473,836 Members | 2,292 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Tom Lane heads up

Just dropping a quick not for Tom Lane. I sent a personal message
today, but I wasn't sure if you'd get it after I remembered all of the
spam filters you've got set up.

Sorry for the off topic post.

---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?

http://www.postgresql.org/docs/faqs/FAQ.html

Nov 23 '05
69 6425
Quoting "Matthew D. Fuller" <fu******@ove r-yonder.net>:
On Tue, Apr 20, 2004 at 05:35:51AM -0000 I heard the voice of
Jim Wilson, and lo! it spake thus:
Tom Lane said:

3. I have noticed that bouncing any machine that sends "HELO
sss.pgh.pa.us" gets rid of a ton of spam and viruses. I don't know of
any real clean way to do this, but I have a sendmail.cf hack for it.


#3 looks interesting though...


I've been blocking HELO as anything under my domain, as well as my IP
address (as well as any bare IP addresses) for a while, and it
certainly drops a fair bit. And I maintain a long list of HELO names,
AND IP ranges, AND sending hostnames, AND senders domains, plus all
the filtering I do after accepting the mail... Wacky. If we just
renamed 'spam' to 'justifiable homicide'...
--
Matthew Fuller (MF4839) | fu******@over-yonder.net
Systems/Network Administrator | http://www.over-yonder.net/~fullermd/

"The only reason I'm burning my candle at both ends, is because I
haven't figured out how to light the middle yet"

---------------------------(end of broadcast)---------------------------
TIP 6: Have you searched our list archives?

http://archives.postgresql.org


We could only wish for "justifiabl e homicide". Now there's a law I would
support! :)

Are you guys miltering to drop the messages with those HELO patterns? I'm
nailing 80%+ across all my clients and I may get 20 to 50 spams/day (down from
200+) which is acceptable but I was going to start using some netfilter hooks
(i.e. Linux firewall code) to inspect mail traffic and apply some more patterns.
If you guys are getting 95%+ via miltering then thats definitely the way to go.

--
Keith C. Perry, MS E.E.
Director of Networks & Applications
VCSN, Inc.
http://vcsn.com

_______________ _______________ ______
This email account is being host by:
VCSN, Inc : http://vcsn.com

---------------------------(end of broadcast)---------------------------
TIP 6: Have you searched our list archives?

http://archives.postgresql.org

Nov 23 '05 #31
On Tue, Apr 20, 2004 at 10:17:05AM -0300, Marc G. Fournier wrote:
On Mon, 19 Apr 2004, Joe Conway wrote:
Marc G. Fournier wrote:
Huh? I just use Spamassassin myself, with Razor/Pyzor/DCC and Bayes all
enabled ...


I use exactly the same setup. But recently I've noticed that the
spammers are getting smarter -- I think 20% of it is slipping by the
filters. I'm going to need something better.


do you force learn those spam that get through the cracks? I get about 20
or 30 messages that slip through the cracks, which I process through with
sa-learn nightly ...


i have been doing that some -- but i still get about 200 false
negatives per day. takes too much time to run 'sa-learn' all the
time when it seems like spam #n is an awful lot like spam #n-1.

--
"Why did they hard code that value into the program?".
"My only guess would be to maximize suckage."
http://suso.suso.org/docs/apache_and.../part4-2.phtml

---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to ma*******@postg resql.org

Nov 23 '05 #32
On Tue, Apr 20, 2004 at 10:17:05AM -0300, Marc G. Fournier wrote:
On Mon, 19 Apr 2004, Joe Conway wrote:
Marc G. Fournier wrote:
Huh? I just use Spamassassin myself, with Razor/Pyzor/DCC and Bayes all
enabled ...


I use exactly the same setup. But recently I've noticed that the
spammers are getting smarter -- I think 20% of it is slipping by the
filters. I'm going to need something better.


do you force learn those spam that get through the cracks? I get about 20
or 30 messages that slip through the cracks, which I process through with
sa-learn nightly ...


i have been doing that some -- but i still get about 200 false
negatives per day. takes too much time to run 'sa-learn' all the
time when it seems like spam #n is an awful lot like spam #n-1.

