Re: New spamassassin OCR plugin
On Sun, 24 May 2009, LuKreme wrote: On 24-May-2009, at 03:10, alex k wrote: You forgot ocrad. Ocrad is needed by facileOCR (see "Dependencies") and as far as I know, there is no ready-to-use binary for Windows. You keep talking about Windows. The world is not bifurcated between windows and Linux, there is Solaris, OS X, FreeBSD, and countless other -nonlinux- unix variants out there. I thought he said it was for Linux? That kinda means if it works on BSD/Slowaris goodo, if not, dont cry, the guy is trying to do something worthwhile and all I see here is a bunch of misfit trolls attacking him for it, ask yourself this, WTF are *YOU* doing to contribute to the community to stop the crap? A few of you need to ask yourselves that! Now, get over it, move on with life, that means fighting the spammers not each other. -- Res -Beware of programmers who carry screwdrivers
RE: Barracuda Blacklist
On Fri, 29 May 2009, Bob O'Brien wrote: Barracuda Reputation does not arbitrarily list hosts. Messages have passed through each host with characteristics indicative of spam. Those listings would only have been cleared because someone contacted the BRBL team and requested their clearance - explicitly volunteering /some/ measure of responsibility for those hosts going forward. _Accepting_ your possibly-inflated numbers, the 409 IPs otherwise met the criteria for clearing, so they were cleared. Apparently 22 IPs did not, and those were not cleared. Can you supply me on or offlist, a URL to a policy that states why you will block users querying your BRBL, this occurred some weeks ago to my own personal system, which does a few K messages a day for myself, family, friends and some of their friends, but yet not my employers which does a darn sight more than that. -- Res -Beware of programmers who carry screwdrivers
Re: whitelists (was Re: Barracuda Blacklist)
On Fri, 29 May 2009, ANTICOM-STINGER wrote: The Barracuda white list is an 'exclusive' club and I suspect money has This applies to any whitelists, and I never use them, I think, I and my staff are the *only* ones in a position to decide who to whitelist, and I think most ISP/ASP's are of the same opinion For the ordinary 'mongs' there is email.reg which is a 'pay to spam' service :-) Tongue in cheek or not, it's essentially true! -- Res -Beware of programmers who carry screwdrivers
Re: BOTNET timeouts?
On Thu, 11 Jun 2009, Kevin Parris wrote: Well I suppose you could always take the product that you dislike so badly back to the store and ask for a refund of your purchase price. Sometimes it really amazes me how much, and how severely, some people will gripe about free products that exist only because other people volunteer their time to a project. Exactly! Well said. I'm sure John might be happier to stay awake later and work on it for a hour or so each night as a 'priority' *IF* Bill was willing to pay John for his time, but I suspect not somehow, as it is far easier to come on a mailing list and have a temper tantrum like an 5yo kid. -- Res -Beware of programmers who carry screwdrivers
Re: BOTNET timeouts?
On Thu, 11 Jun 2009, Bill Landry wrote: I'm sure John might be happier to stay awake later and work on it for a hour or so each night as a 'priority' *IF* Bill was willing to pay John for his time, but I suspect not somehow, as it is far easier to come on a mailing list and have a temper tantrum like an 5yo kid. Maybe your opinion would carry some weight if you had even a little bit of a clue about what you are talking about. How long have you been on this list? How much effort have you put into debugging this plugin issue? A lot longer than you might think, I don't say much here, I've used this list for years to mostly "get ideas" on rulesets when new spam arrives (why reinvent the wheel) to whih bTW I've envr seen anything contributing from yourself. Were you even remotely involed in the process of coming up with a patch for the issue? Do you even use the botnet plugin yourself and experienced No because I seem to have reliable DNS and have never exhibited the issue. past 2 years? How many open source projects do you support directly yourself? Are you actually giving anything back to the community that you Next time get a clue before you willy nilly jump in on a thread and start flapping about something you really know nothing about! Got more a clue then you it seems, but I have the same problems with the projects I am involved with, tantrum wanking lamers like yourself demanding we give up our lives and work JUST to satisfy something you want, it will never happen turdbreath, get used to it, if you dont like it, dont use it, nobody is holding a gun to your pathetic mutated little head making you use it. Now fuck off and go elsewhere where someone might actually want to listen to your "I'm mightier than you" rants, you sad sad sad pathetic excuse of man. -- Res -Beware of programmers who carry screwdrivers
Re: BOTNET timeouts?
On Sat, 13 Jun 2009, Bill Landry wrote: Res wrote: No because I seem to have reliable DNS and have never exhibited the issue. Oh, and if in fact you "really" had a clue, you would know that "DNS reliability" has absolutely nothing to do with this issue... ;-) funny, given most people dont have the trouber you do, ya cry baby -- Res -Beware of programmers who carry screwdrivers
Re: BOTNET timeouts?
