Re: senderbase rating - how to appeal?
On 4 Sep 2008, at 15:49, Michael Scheidell wrote: Does anyone know how you can appeal or query a senderbase rating? I think senderbase is automatic.. You start spamming, you get on the list. You stop spamming, (eventually) you get off the list. You must be new to the 'net', so you get one free clue: You must be new to the net as well or maybe you think you're clever? Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.com/ http://blog.blacknight.com/ Intl. +353 (0) 59 9183072 US: 213-233-1612 UK: 0844 484 9361 Locall: 1850 929 929 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 --- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
Re: senderbase rating - how to appeal?
Joseph Thanks :) Our main issue wasn't with the listing but with the total lack of appeals procedure or delisting, as several large corporates seem to trust Senderbase and block based on its score Thanks again Michele Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.com/ http://blog.blacknight.com/ Intl. +353 (0) 59 9183072 US: 213-233-1612 UK: 0844 484 9361 Locall: 1850 929 929 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 --- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
senderbase rating - how to appeal?
Does anyone know how you can appeal or query a senderbase rating? Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.com/ http://blog.blacknight.com/ Intl. +353 (0) 59 9183072 US: 213-233-1612 UK: 0844 484 9361 Locall: 1850 929 929 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 --- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
Re: Detecting the Registrar of the sending host?
On 7 Jul 2008, at 14:40, Richard Frovarp wrote: Fortune 500's suffer from botnet infections as well. Exactly Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.com/ http://blog.blacknight.com/ Intl. +353 (0) 59 9183072 US: 213-233-1612 UK: 0844 484 9361 Locall: 1850 929 929 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 --- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
Re: Detecting the Registrar of the sending host?
On 2 Jul 2008, at 17:30, Yet Another Ninja wrote: Even EUrid is happily supporting pillz spammers on .eu Eurid is a registry NOT a registrar Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.com/ http://blog.blacknight.com/ Intl. +353 (0) 59 9183072 US: 213-233-1612 UK: 0844 484 9361 Locall: 1850 929 929 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 --- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
RE: Spam abuse report plugin
As long as you whitelist MailScanner.info I am sick to my teeth of receiving abuse reports about a domain that never sends email and is used to block spam /me wanders off to rant elsewhere -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.com/ http://blog.blacknight.com/ Intl. +353 (0) 59 9183072 Locall: 1850 929 929 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 --- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
RE: Spam abuse report plugin
Jari A LOT of clueless mail server admins send us reports about mailscanner.info We have a standard reply telling them to get a $clue, but I'd prefer that my staff's time was spent dealing with proper issues :) -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.com/ http://blog.blacknight.com/ Intl. +353 (0) 59 9183072 Locall: 1850 929 929 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 --- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
Re: Score all emails and delete some of them
Chris wrote: Does anyone know if there's a way to score *all* emails at the server with scores from 0-100, then delete all emails at the server with scores of over 10 and deliver the rest with the scores in the subject title please ? Any help much appreciated. Chris. MailScanner can do that (http://www.mailscanner.info) -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.com/ http://blog.blacknight.com/ Tel. 1850 929 929 Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 --- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
RE: OT: The Funny Side of Spam
UxBoD wrote: Well done Michele :) That is pure class. :) Some of the comments on my blog are hilarious ... Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.eu/ http://blog.blacknight.eu/ Intl. +353 (0) 59 9183072 Locall: 1850 929 929 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 --- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
OT: The Funny Side of Spam
http://digg.com/tech_news/The_Black_Knight_and_the_Monster Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.eu/ http://blog.blacknight.eu/ Intl. +353 (0) 59 9183072 Locall: 1850 929 929 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 --- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
Re: URIWhois plugin
Jeff Chan wrote: In principle, this is a good concept; using domain whois data to spot bad domains can be useful. In practice, it's a really, really, really bad idea since the public whois infrastructure is not designed for this kind of high volume use. If many people did it, it would result in an effective DDOS against whois service, even with caching and delays. Please don't do it. It's much better to let URI blacklist operators such as SURBL handle these domains in a centralized way and publish the domain data via our four dozen DNS servers, etc. Jeff C. The other thing is that a LOT of registrars and registries rate limit whois lookups, so it won't work after you've done X lookups in a 24 hour period -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 929 929 Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 --- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
Re: R: R: URIWhois-0.02
Giampaolo Tomassoni wrote: This means nothing: what is a high volume? Also, you normally use the whois command. Isn't it an automated, electronic process? They are to say: If we like to ban you, don't scream!. These terms comes from early internet ages, when spammers were used to scavenge their data from whois records too. They were meant to scare people abusing this service. Today, most domain registrars don't even public e-mail addresses anymore... That refers to pretty much all TLDs and ccTLDs If you want to go slamming registry and registrar whois servers in an automated fashion you will get blacklisted by them all and blocked Registrars don't use whois to check availability anyway ... -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.eu/ http://blog.blacknight.eu/ Tel. 1850 929 929 Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 --- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
Re: R: R: R: URIWhois-0.02
Giampaolo Tomassoni wrote: -Messaggio originale- Da: Michele Neylon :: Blacknight [mailto:[EMAIL PROTECTED] That refers to pretty much all TLDs and ccTLDs If you want to go slamming registry and registrar whois servers in an automated fashion you will get blacklisted by them all and blocked I don't want to slam anybody. I want just to get some information there is actually no other way to obtain. Registrars don't use whois to check availability anyway ... I'm not checking domain availability. Maybe not, but you're displaying a lack of knowledge on whois data... .es - no whois server .pl - no whois server .eu - no registrant data available over whois. rate limited .ie - some data available. rate limited I could go on ... Unless you are processing tiny amounts of mail you will get blocked and even if you don't you won't be able to retrieve much useful information in the first place -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.eu/ http://blog.blacknight.eu/ Tel. 1850 929 929 Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 --- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
Re: Any mailbox-challenge plugin?
