Re: [Assp-test] notspam whitelist additions
On 26.01.2016 18:49, Thomas Eckardt wrote: user has simply forwarded the false positive to asspnotspam address. If no acceptable mail address is found in the header of a report, assp looks in to the body. mail was forwarded with (visible) headers intact with all from and to's and cc's, subject etc... on top. but ok, should be sent as attachment. noted for future... gets polluted by pseudo-addresses 1a74afffce8d074dae8e7695b52308cf0daf1...@denbgat9eh3msx.ww902.senderxyz.net I think this email address was in 'errors-to:' - done by the sender to collect and check bounces. no, actually it was a Message-ID: <1a74afffce8d074dae8e7695b52308cf0daf1...@denbgat9eh3msx.ww902.senderxyz.net> on 21.10.2015 i reported the same issue, again i was talking about "notspam reporting" but your reply was about "whitelist addition" (my priority is updating bayes rather than whitelisting which is as simple as 1 line message to asspwhite, that's not an issue). now we're back to subject again. Katip Thomas Von:katip An: ASSP development mailing list Datum: 26.01.2016 09:15 Betreff:Re: [Assp-test] notspam whitelist additions no, they were in the body [cid:image001.png@01D15798.9A12E4B0] user has simply forwarded the false positive to asspnotspam address. OTOH, if user forwards it as *attachment* to asspnotspam, this time header items such as 1a74afffce8d074dae8e7695b52308cf0daf1...@denbgat9eh3msx.ww902.senderxyz.net are added to whitelist. in either case whitelist gets polluted by pseudo-addresses. Katip ---- Original Message ---- *Subject: *Re: [Assp-test] notspam whitelist additions *From: *Thomas Eckardt *To: *ASSP development mailing list *Date: *Tue Jan 26 2016 09:27:33 GMT+0200 (GTB Standard Time) image005.emz@01D15798.378D07D0: added to whitelist image007.emz@01D15798.378D07D0: added to whitelist I need to know the header tags, where these addresses are located. Thomas Von:Katip An: ASSP development mailing list Datum: 25.01.2016 21:24 Betreff:[Assp-test] notspam whitelist additions notspam report tells : a...@sender.com: added to whitelist x...@sender.com: added to whitelist image005.emz@01D15798.378D07D0: added to whitelist image007.emz@01D15798.378D07D0: added to whitelist it's a pity that whitelist gets polluted with this pseudo-addresses. any clue how to avoid this? Katip -- Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! https://u2093715.ct.sendgrid.net/wf/click?upn=5nh3SUIR-2Fgb-2FvedarympQTGPjQxx54y7AyXHGXEqX3YPB1hJbL4-2FXHDyczXhzCmF0r-2FiesFIUgjtEGypN0oZC5Lqyk2Fh4lCz44udzOqF2l7joqWRg4LLdZCiwi-2FAF8vJVhPOklt4PuHvK2XSbPV4wlchE-2FSAaeBAbnCl1eY-2FVPA9FGx-2F1L4lVEMFTyq3VSDhnK2fcizfwu4zbxvYvQIwtrsizEi0zsYh9eJ-2B4N52PVys3-2BPe2MGYXFRzhN4msz5Hs-2B6yfLl5xVNeBXrVVnX-2BeSEw2YsgP3OMIM5u1Vj59lnv0PNSBOBzL2hXC7yIg-2Fb2gGsIBmLyp4mIJFWJgK4dYsrUDm5wfdX12JIX5jygmFJogQsNnXGD5qKoY042D7cNd6aiB-2FBSM83vlrdgbkeQTKAopvD1ZHp9Gyef6gR1BoBrF-2B-2Fiu3yFCpw47SGFyUranW3dAtOI9TIIAAYHRIJn80EBUpCDol7tFVxnTXMZunHfj7GXeZGFs9GP-2FYSNn51Z2xokI-2FEWOdW4Jg2iG7BXPMq-2BEd2Q-2F5kfYZZbrcS09fetRnvsho-2BF-2FEyRRu5aWqK_494V2FVUjS6tWd9cE-2BfUrx9113bIC6-2B7ExiGb6uItszUF5TcMHmX1a2JJ3u0nTHxpyzXJtiZXrb-2B-2BZa5VLnkqoKHF82cMZjzh-2BMLoviMZ2qRt4JreltfZ4T-2BvEhgTIxLDsjxBOeIGlEc8aAdoDO26oQweQPKcRZaRIkM8c4v3B1v13RZlHwqoIGDZWlsb618XKKWMYTL7AaB-2Fe1JSGIY6gMnM4xnxruM63yA-2BZZ4XEs-3D ___ Assp-test mailing list Assp-test@lists.sourceforge.net https://u2093715.ct.sendgrid.net/wf/click?upn=5nh3SUIR-2Fgb-2FvedarympQTGPjQxx54y7AyXHGXEqX3YPB1hJbL4-2FXHDyczXhzCmFV6NHlTrRPSZYI-2BSxLXV1EoGNHaES-2B-2FAQ6Wi7zSa-2B6JC39-2FHQPOpbg9H0He9RXg0mMpw7LpzmlOm8-2FDZ-2B2KbtIc2SeKPAPrP2yHtfdl5mYtDxcGtWx3ivPDlyzm7l3vaJDvkLVoqPef47NmVilWJXyYHtKlelWmzLGyHrOtW6LVpQUiLd78vSnW6PaNKPTdT5WWB8K6Oc2Ih4M4rwza87AZw4DcYNwW-2BLZMiAFbM1icsZnfMKazAkv1LIuFUTzMl87LDeooiVnpy-2B1x-2BL0A3K-2B-2F15odyje2NjJ01vtu1xNbVIAf6D1YsXObbm-2Boyh1JWZDOs-2BfL3ieptfzsicGRLXBwe6ejtSasqDmRYUSLdnppIUOYSA-2FKU7Lkr1plNL-2BveuR-2FvpLNrYOL8r7VO-2Fj7rtOiABiYEI5P22FWO5dkm84tkNMiWEh78a8V6sN-2BhxwnSflFjEDAT5wmmR-2FuQ-2FRt8T9tVED640SpUAeLY-2Bwo651G4-3D_494V2FVUjS6tWd9cE-2BfUrx9113bIC6-2B7ExiGb6uItszUF5TcMHmX1a2JJ3u0nTHxpyzXJtiZXrb-2B-2BZa5VLnkqpsPf1OHtNoTqf22Akzz1chsC-2Fr5gRu7uTdz5XCXSne5KhgLVPrcgYyu-2FlFGzsqYYR-2FgdaL3UoDFP-2FiNbZuIPQZqL3mIlpzX5RGCUggUq2UTEhZ8JM9jSJmBQ7KKjWFjzGKf-2FS-2BUvUo2iNu1RhLicnk-3D DISCLAIMER: *** This email and any files transmitted with it may be confidential, legally privileged and protected in law and are intended solely for the use of the individual t
Re: [Assp-test] notspam whitelist additions
>user has simply forwarded the false positive to asspnotspam address. This is wrong, if whitelist or personal blacklist should be managed on reports - attach the mail as .eml or zip . MSOL .msg Simply forwarding mails removes the original MIME header. If no acceptable mail address is found in the header of a report, assp looks in to the body. >gets polluted by pseudo-addresses > 1a74afffce8d074dae8e7695b52308cf0daf1...@denbgat9eh3msx.ww902.senderxyz.net This is a legit mail address - who else than the user should make a decision on it? A simple mail to 'EmailWhitelistRemove' with the email address in the body or subject will do it! It would be possible to check the domain ' DENBGAT9EH3MSX.ww902.senderxyz.net' if there is a MX record for it and to ignore it if there isn't any. But this is still not implemented, nor I'm convinced that this is wise. This email address was in a regular header line any of: subject from X-Assp-Envelope-From sender reply-to errors-to list-.. ReturnReceipt Return-Receipt-To Disposition-Notification-To It makes absolute no sense to provide an invalid email address in these header lines - even not for spammers! So checking them for a MX record seems to be useless! I think this email address was in 'errors-to:' - done by the sender to collect and check bounces. Thomas Von:katip An: ASSP development mailing list Datum: 26.01.2016 09:15 Betreff: Re: [Assp-test] notspam whitelist additions no, they were in the body [cid:image001.png@01D15798.9A12E4B0] user has simply forwarded the false positive to asspnotspam address. OTOH, if user forwards it as *attachment* to asspnotspam, this time header items such as 1a74afffce8d074dae8e7695b52308cf0daf1...