On Sat, 13 Jun 2009, Bill Landry wrote: I just love these kinds of responses (talk about 5yo tantrums), as they only server to prove my point about your credibility and the value of your opinions. Thank you! :-) truth hurts dont it landry, just like i tell those who "demand" extra capability from my projects, if you want it *right now* pay me for it and you'll get immediate attention, else tolerate what I've provided or fuck off and use something else, I lose no sleep either way, my life comes before no-life whinging fucking cry baby lamers like you. > Bill Res wrote: On Thu, 11 Jun 2009, Bill Landry wrote: I'm sure John might be happier to stay awake later and work on it for a hour or so each night as a 'priority' *IF* Bill was willing to pay John for his time, but I suspect not somehow, as it is far easier to come on a mailing list and have a temper tantrum like an 5yo kid. Maybe your opinion would carry some weight if you had even a little bit of a clue about what you are talking about. How long have you been on this list? How much effort have you put into debugging this plugin issue? A lot longer than you might think, I don't say much here, I've used this list for years to mostly "get ideas" on rulesets when new spam arrives (why reinvent the wheel) to whih bTW I've envr seen anything contributing from yourself. Were you even remotely involed in the process of coming up with a patch for the issue? Do you even use the botnet plugin yourself and experienced No because I seem to have reliable DNS and have never exhibited the issue. past 2 years? How many open source projects do you support directly yourself? Are you actually giving anything back to the community that you Next time get a clue before you willy nilly jump in on a thread and start flapping about something you really know nothing about! Got more a clue then you it seems, but I have the same problems with the projects I am involved with, tantrum wanking lamers like yourself demanding we give up our lives and work JUST to satisfy something you want, it will never happen turdbreath, get used to it, if you dont like it, dont use it, nobody is holding a gun to your pathetic mutated little head making you use it. Now fuck off and go elsewhere where someone might actually want to listen to your "I'm mightier than you" rants, you sad sad sad pathetic excuse of man. -- Res -Beware of programmers who carry screwdrivers
Re: [sa] Re: BOTNET timeouts?
On Sat, 13 Jun 2009, Charles Gregory wrote: I'm always amused by the hyporcrisy of people who spend paragraphs of text explaining that the person they are addressing is 'not worth their time'. It's the weekend and I was bored :) Though now its Sunday, I have socialising to do, and none of that includes sitting on mailing lists listening to cry babies who expect people involved in OSSP's to drop everything and be their servants. TTFN -- Res -Beware of programmers who carry screwdrivers
Re: BOTNET timeouts?
Truth still hurts hey, one day you might smell the coffee :) On Sat, 13 Jun, Bill Landry as usual sooked nothing worth reading: -- Res -Beware of programmers who carry screwdrivers
Re: [sa] Re: BOTNET timeouts?
On Sat, 13 Jun 2009, John Hardin wrote: On Sun, 14 Jun 2009, Res wrote: It's the weekend and I was bored :) This list does not exist to provide you amusement. Last time I looked, Justin ran this list, not you. -- Res -Beware of programmers who carry screwdrivers
Re: [sa] Re: BOTNET timeouts?
On Sat, 13 Jun 2009, Charles Gregory wrote: On Sun, 14 Jun 2009, Res wrote: Though now its Sunday, I have socialising to do, and none of that includes sitting on mailing lists listening to cry babies who expect people involved in OSSP's to drop everything and be their servants. So we'll just all pretend you didn't send this message. .and the one after it. :) That's perfectly acceptable, if you need help with setting me in a killfile, I'll be more than happy to assist :) -- Res -Beware of programmers who carry screwdrivers
Re: [sa] Re: BOTNET timeouts?
On Sun, 14 Jun 2009, Charles Gregory wrote: A killfile. That would be the place to put "cry babies" wouldn't it? Good idea. Glad you thought of it. Go do it. Add me while you're at it. Sorry dont use em, I save sooks like you for rainy weekends so i can have more fun when I'm bored. -- Res -Beware of programmers who carry screwdrivers
Re: [sa] Re: BOTNET timeouts?
On Sun, 14 Jun 2009, Bill Landry wrote: Maybe you could add your email address to your outbound mail server's killfile. I know that would deprive the world of your comic relief, but What, and not have the delight of showing you for the sook and demanding whiner that you are? not a chance :) -- Res -Beware of programmers who carry screwdrivers
Re: [sa] Re: BOTNET timeouts?