Giampaolo Tomassoni wrote: Hi everybody, anyone knows of a SA plugin to score mails based on challenging the sender e-mail? I don't mean C/R, but instead just attempt an SMTP session in order to see if the source mailbox is known to the sending domain's MX. If it isn't, the plugin applies a score to the e-mail. I know I could do something like this in my postfix, but this way I would totally reject e-mails carrying a wrong From: header. Since some people seem to be a bit dyslectic in writing its own e-mail address, I would prefer not to reject unless there are some other reasons too (i.e.: the mail hits some other SA rules). Thanks, Giampaolo Giampaolo There are a number of milters that can help with this, such as milter-ahead and milter-sender Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 929 929 Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 --- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
Re: OT: Motivating good behavior from negligent ISP's
Philip Prindeville wrote: We're seeing a lot of unwanted attempts to relay traffic through our site by Orange.fr, and we've reported this to their Abuse contact as well as their upstream provider (rain.fr): Jul 11 11:30:37 mail mimedefang.pl[31610]: relay: bad tld orange.fr Jul 11 11:30:37 mail mimedefang.pl[31610]: filter_relay rejected host 194.250.131.236 (smtp-wifi.orange.fr) Jul 11 11:30:37 mail sendmail[32044]: l6BHUb3j032044: Milter: connect: host=smtp-wifi.orange.fr, addr=194.250.131.236, rejecting commands No joy. How long ago did you report it? -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 927 280 Intl. +353 (0) 59 9183072 UK: 0870 163 0607 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 --- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
Re: OT: Motivating good behavior from negligent ISP's
Philip Prindeville wrote: No joy. How long ago did you report it? Which time? It happens regularly, and it's been going on over a month. Ok. That changes things, but you didn't say anything in your post about it going on for a month -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 927 280 Intl. +353 (0) 59 9183072 UK: 0870 163 0607 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 --- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
Re: Botnet over aggressive?
My take on botnet scoring, like that of any custom rule is that I can change the scoring to suit my requirements. Considering the kind of users we deal with adding in the default scores would have caused a lot of headaches, so I actually tested it with scores of 0 on all to see how many hits they were getting. This is one of the reasons why using SA is so cool - you can customise it to suit your needs! Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 927 280 Intl. +353 (0) 59 9183072 UK: 0870 163 0607 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 --- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
Re: RDJ AUTOBAN
Ed Kasky wrote: Good morning: I currently have a cron set to run RDJ once a week but am getting AUTOBAN messages since the DOS on rulesemporium. Anyone know how I can fix this? [5633] warn: config: failed to parse line, skipping, in /etc/mail/spamassassin/70_sare_evilnum1.cf: AUTOBAN: Over 500 *.cf requests in 48 hours period - Check your CRON Thanks in advance! Ed It sounds like your script / cron is retrying instead of failing gracefully. We're using the FSL.com RDJ update script on all our servers and I haven't seen ANY errors like this, as it only makes one attempt every 24 hours. Michele -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 927 280 Intl. +353 (0) 59 9183072 UK: 0870 163 0607 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 --- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
Re: How Do I Enable RBLs
John Rudd wrote: LuKreme wrote: On 10-Jun-2007, at 16:54, Peter Pluta wrote: reject_rbl_client zen.spamhaus.org reject_rbl_client list.dsbl.org, reject_rbl_client bl.spamcop.net, reject_rbl_client sbl-xbl.spamhaus.org Er, no. zen OR sbl-xbl. I've found spamcop to hit far too much ham for my tastes, and I never found that dsbl was hitting anything (or at least nothing that sbl-xbl (now zen) didn't already catch). I do zen and dsbl, and dsbl catches about 1 for every 20 that zen does. I do both _just_in_case_ there isn't perfect overlap. I agree entirely about spamcop. Some people use it for spam marking, which I am also leery about ... but it seems to me to be absolutely insane to use spamcop for an actual block list. It's fine for scoring against, but blocking is insanity! -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 929 929 Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763
Re: How Do I Enable RBLs
Martin Strand wrote: It's fine for scoring against, but blocking is insanity! I tested SpamCop for our info@ address at work (about 200 messages a day) and didn't get a single FP for six months. I use it for blocking on our mailserver now (about 2000 accounts) and haven't received any complaints so far. :) This guy's stats seem to confirm my observations: http://stats.dnsbl.com/ Considering that SpamCop has listed Gmail and a LOT of major ISPs over the last 18 months I'd find the lack of FPs to be a matter of luck Scoring with it is one thing, but if you are handling mail for several thousand users over several thousand domains, then blocking based on it will cause you severe headaches. Please bear in mind that I'm looking at this from an ISP perspective not as an individual user Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 929 929 Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763
Re: How To Kill Spam Dead?
Dennis Kavadas wrote: most, if not all spam have spoofed addresses headers that do not resolve to a valid account on any host Tell that to the thousands of our clients who have to deal with the bouncebacks and other junk -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 927 280 Intl. +353 (0) 59 9183072 UK: 0870 163 0607 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763
Re: How To Kill Spam Dead?