--
"Why did they hard code that value into the program?".
"My only guess would be to maximize suckage."
http://suso.suso.org/docs/apache_and.../part4-2.phtml

---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to ma*******@postg resql.org

Nov 23 '05 #33
On Tue, 20 Apr 2004, Will Trillich wrote:
On Tue, Apr 20, 2004 at 10:17:05AM -0300, Marc G. Fournier wrote:
On Mon, 19 Apr 2004, Joe Conway wrote:
Marc G. Fournier wrote:
> Huh? I just use Spamassassin myself, with Razor/Pyzor/DCC and Bayes all
> enabled ...

I use exactly the same setup. But recently I've noticed that the
spammers are getting smarter -- I think 20% of it is slipping by the
filters. I'm going to need something better.


do you force learn those spam that get through the cracks? I get about 20
or 30 messages that slip through the cracks, which I process through with
sa-learn nightly ...


i have been doing that some -- but i still get about 200 false
negatives per day. takes too much time to run 'sa-learn' all the
time when it seems like spam #n is an awful lot like spam #n-1.


I'm down to ~20 false positives right now ... usually spent my last half
hour in front of the tv at night sorting them out and filtering them
through bayes ...

My spam filters right now are picking up between 2000->3000 messages per
day which aren't getting into my main folders ...
----
Marc G. Fournier Hub.Org Networking Services (http://www.hub.org)
Email: sc*****@hub.org Yahoo!: yscrappy ICQ: 7615664

---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to ma*******@postg resql.org

Nov 23 '05 #34
On Tue, 20 Apr 2004, Will Trillich wrote:
On Tue, Apr 20, 2004 at 10:17:05AM -0300, Marc G. Fournier wrote:
On Mon, 19 Apr 2004, Joe Conway wrote:
Marc G. Fournier wrote:
> Huh? I just use Spamassassin myself, with Razor/Pyzor/DCC and Bayes all
> enabled ...

I use exactly the same setup. But recently I've noticed that the
spammers are getting smarter -- I think 20% of it is slipping by the
filters. I'm going to need something better.


do you force learn those spam that get through the cracks? I get about 20
or 30 messages that slip through the cracks, which I process through with
sa-learn nightly ...


i have been doing that some -- but i still get about 200 false
negatives per day. takes too much time to run 'sa-learn' all the
time when it seems like spam #n is an awful lot like spam #n-1.


I'm down to ~20 false positives right now ... usually spent my last half
hour in front of the tv at night sorting them out and filtering them
through bayes ...

My spam filters right now are picking up between 2000->3000 messages per
day which aren't getting into my main folders ...
----
Marc G. Fournier Hub.Org Networking Services (http://www.hub.org)
Email: sc*****@hub.org Yahoo!: yscrappy ICQ: 7615664

---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to ma*******@postg resql.org

Nov 23 '05 #35

Tom Lane <tg*@sss.pgh.pa .us> wrote:
[snip]
3. I have noticed that bouncing any machine that sends "HELO
sss.pgh.pa.us" gets rid of a ton of spam and viruses.
IOW: Anything the HELOs with your mail server's own hostname. If you
can do it: Changing that to anything that HELOs with your domain name
(that's not supposed to) and you'll catch still more. Add to that
anything HELOing with your mail server's IP address and you'll catch
more yet.
I don't know of
any real clean way to do this, but I have a sendmail.cf hack for it.

[snip]

Postfix, which is what I use, has built-in support for HELO checks.

--
Jim Seymour | Spammers sue anti-spammers:
js******@LinxNe t.com | http://www.LinxNet.com/misc/spam/slapp.php
http://jimsun.LinxNet.com | Please donate to the SpamCon Legal Fund:
| http://www.spamcon.org/legalfund/

---------------------------(end of broadcast)---------------------------
TIP 7: don't forget to increase your free space map settings

Nov 23 '05 #36

Tom Lane <tg*@sss.pgh.pa .us> wrote:
[snip]
3. I have noticed that bouncing any machine that sends "HELO
sss.pgh.pa.us" gets rid of a ton of spam and viruses.
IOW: Anything the HELOs with your mail server's own hostname. If you
can do it: Changing that to anything that HELOs with your domain name
(that's not supposed to) and you'll catch still more. Add to that
anything HELOing with your mail server's IP address and you'll catch
more yet.
I don't know of
any real clean way to do this, but I have a sendmail.cf hack for it.

