On 6/22/2013 1:45 PM, TR Shaw wrote:
You are rebuilding the bayesian DB aren't you?
uhhh...what? <g>
You should be getting a rebuild report every night.
Like this? Does it look right?
File rebuildrun.txt follows:
**********Jun-17-13 04:04:34 RebuildSpamDB 2.9.3.0 (1.0.01) is starting;
Running in assp.mydomain.com basedirectory '/Applications/ASSP'
Running as user '_assp'
--- ASSP assp.mydomain.com Settings ---
Use Subject as Maillog Names: Disabled
Maxbytes: 8000
Maxfiles: 14000
Trashlist: cleaning finished; before=15, deleted=3
--- Cleaning NoBayesian folders ---
entries older than 30 days will be removed
starting cleanup old files for folder /Applications/ASSP/okmail
folder /Applications/ASSP/okmail before: 0
folder /Applications/ASSP/okmail after: 0
starting cleanup old files for folder /Applications/ASSP/discarded
folder /Applications/ASSP/discarded before: 3382
folder /Applications/ASSP/discarded deleted: 2
folder /Applications/ASSP/discarded after: 3380
starting cleanup old files for folder /Applications/ASSP/quarantine
folder /Applications/ASSP/quarantine before: 54
folder /Applications/ASSP/quarantine after: 54
--- Cleaning corrected (errors) spam/notspam folders ---
entries older than 500 days will be removed
starting cleanup old files for folder /Applications/ASSP/errors/spam
folder /Applications/ASSP/errors/spam before: 155
folder /Applications/ASSP/errors/spam after: 155
starting cleanup old files for folder /Applications/ASSP/errors/notspam
folder /Applications/ASSP/errors/notspam before: 57
folder /Applications/ASSP/errors/notspam deleted: 5
folder /Applications/ASSP/errors/notspam after: 52
--- Cleaning Bayesian folders ---
starting cleaning /Applications/ASSP/spam - delete files from
/Applications/ASSP/spam - old filecount: 14347:
finished cleaning /Applications/ASSP/spam - new filecount: 13999
starting cleaning /Applications/ASSP/notspam - delete files from
/Applications/ASSP/notspam - old filecount: 14240:
finished cleaning /Applications/ASSP/notspam - new filecount: 13999
/Applications/ASSP/errors/spam
File Count: 155
Processing...
Imported Files: 155
Finished in 3 second(s)
/Applications/ASSP/errors/notspam
File Count: 52
Processing...
Imported Files: 52
Finished in 2 second(s)
/Applications/ASSP/spam
File Count: 13,999
Processing...
Imported Files: 7,000
Finished in 162 second(s)
/Applications/ASSP/notspam
File Count: 13,999
Processing...
Imported Files: 13,999
Finished in 153 second(s)
Generating weighted Bayesian tuplets...done
Saving rebuilt SPAM database...done
Resulting file 'spamdb' is 3,998,715 bytes
Bayesian Pairs: 170,918
HELO Blacklist: 178 HELOs
Spam Weight: 4,920,546
Not-Spam Weight: 3,130,095
Corpus norm: 1.5720
Total processing time: 334 second(s)
Preparing binary Griplist upload... done
Uploading Griplist via Direct Connection
Submitted 108 bytes: 0 IPv6 addresses, 24 IPv4 addresses
Downloading Griplist (delta) via direct HTTP connection
Griplist download complete: binary download 198988 bytes
Griplist binary read OK: /Applications/ASSP/griplist.bin, 0 IPv6 addresses,
157077 IPv4 addresses
Griplist binary merge OK: /Applications/ASSP/griplist.tmp, 0 IPv6 addresses,
49744 IPv4 addresses
Writing merged Griplist binary... done
Writing merged Griplist text... done
Griplist writing complete: 0 IPv6 addresses, 161699 IPv4 addresses
Droplist download skipped: last download too recent
Jun-17-13 04:10:13 RebuildSpamDB 2.9.3.0 (1.0.01) ended;
Sending Notify to mehostmaster@xxxxxxxxx|me@xxxxxxxxxxxx
Tom
On Jun 22, 2013, at 4:40 PM, aklist wrote:
On 6/22/2013 11:36 AM, TR Shaw wrote:
the email interface will allow you to send and then accumulate in bayesian. You
can also just copy .emls into the appropriate directory and they force run
rebuild.
Thanks Tom, so just sending them to "report-spam" is enough?
I had been doing that, but it didn't seem to be making much difference, although I
understand the scoring may be too low to actually block the next "wave" of
slightly different spam.
On Jun 22, 2013, at 2:14 PM, aklist wrote:
Hi: Just a quick question about the spam-reporting interface on ASSP 1.9x.
Does reporting spam do anything beyond adding/removing email addresses from the
white/blacklist?
For example does reporting spam affect the bayesian dB or do anything to
prevent additional spam coming from different email addresses from getting
through?
If not, is there any way to do that through the email interface, so that spammy
subject lines are automatically added to the BombRE files or something like
that?
I am receiving tons of identical, or nearly identical, "pennystock" spam which
of course is always from different compromised senders/hosts.
I've enabled the BombSubjectRE with DoBombSubjectRe set to "score", and I've been manually adding
some persistent subject lines manually to the "file:files/bombsubjectre.txt" with a score of
"0.9", but I'm not sure if this is an effective way to try to block the spam, or if there's a
better way?
TIA, AK
Circle The Wagons
manage: //www.freelists.org/list/ctw post: mailto:ctw@xxxxxxxxxxxxx
unsubscribe: mailto:ctw-request@xxxxxxxxxxxxx?subject=unsubscribe
search: //www.freelists.org/archives/ctw
faq: //www.freelists.org/wiki/the_faq
