Re: Attachment policy
On 6/27/22 2:50 PM, Alex wrote: Hi, Hi, I'm looking for input from people on how they handle attachments, and people using email as a file transfer service. My opinion is that you shouldn't rely on using email as a file transfer service until /after/ you've tested that it works. One of our users must have posted to a job site recently, soliciting resumes from people internationally. This resulted in 100+ emails from random people who had never emailed this user before, many of which had no subject and no body, just a PDF attachment. Some had the "Sent by my iPhone" signatures, but that's about it. Virtually all of them were tagged as spam due to bayes. >wince< Any recommendations? There wasn't otherwise anything wrong with the attachments - they were all legitimate resumes from legitimate sources. *nod* Should they be blocked? I don't think so. By your own description, these seem like perfectly legitimate email. Admittedly the content was a little questionably formatted. Should I retrain bayes to not consider these spam? I'm now training bayes with them as ham, but it will take a lot to offset these. Same with emails that only contain images. I don't know what the /technical/ solution to this particular use case is. However these messages /sound/ legitimate to me. Should an email with only an image attachment with no subject and no body but sent from a legitimate source and otherwise not dangerous be considered spam? These don't sound like spam to me. -- Grant. . . . unix || die smime.p7s Description: S/MIME Cryptographic Signature
Re: Attachment policy
Those sound like perfectly legitimate emails so working to classify them as decent emails would be our goal. Was there anything malicious snuck in there? We are using extract text and have been making improvements to it. False positives especially with the beneficiary and financial rules is something to be noted and worked on as well. HTH, KAM On Mon, Jun 27, 2022, 16:50 Alex wrote: > Hi, > I'm looking for input from people on how they handle attachments, and > people using email as a file transfer service. One of our users must have > posted to a job site recently, soliciting resumes from people > internationally. This resulted in 100+ emails from random people who had > never emailed this user before, many of which had no subject and no body, > just a PDF attachment. Some had the "Sent by my iPhone" signatures, but > that's about it. Virtually all of them were tagged as spam due to bayes. > > Any recommendations? There wasn't otherwise anything wrong with the > attachments - they were all legitimate resumes from legitimate sources. > Should they be blocked? Should I retrain bayes to not consider these spam? > I'm now training bayes with them as ham, but it will take a lot to > offset these. Same with emails that only contain images. Should an email > with only an image attachment with no subject and no body but sent from a > legitimate source and otherwise not dangerous be considered spam? > > Many also hit DCC, presumably because of the empty body. Is it possible to > train DCC with one of these to be ignored that would then apply to all > similar messages? I've generated a signature of an empty email before, but > unsure how much variation is allowed before it's no longer considered the > same signature. > > Somewhat related, is the ExtractText plugin useful anymore? I had to > disable it altogether because of the money rules and people emailing their > credit card statements, and even though they talk about money, it's not > malicious. > > >
Attachment policy
Hi, I'm looking for input from people on how they handle attachments, and people using email as a file transfer service. One of our users must have posted to a job site recently, soliciting resumes from people internationally. This resulted in 100+ emails from random people who had never emailed this user before, many of which had no subject and no body, just a PDF attachment. Some had the "Sent by my iPhone" signatures, but that's about it. Virtually all of them were tagged as spam due to bayes. Any recommendations? There wasn't otherwise anything wrong with the attachments - they were all legitimate resumes from legitimate sources. Should they be blocked? Should I retrain bayes to not consider these spam? I'm now training bayes with them as ham, but it will take a lot to offset these. Same with emails that only contain images. Should an email with only an image attachment with no subject and no body but sent from a legitimate source and otherwise not dangerous be considered spam? Many also hit DCC, presumably because of the empty body. Is it possible to train DCC with one of these to be ignored that would then apply to all similar messages? I've generated a signature of an empty email before, but unsure how much variation is allowed before it's no longer considered the same signature. Somewhat related, is the ExtractText plugin useful anymore? I had to disable it altogether because of the money rules and people emailing their credit card statements, and even though they talk about money, it's not malicious.
Re: DKIM fails on v4
Hi, >> At some point after that, and even until yesterday's version, DKIM > stopped > >> working. DMARC still passes with SPF, but there are no longer any > occurrences > >> of DKIM. > > > > I think Giovannis changes don't work when amavisd is passing > $suppl_attrib: > > > > https://svn.apache.org/viewvc?view=revision&revision=1901719 > > > > Sub _check_signature() isn't called at all in that case and things like > tags > > are not set. I'll leave it for Giovanni to fix.. > > > thanks for the hint, I've just committed a fix. > That looks to have fixed it, thanks. Whew. That was very tricky. Great work.
Re: DKIM fails on v4
On 6/26/22 20:26, Henrik K wrote: > On Sun, Jun 26, 2022 at 12:57:32PM -0400, Alex wrote: >> >> >> Amavisd-new works fine here. Maybe $enable_dkim_verification or something >> is different. >> >> >> It's good to know you're using amavisd. It's very dependent upon the SA >> version >> you're using, though. >> >> It appears both DKIM and DMARC worked until the May 29th version from svn >> (1901385). >> >> At some point after that, and even until yesterday's version, DKIM stopped >> working. DMARC still passes with SPF, but there are no longer any occurrences >> of DKIM. > > I think Giovannis changes don't work when amavisd is passing $suppl_attrib: > > https://svn.apache.org/viewvc?view=revision&revision=1901719 > > Sub _check_signature() isn't called at all in that case and things like tags > are not set. I'll leave it for Giovanni to fix.. > thanks for the hint, I've just committed a fix. Giovanni OpenPGP_signature Description: OpenPGP digital signature
[FINAL CALL] - Travel Assistance to ApacheCon New Orleans 2022
To all committers and non-committers. This is a final call to apply for travel/hotel assistance to get to and stay in New Orleans for ApacheCon 2022. Applications have been extended by one week and so the application deadline is now the 8th July 2022. The rest of this email is a copy of what has been sent out previously. We will be supporting ApacheCon North America in New Orleans, Louisiana, on October 3rd through 6th, 2022. TAC exists to help those that would like to attend ApacheCon events, but are unable to do so for financial reasons. This year, We are supporting both committers and non-committers involved with projects at the Apache Software Foundation, or open source projects in general. For more info on this year's applications and qualifying criteria, please visit the TAC website at http://www.apache.org/travel/ Applications have been extended until the 8th of July 2022. Important: Applicants have until the closing date above to submit their applications (which should contain as much supporting material as required to efficiently and accurately process their request), this will enable TAC to announce successful awards shortly afterwards. As usual, TAC expects to deal with a range of applications from a diverse range of backgrounds. We therefore encourage (as always) anyone thinking about sending in an application to do so ASAP. Why should you attend as a TAC recipient? We encourage you to read stories from past recipients at https://apache.org/travel/stories/ . Also note that previous TAC recipients have gone on to become Committers, PMC Members, ASF Members, Directors of the ASF Board and Infrastructure Staff members. Others have gone from Committer to full time Open Source Developers! How far can you go! - Let TAC help get you there. === Gavin McDonald on behalf of the Travel Assistance Committee.