[snip]

Postfix, which is what I use, has built-in support for HELO checks.

--
Jim Seymour | Spammers sue anti-spammers:
js******@LinxNe t.com | http://www.LinxNet.com/misc/spam/slapp.php
http://jimsun.LinxNet.com | Please donate to the SpamCon Legal Fund:
| http://www.spamcon.org/legalfund/

---------------------------(end of broadcast)---------------------------
TIP 7: don't forget to increase your free space map settings

Nov 23 '05 #37
On Tue, Apr 20, 2004 at 01:30:59PM -0300, Marc G. Fournier wrote:
Also check to make sure that you don't have autolearn disabled ... you
would have had to do it manually, as it is enabled by default, but, for
instance, if you are a user on a system, the site-wide may be set to
disable autolearn, so you'd have to enable it yourself ...

I'm looking forward to 3.x coming out, as the Bayes stuff will be able to
run out of an SQL database instead of flat files ... so servers running
Cyrus IMAPd, where there are no physical user accounts, will be able to
start makng use of Bayes as well ...


You should look into MailScanner, at www.mailscanner.info. I use it as
the framework for running SA and anti-virus software, using Exim as my
mail server. There are no physical user accounts; all virtual stuff.
MailScanner let's SA, along with the Bayesian filter, work for all email
coming through.

Michael
--
Michael Darrin Chaney
md******@michae lchaney.com
http://www.michaelchaney.com/

---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster

Nov 23 '05 #38
On Tue, Apr 20, 2004 at 01:30:59PM -0300, Marc G. Fournier wrote:
Also check to make sure that you don't have autolearn disabled ... you
would have had to do it manually, as it is enabled by default, but, for
instance, if you are a user on a system, the site-wide may be set to
disable autolearn, so you'd have to enable it yourself ...

I'm looking forward to 3.x coming out, as the Bayes stuff will be able to
run out of an SQL database instead of flat files ... so servers running
Cyrus IMAPd, where there are no physical user accounts, will be able to
start makng use of Bayes as well ...


You should look into MailScanner, at www.mailscanner.info. I use it as
the framework for running SA and anti-virus software, using Exim as my
mail server. There are no physical user accounts; all virtual stuff.
MailScanner let's SA, along with the Bayesian filter, work for all email
coming through.

Michael
--
Michael Darrin Chaney
md******@michae lchaney.com
http://www.michaelchaney.com/

---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster

Nov 23 '05 #39
On Mon, Apr 19, 2004 at 09:19:05PM -0700, Joe Conway wrote:
Marc G. Fournier wrote:
Huh? I just use Spamassassin myself, with Razor/Pyzor/DCC and Bayes all
enabled ...


I use exactly the same setup. But recently I've noticed that the
spammers are getting smarter -- I think 20% of it is slipping by the
filters. I'm going to need something better.


No offense, but that means you're not doing it right. I use SA with
Bayes (and everything else), and I'm getting better than 98% with no
false positives. Yesterday I had 823 spams (you read that correctly)
with 9 that made it through. When I woke up this morning, I had 334
spams with 2 that made it through.

I constantly train my Bayesian filter by using an email address I set
up where I forward all false-negatives. So the few that get through
won't be doing that again. It simply runs them through sa-learn. If I
get some time, I'll post the code to my web site.

Spammers cannot outsmart a Bayesian filter. It's game-over. You don't
need to upgrade, you need to figure out how to make your current setup
work.

Make sure you have the latest SA and make sure that Bayesian filtering
is turned on and working, and make sure to train the filter. Reply to
me offlist if you need a group of 5000 or so spams to help train it.

