Re: Dropbox invoice phishing
Technically you pommel m > On Mar 20, 2023, at 5:34 PM, Mark London wrote: > > Dropbox now has an invoice feature, that allows you to create a customized > invoice. So what this person did was to create an invoice that looks like > it’s coming from PayPal. Except for the fact that the From address shows it > is coming from Dropbox. > > Months ago I saw a similar problem with fake invoices coming from PayPal. > > I hate Spammers. > >> On Mar 20, 2023, at 2:58 PM, Greg Troxel wrote: >> >> A quick grep shows: >> >> 4.00/updates_spamassassin_org/60_welcomelist_auth.cf:def_welcomelist_auth >> *@*.dropbox.com >> >> so the code is operating as designed. >> >> It seems that either dropbox is compromised, or dropbox is allowing >> user-generated content to go out under their domain. Either way it >> seems they should be removed from USER_IN_DEF_SPF_WL, unless this is a >> blip and they fix it right away. >> >> Have you written to ab...@dropbox.com, and what did they say? >> >
Re: Stop this before it goes any further (was Re: IMPORTANT NOTICE FOR PEOPLE RUNNING TRUNK re: [Bug 7826] Improve language around whitelist/blacklist and master/slave)
Amen. > On Jul 14, 2020, at 2:59 PM, Kurt Fitzner wrote: > > This is truly unfortunate. The current trend of whitewashing (and no I'm not > afraid of using a word with "white" in it) away perceived slurs where there > never were any is both troubling and counter-productive. > > I shouldn't have to post something like this here. We should all be adults > and intelligent enough to understand these things. The fact that I have to > is also troubling. I find myself shocked and amazed that these facts are not > self evident. But since they clearly aren't, here they are: > > 1) White_ / Black_ are not now and nor ever were they racially > motivated compound word prefixes. White and black have been and are > references to light and dark, and in every language race and culture on the > planet are used in compound words, phrases and sentences that evoke metaphors > of good and bad. In this context the prefixes have never had anything to do > with skin colour, and to change the words now casts aspersions on everyone > who has ever used them. It's a backusation of prejudice that has just never > been there. White hat / black hat. Light and dark. Good and bad. The > terms "whitelist" and "blacklist" came into being because they are based on > universally understood concepts of light and dark. You are not going to > change the concepts of "light" and "dark" as metaphors for good and bad - the > light and goodness of day and the frightening aspects of night are etched > into our collective racial and likely genetic memories as good and bad from > long before there ever were humans with different skin colours. Treating > whitelist and blacklist as if they are skin-colour related is factually > incorrect. > > 2) Master and slave are also not racially motivated. I don't have to > recapitulate the history of the lasts two centuries, we all know it, but lets > go further back... two millennia and further. Every conquering culture made > slaves of a certain number of its prisoners and vanquished foes. Every > colour and race in history has done this to every other colour and race. The > words are not inherently racially charged. They are simple references to > states. Further more, master and slave are proper and accurate words to use > in many cases outside of a context of actual human slavery. Master denotes > (variously) leadership, authority, skillfulness, and control. Slave denotes > subservience and being controlled. You cannot erase the concepts of > authority and subservience in their entirety because some people once assumed > immoral authority over others. Changing the words you use will not change > the underlying concept, and treating the words like they are racially charged > now is, again, a backusation that is unwarranted and frankly an affront to > all who have ever used them properly. Are we going to change the rank of > master chief, stop having master cylinders, are going to stop mastering > skills? I sincerely hope this madness doesn't spread that far. The words > are not evil. The concepts of master and slave are not even evil. They are > simple word tools for the ease of understanding concepts and relationships. > Unless you intend to erase the whole concept of hierarchical relationships, > the word choices used to denote them can't make them less racial because they > never were. > > 3) The act of changing these words is, itself, actively self defeating. The > irony of changing words that never were racial on the off chance they might > be interpreted that way as a method of getting to a world where race doesn't > matter is acute. Please tell me I am not the only one to see this terrible > irony. We are all looking for that world where race and colour simply don't > matter. Where the colour of one's skin and the culture one is from is of no > more interest than any other fact or statistic about one's individual > phenotypes or family history. Taking words and shining a spotlight on them > as suddenly racial is a step away from that world of "it just doesn't > matter". It is an affront to the (what I hopefully believe is the) majority > of people of all races and cultures for whom colour simply doesn't matter. > And it is making a racial issue where there was none before. This isn't a > step in the right direction. This is not accomplishing that goal. This is > the opposite of accomplishing that goal. > > This action is wrong because it cannot accomplish its stated goal. This is > wrong because it is making racial what was not. This is wrong because the > connotations you giving the words are factually and historically incorrect. > This is wrong, and that should be self evident to every single one of you. > > Kurt Fitzner > > > > On 2020-07-10 01:00, Kevin A. McGrail wrote: > > IMPORTANT NOTICE > > If you are running trunk, we are working on changing terms like
Re: IMPORTANT NOTICE FOR PEOPLE RUNNING TRUNK re: [Bug 7826] Improve language around whitelist/blacklist and master/slave
is there a moderator. or do i have to unsubscribe > On Jul 12, 2020, at 2:07 PM, rtroy wrote: > > > On Sun, 12 Jul 2020, Eric Broch wrote: > > ...a bunch of stuff that doesn't belong on the list. > > Isn't there a list moderator out there? > > We don't need to read about the aforementioned poster's personal problems or > politics.
