Heh, I use the ClamAV plugin for SA and give it a hefty score. That way
I get the best of both worlds. Creative use of BLs also helps.
Very pleased with ClamAV too, but just ClamAV is not enough for us. The
last hours some virus-types were not recognized by ClamAV, even not with
the most
From: Menno van Bennekom [mailto:[EMAIL PROTECTED]
Heh, I use the ClamAV plugin for SA and give it a hefty score.
That way I get the best of both worlds. Creative use of BLs also
helps.
Very pleased with ClamAV too, but just ClamAV is not enough for us.
The last hours some
On Wednesday 23 Nov 2005 15:07, Bowie Bailey wrote:
It's always good to have multiple layers. We have ClamAV on the mail
server and Symantec Corporate Edition on the desktops. I haven't had
any problems with Clam. We had a few Sober.U get through before the
definitions updated, but that's
From: Duncan Hill [mailto:[EMAIL PROTECTED]
On Wednesday 23 Nov 2005 15:07, Bowie Bailey wrote:
It's always good to have multiple layers. We have ClamAV on the mail
server and Symantec Corporate Edition on the desktops. I haven't had
any problems with Clam. We had a few Sober.U get
On Tuesday 22 Nov 2005 14:56, Casey King wrote:
messages are receiving. I start tagging spam, at 3.5 so each message
has been tagged, but still sent through. Any one else seeing these
emails?
New Sober outbreak, not spam, virus.
Just junk them totally, stripping is a waste of time for Sober
At 09:56 AM 11/22/2005, Casey King wrote:
This morning we have been getting drilled by spam/virus emails.
Are they spam, or viruses? Not the same thing.
40 so far.
I should be so lucky to see as few as 40/hour during any kind of outbreak
Been getting a lot of phone calls from across the
be considered a novice, much like what you and Julian have been
discussing on the MailScanner list.
Casey
-Original Message-
From: Matt Kettler [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 22, 2005 9:47 AM
To: Casey King; SpamAssassin Users
Subject: Re: New Spammer?
At 09:56 AM 11/22/2005
From: Matt Kettler [EMAIL PROTECTED]
At 09:56 AM 11/22/2005, Casey King wrote:
This morning we have been getting drilled by spam/virus emails.
Are they spam, or viruses? Not the same thing.
40 so far.
I should be so lucky to see as few as 40/hour during any kind of outbreak
Been
[EMAIL PROTECTED]
To: users@spamassassin.apache.org
Sent: Tuesday, November 22, 2005 5:37 PM
Subject: Re: New Spammer?
From: Matt Kettler [EMAIL PROTECTED]
At 09:56 AM 11/22/2005, Casey King wrote:
This morning we have been getting drilled by spam/virus emails.
Are they spam, or viruses
jdow wrote:
Heh, I use the ClamAV plugin for SA and give it a hefty score. That way
I get the best of both worlds. Creative use of BLs also helps.
Local blackists help a lot. If you figure most viruses are going to be
sent directly from client PCs, and most of 'em are going to try
-
| Email [EMAIL PROTECTED]
| Mobile (917) 807-3883
| BlackBerry PIN 40082120
| Technology Consultant
-
- Original Message -
From: jdow [EMAIL PROTECTED]
To: users@spamassassin.apache.org
Sent: Tuesday, November 22, 2005 5:37 PM
Subject: Re: New
Subject: Re: New Spammer?
That is the general format. I do not have your original message to know
if the data is correct. It almost looks like you are trusting WAY too
much at the 70.119. part. Trust only the mail server(s) from which you
expect to never forge emails itself. In my case I trust
of BL / WL rules?
Regards ..
Leonard
- Original Message -
From: jdow [EMAIL PROTECTED]
To: users@spamassassin.apache.org
Sent: Tuesday, November 22, 2005 6:23 PM
Subject: Re: New Spammer?
Nowhere if he has no trusted network setup. That's his problem in a
nutshell. He cannot usefully
, November 22, 2005 9:41 PM
Subject: Re: New Spammer?
The key to understanding trusted is that these are mail transfer agents
that you can trust not to forge headers. If you fetch from an ISP then it
is, perforce, the ISP's pop3 or imap client through which you fetch mail
with the fetchmail
PM
Subject: Re: New Spammer?
Nowhere if he has no trusted network setup. That's his problem in a
nutshell. He cannot usefully run network tests.
{^_^}
- Original Message -
From: Leonard SA [EMAIL PROTECTED]
Where are BLs setup at?
Thanks in advance..
Regards ..
Leonard Bernstein
By the way, aside from that the BLs are setup out of the box just
about the way I use them.
{^_^}
- Original Message -
From: Leonard SA [EMAIL PROTECTED]
J,
Outstanding explanation :) Thank you..
I don't have the all_trusted setting; just the trusted_networks and the
And as it turns out I had an address wrong and had slightly fooed up what
was minimum needed for trusted. It turns out that this setup works just
fine with fetchmail.
trusted_networks 127/8
internal_networks 192.168/16
It appears I was slightly overtrusting since Earthlink's pop3 and its smtp
Hello Andy,
Friday, September 17, 2004, 3:23:15 AM, you wrote:
AS Hi, I just got a nigerian spam with a huge Reply-To: line! Never seen
AS that trick before, but I suppose it works with quite a few of the
AS recipients. Should we create a new rule for that? I can't think of
AS a legitimate
Hi, I just got a nigerian spam with a huge Reply-To: line!
Never seen that trick before, but I suppose it works with quite a few of
the recipients. Should we create a new rule for that? I can't think of a
legitimate reason to have more than one address in the Reply-To line, right?
Here goes a
Hi Loren,
I suspect that is more of a broken spammer than a new trick.
Maybe both? :-)
I can't see what good that line is going to do for the spammer.
Well, whoever replys to the spammer, telling him no matter what
mails his reply (usually including the quoted original mail) to everyone in
the
20 matches
Mail list logo