[ctw] Re: ASSP email interface--blocking "Pennystock" spam by subject?
- From: TR Shaw <tshaw@xxxxxxxx>
- To: ctw@xxxxxxxxxxxxx
- Date: Sat, 22 Jun 2013 17:50:56 -0400
Looks like mine in format.
On Jun 22, 2013, at 5:12 PM, aklist wrote:
> On 6/22/2013 1:45 PM, TR Shaw wrote:
>> You are rebuilding the bayesian DB aren't you?
>
> uhhh...what? <g>
>>
>> You should be getting a rebuild report every night.
>
> Like this? Does it look right?
>
>
>
>
> File rebuildrun.txt follows:
>
> **********Jun-17-13 04:04:34 RebuildSpamDB 2.9.3.0 (1.0.01) is starting;
>
> Running in assp.mydomain.com basedirectory '/Applications/ASSP'
> Running as user '_assp'
>
> --- ASSP assp.mydomain.com Settings ---
> Use Subject as Maillog Names: Disabled
> Maxbytes: 8000
> Maxfiles: 14000
>
> Trashlist: cleaning finished; before=15, deleted=3
>
> --- Cleaning NoBayesian folders ---
> entries older than 30 days will be removed
> starting cleanup old files for folder /Applications/ASSP/okmail
> folder /Applications/ASSP/okmail before: 0
> folder /Applications/ASSP/okmail after: 0
>
> starting cleanup old files for folder /Applications/ASSP/discarded
> folder /Applications/ASSP/discarded before: 3382
> folder /Applications/ASSP/discarded deleted: 2
> folder /Applications/ASSP/discarded after: 3380
>
> starting cleanup old files for folder /Applications/ASSP/quarantine
> folder /Applications/ASSP/quarantine before: 54
> folder /Applications/ASSP/quarantine after: 54
>
>
> --- Cleaning corrected (errors) spam/notspam folders ---
> entries older than 500 days will be removed
> starting cleanup old files for folder /Applications/ASSP/errors/spam
> folder /Applications/ASSP/errors/spam before: 155
> folder /Applications/ASSP/errors/spam after: 155
>
> starting cleanup old files for folder /Applications/ASSP/errors/notspam
> folder /Applications/ASSP/errors/notspam before: 57
> folder /Applications/ASSP/errors/notspam deleted: 5
> folder /Applications/ASSP/errors/notspam after: 52
>
>
> --- Cleaning Bayesian folders ---
>
> starting cleaning /Applications/ASSP/spam - delete files from
> /Applications/ASSP/spam - old filecount: 14347:
> finished cleaning /Applications/ASSP/spam - new filecount: 13999
>
> starting cleaning /Applications/ASSP/notspam - delete files from
> /Applications/ASSP/notspam - old filecount: 14240:
> finished cleaning /Applications/ASSP/notspam - new filecount: 13999
>
> /Applications/ASSP/errors/spam
> File Count: 155
> Processing...
> Imported Files: 155
> Finished in 3 second(s)
>
> /Applications/ASSP/errors/notspam
> File Count: 52
> Processing...
> Imported Files: 52
> Finished in 2 second(s)
>
> /Applications/ASSP/spam
> File Count: 13,999
> Processing...
> Imported Files: 7,000
> Finished in 162 second(s)
>
> /Applications/ASSP/notspam
> File Count: 13,999
> Processing...
> Imported Files: 13,999
> Finished in 153 second(s)
>
> Generating weighted Bayesian tuplets...done
>
> Saving rebuilt SPAM database...done
>
> Resulting file 'spamdb' is 3,998,715 bytes
> Bayesian Pairs: 170,918
>
> HELO Blacklist: 178 HELOs
>
> Spam Weight: 4,920,546
> Not-Spam Weight: 3,130,095
>
> Corpus norm: 1.5720
>
> Total processing time: 334 second(s)
>
> Preparing binary Griplist upload... done
> Uploading Griplist via Direct Connection
> Submitted 108 bytes: 0 IPv6 addresses, 24 IPv4 addresses
> Downloading Griplist (delta) via direct HTTP connection
> Griplist download complete: binary download 198988 bytes
> Griplist binary read OK: /Applications/ASSP/griplist.bin, 0 IPv6 addresses,
> 157077 IPv4 addresses
> Griplist binary merge OK: /Applications/ASSP/griplist.tmp, 0 IPv6 addresses,
> 49744 IPv4 addresses
> Writing merged Griplist binary... done
> Writing merged Griplist text... done
> Griplist writing complete: 0 IPv6 addresses, 161699 IPv4 addresses
>
> Droplist download skipped: last download too recent
>
> Jun-17-13 04:10:13 RebuildSpamDB 2.9.3.0 (1.0.01) ended;
> Sending Notify to mehostmaster@xxxxxxxxx|me@xxxxxxxxxxxx
>
>
>
>
>>
>> Tom
>> On Jun 22, 2013, at 4:40 PM, aklist wrote:
>>
>>> On 6/22/2013 11:36 AM, TR Shaw wrote:
>>>> the email interface will allow you to send and then accumulate in
>>>> bayesian. You can also just copy .emls into the appropriate directory and
>>>> they force run rebuild.
>>>>
>>> Thanks Tom, so just sending them to "report-spam" is enough?
>>>
>>> I had been doing that, but it didn't seem to be making much difference,
>>> although I understand the scoring may be too low to actually block the next
>>> "wave" of slightly different spam.
>>>
>>>
>>>> On Jun 22, 2013, at 2:14 PM, aklist wrote:
>>>>
>>>>> Hi: Just a quick question about the spam-reporting interface on ASSP 1.9x.
>>>>>
>>>>> Does reporting spam do anything beyond adding/removing email addresses
>>>>> from the white/blacklist?
>>>>>
>>>>> For example does reporting spam affect the bayesian dB or do anything to
>>>>> prevent additional spam coming from different email addresses from
>>>>> getting through?
>>>>>
>>>>> If not, is there any way to do that through the email interface, so that
>>>>> spammy subject lines are automatically added to the BombRE files or
>>>>> something like that?
>>>>>
>>>>> I am receiving tons of identical, or nearly identical, "pennystock" spam
>>>>> which of course is always from different compromised senders/hosts.
>>>>>
>>>>> I've enabled the BombSubjectRE with DoBombSubjectRe set to "score", and
>>>>> I've been manually adding some persistent subject lines manually to the
>>>>> "file:files/bombsubjectre.txt" with a score of "0.9", but I'm not sure if
>>>>> this is an effective way to try to block the spam, or if there's a better
>>>>> way?
>>>>>
>>>>> TIA, AK
>
> Circle The Wagons
> manage: //www.freelists.org/list/ctw post: mailto:ctw@xxxxxxxxxxxxx
> unsubscribe: mailto:ctw-request@xxxxxxxxxxxxx?subject=unsubscribe
> search: //www.freelists.org/archives/ctw
> faq: //www.freelists.org/wiki/the_faq
Circle The Wagons
manage: //www.freelists.org/list/ctw
post: mailto:ctw@xxxxxxxxxxxxx
unsubscribe: mailto:ctw-request@xxxxxxxxxxxxx?subject=unsubscribe
search: //www.freelists.org/archives/ctw
faq: //www.freelists.org/wiki/the_faq
Other related posts:
