You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by ram <ta...@gmail.com> on 2010/02/01 05:42:39 UTC
Re: how can i finetune to spamassassin to handle spams
On Fri, Jan 29, 2010 at 7:58 PM, Bowie Bailey <Bo...@buc.com> wrote:
> ram wrote:
> >
> >
> > The rules in /usr/share/spamassassin are the original rules from the
> > install. If /var/lib/spamassassin/3.002.005 exists, those rules
> > will be
> > used instead. You can verify which rules are being used by
> > running this
> > command:
> >
> > $ spamassassin --lint -D 2>&1 | grep "read file"
> >
> >
> > spamassassin --lint -D 2>&1 | grep "read file"
> > [26114] dbg: config: read file /etc/mail/spamassassin/init.pre
> > [26114] dbg: config: read file /etc/mail/spamassassin/v310.pre
> > [26114] dbg: config: read file /etc/mail/spamassassin/v312.pre
> > [26114] dbg: config: read file /etc/mail/spamassassin/v320.pre
> > [26114] dbg: config: read file
> > /var/lib/spamassassin/3.002005/updates_spamassassin_org.cf
> > <http://updates_spamassassin_org.cf>
> > [26114] dbg: config: read file /etc/mail/spamassassin/local.cf
> > <http://local.cf>
> > [26114] dbg: config: read file
> > /var/lib/spamassassin/3.002005/updates_spamassassin_org/
> 10_default_prefs.cf
> > <http://10_default_prefs.cf>
> > [26114] dbg: config: read file
> > /var/lib/spamassassin/3.002005/updates_spamassassin_org/
> 20_advance_fee.cf
> > <http://20_advance_fee.cf>
> [snip]
> > [26114] dbg: config: read file
> > /var/lib/spamassassin/3.002005/updates_spamassassin_org/72_scores.cf
> > <http://72_scores.cf>
> > [26114] dbg: config: read file
> > /var/lib/spamassassin/3.002005/updates_spamassassin_org/80_additional.cf
> > <http://80_additional.cf>
>
> So you are running from the updated rules...
>
> > To see if you have the latest rule, cd to
> > /var/lib/spamassassin/3.002005/updates_spamassassin_org and do this:
> >
> > $ grep FH_DATE_PAST_20XX 72_active.cf <http://72_active.cf/>
> >
> >
> > grep FH_DATE_PAST_20XX 72_active.cf <http://72_active.cf>
> > ##{ FH_DATE_PAST_20XX
> > header FH_DATE_PAST_20XX Date =~ /20[2-9][0-9]/ [if-unset: 2006]
> > describe FH_DATE_PAST_20XX The date is grossly in the future.
> > ##} FH_DATE_PAST_20XX
>
> and you are up to date on this rule.
>
> > You should see this rule if you have the latest update:
> >
> >
> > header FH_DATE_PAST_20XX Date =~ /20[2-9][0-9]/
> > [if-unset: 2006]
> >
> >
> >
> > yes i see that line, i belive now thats, after update the sa-update
> > and rules taking updated files.
>
> Are you still seeing false positives with this rule?
>
> > iam still in confuse, how can i fine tune sitewide rules to send all
> > the users to send spam mails to one user ID
> > and configure rule to calculate based on that user
>
> I am not following this. Please restate the question.
>
hi
what i am looking is
iam looking sitewide, not userwide
so if the user feel its spam mail, he will send that mail to another email
of local account,
from there i want to choose the bayes learn and decide what is spam and what
is not spam
hope i explained well i feel
Ram
Re: how can i finetune to spamassassin to handle spams
Posted by Bowie Bailey <Bo...@BUC.com>.
ram wrote:
>
>
> On Mon, Feb 1, 2010 at 10:23 PM, Bowie Bailey <Bowie_Bailey@buc.com
> <ma...@buc.com>> wrote:
>
> ram wrote:
> > hi
> >
> > what i am looking is
> >
> > iam looking sitewide, not userwide
> >
> > so if the user feel its spam mail, he will send that mail to another
> > email of local account,
> > from there i want to choose the bayes learn and decide what is spam
> > and what is not spam
> >
> > hope i explained well i feel
>
> Yes. Makes much more sense this time! :)
>
> You can do something similar to that, but if you do a normal forward,
> you will generally lose the header information. There are two basic
> ways to do it.