Eric Lemings wrote: How do I use SpamAssassin (along with any other necessary mail software) to kill spam dead? I mean so that it doesn't even reach my mail spool directory. I've looked in FAQ after FAQ, site after site, book after book, and the closest thing to an answer that I've found is the chapter in O'Reilly's SpamAssassin book where it says you can use the SpamAssassin score to allow MIMEDefang (or other Milter) to bounce spam during the SMTP transaction but doesn't specify how. Any pointers, links, or info greatly appreciated. BTW I use Sendmail as my MTA. Thanks, Eric. You could use procmail rules I guess, though a simpler method would be to use something like MailScanner (http://www.mailscanner.info) -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 927 280 Intl. +353 (0) 59 9183072 UK: 0870 163 0607 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763
Re: Auto Reporting of Spam to Freemail Vendors
The problem with automated reporting is that we get loads of spurious abuse reports from idiots who report mails with a link to mailscanner.info in the footer (ie. the default install) So, unless you build some kind of sanity into it you just annoy people like us -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 927 280 Intl. +353 (0) 59 9183072 UK: 0870 163 0607 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763
RE: Spamassassin: Best Practices
Pradeep Mishra wrote: Hello Friends I am a newbie on spamassassin and would like to know.. 1) How can we train the spamassassin using bayesian to FILTER ALL OUTGOING AS WELL AS INCOMING messages from my server. 2) Some really Best Practices for implementing and running Spamassassin. That's a how long is a piece of string type of question... You'd probably be better off studying the mail list archives Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 927 280 Intl. +353 (0) 59 9183072 UK: 0870 163 0607 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 --- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
Re: Question about Spam Assassin and Google Analytics
Dean Shaw wrote: We recently installed Google Analytics on our site and would like to incorporate the tracking on our HTML-based email campaigns. On our first attempt Spam Assassin flagged our email as ‘porn’. The only different factor was the inclusion of GA code in the HTML of the email. Has anyone encountered this issue? Regardless of that issue, you do realise that putting Javascript into emails is _wrong_ ? Though I guess that actually answers your query You can't put Javascript into HTML emails without facing the consequences -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 927 280 Intl. +353 (0) 59 9183072 UK: 0870 163 0607 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763
Re: New server - which rulesets?
Paul Hutchings wrote: What's the current thinking on the best rulesets to use to catch the most spam whilst generating fewest false positives? How long is a piece of string? Without knowing what kind of users you have and what kind of thresholds you've set it's an impossible question to answer -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 927 280 Intl. +353 (0) 59 9183072 UK: 0870 163 0607 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763
Re: domain has been refused (why?)
Peter wrote: I have a client who complains that one of their own clients cannot send mail to them. The sender has performed a simple SMTP transmission and receives the following error: SMTP Error 4570: Illegal response to the sender(550): 550 5.7.1 H:MXBSMTP client IPConnection refused to due abuse I realize this is a generic MTA question but I figured some may want to comment since it may be a spam abuse issue. I have gone to dnsstuff.com and checked the sender IP and all is well. PM It sounds like someone has setup a rule at the MTA level to block that IP or netblock. If it's a private DNSBL it won't appear in most of your public checks -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 927 280 Intl. +353 (0) 59 9183072 UK: 0870 163 0607 Fax. +353 (0) 59 9164239
Re: MTA for Windows
Kenneth Porter wrote: I'm looking for an MTA I can install in an all-Windows SOHO. Open source and free preferable. Ideally with hooks for SpamAssassin. (At home I have a Linux box with sendmail, but a friend has no Linux on his LAN.) MailEnable (http://www.mailenable.com) You can hook it into SA and AV They've a variety of versions available -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 927 280 Intl. +353 (0) 59 9183072 UK: 0870 163 0607 Fax. +353 (0) 59 9164239
Re: DKIM / DomainKeys
Alexis Manning wrote: I enabled the DK/DKIM plugins in my SA 3.1.7 setup and I see that the default scores for their tests are negligible, presumably because they're still a bit experimental. Is anyone using these and can suggest appropriate scores for these plugins, or are these really just too unripe for serious use at the moment? Cheers, -- A. Why don't you keep an eye on the activity for those scores and then decide? -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 927 280 Intl. +353 (0) 59 9183072 UK: 0870 163 0607 Fax. +353 (0) 59 9164239
Re: Does exist a public database of spam content?
How much spam do you want? /me stares at the millions of emails in his quarantines -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 927 280 Intl. +353 (0) 59 9183072 UK: 0870 163 0607 Fax. +353 (0) 59 9164239
Re: Where is stored information to delete from server or deliver?
z3r0 wrote: SA allows to delete spam from server or deliver it tagged as spam. What is the order that makes SA do so and where is that stored. Cpanel has a link saying: To simply have the server DELETE and NOT deliver emails that are tagged as spam by SpamAssassin, click here now. where here points to http://yourdomain:2082/frontend/x/mail/addspamfilter.html After you pressed that once, it ads also this: If you have enabled this option and want to cancel it, click here. where here points to http://yourdomain:2082/frontend/x/mail/blocks.html Where is that information stored? That sounds like a cpanel plugin / extension. It's not SA -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 927 280 Intl. +353 (0) 59 9183072 UK: 0870 163 0607 Fax. +353 (0) 59 9164239
Re: Web user interface
Johnson, S wrote: Has anyone written a web interface for end users in which they could go through quarantined spam and release/whitelist on their own? There is mailwatch for MailScanner -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 927 280 Intl. +353 (0) 59 9183072 UK: 0870 163 0607 Fax. +353 (0) 59 9164239
Re: Any rules to catch EXE's?