On Sun, 14 Jun 2009, John Hardin wrote: Last time I looked, Justin ran this list, not you. you, and if Justin has a problem with it _he_ can take care of it. Exactly. A word of advice, though: your rants would be a great deal more impressive Errr, I'm not here to impress anyone and might actually generate some respect for your opinions if they displayed I only care that my friends respect me (as I respect them), none of my friends on this list, I'm not here to make friends, I hav enough already. -- Res -Beware of programmers who carry screwdrivers
Re: SORBS bites the dust
On Mon, 22 Jun 2009, John Rudd wrote: You can wait 1 year ... or pay $50 to some approved charity. So, yes, you can not pay anything, if you're willing to wait a year. And if you do pay, you don't pay THEM exactly. But, it still remains that they expect some form of financial offset in order to get off their list in less than a year. http://www.au.sorbs.net/faq/spamdb.shtml Rubbish, we had one of ours in it a couple years ago, it took a couple emails and no more than a few days for removal, nothing paid either. -- Res -Beware of programmers who carry screwdrivers
Re: SORBS bites the dust
On Tue, 23 Jun 2009, mouss wrote: payment were only needed for spam, not for "dul" not really :) despite what their site said/says.. its kind of a detterent i think sunno we never paid anyway, this is getting way off topic. whatever you & I think of how sorbs should have been run (and thinking != running), its death, if confirmed, is sad news. If it is confirmed it wil indeed be sad times, SORBS catches the most of the crap that comes in here -- Res -Beware of programmers who carry screwdrivers
Re: SORBS bites the dust
On Wed, 24 Jun 2009, mouss wrote: Res a écrit : On Tue, 23 Jun 2009, mouss wrote: payment were only needed for spam, not for "dul" not really :) despite what their site said/says.. its kind of a detterent i think sunno we never paid This is wrong. if you have evidence, show it. if not, stop spreading rumours. I have delisted an IP in the past, and I have been watching people trying to delist a block but without clues on how to do it... i dont have to prove squat to ANYONE, if you dont believe me, thereby calling me a liar, thats YOUR problem, STFU and dont comment on what you CLEARLY know NOTHING about when it comes to our case (or the case of many others who have been blocked and unblocked without paying) -- Res -Beware of programmers who carry screwdrivers
Re: SORBS bites the dust
On Tue, 23 Jun 2009, Jeremy Morton wrote: Maybe it was better back then, but maybe a year ago I had the same problem and got NO response. Its death actually is good news because it means not so many innocent people will be able to be listed now. Perhaps, this was when Matthew was located in Brisbane where I am, last I heard he moved down south (he maybe be back, have not had a need to talk to him since so dont know) SORBS is heavily used in AU, and blocks far more than spamcop or spamhaus, might be different for other parts of the world, I dunno, but will be a large spam increase for us here if it closes. -- Res -Beware of programmers who carry screwdrivers
Re: SORBS bites the dust
On Tue, 23 Jun 2009, Matus UHLAR - fantomas wrote: On Tue, 23 Jun 2009, mouss wrote: payment were only needed for spam, not for "dul" On 23.06.09 11:07, Res wrote: not really :) despite what their site said/says.. its kind of a detterent i think sunno we never paid well, we've had out IPs in the DUL (i asked for listing them) and we got them removed by the instructions on their web... I have no proofs they don't delist from DUL if you fullfill their (imho proper) requirements We had no problem with them listing our residential DUL ranges, we were happy for that, only unhappy when one of our mal servers got listed :), but as mentioned, it was fairly painless to get it removed back then. -- Res -Beware of programmers who carry screwdrivers
Re: SORBS bites the dust
On Wed, 24 Jun 2009, rich...@buzzhost.co.uk wrote: This is wrong. if you have evidence, show it. if not, stop spreading rumours. I have delisted an IP in the past, and I have been watching people trying to delist a block but without clues on how to do it... I have to agree with Mouss here. I've not tried with Sorbs but I used to get a ton of calls at Barracuda because people had ended up on their 'reputation' list. Charming calls in fact, often describe sexual acts my mother was alleged to perform in the vicinity of the devil. You agree with him but have never had to do it? Thats akin to trolling since you admit you speak without knowing first hand, I speak from first hand, and I wont lose any sleep over some ignorant clown who calls me a liar, however, any respect I had for that person is now out the window, I have no doubt that there might be 'spammer safe havens' that they have refused to de-list without payment, but they never demanded it from us, 2006 I think it was when one of our key servers got listed, once they were happy that we dealt with the (virus infected windows) customer, all was good, Matthew created us a login on their site so that we could see all the headers for any complaints, and deal with them promptly like we always did once we knew who they were. -- Res -Beware of programmers who carry screwdrivers
Re: SORBS bites the dust
On Thu, 25 Jun 2009, rich...@buzzhost.co.uk wrote: Personally I have mixed views on charging for delisting. In some instances it would be appropriate and I would not dismiss it out of hand. Certainly for repeat offenders I think it would be highly desirable. Agreed, its one wya to make the admin team get off their ass. I don't recall saying you were a liar anywhere and I'm glad you are not Not you, Mouss implied it. hissy fits, throwing their toys out of their prams and suggesting people are 'trolls' because they don't like the opinions of others. if you jump on a bandwagon without first hand experience, thats *exactly* what you are, if you had experienced it first hand of course you become an authority on the subject in your your case, and your opinion matters as factual, but you by your own admission, you have not, and last I checked guilt by association was not a crime in modernised civil countries :) -- Res -Beware of programmers who carry screwdrivers
Re: SORBS bites the dust
