SA treats percentage spaces wording as uri
This morning one of our ent_domains DMARC weekly report from a third party was listed as spam by SA which took the wording Not_percent-twenty_Resolved and passed it off to URI checks adding dot.com to it when there is no dot com after it, and a raw message search of that message in less in console confirms it. Problem with the code that scans the content for things like URI's? It shouldn't be assuming there's a TLD after it. -- Regards, Noel Butler
Re: dkim https://16years.secvuln.info/
On 2024-05-13 at 08:09:04 UTC-0400 (Mon, 13 May 2024 14:09:04 +0200) Benny Pedersen is rumored to have said: i write here so in hope to start a debate on it, is there a code change any where to handle this ? That's not a SA issue. Nothing SA does can fix it The change (in Debian) that fixed that vulnerability was released 16 years ago. It is up to sysadmins to pay attention and deploy fixes when they are available. If people are still using bad keys generated 16 years ago, they are failing to do that. We can't fix it. The problem being cited in 2024 is 16 years of incompetent system administration, not bad code or distribution config. -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo@toad.social and many *@billmail.scconsult.com addresses) Not Currently Available For Hire
dkim https://16years.secvuln.info/
i write here so in hope to start a debate on it, is there a code change any where to handle this ?
Re: Score 0.001
Am 2024-05-13 04:33, schrieb jdow: Um, "FORGED_SPF_HELO"? Are you sure this message is from MS? {^_^} The mail/report is authentic. They already corrected this "error" or changed the sending server. In today's report FORGED_SPF_HELO is 0.001 and the score is below 5 :) On 20240512 06:56:59, Thomas Barth wrote: Am 2024-05-12 12:39, schrieb Greg Troxel: I would suggest that if Debian is modifying the default config from 5 to 6.31, then probably they should not be doing that. This is a status of dmarc-report from microsoft today X-Spam-Status: Yes, score=5.938 tagged_above=2 required=6.31 tests=[ARC_SIGNED=0.001, ARC_VALID=0.001, BASE64_LENGTH_78_79=0.1, BASE64_LENGTH_79_INF=2.019, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DMARC_PASS=-0.001, FORGED_SPF_HELO=1, HTML_MESSAGE=0.001, MIME_BASE64_TEXT=0.001, MIME_HTML_MOSTLY=0.1, MPART_ALT_DIFF=0.724, PYZOR_CHECK=1.985, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, T_TVD_MIME_NO_HEADERS=0.01] A strike level of 5 is too low for microsoft mails ;-)