Matt Kettler wrote: Robert Nicholson wrote: At this time I'm forwarding mail that SA considers spam to my gmail account. The following bounces with SMTP error from remote mail server after end of data: host gmail-smtp-in.l.google.com [64.233.185.27]: 552 5.7.0 Illegal Attachment g5si5192165wra error None of the rules indicate that it had any exe or zip attachment Why would they? SA is a spam filter, not a virus filter. You could try MailScanner (http://www.mailscanner.info) -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 927 280 Intl. +353 (0) 59 9183072 UK: 0870 163 0607 Fax. +353 (0) 59 9164239
Re: How to send spam ?
Jarek wrote: Hello! I've a problem with specific stock offers. I tried to send sample to the list, but it looks, that post was filtered out. How to do it ? Use pastebin ? -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 927 280 Intl. +353 (0) 59 9183072 UK: 0870 163 0607 Fax. +353 (0) 59 9164239
RE: Filtering THIS list (Re: Breaking up the Bot army - we need a plan)
Maybe they're better suited to one of the other lists such as spam-l? Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 927 280 Intl. +353 (0) 59 9183072 UK: 0870 163 0607 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 59 9164239
RE: SPF is hopelessly broken and must die!
Marc While you may be entitled to your opinion some people may read this list's archives and think that your _opinion_ were actually fact. Your statement is obviously based on a complete misunderstanding of SPF - what it's even got to do with the SA users list is another matter ... Regards Michele Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 927 280 Intl. +353 (0) 59 9183072 UK: 0870 163 0607 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 59 9164239
Re: Good source for IP addresses by country
You could simply use Geoip scoring using this lot: http://countries.nerd.dk/ It's pretty effective.. http://www.mneylon.com/blog/archives/2005/01/15/geo-specific-scoring/ Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 927 280 Intl. +353 (0) 59 9183072 UK: 0870 163 0607 Fax. +353 (0) 59 9164239
Re: Greylisting
Vahric MUHTARYAN wrote: Hello, Do you come across with any problem from your clients for mails are not arriving at right time ? Because I afraid of people mta's all of them are configured with different retry times . We whitelist the main ISPs SMTPs to avoid this issue -- Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ http://blog.blacknight.ie/ Tel. 1850 927 280 Intl. +353 (0) 59 9183072 UK: 0870 163 0607 Fax. +353 (0) 59 9164239
OT: Setting Up DNSBL using RBLDNSD
Has anyone any tips on doing this? I do not want to mirror existing data (I already am :) ) I want to setup my own DNSBL to catch the junk that the other DNSBLS miss.. The only tutorials / guides I've found either refer explicitly to Bind or make reference to rbldns-conf, which doesn't appear to exist on Ubuntu Any tips, thoughts or even flames are welcome TIA Michele Mr Michele Neylon Blacknight Solutions http://www.blacknight.ie/ http://blog.blacknight.ie/ Intl. +353 (0) 59 9183072 UK: 0870 163 0607
OT: Misuse of spamcop
Some intelligent individual decided to report two emails that were sent to this list including my signature and URI to our company website. The email was obviously not spam and reporting it as such to spamcop is extremely irresponsible. If you have an issue with my email signature feel free to whine at me offlist or elsewhere, but reporting it as spam is serious BS Michele
RE: Using SpamAssassin to fight comment spam?
Ole Kasper Olsen mailto:[EMAIL PROTECTED] said on 11 January 2006 13:36: Hi, I am a developer on a fairly large community site (30-50,000 active users) with blogs, photo albums and forums. I spent yesterday tinkering with a spam prevension system which runs each new comment to a blog post or image in a photo album through SpamAssassin. I take the provided comment, and assemble a RFC822-compliant message based on the users IP address and sender and reciever's registered email addresses, and then run it through Mail::SpamAssassin (the Perl module) with default settings. This seems to work. At least it intercepts the test-message provided in the SpamAssassin documentation. This system requires me to have a utility where people can mark spam as ham in the case of SpamAssassin wrongly identifying a valid comment as spam. I was planning of having this utility teach the Bayesian filter on a community-wide basis, i.e. for all users. Therefore, people cannot mark their own messages as ham. This to guard against spammers teaching the filter wrongly. - Is learning a good idea at all in this setting? - If so, what are the advantages and more importantly disadvantages of having community-wide learning? - Should I use autolearning? - Is there anything else I should be aware of when implementing SpamAssassin in this setting? - Settings - Thresholds - c? After testing this a bit on comments, I hope to expand to blog posts and forum posts as well, so that moderators gets a heads-up when people post spam. Ole Have you had a look at some of the existing plugins for Wordpress? Michele Mr Michele Neylon Blacknight Solutions Hosting Colocation, Brand Protection http://www.blacknight.ie/ Tel. 1850 927 280 Intl. +353 (0) 59 9183072 UK: 0870 163 0607 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 59 9164239
RE: submit to spamcop
Jean-Paul Natola mailto:[EMAIL PROTECTED] said on 06 December 2005 14:36: How does one, if possible, submit a domain/IP address to spamcop? Spamcop lists Ips - SURBL lists URIs You can sign up for a reporting account at spamcop.net HTH Michele Mr Michele Neylon Blacknight Solutions Quality Business Hosting Colocation http://www.blacknight.ie/ Tel. 1850 927 280 Intl. +353 (0) 59 9183072 UK: 0870 163 0607 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 59 9164239
Re: spamassassin --lint ....how long does it take?