On Thu, 25 Jun 2009, rich...@buzzhost.co.uk wrote: On Thu, 2009-06-25 at 17:41 +1000, Res wrote: if you jump on a bandwagon without first hand experience, thats *exactly* what you are, if you had experienced it first hand of course you become an authority on the subject in your your case, and your opinion matters as factual, but you by your own admission, you have not, and last I checked guilt by association was not a crime in modernised civil countries :) Indeed. I can only apologise for any offence or 'trolling'. LOL your a joke, you send this on list, yet send me a private email calling me a wanker.. LOL dont bother replying :) -- Res -Beware of programmers who carry screwdrivers
Re: SORBS bites the dust
On Thu, 25 Jun 2009, rich...@buzzhost.co.uk wrote: 1. It's 'You're' a joke - not 'your' a joke Ah the classic sign of someone in defeat, has to nit pick someones grammer 2. You could always try setting up your Mickey Mouse 'blocked using dnsbl.lan' restriction so it works properly LOL. Actually, you were first blocked by a milter because your SPF record contains "junk" get someone with a clue to set it up for you your internal bloack list blocks this mail servers IP anyway, so pot kettle black, tosser. 3. The day I give a shit about what an Australian spammer thinks of me, will be the day hell freezes over. oh im a spammer now am I, awww poor widdle wicky, go cry to mummy, or tell someone who gives a fuck. -- Res -Beware of programmers who carry screwdrivers
Re: SORBS bites the dust
On Thu, 25 Jun 2009, LuKreme wrote: On 25-Jun-2009, at 07:08, Res wrote: On Thu, 25 Jun 2009, rich...@buzzhost.co.uk wrote: 1. It's 'You're' a joke - not 'your' a joke Ah the classic sign of someone in defeat, has to nit pick someones grammer NB: it's spelt grammar yyyaan -- Res -Beware of programmers who carry screwdrivers
Re: buzzhost.co.uk was: Re: constantcontact.com
On Fri, 3 Jul 2009, Benny Pedersen wrote: On Fri, July 3, 2009 15:13, rich...@buzzhost.co.uk wrote: folowup: v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all in dns v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all localhost. IN TXT "v=spf1 a -all" mail1.buzzhost.co.uk. IN TXT "v=spf1 a -all" mail2.buzzhost.co.uk. IN TXT "v=spf1 a -all" mail3.buzzhost.co.uk. IN TXT "v=spf1 a -all" smtp.spamsandwich.co.uk. IN TXT "v=spf1 a -all" spam2.spamology.co.uk. IN TXT "v=spf1 a -all" well its your domain your problem to add this to dns, not my problem Why are people still using the outdated and no longer recommended domain TXT method? The RR type SPF was ratified some time ago. If an OS uses an antiquated resolver that does not know about the SPF RR, that too is the operators problem, no one elses. -- Res -Beware of programmers who carry screwdrivers
[no subject]
On Sat, 25 Jul 2009, Michael W. Cocke wrote: > > There doesn't seem to be a web interface to subscribe/unscribe from > this list. The email address > "users-unsubscr...@spamassassin.apache.org" complains that my IP > address is dynamic (which is why I use dyndns.org, thank you very > much.) And on that subject, am I the only person who thinks that > blocking by IP address block is inefficient, brute force, and prone to > both false positives and false negatives? If you are sending out from your dynamic home connection, you are going to have bigger problems, most of the big ISP's and many many many others block at MTA level for your type of connections, either get a static IP *and* a real PTR entry, or use your ISP as smarthost. Nothing wrong with the way this list is setup apart from it uses qmail, but we wont go into that :) -- Res -Beware of programmers who carry screwdrivers
Re: your mail
On Mon, 27 Jul 2009, Matus UHLAR - fantomas wrote: On Sat, 25 Jul 2009, Michael W. Cocke wrote: There doesn't seem to be a web interface to subscribe/unscribe from this list. The email address "users-unsubscr...@spamassassin.apache.org" complains that my IP address is dynamic (which is why I use dyndns.org, thank you very much.) And on that subject, am I the only person who thinks that blocking by IP address block is inefficient, brute force, and prone to both false positives and false negatives? On 26.07.09 22:09, r...@ausics.net wrote: If you are sending out from your dynamic home connection, you are going to have bigger problems, most of the big ISP's and many many many others block at MTA level for your type of connections, either get a static IP *and* a real PTR entry, or use your ISP as smarthost. Nothing wrong with the way this list is setup apart from it uses qmail, but we wont go into that :) by "ISP" we of course mean the company you receive mail through, not the company you are connecting through, unless you are using address hosted in the same company. Actually, if he is a connection customer of foobar.com, he should use foobar.coms SMTP server as his smarthost, as they will allow their customers to relay through them, that way most servers will only care about mail.foobar.com -- Res -Beware of programmers who carry screwdrivers
Re: your mail
**head-note: I know youve not mentioned it to me, but i'll remove your address only once more, if you got a bitch about any further replies that will be CC'd to you, bitch to apache org for not having reply-to set. I'm sick of deleting them :) On Tue, 28 Jul 2009, Matus UHLAR - fantomas wrote: On 28.07.09 12:12, Res wrote: Actually, if he is a connection customer of foobar.com, he should use foobar.coms SMTP server as his smarthost, as they will allow their do you mean "they will only allow" ? any ISP that relays for non customers, needs a kicking. (hosting excluded) customers to relay through them, that way most servers will only care about mail.foobar.com If he sends mail with gmail.com address, he should use gmail's SMTP servers no matter which ISP he's connecting through. Why? Thats a dangerous recommendation, the number of times googles mail servers get periodically blocked is funny. Maybe he wants replies there. and uses gmails pop but wants to send his replies without using them, hes perfectly entitled to do so. He might also only be using gmail to post to this list, since he (someone) cant from their original connection. Yes, some ISPs deny connections to port 25, but that's why there's 'submission' service on port 587 where authentication should be required so any problem with sending spam directly to recipients is avoided. This is popular in *some* countries, dont assume its a universal thing, because it aint. Most ISP's worth their salt have dedicated customer outbound mail servers, that only accept from their own, if they dont, they are too smaller operation to be worried about. -- Res -Beware of programmers who carry screwdrivers
Re: your mail