@denbgat9eh3msx.ww902.senderxyz.net are added to whitelist. in either case whitelist gets polluted by pseudo-addresses. Katip ---- Original Message ---- *Subject: *Re: [Assp-test] notspam whitelist additions *From: *Thomas Eckardt *To: *ASSP development mailing list *Date: *Tue Jan 26 2016 09:27:33 GMT+0200 (GTB Standard Time) >> image005.emz@01D15798.378D07D0: added to whitelist >> image007.emz@01D15798.378D07D0: added to whitelist > I need to know the header tags, where these addresses are located. > > Thomas > > > > > Von:Katip > An: ASSP development mailing list > Datum: 25.01.2016 21:24 > Betreff:[Assp-test] notspam whitelist additions > > > > notspam report tells : > > a...@sender.com: added to whitelist > x...@sender.com: added to whitelist > image005.emz@01D15798.378D07D0: added to whitelist > image007.emz@01D15798.378D07D0: added to whitelist > > it's a pity that whitelist gets polluted with this pseudo-addresses. > any clue how to avoid this? > > Katip > > -- > Site24x7 APM Insight: Get Deep Visibility into Application Performance > APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month > Monitor end-to-end web transactions and take corrective actions now > Troubleshoot faster and improve end-user experience. Signup Now! > https://u2093715.ct.sendgrid.net/wf/click?upn=yGLM43UF2o5J9zGzmsgTus3PD-2FDkOKtMGG-2F2LA4mrwvhJAqlFoCJC4YsXhfSFF4KRZWjU-2FUIVf8F085Hj1BRznPNTIrIlpnxQhrd8yBVqTQ-3D_494V2FVUjS6tWd9cE-2BfUrx9113bIC6-2B7ExiGb6uItszUF5TcMHmX1a2JJ3u0nTHxEsEndKxDOZEZPLrf9dbH1FBu8tOT-2Fe58Oi7S-2FdBToq4yIz2UXD0nDyWSw7Ji76-2BuBSxUdFsN-2BMZv290bRb8LrnDwvqMe0roTEdo3-2FDHNMjHAsGTEhuMWaAAR0VUmVrLsMfPepCO4ZYGY2o3zORdZiiHOWYEHKHdoAAsUoT6kGxY-3D > ___ > Assp-test mailing list > Assp-test@lists.sourceforge.net > https://u2093715.ct.sendgrid.net/wf/click?upn=5nh3SUIR-2Fgb-2FvedarympQUBwXN2E6N-2FVFLgaFGt9nVYZ17jQHlsSlO9GMUtOnS1e2yrF7yL4C7Qvf9-2FajHpgqg-3D-3D_494V2FVUjS6tWd9cE-2BfUrx9113bIC6-2B7ExiGb6uItszUF5TcMHmX1a2JJ3u0nTHxEsEndKxDOZEZPLrf9dbH1HK07gipfqns8cnxPLM57agrmFSMIqegkivq9765TZy2kL2ycnWhHNYzb-2BUv0-2BxyIyOLnQZeGdI7EecimsMPat-2FKU8Bi7OIyk4MHK6EncyFjZaUug8q3YFM1wAqss-2BXvWzskpAxIAVlkSn-2FtVRFtcT4-3D > > > > > DISCLAIMER: > *** > This email and any files transmitted with it may be confidential, legally > privileged and protected in law and are intended solely for the use of the > > individual to whom it is addressed. > This email was multiple times scanned for viruses. There should be no > known virus in this email! > *** > > > > This body part will be downloaded on demand. > > > This body part will be downloaded on demand. -- Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM:
Re: [Assp-test] notspam whitelist additions
no, they were in the body [cid:image001.png@01D15798.9A12E4B0] user has simply forwarded the false positive to asspnotspam address. OTOH, if user forwards it as *attachment* to asspnotspam, this time header items such as 1a74afffce8d074dae8e7695b52308cf0daf1...@denbgat9eh3msx.ww902.senderxyz.net are added to whitelist. in either case whitelist gets polluted by pseudo-addresses. Katip Original Message *Subject: *Re: [Assp-test] notspam whitelist additions *From: *Thomas Eckardt *To: *ASSP development mailing list *Date: *Tue Jan 26 2016 09:27:33 GMT+0200 (GTB Standard Time) image005.emz@01D15798.378D07D0: added to whitelist image007.emz@01D15798.378D07D0: added to whitelist I need to know the header tags, where these addresses are located. Thomas Von:Katip An: ASSP development mailing list Datum: 25.01.2016 21:24 Betreff:[Assp-test] notspam whitelist additions notspam report tells : a...