mboxes, and it was cool
        for a while till recently. What should I start doing?
        \_ Upgrading to a more recent spamassassin version might help (the
           current release is 2.63).
           \_ just continue to ignore me: i'm using a very old version and
              don't have these problems.  you know why?  no one is tweaking
              their spam to my version.  go ahead, get on the upgrade
              treadmill.  see what i care.
        \_ Unplug and chill.
2004/1/20 [Computer/SW/SpamAssassin] UID:11853 Activity:high
1/20    spam filter poll. did you use only one and are happy, or have
        you tried one, then switched to the other, and are happy?
        spamassassin: ..
          \_ Constantly need to tweak .spamassassin/user_prefs
        ifile: ..
               \_ Blocks 60 per day with 1 false positive every couple of
                  months. -scotsman
                \_ been usin' ifile, but I get soo much spam it what it lets
                   through is still ridiculous.
                   \_ Do you retrain? -scotsman
        ifile, then spamassassin:
        spamassassin, then ifile:
        none of them work:
        misc:
        SA, then ifile, then SA+ifile: very happy.  If SA+ifile thinks it's
        spam, then it's spam.  If just ifile thinks it's spam, it's almost
        certainly (95%) spam.
        \_ just a comment on false positives.  One false positive a month
           is bad.  Why?  Who wants to go through their whole spam folder
           daily looking for false positives?  If you get to the point
           where you don't double-check for false positives, that means
           false positives = unreceived personal email = very bad.
           \_ going through a spam folder every few days is a lot less of
              a pain in the butt than having all your real email squished
              inbetween the spam.  It takes like 30 seconds to scan the
              subjects and say "nope, all spam, nuke it".
           \_ Well, duh.  If I were depending on email for my job, I wouldn't
              run a spam filter.  But my soda mail is just personal email,
              and anyone who sends there has my cell number, so it's simply
              a convenience to use a spam filter.  If a false positive is
              a big deal, don't filter at all.  Nothing gives 0 false
              positives. -scotsman
              \_ ifile gives way more false positives than spamassassin,
                 so if that's your concern, you shouldn't use ifile.  In my
                 experience, ifile also lets way more spam through, but
                 because it's Bayseian it depends on the type of spam and
                 regular mail you get.  -tom
              \_ Combining SA+ifile (SA blocks score 5 or higher) has never
                 given me a false positive.  I might as well be sending that
                 to /dev/null.  I do review the stuff that one xor the other
                 flags as spam, which turns up 1 false-positive every 3-4
                 months
        \_ SA works great, as long as the version is recent. I use
           SA here and SA + yahoo junk mail filter on my well account,
           which I give out to marketers.
        \_ spamprobe works well for me.  in the three months i've been
           using it, it has not had a false positive.  to me, this is very
           important because i don't want to spend time to going through
           the spam folder looking for that one non-spam email.  its false
           negative rate is comparable to ifile in my experience.  the one
           downside is that the db file is ridiculously huge.
2004/1/19-20 [Computer/SW/SpamAssassin] UID:11837 Activity:very high
1/19    Procmail Question: I'm trying to figure out how to use '{}' for
        spam filtering. I want to delete everything with a score of 6 or
        higher, but put other stuff into a spam folder. What I have is
        below, any pointers/tips would be appreciated. tia.

        :0
        * ^X-spam-status: Yes
        {
                :0 w: $SPAMFOLDER/$LOCKEXT
                * ^X-Spam-Level: \*\*\*\*\*\*
                /dev/null