On Wed, 29 Jul 2009, RW wrote: Why? Thats a dangerous recommendation, the number of times googles mail servers get periodically blocked is funny. I've been using gmail for about six months, and it's not happened to me. OTOH gmail publishes SPF records, so it would be unwise to use ISP servers for their addresses. I've had numerous complaints, my response is "tuff" i dont control gmail users, gmail wishes to obscure the offenders real ip so i cnat even contact the lamers ISP, so to hell woith it, the gmail mail will flow again once the rbl in question releases it. Yes, some ISPs deny connections to port 25, but that's why there's 'submission' service on port 587 where authentication should be required so any problem with sending spam directly to recipients is avoided. This is popular in *some* countries, dont assume its a universal thing, because it aint. This doesn't make sense, when ISPs block outgoing port 25 you can use port 587 or 465 to connect to the server of your choice, it doesn't wrong again, this assumes the ISP enables submission, we dont, i've tested a few very large isp's here and they dont either, so again do not assume. -- Res -Beware of programmers who carry screwdrivers
Re: your mail
On Wed, 29 Jul 2009, Matus UHLAR - fantomas wrote: any ISP that relays for non customers, needs a kicking. (hosting excluded) do you mean "they will only allow their users relaying through their Correct, only relay for your own customers based on your own IP ranges, pretty much removes abuse, and smtp-auth is only enabled on hosting servers, hosting customers don't use end-users smtp, nor can end users use hosting smtp Yes, some ISPs deny connections to port 25, but that's why there's 'submission' service on port 587 where authentication should be required so any problem with sending spam directly to recipients is avoided. This is popular in *some* countries, dont assume its a universal thing, because it aint. Most ISP's worth their salt have dedicated customer outbound mail servers, that only accept from their own, if they dont, they are too smaller operation to be worried about. That's popular by an increasing number of ISPs, e.g. when they will get listed in blacklist like UCEPROTECT-L[23], when they aren't able to cope with tons of spam reports. um there is likely tens and tens and tens of thousands of ISP's around the world, we each run our own ISP's based upon how see fit, because submission might be popular in the U.S or NZ doesn't mean it is everywhere, I've been running mail servers (for corporate and some large ISP's) for nearly 20 years now and never even contemplated using 587 because nothing warrants it, regarding this geographical location. -- Res -Beware of programmers who carry screwdrivers
Re: your mail
On Wed, 29 Jul 2009, Matus UHLAR - fantomas wrote: Aha, so this is your point? You accept mail from your IP addresses, but not from your customers roaming elsewhere? Bad for you. It was already discussed here - you are going the wrong way. Not bad for me, we used to do this, it only got us into blacklists, so we stopped it except for hosting cusotmers, we are going the right way, again, there you go with assumptions, and this is a spam assasin list, so whats discussed here has no relvance, if I'm in charge of the network for say this countries 5th largest ISP, why SHOULD I allow customers of say our countries largest, or 25th largest relay their mail via my systems, again, unless they have hosting with us, but those servers are all separate. Btw, the submission standard exists for >10 years, it would be nice if you could support your customers connecting from anywhere, insteaad of anyone's *sigh* for end users, not going to happen, ever, not whilst i'm in charge, and sorry to say but if you ever move to Australia, youll find its a common attitude amongst the large, medium and most smaller ISP's here. -- Res -Beware of programmers who carry screwdrivers
Re: your mail
On Wed, 29 Jul 2009, LuKreme wrote: On Jul 28, 2009, at 10:22 PM, Res wrote: this assumes the ISP enables submission, If an ISP doesn't enable submission then walk away and find a real ISP that What rubbish cares about it's customers. Seriously, no port 587 = no customer. If you WOW then australian ISP's must be bucking the Lukreme trend, goven teh customer numbers that the larger players here have and who dont run it. won't accept my email when I am connected via some other method than your IP then to hell with you. I'm sure no one here would blink an eyelid and or even notice if you didnt sign with us or left us, and there are a few hundred thousand other users (well we aint that big a country here) that disagree with you, but I guess even the largest ISP here with a couple million users, well I guess those couple million also disagree with you. But ISP's always expect 0.01% of the userbase to be annoying whinging crybabies who no matter what you do, will never please them. -- Res -Beware of programmers who carry screwdrivers
Re: your mail
On Wed, 29 Jul 2009, RW wrote: wrong again, this assumes the ISP enables submission, What do you mean enables submission? They don't have to enable anything, just not block the port. ISP's block outgoing port 25 to Wrong, postfix by default does not use 587, and AFAIK Qmail doesnt either. And the number of ISPs here blocking outgoing 25 I could likely count on one hand, and we dont seem to have many problems. -- Res -Beware of programmers who carry screwdrivers
Re: your mail
On Sun, 9 Aug 2009, RW wrote: On Sun, 9 Aug 2009 09:36:25 +1000 (EST) Res wrote: On Wed, 29 Jul 2009, RW wrote: wrong again, this assumes the ISP enables submission, What do you mean enables submission? They don't have to enable anything, just not block the port. ISP's block outgoing port 25 to Wrong, postfix by default does not use 587, and AFAIK Qmail doesnt either. It's not wrong because I'm not talking about the ISP servers, I'm talking about making outgoing connections to third party servers that do support 587 or the ssl port. If you actually took the trouble to read what I wrote you'd have realised that a long time ago. I did, maybe you cant comprehend that not all ISPs support it, very few here do, oh lookie im repeating myself yet again, I seriously don't know how to make that clearer to you, i'll try find a 5yo, and get them to slowly type it to you, see if you can understand them. -- Res -Beware of programmers who carry screwdrivers