@sender.com: added to whitelist x...@sender.com: added to whitelist image005.emz@01D15798.378D07D0: added to whitelist image007.emz@01D15798.378D07D0: added to whitelist it's a pity that whitelist gets polluted with this pseudo-addresses. any clue how to avoid this? Katip -- Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! https://u2093715.ct.sendgrid.net/wf/click?upn=yGLM43UF2o5J9zGzmsgTus3PD-2FDkOKtMGG-2F2LA4mrwvhJAqlFoCJC4YsXhfSFF4KRZWjU-2FUIVf8F085Hj1BRznPNTIrIlpnxQhrd8yBVqTQ-3D_494V2FVUjS6tWd9cE-2BfUrx9113bIC6-2B7ExiGb6uItszUF5TcMHmX1a2JJ3u0nTHxEsEndKxDOZEZPLrf9dbH1FBu8tOT-2Fe58Oi7S-2FdBToq4yIz2UXD0nDyWSw7Ji76-2BuBSxUdFsN-2BMZv290bRb8LrnDwvqMe0roTEdo3-2FDHNMjHAsGTEhuMWaAAR0VUmVrLsMfPepCO4ZYGY2o3zORdZiiHOWYEHKHdoAAsUoT6kGxY-3D ___ Assp-test mailing list Assp-test@lists.sourceforge.net https://u2093715.ct.sendgrid.net/wf/click?upn=5nh3SUIR-2Fgb-2FvedarympQUBwXN2E6N-2FVFLgaFGt9nVYZ17jQHlsSlO9GMUtOnS1e2yrF7yL4C7Qvf9-2FajHpgqg-3D-3D_494V2FVUjS6tWd9cE-2BfUrx9113bIC6-2B7ExiGb6uItszUF5TcMHmX1a2JJ3u0nTHxEsEndKxDOZEZPLrf9dbH1HK07gipfqns8cnxPLM57agrmFSMIqegkivq9765TZy2kL2ycnWhHNYzb-2BUv0-2BxyIyOLnQZeGdI7EecimsMPat-2FKU8Bi7OIyk4MHK6EncyFjZaUug8q3YFM1wAqss-2BXvWzskpAxIAVlkSn-2FtVRFtcT4-3D DISCLAIMER: *** This email and any files transmitted with it may be confidential, legally privileged and protected in law and are intended solely for the use of the individual to whom it is addressed. This email was multiple times scanned for viruses. There should be no known virus in this email! *** This body part will be downloaded on demand. This body part will be downloaded on demand. -- Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140___ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test
Re: [Assp-test] notspam whitelist additions
>image005.emz@01D15798.378D07D0: added to whitelist >image007.emz@01D15798.378D07D0: added to whitelist I need to know the header tags, where these addresses are located. Thomas Von:Katip An: ASSP development mailing list Datum: 25.01.2016 21:24 Betreff:[Assp-test] notspam whitelist additions notspam report tells : a...@sender.com: added to whitelist x...@sender.com: added to whitelist image005.emz@01D15798.378D07D0: added to whitelist image007.emz@01D15798.378D07D0: added to whitelist it's a pity that whitelist gets polluted with this pseudo-addresses. any clue how to avoid this? Katip -- Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140 ___ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test DISCLAIMER: *** This email and any files transmitted with it may be confidential, legally privileged and protected in law and are intended solely for the use of the individual to whom it is addressed. This email was multiple times scanned for viruses. There should be no known virus in this email! *** -- Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140___ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test