                :0 w: $SPAMFOLDER/$LOCKEXT
                $SPAMFOLDER/.
        }
        \_ Looks ok at first glance.  Test it and if it works, great.  I don't
           use named lock files.  Unless you get a *lot* of mail you probably
           don't either.  Oh yeah, you can do better than scanning the whole
           message.  RTFM to get the syntax for checking only headers.
           \_ IIRC, procmail only examines headers by default.  I believe
              that checking the body requires an explicit flag.  It's in the
              procmailrc man page, and the op seems smart enough so he/she
              can probably figure it out.
2004/1/14-15 [Computer/SW/SpamAssassin] UID:11775 Activity:nil
1/13    So I put "blacklist_from mailbride.ru" and it's still getting through,
        and spam assassin didn't treat it any different (the point system
        didn't change). What's up with that?
        \_ you didn't RTFM.
    # Whitelist and blacklist addresses are now file-glob-style patterns, so
    # "friend@somewhere.com", "*@isp.com", or "*.domain.net" will all work.
2004/1/7-8 [Computer/SW/SpamAssassin] UID:11711 Activity:very high
1/7     Anyone else having problems with email sent from csua being
        considered Yahoo spam?
        \_ Their spam detection has been going whacko for weeks.  They
           have some major people pissed at them for it. --scotsman
        \_ Hmm, yup. Never had a problem before sending email from here to my
           yahoo account before until just now. Even marking as "Not Spam"
           doesn't help.
           \_ I think spam filters mark messages with "Not Spam" as spam.
              \_ I think we're talking about two different things. In Yahoo
                 Mail, when you're in your Bulk Folder, you can click on a
                 message and click the button "Not Spam". And supposedly,
                 the spam filtering engine learns from this and won't mark
                 this email address as spam again in the future.
           \_ Yahoo has rejected csua email a couple times in the past,
              thinking that soda.csua was an open relay.  Check the motd
              archive.
           yahoo account before until just now. Even marking as "Not Spam"
           doesn't help.
        \_ They block all sorts of shit seemingly at random.  It's for your
           own good.  Just stop using Yahoo.

e/7     I haven't been doing very much career-maintenance (don't know J2EE,
        .NET, web services, etc.). What are the preferred ways (by employers)
        to pick up experience in current stuff?
        \_ by employers, buy your own books. by employee, get them to pay for
                 \_ Nice catch-22!  You get the "uselessly stupid reply" award
                    for the week!
        classes, books etc.
           \_ Sorry, I should have specified that I meant "prospective
              employers."
              \_ get a job using the current stuff.
                 \_ Nice catch-22!  You get the "uselessly stupid reply" award
                    for the week!
        \_ .Net = .Dead
           \_ I'm actually seeing a lot of jobs for people with experience
              with .NET and SQL Server. -op
              \_ my father in law has been a software engineer at a big
                 insurance company for the last 25 years, and he's being
                 forced to learn .net by his employer.  of course, this same
                 company is forcing their new hires to learn COBOL also.
              \_ where at? - turin
                 \_ various posts on craigslist
                   \_ thanks
        \_ get Microsoft Certifications (MCSD)
2004/1/6 [Computer/SW/Mail, Computer/SW/SpamAssassin] UID:11693 Activity:nil
1/6     I wanna post to newsgroups but not with my real email address
        due to spam. What are some ways to get around it? Thanks.
        \_ hack your nntp client!
        \_ why are you using a client that uses your real email?  go sign
           up for a real usenet service if you care or use a bogus spam-only
           email address.
2004/1/2-11 [Computer/SW/SpamAssassin] UID:11646 Activity:low 54%like:10317
1/2     SpamAssassin 2.61 installed (finally); bugs to mconst.
        \_ if you specified "| spamassassin" in your .procmailrc recipe,
           please change to "| spamc" instead -- it is lighter weight/faster.
        \_ now that sa does bayesian analysis, what are the pros of ifile?
           \_ It's the standard.
              \_ Who thinks that, other than you? Do you have URL or
                 anything suggesting that "it's the standard"?
              \_ like IDS, it is better to us spam catchers that are NOT
                 the standard.  -phuqm
        \_ Spam Assassin rocks...  Say goodbye to the Nigerian scam, toner,
           FREE VIAGRA, and the lot.  Awesome.
           \_ Thanks, joshk
        \_ 3 days of spam-free inbox and counting.  Thank you!
           \_ It's only a matter of time before those fuckers figure out how
              to get past the filters again.
        \_ I'm loving it!  It's great, Thanks.
           \_ Damnit. My brain immediately coughed up McDonald's. Yay America!
        \_ Thanks.
           \_ I did this. The next day there was lots of spam and no indication
              that spamassassin had been working. I also see nothing via ps
              to indicate a spamassassassin-related process running. I'm
              switching back to the old executable line because I know it
              works.
              \_ please don't do that:  spamc and spamd work together,
                 and they are much more efficient.  If everybody ran
                 "| spamassassin" like you do, soda would be really slow.
                  /usr/local/bin/spamc   man spam    ps aux | grep spamd
                  \_ If it worked for me as you have it here, I would use it.
                     It doesn't, so I don't.
              \_ Not to mention, spamc is forked by procmail only at the
                 receipt of new mail- it's pretty transient.   RTFM.
                 \_ Uh-huh, but spamd or some such should show up via
                    'ps -aux' regardless.
                    \_ try 'ps -auxww' you ingrate.
                      \_ How dare you post useful information! (thanks)
              \_ IFile still catches about 50% more of my spam than SA
                 \_ SA caught 137 spams for me with one false positive.
                    No spam got through for me. -ausman
              \_ I also switched from spamassassin to spamc and there was
                 no indication it worked. Maybe that's why it's so fast!
              \_ spac is a standalone program, no need to call perl
                 was that your problem? it bit me
              that spamassassin had been working. I'm switching back to the old
              executable line because I know it works.
              \_ Could you please send me mail, so I can try to figure
                 out what's going wrong?  --mconst
                 \_ I'll try switching to spamc again today. If it appears to
                    not be working when I check mail tomorrow, I'll mail you
                    then. Thanks.
              \_ okay, here's exactly what you do, put these in your
                 .procmailrc before your other recipes:
                :0fw
                | spamc