Michael
--
Michael Darrin Chaney
md******@michae lchaney.com
http://www.michaelchaney.com/

---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?

http://www.postgresql.org/docs/faqs/FAQ.html

Nov 23 '05 #40

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
1057
by: Eric | last post by:
I've written a spiffy class to validate my xml. it loads up a schema into an xmlvalidatingreader and runs thru the xml, firing validationevents as it goes. Friend Sub ValidationEventHandle(ByVal sender As Object, ByVal args As ValidationEventArgs) _bIsValid = False _errordata.Add(_reader.Name & "|" & _sCurrentFilename & "|" &
0
1713
by: Darryl Kerkeslager | last post by:
Access 2002 on Win98 at least, not tested elsewhere: Bug: The ListCount property of an unbound listbox may be incorrect if you use column heads. Model: Set up a simple database with two simple tables (I used employer and person). Create a bound form based on the employer table, with a txtName textbox, a txtID textbox, and an unbound listbox to the employer table . Add a second unbound listbox for the person table, with column...
5
1619
by: Lyle Fairfield | last post by:
I messed with Windows XP SP2 and for a while did not get the installation quite right. It looked for some file (I think a remnant of a Trojan file that was left on Windows/System32 after Norton had zapped the Trojan) right near the end of the installation, couldn't find it, aborted and put the system back the way it found it, or so it said. But it seems it left some if its security. When I ran my Wininet functions SP2's security blocked the...
9
1703
by: Domel | last post by:
1 Jak zaokr±glić float'a tak żeby jeżeli czę¶ć dziesiętna była większa lub równa od 0.5 to był on zaokr±glany w górę, jeżeli mniejsza to w dół np 1.6 po zaokr 2.0 1.2 po zaokr 1 prosiłbym o ile to możliwe o jakie¶ sposoby bez doł±czania bibliotek, przy użyciu jakich¶ operacji 2. dla czego jeżeli wykonuję poniższ± operację
11
308
by: Ron Vecchi | last post by:
I've used System.Web.Mail before but have never had the need to send attchemnets through it...until now. A client of mine would like a form on the website to allow a user to type up a message and upload a file. I'm staying away from mailto links. So the file and message will be uploaded to the server when the user clicks send. The new file and message will be processed and emailed from the server to my client. I'm tring to get any...
2
1161
by: Gandalf | last post by:
Say I have persisted a DataSet in the ViewState of a page, and that when the page is posted back I make several references to that dataset like so: DataSet MyDataSet = (DataSet)ViewState; //C# Does this have to deserialize the dataset every time it is referenced... or is it only done once when the page is posted back? I'm just wondering if I should assign the DataSet to a local variable in the PageLoad method or if it's OK to...
9
1900
by: chadlupkes | last post by:
I have this code from someone else, and I'm trying to make heads or tails of it because IE doesn't like it. Can anyone help? Or does anyone have a better idea? /* parse the email to check for valid form */ function parseemail(str) { str = trim(str); <?if(preg_match("/MSIE 5.0;/", $_SERVER)) // this is IE 5.0
1
1154
by: koolaid82 | last post by:
Hey java heads. I am an actionscript developer. I have this code on a button that opens a new window a certain size etc. on (release) { getURL ("javascript:NewWindow=window.open('http://myurl.html','newWin','width=650,height=570,left=200,top=200,toolbar=No,location=No,scrollbars=Yes,status=No,resizable=Yes,fullscreen=No'); NewWindow.focus(); void(0);"); I was wondering if anyone knew how to change the script to open a page _self,...
0
2000
by: CajunCoiler | last post by:
Just a heads-up to let everyone know that the new version of CodeLoader has been posted for download. Now its up to 2.0.5 and ready to fly. Two years of revisions, and still free of cost or spyware. http://www.msbdatasystems.com/Downloads/Loads/codeloader.zip
0
10821
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
0
10527
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
1
10573
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
0
10241
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
0
9358
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
1
7773
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
0
6973
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
0
5642
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
1
4443
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.