Date: Mon, 8 Dec 2014 17:09:28 +0800 (AWST) From: Bret Busby <bret@busby.net> To: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: How to report a spammer so SpamAssassin can filter it out Message-ID: <alpine.DEB.2.00.1412081652580.24670@bret-dd-workstation.busby.net> In-Reply-To: <548551C9.2050004@gmail.com> References: <548450C6.4040207@gmail.com> <AEAEB6E9BBE5527E68C19E80@[192.168.1.50]> <548551C9.2050004@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 8 Dec 2014, Ernie Luzar wrote: > Date: Mon, 8 Dec 2014 15:22:49 > From: Ernie Luzar <luzar722@gmail.com> > To: Daniel Staal <DStaal@usa.net> > Cc: FreeBSD Questions <freebsd-questions@freebsd.org> > Subject: Re: How to report a spammer so SpamAssassin can filter it out > > Daniel Staal wrote: >> --As of December 7, 2014 9:06:14 PM +0800, Ernie Luzar is alleged to have >> said: >> >>> Hello list >>> >>> Keep getting spam email from some guy selling bulk solar panels. >>> I know SpamAssassin has built in check of different places that provide >>> list of known spam email addresses. >>> Where can I find a list of places to notify them of this spam email >>> address? list@beawindhog.com >> >> --As for the rest, it is mine. >> >> There's several good ways to report this to Spamassassin - write a rule >> that catches it, or contribute to their spam corpus so that they can test >> rules against it, or use spamassassin's reporting features. >> >> For the first, the best place to start is the Spamassassin mailing list: >>> list-help: <mailto:users-help@spamassassin.apache.org> >>> list-unsubscribe: <mailto:users-unsubscribe@spamassassin.apache.org> >>> list-subscribe: <mailto:users-subscribe@spamassassin.apache.org> >>> List-Post: <mailto:users@spamassassin.apache.org> >> (See also: <https://wiki.apache.org/spamassassin/FrequentlyAskedQuestions>, >> as you're asking one of them.) >> >> For the second, I'd still start with the mailing list, but instructions on >> setup are here: >> <https://wiki.apache.org/spamassassin/NightlyMassCheck> >> (Note they will want you to analyze all your mail - spam and ham - not just >> a few messages. Actual emails are not uploaded - just the record of what >> rules your messages hit.) >> >> The most direct answer for your question - in the FAQ above - is to use >> Spamassassin's reporting features - `man spamassassin-run` lists them, or >> as I said the FAQ above. Short version: `spamassassin -r < >> fullemailmessage.txt` (Fuller details in the FAQ and man page.) >> >> Daniel T. Staal >> >> --------------------------------------------------------------- > > My domain name, website and email is all hosted by namecheap.com. Their email > is run on apache storing email in sqlite database and running spamassassin > under apache. They provide a cpanel menu system for me to customize my hosted > world. I do not have direct access to their servers /root. This means I have > no way to perform the tasks talked about by above posts. The basic default > spamassassin rules have cut the spam by 80%. But was still getting spam from > china and Korea and spam in languages other then English. I had namecheap > tech support enable the following options for my hosted email system. > Changed* required_score* from 5 to 3. This stopped 15% of the spam that was > still getting through. Then enabled the following tests, > *ok_languages en > **blacklist_from *.cn *to kill all email from China* > **blacklist_from *.ke *to kill all email from Korea* > **blacklist_from *@beawindhog.com *to kill all email from that domain > name that I posted about > *score CHARSET_FARAWAY_HEADER 3.1* > *score UNWANTED_LANGUAGE_BODY 5.1 *both of these options kill email not > in English language.* > * > Since this was enabled I have not had any spam get through. > > My thanks goes out to all who replied. > > Hello. I would be wary of using the filtering that you have detailed. The two blacklist lines are, I believe, too non-specific. I use alpine as my email application for this list, and, multiple other lists and people, and all of my spam handling is done (quite laboriously) by the use of the powerful filtering in alpine, which filtering, I have built up, over many years. The problems that I see with those two blacklist lines, include, as examples, for the first line; "*.cn", all *.cnet.com<|.*> email addreses; that is, extrapolating that possibility, all *.cne*.*.* addresses, being excluded, and, thence, for the second line, all *.ke*.* addresses, being excluded, so, including all *.kent.*.*, all *.kerry.*.*, et al, addresses. The thing is that filters, from my understanding, apart from the gmail filters, generally search for matches of substrings, so, and email addresses with the substrings that your blacklits rules entail, will be excluded, not just email addresses from the two countries involved. I do not know for what, you use your email, but, if you do any kind of research, or, your communications are not exclusive (limites to a small set of known people), then you could be inadvertently, accidentally, excluding people whose communications you may want to receive, and who may give up trying to contact you. I may be completely wrong, about how the particular rules are applied, in your case, but, from my exsperience, as I said, apart from gmail filters, filters use matches of substrings, and so, you could lose alot more than you intend, through the processs aplied in your case. Spo, you may want to review that method of email filtering, as specified. -- Bret Busby Armadale West Australia .............. "So once you do know what the question actually is, you'll know what the answer means." - Deep Thought, Chapter 28 of Book 1 of "The Hitchhiker's Guide to the Galaxy: A Trilogy In Four Parts", written by Douglas Adams, published by Pan Books, 1992 ....................................................
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.DEB.2.00.1412081652580.24670>
