Re: What can one do abut outlook.com?
On 26/10/20 5:17 am, Marc Roos wrote: make a reality check outside your small bubble! typical low iq response. I was already discussing the validity of these soccerplayer contracts before they had to change the system. Afternoon Marc. Just thought I'd let you know this same person was blocked from CentOS mailing list a while back due to trolling. I'm not sure the chemicals deep in his noggin work as they are supposed to. On the CentOS mailing list, we stopped feeding the troll and I, specifically, made sure that I'd never again see an email from his likes. I wonder if the SpamAssassin admins could just as well stop feeding the troll here as well. By stop I mean block it at the entrance. Not knowing how many sunrises and sunsets the troll has seen, I'd want to hope that it's seen enough to warrant an expedient expiry - but I can only wish. In the meantime, enjoy the comedy that it is.
adding AV scanning to working Postfix/SA system
SOHO system, on virtual machines. Fairly recent versions. Running openSUSE Leap 15.1. Due to some recent malware (obvious stuff) wanted to add AV scanning. I gather "Amavis-new" is the hot ticket these days, I deal with Sophos products and would like to use their linux product to do the scanning. Seems to be precious little on how to do that. Any experiences? - j4computers, llc Stone Ridge, NY 12484 845-687-3734 www.j4computers.com -
Re: Certain rules with zero value
On Wed, 18 Nov 2020 09:44:21 -0500 Dean Carpenter wrote: > > > 0.0 NO_DNS_FOR_FROM DNS: ENVELOPE SENDER HAS NO MX OR A DNS RECORDS > > -0.5 FROM_IS_REPLY_TO From and REPPLY-TO is the same > > 0.0 SPF_NONE SPF: SENDER DOES NOT PUBLISH AN SPF RECORD > Heh, the FROM_IS_REPLY_TO description has a slight typo ... FROM_IS_REPLY_TO is neither a standard rule nor a KAM rule. Also the descriptions for a couple of the rules have been converted to upper case.
Re: Certain rules with zero value
On 18 Nov 2020, at 9:44, Dean Carpenter wrote: Greetings - I'm finalizing my ansible playbook for building up a nice mail system with all the goodies, with spamassassin being very central to it all. I have a test server set up in Azure that I run tests with using swaks (great tool). I push both ham and spam to it, with and without the old system spamassassin markup. The spamassassin on the test box is only trained with my current Inbox (3k) and spam (13k) folders, not yet with Trash (15k non-spam) or older Inbox (5k). I just noticed a few rules that are firing, but have zero value, and they seem like fairly important rules ... For example, this is a spam with no markup, where NO_DNS_FOR_FROM and SPF_NONE have zero. Scores in the rule-per-line report are truncated to a single decimal place. Those rules have trivial non-zero scores to assure that they get checked but they are not in themselves very meaningful. For example, NO_DNS_FOR_FROM should probably never hit in SA, because any well-configured MTA will reject that before the SMTP DATA phase. SPF_NONE is also not a useful rule on its own but it may be of interest for developing meta rules. Both of those are DNS-based so they are more likely to hit when running an old mail corpus rather than live mail. -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Not Currently Available For Hire
Certain rules with zero value
Greetings - I'm finalizing my ansible playbook for building up a nice mail system with all the goodies, with spamassassin being very central to it all. I have a test server set up in Azure that I run tests with using swaks (great tool). I push both ham and spam to it, with and without the old system spamassassin markup. The spamassassin on the test box is only trained with my current Inbox (3k) and spam (13k) folders, not yet with Trash (15k non-spam) or older Inbox (5k). I just noticed a few rules that are firing, but have zero value, and they seem like fairly important rules ... For example, this is a spam with no markup, where NO_DNS_FOR_FROM and SPF_NONE have zero. > == == > pts rule name description > -- -- > 2.5 BAYES_50 BODY: Bayes spam probability is 40 to 60% > [score: 0.4998] > 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level > mail domains are different > 3.3 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS > [46.2.54.2 listed in zen.spamhaus.org] > 3.3 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL > 0.4 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL > 0.0 NO_DNS_FOR_FROM DNS: ENVELOPE SENDER HAS NO MX OR A DNS RECORDS > -0.5 FROM_IS_REPLY_TO From and REPPLY-TO is the same > 0.0 SPF_NONE SPF: SENDER DOES NOT PUBLISH AN SPF RECORD > 0.0 HTML_MESSAGE BODY: HTML included in message > 1.0 KAM_LAZY_DOMAIN_SECURITY Sending domain does not have any > anti-forgery methods > 0.0 KAM_DMARC_STATUS Test Rule for DKIM or SPF Failure with Strict > Alignment I tested against the old tired system, and the same two rules fire, also with zero value. Is this something I should be setting a value for myself ? I'm not sure what values to put, but it feels like if someone doesn't bother to set up SPF, or their sending domain has no MX/A records then they don't deserve to be sending ... What is the KAM_DMARC_STATUS rule for ? Also zero. Heh, the FROM_IS_REPLY_TO description has a slight typo ... -- Dean Carpenter deano is at areyes dot com