>
> 1) Have the user copy the emails to a local spam folder and then
> have a
> process that collects the mail from those folders and learns from
> it on
> a regular basis. This is easy to do if you are using IMAP or webmail
> since everything is on the server. If you are using POP3, it gets
> more
> complicated since everyone's mail folder is on their own computer.
>
> 2) Have the user forward the mail as an attachment. This will usually
> preserve the headers depending on the mail client. The downside
> is that
> you then have to extract the original mail from the attachment before
> you can learn from it and you have to teach your users how to forward
> mail as an attachment.
>
>
> yes i do have different users
> some use webmail and some use outlook and outlook exress
> diffrent clients using pop3ssl
>
> iam not sure how can i ask user to send spam mail as attachment to
> some user@domain.com <ma...@domain.com>
>
> if spammers know we are allowing user@domain.com
> <ma...@domain.com> everything, they start filling with spam ?
>
> is this correct ?
How to send as an attachment depends on the client.
If spammers start sending spam directly to that address, then you just
get more spam to learn from. That sounds like an added bonus rather
than a problem.
--
Bowie
Re: how can i finetune to spamassassin to handle spams
Posted by ram <ta...@gmail.com>.
On Mon, Feb 1, 2010 at 10:23 PM, Bowie Bailey <Bo...@buc.com> wrote:
> ram wrote:
> > hi
> >
> > what i am looking is
> >
> > iam looking sitewide, not userwide
> >
> > so if the user feel its spam mail, he will send that mail to another
> > email of local account,
> > from there i want to choose the bayes learn and decide what is spam
> > and what is not spam
> >
> > hope i explained well i feel
>
> Yes. Makes much more sense this time! :)
>
> You can do something similar to that, but if you do a normal forward,
> you will generally lose the header information. There are two basic
> ways to do it.
>
> 1) Have the user copy the emails to a local spam folder and then have a
> process that collects the mail from those folders and learns from it on
> a regular basis. This is easy to do if you are using IMAP or webmail
> since everything is on the server. If you are using POP3, it gets more
> complicated since everyone's mail folder is on their own computer.
>
> 2) Have the user forward the mail as an attachment. This will usually
> preserve the headers depending on the mail client. The downside is that
> you then have to extract the original mail from the attachment before
> you can learn from it and you have to teach your users how to forward
> mail as an attachment.
>
>
yes i do have different users
some use webmail and some use outlook and outlook exress
diffrent clients using pop3ssl
iam not sure how can i ask user to send spam mail as attachment to some
user@domain.com
if spammers know we are allowing user@domain.com everything, they start
filling with spam ?
is this correct ?
ram
Re: how can i finetune to spamassassin to handle spams
Posted by Bowie Bailey <Bo...@BUC.com>.
ram wrote:
> hi
>
> what i am looking is
>
> iam looking sitewide, not userwide
>
> so if the user feel its spam mail, he will send that mail to another
> email of local account,
> from there i want to choose the bayes learn and decide what is spam
> and what is not spam
>
> hope i explained well i feel
Yes. Makes much more sense this time! :)
You can do something similar to that, but if you do a normal forward,
you will generally lose the header information. There are two basic
ways to do it.
1) Have the user copy the emails to a local spam folder and then have a
process that collects the mail from those folders and learns from it on
a regular basis. This is easy to do if you are using IMAP or webmail
since everything is on the server. If you are using POP3, it gets more
complicated since everyone's mail folder is on their own computer.
2) Have the user forward the mail as an attachment. This will usually
preserve the headers depending on the mail client. The downside is that
you then have to extract the original mail from the attachment before
you can learn from it and you have to teach your users how to forward
mail as an attachment.
--
Bowie