Re: Expanding shortened URLs (was Re: The "goo.gl" shortner is OUT OF CONTROL (+ invaluement's response))
On 2018-02-21 16:31, Dianne Skoll wrote: > On Wed, 21 Feb 2018 11:29:00 -0500 > Rob McEwen <r...@invaluement.com> wrote: > >> Nevertheless, it is a shame to have to shift more of the burden onto >> spam filters to do more work (some of which requires MORE latency) - >> in order to partly mitigate Google's failure to prevent/correct the >> abuse. > > Yes, I agree. On the other hand, IMO a spam filter should block messages > that point to a taken-down shortened URL. Although such messages may > not be downright dangerous, they are still annoying and are still spam. > There's no way of avoiding the work. > I think the point here might be that if Google acted promptly on abuse spammers would stop using shorteners. Karol -- Karol Augustin ka...@augustin.pl http://karolaugustin.pl/ +353 85 775 5312
Re: Report AmazonSES spam?
On 2018-02-21 12:38, @lbutlr wrote: > On 2018-02-21 (05:37 MST), Tom Hendrikx <t...@whyscream.net> wrote: >> >> How about: https://aws.amazon.com/forms/report-abuse > > > Isn't amazon SES separate from amazon AWS? It's not. SES is just a service within Amazon AWS. k. -- Karol Augustin ka...@augustin.pl http://karolaugustin.pl/ +353 85 775 5312
Re: Tone of emails with subject: 'hey'
On 2018-02-05 22:55, Philip wrote:
> So lately I'm getting LOTS of emails coming directly though the filters so
> most likely time to investigate how to create one.
>
> The subject is always 'hey'
>
> Subject: hey
>
> Date: Mon, 29 Jan 2018 09:07:40 +0300
> From: Darya Message-ID: <8f35b00fb4e07d18ce82448ec9747...@112it4u.ro>
> X-Mailer: PHPMailer 5.2.22 (https://github.com/PHPMailer/PHPMailer)
> MIME-Version: 1.0
> Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 8bit
>
> Hi josh, my name is Darya and i'm from Russia, but living in the USA. A week
> ago, maybe more, I came across your profile on Facebook and now I wan to know
> you more. I know it sounds a bit strange, but I believe you had something
> like this in your life too :-) If its mutual, email me, this is my email
> danielamar...@rambler.ru and I will send some of my photos also answer any of
> your questions. Waiting for you, XXX Darya
>
> As far as I can see from the different emails:
>
> X-PHP-Originating-Script: 852:class-phpmailer.php
>
> The number is sequential.
>
> 112it4u.ro from the message ID has valid NS entries but the reverse PTR is
> invalid.
>
> The email always starts, 'hi {mailbox name}, and the text is mostly the same
> but the name changes now and then and so does the email address.
>
> Any suggestions on where to start? nOOb here!
Check out http://msbl.org/ This is e-mail addresses blacklist targeting
this type of scam. I have very high score assigned to it and it works
perfectly.
Karol
--
Karol Augustin
ka...@augustin.pl
http://karolaugustin.pl/
+353 85 775 5312
Re: Penalty for no/bad SPF
On 2018-01-24 21:45, Joseph Brennan wrote: > David Jones <djo...@ena.com> wrote: > >> SA could be the large force that helps improve the mail standards like >> DMARC -- SPF + DKIM with a little extra on top. > > DMARC is not a standard according to RFC 7489, "Status of This Memo". > It's just informational, for those who want to play the game. DMARC is > destroying forwarding and mailing lists, and I'm sorry to see the > elephants in the email room implementing it-- though Gmail still does > not always reject based on DMARC reject, as if they use that plus some > internal system to make the call. > DMARC is not destroying anything if forwarding and mailing lists are configured properly (like this one). The whole point of DKIM/DMARC was to authenticate forwarded e-mail, which is broken by design in SPF. If we could make all mailing lists operators fix the DKIM breaking features like title modification and adding footers we could just reject literally everything that fails DKIM. Then the spoofing problem would be fixed once and for all and SPF would be just a fail-safe in case something went wrong. Gmail implementing DMARC is probably the best anti phishing/spoofing decision made in the last few years. I am sure you would agree if you were administering paypal's or banks mail servers. Karol -- Karol Augustin ka...@augustin.pl http://karolaugustin.pl/ +353 85 775 5312
Re: R: Custom rule based on AWL score
On 20/10/16 17:44, Nicola Piazzi wrote: Why not try my powerful plugin to reduce score of known users ? Is based on people that answer to us and in my case, after 3 week of learning, it HIT 70% of incoming messages that are absolutely ham Looks really interesting. How it behaves in ipv6 environment? Given that it tries to extract C class from IP address. Will it just silently skip the check or crash miserably? k.
Re: TXREP dont work
On 07/10/16 03:51, Rick Cooper wrote: So how do I dump the ~/ disk file for the DB . The txrep.cf file : user_awl_dsn DBI:mysql:SpamAssassin:127.0.0.1 user_awl_sql_username CorrectUser user_awl_sql_password CorrectPassword user_awl_sql_table txrep use_txrep 1 txrep_track_messages 1 You need the line: txrep_factory Mail::SpamAssassin::SQLBasedAddrList It tells SA to use SQL DB factory module. Best, Karol -- Karol Augustin ka...@augustin.pl http://karolaugustin.pl/ +353 85 775 5312