Dr Robert Young wrote: I am just becoming familiar with SpamAssassin, so I am sure this may appear to be an obvious issue to those familiar with the tool. I am just learning the ins and outs however. I downloaded many of the SARE rulesets (not bigevil however), and I am running spamassassin -D --lint. It seems like it is taking a very long time to run. Is this typical or am I hosed? I am running it on a test system (non-production) so it is not currently a serious problem, but I want to be sure of what's up before I try anything on production (probably in a few days). What do you mean by a very long time? On our servers it takes a few seconds.
Re: Anyone else getting slammed with eBay PayPal Phising not getting tagged?
Have a look at MailScanner (http://www.mailscanner.info). It has builtin phishing checks
Re: yet another uribl evasion example
Niek wrote: Eer, no. You can keep 0.49. Only if you upgrade netdns to the b0rked 0.50, you'll run into trouble. So either keep netdns @ 0.49 or upgrade to 0.51. Upgrading is not needed for sa 3.0.4 afaik. Niek Baakman 0.51 gives me the same problems :)
RE: SA restarting problems, Address already in use
BCC wrote: Hello happy SpamAssassin users, Every night, I stop Postfix, stop SA, force-expire bayes db, restart SA, restart Postfix. This goes fine most of the time, but sometimes I run into problems. The problems arise around once a week or so : spamc cannot connect to spamd, saying the following in the maillog file : Dec 15 04:25:15 server spamc[18803]: connect(AF_INET) to spamd at 127.0.0.1 failed, retrying (#1 of 3): Connection refused When this happens, manually restarting spamd resolves the problem. Until next time. As there is no apparent reason for spamd to die (or not to restart correctly) in the maillog file, I now start spamd without using '-d', in order to log stderr and stdout messages in a separate file. I am now using the following command to start spamd : /usr/bin/spamd -c -u spam /var/log/test_spamd. `/bin/date +%Y%m%d%H%M`.log 21 The problem occured again, and I catched the following from spamd output What is the output of netstat? Mr Michele Neylon Blacknight Internet Solutions Ltd Hosting, co-location domains http://www.blacknight.ie/ Tel. +353 59 9137101 http://www.blacknight.ie/specialoffers.html
Re: RelayCountry
Bill Landry wrote: Indeed! Better to look at something like http://countries.nerd.dk/more.html for adding weight based on message source country. Here is a sample of how to implement these in SA as RBL tests: How accurate and up to date is that data? -- Email scanned by Blacknight for viruses and dangerous content. Visit http://www.blacknight.ie for more information
Re: Implicit trust of surbl and sbl
Scott Wertz wrote: I think this is an easy question, but I haven't been able to find an answer. If I'm using spamassassin 3, invoking it via procmail as just 'spamassassin' and testing for the result, and I trust that any message carrying a URL that's listed on surbl.org or spamhaus.org is 100% spam, what file(s) would I edit and how? In other words, I've never seen a false positive on either of those BLs, but I'm seeing spam that meets those tests and is still weighted less than 5. I want to change that. Couldn't you just increase the scores to 100? -- Email scanned by Blacknight for viruses and dangerous content. Visit http://www.blacknight.ie for more information
RE: DATE_IN_FUTURE_12_24
Keith Whyte wrote: 2.3 DATE_IN_FUTURE_12_24 Date: is 12 to 24 hours after Received: date Just got a FP on this, the 2.3 for DATE_IN_FUTURE_12_24 pushing the score over the limit. Does anybody know how common future dates are with spam? I don't seem to get that many. A score of 2.3 seems a bit severe just for having your computer clock wrong. thanks I would disagree. On one server here I've got 1948 hits on that since the first of January and none of them could be possibly mistaken for FPs. Mr Michele Neylon Blacknight Internet Solutions Ltd Hosting, co-location domains http://www.blacknight.ie/ Tel. +353 59 9137101 http://www.blacknight.ie/specialoffers.html -- Email scanned by Blacknight for viruses and dangerous content. Visit http://www.blacknight.ie for more information
RE: maintaining the 2.6 branch (was: [2.64] FORGED_MUA_OUTLOOKbuggy)
Although we have upgraded on most of our systems I am not too enthused with the idea of touching our main gateway. It works, so I don't want to break it. Michele Mr Michele Neylon Blacknight Internet Solutions Ltd Hosting, co-location domains http://www.blacknight.ie/ Tel. +353 59 9137101 http://www.blacknight.ie/specialoffers.html -- Email scanned by Blacknight for viruses and dangerous content. Visit http://www.blacknight.ie for more information
Re: Any way to block really bad SPAMs?
Gustafson, Tim wrote: Hello I know that it's generally frowned upon to actually block SPAMs (as opposed to marking them as SPAM and letting the user decide) but my company has some instances where we get things that are blatantly, absolutely, unequivocally SPAM (think scores in excess of 100 points without BAYES or any white/blacklisting) and I wonder if there is a way I can configure SpamAssassin to actually block (as in, return a 550 SMTP error code) SPAMs that exceed some ludicrous SPAM score? Does such an option exist? If not, might it be useful for the community at large? You might consider looking at MailScanner (http://www.mailscanner.info) HTH Michele -- Email scanned by Blacknight for viruses and dangerous content. Visit http://www.blacknight.ie for more information
RE: OT Boincing Spam
If you're not already, consider using the RBL sbl-xbl.spamhaus.org at the MTA level. It's quite safe and rejects a lot of spam before it's even seen by SpamAssassin, etc. I'd have to disagree with you Jeff. A lot of the Irish and UK ISP netblocks end up in there as well, so you run a higher risk of FPs if you are not careful. Mr Michele Neylon Blacknight Internet Solutions Ltd Hosting, co-location domains http://www.blacknight.ie/ Tel. +353 59 9137101 http://www.blacknight.ie/specialoffers.html -- Email scanned by Blacknight for viruses and dangerous content. Visit http://www.blacknight.ie for more information
Re: sa database transferable?