                :0:
                * ^X-Spam-Status: Yes
                <spam-folder-name>

                ======================
                next if you have any spams that fall through, you sa-learn
                to teach SA to filter those.  See man sa-learn
        \_ two stupid questions:
           1. is there a better way to invoke procmail than through .forward?
           2. is there a better way to disable the report text with spamc than
              spamc -c ?
           \_ 1. you don't need .forward at all, just .procmailrc
              2. man Mail::SpamAssassin::Conf, or just put "report_safe 0" in
                 ~/.spamassassin/user_prefs
              \_ 1. what calls procmail then?
                 2. man Mail::SpamAssassin::Conf
                    -> No manual entry for Mail::SpamAssassin::Conf
        \_ I'm having a problem with sa-learn, it keeps telling me:
           soda [34] sa-learn --spam /tmp/uncaughtspam_20040109
           Learned from 0 message(s) (1 message(s) examined).
           However, I have over 250 spam messages in the file. -gsu
           \_ RTFM: "sa-learn --spam --mbox /path/to/mbox"
              \_ I RTFM and the man page must be out of date because it says:
       Use this tool to teach SpamAssassin about these samples,
       like so:

                   sa-learn --spam /path/to/spam/folder
                   sa-learn --ham /path/to/ham/folder
                 Thanks though, because --mbox works.
                \_ notice that the example says /path/to/spam/folder, NOT
                   /path/to/spam/mboxfile.  Without --mbox, it's expecting you
                   to point it to a folder containing each message as a
                   file.
2003/12/31 [Computer/SW/SpamAssassin] UID:11624 Activity:nil
12/30   What's the best way to sign up for spam mail? I want to set an account
        that collects spam for analysis, thanks.
        \_ post to usenet, post your resume (fake one, obviously) to the net,
           put your email on some mailing lists, and the best way is to
           put your email on some maillist lists, and the best way is to
           respond to any spams you do get from these other sources.
        \_ Best way is to post e-mail address on web pages that are linked to
           from sites already in the search engines.
2003/12/29-30 [Computer/SW/OS, Computer/SW/SpamAssassin] UID:11602 Activity:nil
12/28   I have been seeing lots of messages like this one in my .procmail/log
        file recently:
        ## procmail: Kernel-lock failed
        ## procmail: Kernel-unlock failed

