subject:"Apache.org spam\?\?"

Apache.org spam??

2009-06-25 Thread Jeremy Morton


I recently got this spam that made its way thru SpamAssassin:

http://pastebin.ca/1474274

Looks like it was received from mail.apache.org which is in the 
DNSWL.org DB, unsurprisingly.  Why would mail.apache.org send out this 
obvious spam?


Best regards,
Jeremy Morton (Jez)

Re: Apache.org spam??

2009-06-25 Thread Jeremy Morton


To reply to myself

I guess that was sent to the spamassassin.apache.org list and the list 
was BCC'd so it didn't get put into my list folder.  Ah well.


Best regards,
Jeremy Morton (Jez)

Jeremy Morton wrote:

I recently got this spam that made its way thru SpamAssassin:

http://pastebin.ca/1474274

Looks like it was received from mail.apache.org which is in the
DNSWL.org DB, unsurprisingly. Why would mail.apache.org send out this
obvious spam?

Best regards,
Jeremy Morton (Jez)

Re: Apache.org spam??

2009-06-25 Thread Benny Pedersen


On Thu, June 25, 2009 17:10, Jeremy Morton wrote:
 Looks like it was received from mail.apache.org which is in the
 DNSWL.org DB, unsurprisingly.  Why would mail.apache.org send out this
 obvious spam?

blame mozilla thunderbird for the resent headers, the problem is that one user 
release something in there quarantine and spammed
forged headers

-- 
xpoint

Re: Apache.org spam??

2009-06-25 Thread Benny Pedersen


On Thu, June 25, 2009 17:20, Jeremy Morton wrote:
 I guess that was sent to the spamassassin.apache.org list and the list
 was BCC'd so it didn't get put into my list folder.  Ah well.

with sieve:

if header :contains List-Id users.spamassassin.apache.org
{
fileinto maillists.spamassassin;
stop;
}

-- 
xpoint

Re: Apache.org spam??

2009-06-25 Thread SM


At 08:10 25-06-2009, Jeremy Morton wrote:

I recently got this spam that made its way thru SpamAssassin:


[non-persistent information snipped]

Looks like it was received from mail.apache.org which is in the 
DNSWL.org DB, unsurprisingly.  Why would mail.apache.org send out 
this obvious spam?


The message was sent by a mailing list subscriber to a list which 
generally discusses about spam.  It scored 4.0 on Apache.org.


Why is the message obvious spam?  What rules would you recommend to catch it?

Regards,
-sm

Re: Apache.org spam??

2009-06-25 Thread Benny Pedersen

On Thu, June 25, 2009 17:56, SM wrote:

 What rules would you recommend to catch it?

something as this on apache.org:

header __RESENT1 exists:Resent-From
header __RESENT2 exists:Resent-To
header __RESENT3 exists:Resent-Date
header __RESENT4 exists:Resent-Message-Id

meta NO_RESENT_MAIL (__RESENT1  __RESENT2  __RESENT3  __RESENT4)
describe NO_RESENT_MAIL Meta: please dont resend mail to maillists
score NO_RESENT_MAIL 3.0

if i cant fix others problems but imho apache.org need the above :)

-- 
xpoint

Re: Apache.org spam??

2009-06-25 Thread SM


At 09:13 25-06-2009, Benny Pedersen wrote:

something as this on apache.org:

header __RESENT1 exists:Resent-From
header __RESENT2 exists:Resent-To
header __RESENT3 exists:Resent-Date
header __RESENT4 exists:Resent-Message-Id

meta NO_RESENT_MAIL (__RESENT1  __RESENT2  __RESENT3  __RESENT4)
describe NO_RESENT_MAIL Meta: please dont resend mail to maillists
score NO_RESENT_MAIL 3.0

if i cant fix others problems but imho apache.org need the above :)


Nice.  The above rules cannot be applied for all apache.org traffic 
as it's not only for mailing lists.


Regards,
-sm

Re: Apache.org spam??

2009-06-25 Thread John Hardin


On Thu, 25 Jun 2009, SM wrote:


At 09:13 25-06-2009, Benny Pedersen wrote:

something as this on apache.org:

header __RESENT1 exists:Resent-From
header __RESENT2 exists:Resent-To
header __RESENT3 exists:Resent-Date
header __RESENT4 exists:Resent-Message-Id

meta NO_RESENT_MAIL (__RESENT1  __RESENT2  __RESENT3  __RESENT4)
describe NO_RESENT_MAIL Meta: please dont resend mail to maillists
score NO_RESENT_MAIL 3.0

if i cant fix others problems but imho apache.org need the above :)


Nice.  The above rules cannot be applied for all apache.org traffic as it's 
not only for mailing lists.


I point out that I've had legitimate reason in the past to resend messages 
to the SA list.


--
 John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
 jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org
 key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
---
  Phobias should not be the basis for laws.
---
 9 days until the 233rd anniversary of the Declaration of Independence

Re: Apache.org spam??

2009-06-25 Thread Benny Pedersen


On Thu, June 25, 2009 19:48, John Hardin wrote:
 I point out that I've had legitimate reason in the past to resend messages
 to the SA list.

test my rules better, will it hit a resend from you ? :)

well repost is not a resend, so it might still not hit

-- 
xpoint

Apache.org spam??

Re: Apache.org spam??

Re: Apache.org spam??

Re: Apache.org spam??

Re: Apache.org spam??

Re: Apache.org spam??

Re: Apache.org spam??

Re: Apache.org spam??

Re: Apache.org spam??

9 matches

Site Navigation

Mail list logo

Footer information