Re: dnsbl lookups for X-PHP-Script
On Mon, Oct 06, 2008 at 09:39:06PM +0200, Matus UHLAR - fantomas wrote: On Mon, Oct 06, 2008 at 05:31:55PM +0200, Matus UHLAR - fantomas wrote: did anyone try to use DNSBL lookups for header(s) X-PHP-Script? I have patch into PHP that inserts IP address into that header, and looking in dnsbl for spam sources could help me filter out spam posted through HTTP. I could prepare such rules, but if anyone has such, I'd be glad not to reinvent the wheel. On 06.10.08 20:04, Henrik K wrote: Why don't you check the BLs directly from PHP? because it's quite hard to score from PHP script. No. Form spam is pretty easy, you don't need to score thousand rules. And even FPs are immediately obvious to a user who sees an error. Most spam can be eliminated with captchas or such anyway. And I expect to benefit from scripts I better would not edit... Fair enough.
Re: Identifying headers for users@spamassassin.apache.org
Am 2008-10-01 08:05:11, schrieb Don Saklad: Of the many many subscriptions this is the only subscription that doesn't have a bracketed list name inserted in the header subject. Programming solutions don't work for users not programmers! I am currently on 117 Mailinglists and only postgresql, php, exim-users and some LUGs have those crap adds... Since it is nearly impossibel to read 2500 messages per day, I am looking ONLY at the SUBJECT and if there is a monster add like you suggested I would not more able to read the subject in which I am interested in. Note: 99% of my Computer-Time I am on a 80x25 character Terminal and have the need to read/write my Mails from everywhere... Thanks, Greetings and nice Day/Evening Michelle Konzack Systemadministrator 24V Electronic Engineer Tamay Dogan Network Debian GNU/Linux Consultant -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ # Debian GNU/Linux Consultant # Michelle Konzack Apt. 917 ICQ #328449886 +49/177/935194750, rue de Soultz MSN LinuxMichi +33/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com) signature.pgp Description: Digital signature
Monitoring, or reporting systems similar to MailWatch
Hey everyone, I've always been fond of running MailScanner and MailWatch in my SA installs to get statistical data. Are there any other good addons for SA that help in this area? I ask mainly because it seems development on MailWatch has stopped and I would hate to be wihtout some statistical reporting altogether. Thanks! -- Richard Ahlquist Systems Analyst http://www.patentlystupid.com
Re: Identifying headers for users@spamassassin.apache.org
Someday, in the future when we have real computers users would have things the way they prefer. On Mon, Oct 6, 2008 at 7:58 PM, Michelle Konzack linux4michelle at tamay-dogan.net wrote: Am 2008-10-01 08:05:11, schrieb Don Saklad: Of the many many subscriptions this is the only subscription that doesn't have a bracketed list name inserted in the header subject. Programming solutions don't work for users not programmers! I am currently on 117 Mailinglists and only postgresql, php, exim-users and some LUGs have those crap adds... Since it is nearly impossibel to read 2500 messages per day, I am looking ONLY at the SUBJECT and if there is a monster add like you suggested I would not more able to read the subject in which I am interested in. Note: 99% of my Computer-Time I am on a 80x25 character Terminal and have the need to read/write my Mails from everywhere... Thanks, Greetings and nice Day/Evening Michelle Konzack Systemadministrator 24V Electronic Engineer Tamay Dogan Network Debian GNU/Linux Consultant -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ # Debian GNU/Linux Consultant # Michelle Konzack Apt. 917 ICQ #328449886 +49/177/935194750, rue de Soultz MSN LinuxMichi +33/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com)
Re: dnsbl lookups for X-PHP-Script
On Mon, Oct 06, 2008 at 09:39:06PM +0200, Matus UHLAR - fantomas wrote: On Mon, Oct 06, 2008 at 05:31:55PM +0200, Matus UHLAR - fantomas wrote: did anyone try to use DNSBL lookups for header(s) X-PHP-Script? I have patch into PHP that inserts IP address into that header, and looking in dnsbl for spam sources could help me filter out spam posted through HTTP. I could prepare such rules, but if anyone has such, I'd be glad not to reinvent the wheel. On 06.10.08 20:04, Henrik K wrote: Why don't you check the BLs directly from PHP? because it's quite hard to score from PHP script. On 07.10.08 10:08, Henrik K wrote: No. Form spam is pretty easy, you don't need to score thousand rules. I've been looking at it, didn't seem that easy for me. And even FPs are immediately obvious to a user who sees an error. Most spam can be eliminated with captchas or such anyway. like the google one? :) Or like this one? http://ars.userfriendly.org/cartoons/?id=20081005 -- Matus UHLAR - fantomas, [EMAIL PROTECTED] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. A day without sunshine is like, night.
DNS_FROM_SECURITYSAGE broken?
I recently noticed that DNS_FROM_SECURITYSAGE was hitting everything. A quick check revealed: # host hp.com.blackhole.securitysage.com. hp.com.blackhole.securitysage.com has address 127.0.0.1 # host blackhole.securitysage.com. blackhole.securitysage.com has address 127.0.0.1 # host securitysage.com. securitysage.com has address 127.0.0.1 So it appears that their DNS is totally broken. they've been seriously hijacked, or they've pulled an ordb.org. Attempts to contact them havn't worked. Anybody know what's going on? -- Dave Funk University of Iowa dbfunk (at) engineering.uiowa.eduCollege of Engineering 319/335-5751 FAX: 319/384-0549 1256 Seamans Center Sys_admin/Postmaster/cell_adminIowa City, IA 52242-1527 #include std_disclaimer.h Better is not better, 'standard' is better. B{
securitysage is dead (Was: DNS_FROM_SECURITYSAGE broken?)
David B Funk wrote: I recently noticed that DNS_FROM_SECURITYSAGE was hitting everything. Zed's dead, baby. Zed's dead. They list the universe so that people stop querying their zones. A quick check revealed: # host hp.com.blackhole.securitysage.com. hp.com.blackhole.securitysage.com has address 127.0.0.1 # host blackhole.securitysage.com. blackhole.securitysage.com has address 127.0.0.1 # host securitysage.com. securitysage.com has address 127.0.0.1 So it appears that their DNS is totally broken. they've been seriously hijacked, or they've pulled an ordb.org. Attempts to contact them havn't worked. Anybody know what's going on?
Re: DNS_FROM_SECURITYSAGE broken?
At 14:22 07-10-2008, David B Funk wrote: I recently noticed that DNS_FROM_SECURITYSAGE was hitting everything. http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5672 Regards, -sm