Re: your mail
On Sat, 8 Aug 2009, LuKreme wrote: Well, you have a very nice fsck-you attitude toward your own customers which I find appalling. If I am at a coffee shop, or at a friends house, and I can't sent mail out because my ISP only allows connections from their own IP pool then yeah, I will walk away from that ISP instantly. If there is so much collusion amongst ISPs in Australia that this is normal then you will all get your businesses pwned as soon as one of them (or more likely a new competitor) figures this out. LOL how old are you kid? 15? maybe not even that, its been that way here ALWAYS, for near on two decades and wont be changing anytime soon, using submission port might where you come from be a facination to wank over, but it aint here, and likely never will be, so tuff luck anyway it wont bother you since you dont live here. I'm sure no one here would blink an eyelid and or even notice if you didnt sign with us or left us, Yeah, that was the Attitude AT&T had over hear for about 5 years before they care factor? hrm, still sub zero -- Res -Beware of programmers who carry screwdrivers
Re: your mail
On Sun, 9 Aug 2009, Matus UHLAR - fantomas wrote: On 09.08.09 09:20, Res wrote: Correct, only relay for your own customers based on your own IP ranges, pretty much removes abuse, and smtp-auth is only enabled on hosting servers, hosting customers don't use end-users smtp, nor can end users use hosting smtp Bullshit. We are suffering because we didn't force users to use SMTP Bullshit to what? dont try tell me what happen on my own network fuckwit I think id know more about it then some wanka on mailing list who has wet dreams over submission ports. I stopped smtp-auth and relay only for our IP's, problem gone, not been an RBL since, not my problem if it doesnt cure your problems. -- Res -Beware of programmers who carry screwdrivers
Re: your mail
On Sun, 9 Aug 2009, Matus UHLAR - fantomas wrote: On Wed, 29 Jul 2009, Matus UHLAR - fantomas wrote: Aha, so this is your point? You accept mail from your IP addresses, but not from your customers roaming elsewhere? Bad for you. It was already discussed here - you are going the wrong way. On 09.08.09 09:26, Res wrote: Not bad for me, we used to do this, it only got us into blacklists, so we stopped it except for hosting cusotmers, we are going the right way, Do you allow relaying from configured IP addresses without authentication? And you call that the right way? Even if those IP addresses are shared by yup, thats the way every ISP in this country does it, always has, always will, dont assume what doesnt work where you are, doesnt work everywhere. -- Res -Beware of programmers who carry screwdrivers
Re: your mail
On Mon, 10 Aug 2009, Kris Deugau wrote: I'm having a bit of trouble being sure of what you're saying, but it sounds like: "We don't use SMTP AUTH." Correct (unless your a hosting customer) we use dedicated customer outbound boxes. "We don't allow relay from outside our own netblocks." Correct (unless as above) Fine, that's been acceptable and normal many places for quite a long time... Correct but the changing face of email, and the growing number of people who want access to their email from their own email client mean a growing demand for There has been no requests or any demand for it here what so ever at all. I'm curious what arguments you have against providing SMTP submission services other than what appears to boil down to "Don't wanna! I'd have to, y'know, do *work*!". For starters, I need to see a justification it is worth it, ie at least ONE or TWO customers asking for it in the first place, it is also a common thing so everyone in this country is used to it this way, we all do things the way it works for us best, I do it my way with number of customers well into 6 figures, nobody has problems with it, the largest ISP in this country with many millions of customers also seem to have no problems with it this way, the second largest ISP, with only a few 100K short of the largest, again has no problem running without it, as do any others that I know of. And... well, it seems to work well using it for some on this list, I'm not advocating nobody use it, I just think its amazing at the couple of other people (use that term loosly) on this list who attack me and see me aligned with satan for not using it. thats their problem though, not mine. (they dont know me to well, i've never changed a decision based on what any wet dreamer on a list or usenet has said to me yet, and i aint about to start either) -- Res -Beware of programmers who carry screwdrivers
Re: your mail
On Fri, 21 Aug 2009, RW wrote: Because as I said numerous times I'm not talking about ISPs. I'm not sure precisely which part of "I'm not talking about ISPs" you don't understand. I know exactly what your saying, its you it seems who cant comprehend what I'm saying Are you not aware that there are companies that provide email services without being ISPs: Google, Fastmail, Tuffmail etc. really? oh, wow i'll go and shutdown my mail server farms and the netapp filers then, cool save LOTS on power and cooling. but back to reality, so what? you are clutching at straws now, this started out an attack on me becuase *WE* dont accept on submission port for our customers, I dont care what other companies like that do, they can accept mail on port 80 for all I care. -- Res -Beware of programmers who carry screwdrivers
Re: your mail
On Sat, 22 Aug 2009, RW wrote: And you keep replying with the non sequitur that not all ISPs support the submission port. someone, if not you, brought submission into it, thast where it got nasty, forget who since i dont read this list often enuf, dont care who started out an attack on me becuase *WE* dont accept on submission port for our customers, I never named you, specifially, take the tickets off yourself loser, your not the only one in this thread -- Res -Beware of programmers who carry screwdrivers
Re: DNSBL Comparison 20091114
On Mon, 16 Nov 2009, rich...@buzzhost.co.uk wrote: safe. BRBL has a high hit rate as well, with a moderate safety rating. Wondered why i wasn't getting anything from mysql.com for over a week, BRBL has them listed :) -- Res "What does Windows have that Linux doesn't?" - One hell of a lot of bugs!