        I think this started happening after the last reboot. Could it
        be hapening because something went wrong with soda patches?
        Was a new kernel patch installed before reboot?
        \_ Check if you have a random filename.lock file in your delivery
           directory.
        \_ The last reboot was only because of a hang...nothing changed.
           \_ That doesn't mean nothing changed.
              \_ no software was modified.  sure the date changed.  so did
                 the phase of the moon, fuckwad.
                 \_ you don't know that.  you can't know that.  and no need to
                    be childish about it.  you're just wrong.  accept and
                    move on.
2003/12/26-27 [Computer/SW/SpamAssassin] UID:11595 Activity:nil
12/26   SpamAssassin on soda in SERIOUS need of upgrade to latest version.
        Got 36 spams in my inbox just since yesterday.
        \_ Have you e-mailed root or VP and offered?
        \_ I use the latest version and I STILL get a lot of spams. It seems
           as if the spammers are getting smarter and smarter with their
           spam contents that get flagged with very little points. *SIGH*
           Fighting spam is like fighting AIDS. You think you can get rid
           of it permanently with the tri-cocktail dosage, and BAMM! It
           comes back and you have no choice but to use other drugs to
           suppress it, and the cycle goes on and on...
           \_ sounds like you didn't turn on the bayesian classifier.
           \_ I mostly having problem with Blomingdale spam. and Bayesian
              filter is not doing the job.
        \_ I use an ancient version and it works fine.  User error.
2003/12/19-20 [Computer/SW/SpamAssassin] UID:11527 Activity:nil
12/18   SpamAssassin failed to block 54 spam emails since yesterday.  What
        happened?
        \_ It doesn't help that csua's version is more than half a year
           old... (2.54)
        \_ Yeah, since last week or so, SpamAssassin hasn't been doing
           quite as well as it had been previously for me. I noticed that
           the number of spams i've been getting has increased, but so
           has their form. I'm hoping SpamAssassin adjusts soon to the
           new spam styles.
           \_ I've noticed a lot of spams with a score of 0.
              Methinks spamers are testing against recent releases of SA.
              \_ Duh.  One of the main reasons SA is useless in the long run.
                 \_ yeah, just like anti-virus software is useless.  Get a
                    clue.
                    \_ It's all about economics.  Spammers have an economic
                       incentive to get that mail through, so they'll take
                       the time.  Viruses seem to be more for the intellectual
                       challenge, or immature dick waving.  I deal with this
                       stuff every day, man.  --scotsman
                       \_ Except for those trojans which are used to insert
                          spam into your folder.
        \_ Latest subject heading i've received:
           "you have a small weeinner and need to do something"
        \_ I wrote a quick tutorial on using ifile + spamassassin together.
           The combo works well because if one filter misses, the other
           catches it.  And if both label a message spam, then you can be
           quite certain that it's not a false positive.
           /csua/tmp/ifile_tutorial             -- mjm
           \_ Thank you, but I'm confused on step 2.  Where do I put these
              lines?
              \_ Sorry, you just run them from the command line.
                 You'll need at least one piece of spam to learn on,
                 more is better.
           \_ should be labeled ifile+spamassassin+PINE
2003/12/16 [Computer/SW/SpamAssassin] UID:11467 Activity:kinda low
12/16   Anyone here speak procmail?  Can you please tell me what the
        following means:
        procmail -f someone@somewhere.com -t -Y -a  -d mylocaluser
        this is from a 'ps'.    mylocaluser is a user on my box.
        [formatd]
        \_ it's all in the man pages.  that's all anyone else here would do.
2003/12/12-13 [Computer/SW/SpamAssassin] UID:29715 Activity:kinda low 66%like:11422
12/12   Has anyone used ask (active spam killer) before?
        http://www.punani.net
        \_ I'd much rather have an active spammer killer.
           \_ Why do you hate capitalism?
              \_ Because I love communism.
2003/12/12 [Computer/SW/SpamAssassin] UID:11422 Activity:nil 66%like:29715
12/12   Has anyone used ask (active spam killer) before?
        http://www.paganini.net/ask/index.html
        \_ I'd much rather have an active spammer killer.
           \_ Why do you hate capitalism?
2003/12/10-11 [Computer/SW/SpamAssassin] UID:11401 Activity:nil
12/9    How do I change .procmailrc so that if spamassassin flags it with
        50 points or over, it will go to /dev/null instead of mail/spam?
        \_ This has been asked about 3 times in the past few months.
        :0
        * ^X-Spam-Level: \*\*\*\*\*\*\
        /dev/null
        This will nullify anything with 6 points or over
2024/12/24 [General] UID:1000 Activity:popular
12/24   
Results 151 - 300 of 326   < 1 2 3 >
Berkeley CSUA MOTD:Computer:SW:SpamAssassin:
.