Andy Hester wrote: I have just built a new spam filter with postfix/amavisd/spamassassin to replace our old sendmail/mimedefang/spamassassin spam filter which was buckling under the load. Can I copy the sa databases over to the new filter to help my new filter learn? If not, any ideas on how I can train my new system from the old one. I dont have a large number of spam messages on the old machine and Im concerned about going live with my new server. The last time I checked the old system had processed about 75K messages in one day for a system with approx 50 users. I dont want my users to get bombarded (or my Exchange server to crash and burn) while my new filter learns. If both systems are running the same version of SA then the Bayes versions should be the same and copying across should not be a problem YMMV -- Email scanned by Blacknight for viruses and dangerous content. Visit http://www.blacknight.ie for more information
RE: OT - How often to reboot?
We only reboot: - when we absolutely have to ie. Machine is not behaving properly or has to be physically moved - when there is a kernel upgrade (same as above) If the machine is behaving and you don't need to patch/upgrade the kernel why reboot it? Mr Michele Neylon Blacknight Internet Solutions Ltd Hosting, co-location domains http://www.blacknight.ie/ Tel. +353 59 9137101 http://www.blacknight.ie/specialoffers.html -- Email scanned by Blacknight for viruses and dangerous content. Visit http://www.blacknight.ie for more information
OT: Badly formatted HTML- best practices?
Hi all We deal with a very wide variety of clients and suppliers that use just about every email client possible, however one of our suppliers' help desk sends out very spammy HTML emails. We have whitelisted them, but I was wondering what is the best practice here? Should we inform them that their mails are likely to be caught be email filters or should we let them live on in blissful ignorance? Any input would be appreciated. TIA Michele Mr Michele Neylon Blacknight Internet Solutions Ltd Hosting, co-location domains http://www.blacknight.ie/ Tel. +353 59 9137101 http://www.blacknight.ie/specialoffers.html -- Email scanned by Blacknight for viruses and dangerous content. Visit http://www.blacknight.ie for more information
RE: Rules List
Get rid of bigevil immediately!! It is no longer updated and kills servers
:)
If you are still running the 2.6* series use spamcop uri to add support for
SURBL
Mr Michele Neylon
Blacknight Internet Solutions Ltd
Hosting, co-location domains
http://www.blacknight.ie/
Tel. +353 59 9137101
Proud sponsors of MM04 {http://www.mm04.net}
--
Email scanned by Blacknight for viruses and dangerous content.
Visit http://www.blacknight.ie for more information
RE: Rules List
On Sat, 2004-11-06 at 13:57 -0600, Anton Krall wrote: Im using 3.0.. How do I get a hold of SURBLs ? Im still getting a lot of the vicodin and medicine spam mail :( SURBL is a plugin. Look in your init.pre -- Mr. Michele Neylon Blacknight Solutions Hosting, Co-location Domain Registration http://www.blacknight.ie/ Tel. +353 (0)59 9137101 -- Email scanned by Blacknight for viruses and dangerous content. Visit http://www.blacknight.ie for more information
RE: Announcing SURBL support in SA 2.63 and 3.0 plugins
Raymond Dijkxhoorn wrote:
Hi!
Hello SpamAssassin Users,
I'm pleased to announce a new type of RBL for blocking messages based
on spam domains contained in message bodies called SURBL.
Unlike other RBLs, the Spam URI RBL (SURBL) is not used to block spam
server IP addresses, but instead to block messages based on
Ouch, seems Jeff has problems with his setup. This is really old mail.
Bye,
Raymond.
I was wondering!
Mr Michele Neylon
Blacknight Internet Solutions Ltd
Hosting, co-location domains
http://www.blacknight.ie/
Tel. +353 59 9137101
Proud sponsors of MM04 {http://www.mm04.net}
--
Email scanned by Blacknight for viruses and dangerous content.
Visit http://www.blacknight.ie for more information
RE: Remove BigEvil :)
Martin Hepworth wrote:
Chris
may I suggest you change BE at the top (revision section), so
it gives notice of BE's imminent death on 1 Dec (for example).
Then repeat this every week so people might actually read the
update email from RDJ and do something about it!
On 1 Dec remove all the entries and merely have the comment
stuff at the top saying to use the surbl.org URI RBLs.
Just a thought...
Thinking back to the problems with some of the RBLs going offline last
year and some people's latency in realising that they were gone I'd err in
favour of almost breaking the ruleset so people actually read the error
message...
That's just me though :)
Mr Michele Neylon
Blacknight Internet Solutions Ltd
Hosting, co-location domains
http://www.blacknight.ie/
Tel. +353 59 9137101
Proud sponsors of MM04 {http://www.mm04.net}
--
Email scanned by Blacknight for viruses and dangerous content.