Re: DNSBL Comparison 20091114
On Mon, 16 Nov 2009, rich...@buzzhost.co.uk wrote:
You neglected to trim my name from your post making it look like the
hrmm... that is not how alpine showed it...
That said {don't you just lurvvee net policemen} I do have to laugh that
the BRBL has mysql.com listed, given it sits at the heart of every one
of the spam 'and virus' firewalls they sell. This could potentially mean
that Barracuda are not getting up-to-date information on mysql
developments - so they can steal it and put it in their chudware.
indeed :)
--
Res
"What does Windows have that Linux doesn't?" - One hell of a lot of bugs!
Re: emailreg.org - tainted white list
On Mon, 14 Dec 2009, jdow wrote: selling access to spammers, how long do you think Barracuda would stay in business. Their customers who got the spam would move elsewhere. So I really don't think that Barracuda is going to sell out their main business to make $20 off of a few spammers. Marc, I am admiring a nice pattern I see here. My mental Bayes algorithm has ticked over. Is rich...@bizzhost.co.uk a spammer trying to derail the effective tools? He's certainly acting like it. Remove the paranoia and low flying black helicopters from his posts, he has some merit in one comment, the emailreg.org _should_ be able to be disabled by customers, but, then again, you can always vote with your feet and simply not use their systems, they will quickly get the picture, but sadly a lot of people just have no clue, there are afterall, plenty of saleman out there who could sell ice to an Eskimo. I really am amazed that anyone would trust any third party whitelist of any kind in the anti-spam world. FWIW, there is only one whitelist that deserves to be active, and that's the one that we, as individuals, apply locally for our own networks for our own situations, I will never allow someone unrelated to my business to decide whats "not a spam host". Even the most looked after networks, can have an authorised user who becomes worm infected, and spams the hell out of everyone. -- Res "What does Windows have that Linux doesn't?" - One hell of a lot of bugs!
Re: emailreg.org - tainted white list
On Wed, 16 Dec 2009, Per Jessen wrote: Christian Brel wrote: Perhaps the time has come for a fork of Spamassassin where these commercial considerations are not so obvious? No need for such drastic measures - it's only a ruleset. no whitelist should ever become default part of SA the day it is, is the day I look elsewhere. -- Res "What does Windows have that Linux doesn't?" - One hell of a lot of bugs!
Re: emailreg.org - tainted white list
On Wed, 16 Dec 2009, Christian Brel wrote: On Wed, 16 Dec 2009 21:10:11 +1000 (EST) Res wrote: On Wed, 16 Dec 2009, Per Jessen wrote: Christian Brel wrote: Perhaps the time has come for a fork of Spamassassin where these commercial considerations are not so obvious? No need for such drastic measures - it's only a ruleset. no whitelist should ever become default part of SA the day it is, is the day I look elsewhere. Unless yours installed without the -4 and below rule for Habeas, then you may just want to review that point of view ;-) I'm the person here who has final say as to who/what gets whitelisted, I will not ever use ANY third party whitelist service, for reasons as outlined earler in this thread, just because someone pays to be a good guy doesnt mean they are. -- Res "What does Windows have that Linux doesn't?" - One hell of a lot of bugs!
Re: [sa] Re: habeas - tainted white list
the only person here at present trolling is you, so for F's sake STFU and stop generating massive noise ratio On Fri, 18 Dec 2009, Charles Gregory wrote: On Fri, 18 Dec 2009, Christian Brel wrote: Charles, you *are* speaking for J D Falk with his Auspices? Hey, J D! Please post and give me your auspices. I'd love to see what this Troll posts if you say 'sure'. :) - C -- Res "What does Windows have that Linux doesn't?" - One hell of a lot of bugs!
Re: The other side of whitelists - arbitrary blacklists
On Sun, 20 Dec 2009, jdow wrote: http://isc.sans.org/diary.html?storyid=7780 It can be quite frustrating to run an ISP and comply with the often arbitrary, strange, and I suspect contradictory demands of the likes of SORBS and Trend Micro. An ISP Abuse handler vents in this article. SORBS would only put you in their DUL listing for anything resembling hosts that are dynamic, those who block based on spam only would never see this as an issue (had many a dealing with SORBS, for the most part they were understanding and co-operative - I say "were" because we have been lucky enough not to have had any need to interact with them in a good few years now, but Matthew knows I have a zero spam tolerance and effective policies) Can't comment on trend micro never used them, dont intend to, but to demand you must use mail/smtp is laughable, who the hell do they think they are to dictate that, the only losers there are trend micro users, and unless they change their policy, ultimately, it will be trend micro who lose. -- Res "What does Windows have that Linux doesn't?" - One hell of a lot of bugs!