SPAM Message Contain HTML and gibberish texy
I am running Avavisd-New 2.10 with SpamAssassin version 3.4.0 running on Perl version 5.16.3 on FreeBSD 8.4 and 3.0 One of my users is getting bombarded by spam where there is a HTML link and gibberish text under neath to defeat the HTML_IMAGE_ONLY_04 rule Can anyone suggest of rule or approach pod real with this?
FuzzyOCR
OK went in and told FuzzyOcr not to scan jpeg and no more errors which is logical as the jpegtopnm program is not executed Hopefully this will end my build up of junk in /var/amavis which I attributed to the failed scans
FUZZOCR
My apologies as this is probably not the properly place for this but I can not find a functioning web page or list of FuzzOCR . Even the installation instructions I found were old in https://www.maiamailguard.comand had some issues in format. The problem is that is from my installation I am getting the following errors Sep 14 13:13:49 tuna amavis[50336]: (50336-01)!)SA error: FuzzyOcr: /usr/local/bin/jpegtopnm: Returned [2048], skipping... Sep 14 13:13:49 tuna amavis[50336]: (50336-01) _WARN: rules: failed to run FUZZY_OCR test, skipping:\n\t(Insecure dependency in open while running with -T switch at /usr/local/lib/perl5/site_perl/5.16/Mail/SpamAssassin/Plugin/FuzzyOcr/Logging.pm line 34.\n) when I run spam assassin -D --lint I get what OI believe to be confirmation that jpegtopnm is loading Sep 14 13:27:19.948 [50639] dbg: FuzzyOcr: Using jpegtopnm = /usr/local/bin/jpegtopnm Can anyone give me an insight to the error ? It appears to be bombing out of test of jpegs ad stashing the image in a temp directory of /var/amavis which loads up the file system
Fwd: FUZZOCR
Begin forwarded message: From: John Hardin jhar...@impsec.org Subject: Re: FUZZOCR Date: September 14, 2013 1:46:21 PM EDT To: users@spamassassin.apache.org On Sat, 14 Sep 2013, Jason Hirsh wrote: My apologies as this is probably not the properly place for this but I can not find a functioning web page or list of FuzzOCR . Even the installation instructions I found were old in https://www.maiamailguard.comand had some issues in format. This is probably the closest you're going to get. FuzzyOCR has been inactive for a while since the initial wave of text-in-image spams tapered off. I've been seeing text-in-image spams more frequently lately so I think we should dust off FuzzyOCR. Yes I was seeing them too and thought this was an approach Search the mailing list archives for fuzzyOCR (not FuzzOCR) and you should probably be able to find contact information for the primary developer, or clues for how to fix your jpegtopmn install. Sep 14 13:27:19.948 [50639] dbg: FuzzyOcr: Using jpegtopnm = /usr/local/bin/jpegtopnm That may be logging what it's configured to do rather than what's been found to work. Can anyone give me an insight to the error ? It appears to be bombing out of test of jpegs ad stashing the image in a temp directory of /var/amavis which loads up the file system Does jpegtopnm actually exist at that location on your system? Yes it does If you run it with a jpeg file (perhaps one of the lingering work files from fuzzyocr) does it error out, and give an explanation why? from the command line it worked fine and converted… still trying some more searches to find a current POC I guess I could disable the jpeg portion in the thought that it would be a different graphic format Thanks for taking a look -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- Think Microsoft cares about your needs at all? A company wanted to hold off on upgrading Microsoft Office for a year in order to do other projects. So Microsoft gave a 'free' copy of the new Office to the CEO -- a copy that of course generated errors for anyone else in the firm reading his documents. The CEO got tired of getting the 'please re-send in XX format' so he ordered other projects put on hold and the Office upgrade to be top priority.-- Cringely, 4/8/2004 --- 3 days until the 226th anniversary of the signing of the U.S. Constitution
Re: FUZZOCR
Don't know if my earlier response worked On Sep 14, 2013, at 1:46 PM, John Hardin jhar...@impsec.org wrote: On Sat, 14 Sep 2013, Jason Hirsh wrote: My apologies as this is probably not the properly place for this but I can not find a functioning web page or list of FuzzOCR . Even the installation instructions I found were old in https://www.maiamailguard.comand had some issues in format. This is probably the closest you're going to get. FuzzyOCR has been inactive for a while since the initial wave of text-in-image spams tapered off. I've been seeing text-in-image spams more frequently lately so I think we should dust off FuzzyOCR. Yes I was seeing them too and thought this was an approach Search the mailing list archives for fuzzyOCR (not FuzzOCR) and you should probably be able to find contact information for the primary developer, or clues for how to fix your jpegtopmn install. Sep 14 13:27:19.948 [50639] dbg: FuzzyOcr: Using jpegtopnm = /usr/local/bin/jpegtopnm That may be logging what it's configured to do rather than what's been found to work. Can anyone give me an insight to the error ? It appears to be bombing out of test of jpegs ad stashing the image in a temp directory of /var/amavis which loads up the file system Does jpegtopnm actually exist at that location on your system? Yes it does If you run it with a jpeg file (perhaps one of the lingering work files from fuzzyocr) does it error out, and give an explanation why? from the command line it worked fine and converted… still trying some more searches to find a current POC I guess I could disable the jpeg portion in the thought that it would be a different graphic format Thanks for taking a look -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- Think Microsoft cares about your needs at all? A company wanted to hold off on upgrading Microsoft Office for a year in order to do other projects. So Microsoft gave a 'free' copy of the new Office to the CEO -- a copy that of course generated errors for anyone else in the firm reading his documents. The CEO got tired of getting the 'please re-send in XX format' so he ordered other projects put on hold and the Office upgrade to be top priority.-- Cringely, 4/8/2004 --- 3 days until the 226th anniversary of the signing of the U.S. Constitution