Visit http://www.blacknight.ie for more information
RE: Installation issues
Kevin Morwood wrote: Hello, I am sure this issue has come up before. I have seen mention of it but no resolution. I am trying to build/install SA 3.0.0. I have been using SA since 2.1 or something really old. The most recent I have installed (running currently) is 2.63. I have been installing these via RPMs. Now, I am not able to find RPMs for 3.0.0 for RH9. So, I figured it shouldn't be too hard to just build it. Oh, how wrong can one be! Not being a Perl/CPAN expert I am lost. When I run perl Makefile.PL...the resulting makefile is garbage. I write software for a living and it is easy to see that this makefile won't build anything. But as I said I write software for a living and I don't have real time to debug/fix this. Since I'm sure that someone has seen this before I would like just a nudge in the right direction. I have tried on both my production server and on a clean RH9. I thought maybe I had messed up the Perl environment so I built a new one from scratch. The end result was exactly the same. I will test whatever steps on the clean machine and then apply the same steps to the production server. In the worst case I'll end up with a new machine for handling all of our email (not a bad thing). Thanks in advance and sorry for the long post... Kevin When you say the makefile is garbage, do you mean it simply won't work or what? Mr Michele Neylon Blacknight Internet Solutions Ltd Hosting, co-location domains http://www.blacknight.ie/ Tel. +353 59 9137101 -- Email scanned by Blacknight for viruses and dangerous content. Visit http://www.blacknight.ie for more information
FORGED_MUA_OUTLOOK 2.17 in 20_ratware.cf
Hi I've just noticed this appearing in mails being sent through a number of our servers: FORGED_MUA_OUTLOOK 2.17 This is in 20_ratware.cf I *think* an MS patch may have changed the headers produced by Outlook 2003 recently, as it's hitting all of my mails and that of a large portion of our clients. Can anyone suggest a temporary remedy for this? Regards Michele Mr Michele Neylon Blacknight Internet Solutions Ltd Hosting, co-location domains http://www.blacknight.ie/ Tel. +353 59 9137101 -- Email scanned by Blacknight for viruses and dangerous content. Visit http://www.blacknight.ie for more information
Re: Configuration Problem
On Mon, 2004-10-11 at 18:07 -0400, Theo Van Dinter wrote: On Mon, Oct 11, 2004 at 05:01:44PM -0500, J Thomas Hancock wrote: What is the easiest/best way to accomplish this? Would I need to add a record to each username in the userpref tables something like required_hits_to_delete? Once defined I could then do something like: There is no way to do what you've written in SpamAssassin currently. You'd need to have something outside SpamAssassin check the score and do the appropriate rewriting. (in future SA versions, you could probably do this with a plugin.) If you used MailScanner you could achieve this without any headaches at all :) -- Mr Michele Neylon Blacknight Solutions http://www.blacknight.ie 059 9137101 -- Email scanned by Blacknight for viruses and dangerous content. Visit http://www.blacknight.ie for more information
RE: Spellcheck plugin?
Eugene Morozov wrote: Loren Wilton wrote: I'm wondering, would it be useful to have a plugin that penalizes messages with many spelling mistakes? This might help against all those creative ways of spelling out what the spammer wants to sell. I don't know that anyone has worked on specifically what you are thinking of, which is an interesting idea and worth testing, I think. There are things like Tripwire that look for some outright outlandish spellings, and lots of things that look for obfuscated specific words. Such a plugin was written by someone about a year ago -- check gmane archive of sa-users mailing list. It turned out to be not really reliable method for detecting spam. Eugene Judging by the overall quality of emails that we get from clients, prospective clients, suppliers etc., I would be very wary of penalising anyone due to spelling - we'd all lose business!! M Mr Michele Neylon Blacknight Internet Solutions Ltd Hosting, co-location domains http://www.blacknight.ie/ Tel. +353 59 9137101 -- Email scanned by Blacknight for viruses and dangerous content. Visit http://www.blacknight.ie for more information
RE: dnsbl test not working
ADMIN_miki wrote: this machine is located inside DMZ any ideas why are these problems ? Thank you Miki The obvious question I would ask is are you allowing connections outgoing ? ie. Is your firewall open on the required ports? Mr Michele Neylon Blacknight Internet Solutions Ltd Hosting, co-location domains http://www.blacknight.ie/ Tel. +353 59 9137101 -- Email scanned by Blacknight for viruses and dangerous content. Visit http://www.blacknight.ie for more information
RE: New blacklist with URI
Matt Kettler wrote: Theoretically, it should also match if the hostname changes, as long as the domain+TLD part is the same (ie: foo.blah.com) That said I've heard some mumblings the SA 3.0 implementation of domain stripping is a bit different than the Mail::SpamCopURI version, and the latter matches the SURBL back-end behavior more closely. However, this is really a subject for Jeff Chan. The SURBL data contains domains as far as I can see from looking at our local copies M Mr Michele Neylon Blacknight Internet Solutions Ltd Hosting, co-location domains http://www.blacknight.ie/ Tel. +353 59 9137101 -- Email scanned by Blacknight for viruses and dangerous content. Visit http://www.blacknight.ie for more information
RE: SA 3.0 and Bigevil
Anyone using SA 3 with network tests enabled, Net::DNS installed and URIDNSBL rules active (which they are by default in 3.0.0) should stop using BigEvil. The static domains in BigEvil are now in the SURBL list ws.surbl.org which is enabled by default in SA 3.0.0 along with all other current SURBLs, so all you will really gain by using BigEvil is really big memory usage. WS will do essentially the same thing as BigEvil, but much more efficiently. Stop using BigEvil if you're using SA 3 with network tests. And anybody using SA 2.6* should use spamcop URI :) Michele Mr Michele Neylon Blacknight Internet Solutions Ltd Hosting, co-location domains http://www.blacknight.ie/ Tel. +353 59 9137101 -- Email scanned by Blacknight for viruses and dangerous content. Visit http://www.blacknight.ie for more information