Re: The other side of whitelists - arbitrary blacklists
On Sun, 20 Dec 2009, Per Jessen wrote: SORBS would only put you in their DUL listing for anything resembling hosts that are dynamic, AFAIK, also ranges that were "declared" to by dynamic, e.g. in whois info. I once had a range allocated which had previously been declared to be dynamic, and it was listed at SORBS. Last I heard they had a script that checked 'probable ranges', anything with static or an actual boxname, so to speak, was not included in the DUL collection, they ran it over my previous employers ranges who did DSL/Dial etc, they entered all but the ones they said wouldnt be, so it worked, at least back then anyway (we did NOT object to our normal users IP's being included, our only concern was our business clients who were static-*.state.dsl.domain), if it included a normal boxname in a range used by dynamics, then I'd say their script broke, and I'm sure they would have found and fixed it pretty fast. -- Res "What does Windows have that Linux doesn't?" - One hell of a lot of bugs!
RCVD_ILLEGAL_IP Question
Greetings, Can anyone tell me how the bogon list in this rule is updated? Does it query a live bogon DNS server? The wiki does not explain or say much at all about it. Thanks -- Res "What does Windows have that Linux doesn't?" - One hell of a lot of bugs!
Re: RCVD_ILLEGAL_IP Question
On Wed, 20 Jan 2010, RW wrote:
It appears to be just a regular expression:
sub check_for_illegal_ip {
my ($self, $pms) = @_;
foreach my $rcvd ( @{$pms->{relays_untrusted}} ) {
# (note this might miss some hits if the Received.pm skips any
invalid IPs) foreach my $check ( $rcvd->{ip}, $rcvd->{by} ) {
return 1 if ($check =~ /^
(?:[01257]|(?!127.0.0.)127|22[3-9]|2[3-9]\d|[12]\d{3,}|[3-9]\d\d+)\.\d+\.\d+\.\d+
Thats crazy! It's wrong since 1/8 is now allocated, it also does not
detect most other bogon ranges, What is the point of this...
Another rule I now need to disable.
--
Res
"What does Windows have that Linux doesn't?" - One hell of a lot of bugs!
Re: RCVD_ILLEGAL_IP Question
On Wed, 20 Jan 2010, Henrik K wrote:
(?:[01257]|(?!127.0.0.)127|22[3-9]|2[3-9]\d|[12]\d{3,}|[3-9]\d\d+)\.\d+\.\d+\.\d+
Thats crazy! It's wrong since 1/8 is now allocated, it also does not
detect most other bogon ranges, What is the point of this...
Another rule I now need to disable.
Please open a bug...
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6295
Thanks for logging that.
I do think we need a better way to catch them, including the other
20 or so plus bogon ranges it currently ignores. I can see where DNS
checks would be better suited (bogons.cymru.com), or, at the very least,
a ruleset, which can be updated in the "daily updates run" when new
ranges are allocated.
--
Res
"What does Windows have that Linux doesn't?" - One hell of a lot of bugs!
Re: RCVD_ILLEGAL_IP Question
On Wed, 20 Jan 2010, Henrik K wrote: DNS checks would be overkill for a list that doesn't change that often. http://www.team-cymru.org/Services/Bogons/ has good info, Yes agreed, we have used Robs templates for a long time :) -- Res "What does Windows have that Linux doesn't?" - One hell of a lot of bugs!
Re: RCVD_ILLEGAL_IP Question
On Thu, 21 Jan 2010, Mike Cardwell wrote: RCVD_ILLEGAL_IP is currently ranking 289th in my SpamAssassin rule statistics having triggered on only 79 out of the last 66657 emails. Is such an infrequently triggering rule worth having a dedicated DNS based lookup system? This is likely because it only looks a tiny subset of all bogon ranges, if it covered all of them, you might find it a bit higher, maybe not, who knows since it doesn't look at 90% of them. But I agree with Henrik in that a ruleset updatable by updates.spamas... would be a beter way to go. -- Res "What does Windows have that Linux doesn't?" - One hell of a lot of bugs!
sa-compile
Is there a method of speeding this beast up? I can build four entire kernels and their modules from scratch in the same time it takes this thing to compile (45mins) is it really worth using this method? Last time I tried without it, I noticed next to no difference, opinions? -- Res -Beware of programmers who carry screwdrivers
Re: sa-compile
On Wed, 15 Apr 2009, Rick Macdougall wrote: jp wrote: It only takes a minute or three on my systems depending on load. 21 seconds on a zero load dual core virtual machine with 2gb ram. On Wed, Apr 15, 2009 at 08:56:22AM +1000, Res wrote: Is there a method of speeding this beast up? I can build four entire kernels and their modules from scratch in the same time it takes this thing to compile (45mins) is it really worth using this method? Last time I tried without it, I noticed next to no difference, opinions? Normal sa-update && sa-compile takes about 2 minutes here. If I add JM's saught rules it takes over 30 minutes. Just FYI. Rick, et al, You've hit the nail on the head... Apr 16 00:03:31 mx0-3 sa-update: start Apr 16 00:04:08 mx0-3 sa-update: compiling Apr 16 00:52:27 mx0-3 sa-update: completed ... remove sought rules, and... Apr 16 10:44:09 mx0-3 sa-update: start Apr 16 10:44:25 mx0-3 sa-update: compiling Apr 16 10:52:45 mx0-3 sa-update: completed sought is no longer sought'n :) Thanks for the heads up, much appreciated -- Res -Beware of programmers who carry screwdrivers