RE: 2 drug emails low scores SA2.63 0.0 SA2.64 0.1
Obantec Support wrote: Hi Just had 2 emails to 2 different servers same email but very low scoring. The subject so far are Subject: Domains, Don't C1ick hereSubject: Mark, Don't C1ick here where first was to [EMAIL PROTECTED] and second was to [EMAIL PROTECTED] I do get other drug emails but the low score on these 2 worry me. Mark Mark Are you using SURBL? Michele Mr Michele Neylon Blacknight Internet Solutions Ltd Hosting, co-location domains http://www.blacknight.ie/ Tel. +353 59 9137101 -- Email scanned by Blacknight for viruses and dangerous content. Visit http://www.blacknight.ie for more information
RE: 2 drug emails low scores SA2.63 0.0 SA2.64 0.1
Obantec Support wrote: Original Message - From: Martin Hepworth [EMAIL PROTECTED] Cc: users@spamassassin.apache.org Sent: Tuesday, September 21, 2004 3:08 PM Subject: Re: 2 drug emails low scores SA2.63 0.0 SA2.64 0.1 Mark What extra rules have you in /etc/mail/spamassin? Any from the rulesemporium.com, specifcally antidrug.cf ??? -- Martin Hepworth Snr Systems Administrator Solid State Logic Tel: +44 (0)1865 842300 snip I thought i was but i am getting /usr/bin/rules_du_jour: line 121: [: too many arguments So no updates it seems :( Mark Run it directly from the command line: ./rules_du_jour If you get a too many arguments error there is something either wrong with your path or you have made a mistake while editing the file M Mr Michele Neylon Blacknight Internet Solutions Ltd Hosting, co-location domains http://www.blacknight.ie/ Tel. +353 59 9137101 -- Email scanned by Blacknight for viruses and dangerous content. Visit http://www.blacknight.ie for more information
Re: Subject line
On Tue, 2004-09-14 at 13:52 -0700, Kenneth Porter wrote: --On Tuesday, September 14, 2004 9:33 PM +0100 Michele Neylon::Blacknight Solutions [EMAIL PROTECTED] wrote: Having a simple prefix in the subject line makes life a lot easier. Precisely *how* does it make life easier? Why is List-Id not sufficient? It's only visible if you examine the header. Something in the subject line is a lot more visual X-Mailer: Evolution 1.5.93 Evo can recognize List-Id in filters. I don't always use evolution and even if I did I would still prefer something in the subject line As I already said, other lists allow people to choose. -- Mr. Michele Neylon Blacknight Solutions Hosting, Co-location Domain Registration http://www.blacknight.ie/ Tel. +353 (0)59 9137101 -- Email scanned by Blacknight for viruses and dangerous content. Visit http://www.blacknight.ie for more information
RE: Subject line
On Tue, 2004-09-14 at 14:14 -0700, Bret Miller wrote: I don't expect the policy will change, so I'll eventually find another visual way to deal with it. And who decides the policy? -- Mr. Michele Neylon Blacknight Solutions Hosting, Co-location Domain Registration http://www.blacknight.ie/ Tel. +353 (0)59 9137101 -- Email scanned by Blacknight for viruses and dangerous content. Visit http://www.blacknight.ie for more information
Re: Subject line
On Tue, 2004-09-14 at 16:28 -0500, Tom Meunier wrote: I vote for per-user settings, and if that's not available I vote for postpending it, and if that's not available I vote for Hey, I hate them and deal with it, so you deal with it when they're NOT there! Choice is always best -- Mr. Michele Neylon Blacknight Solutions Hosting, Co-location Domain Registration http://www.blacknight.ie/ Tel. +353 (0)59 9137101 -- Email scanned by Blacknight for viruses and dangerous content. Visit http://www.blacknight.ie for more information
Re: Subject line
On Tue, 2004-09-14 at 16:28 -0500, Tom Meunier wrote: I vote for per-user settings, and if that's not available I vote for postpending it, and if that's not available I vote for Hey, I hate them and deal with it, so you deal with it when they're NOT there! Choice is always best -- Mr. Michele Neylon Blacknight Solutions Hosting, Co-location Domain Registration http://www.blacknight.ie/ Tel. +353 (0)59 9137101 -- Email scanned by Blacknight for viruses and dangerous content. Visit http://www.blacknight.ie for more information
Re: Spammer using my domain name in FROM field
quote who=Raymond Dijkxhoorn Hi! Spammer apparently is using [EMAIL PROTECTED] in the FROm field of the emails he is sending out. Domain is one of my customers virtual domain, spammer made up the username in the email address. Now I am getting burried by mail notifications returning to sender...obviously wrong person. How do you people deal with this? Is there anything I can do? Email addresses in FROM field as we all know are fake when spammers use them. But if you don't do it if someone misspelled an email address that is legitimate and sent it to user they won't know it didn't make it. Welcome to the real world, this is you wakeup call ;) This is happening all the time, not much you can do about this. A countermeasuer could be using SPF records, so people at least have a way to check if its you or not. Or you could get a digital ID and sign all your outgoing mails :) -- Mr.Michele Neylon Blacknight Solutions Hosting, Co-location Email solutions http://www.blacknight.ie/ Tel. +353 59 9137101 -- Email scanned by Blacknight for viruses and dangerous content. Visit http://www.blacknight.ie for more information
RE: [SURBL-Discuss] Re: Applying SURBL against blog comment spammers
Which blogger are you using? I moved my own blog over to Wordpress a couple of months ago and I haven't had any issues with comment spammers since. Mr Michele Neylon Blacknight Internet Solutions Ltd Hosting, co-location domains http://www.blacknight.ie/ Tel. +353 59 9137101 -- Email scanned by Blacknight for viruses and dangerous content. Visit http://www.blacknight.ie for more information
