> 1.2.3.4 # added by Global-Penalty-Box Server - [possibly a
> comment] - 2020-08-08 12:48:12
>
> the next release will have it
>
>
> Thomas
>
>
>
> Von:"K Post"
> An:"ASSP development mailing list" <
> a
1.2.3.4 # added by Global-Penalty-Box Server - [possibly a
comment] - 2020-08-08 12:48:12
the next release will have it
Thomas
Von:"K Post"
An: "ASSP development mailing list"
Datum: 29.10.2020 13:17
Betreff: Re: [Assp-test] Feature request - adding I
checking in on this. Any thoughts?
On Tue, Sep 29, 2020 at 3:58 PM K Post wrote:
> If it's not too difficult to implement, would it be possible when adding
> an IP to blocklists to automatically add the date it was added and possibly
> a space for a note to be added?
>
> For example if I add an
.1:5/maillog?wrap=2&color=1&tailbyte=1&search=[spam+
> found]&order=0&nocontext=1&nohighlight=1&size=2&files=
> files&limit=100#MlTop
>
> to prevent the login popup, define the user:passord in the URL - o
l think about this feature request.
Thomas
Von:K Post
An: ASSP development mailing list
Datum: 17.02.2017 20:36
Betreff:Re: [Assp-test] Feature request: Daily report of error
reports
And while I'm at it, I'll request this too:
Add an option to show messages marked with
And while I'm at it, I'll request this too:
Add an option to show messages marked with the Spam prefix - messages that
are probably spam but fell below the threshold - to the blockreport (noted
as not needing to be resent if not spam)
Again, something like this would help an admin improve ASSP acc
Having nonprintable characters in the mail header is NOT allowed.
Not only this - but those characters (if processed) may cause an
unexpected assp behavior and/or perl crashes. ASSP will remove them for
internal processing
The next version will have a hidden option to completely disable the
RFC2
+1
__.https://eXtremeSHOK.com
.__
On 22-Sep-16 4:59 PM, Gooegg wrote:
> Hi all,
>
> I would like to know if it could be possible to have and separate Msg/IP
> scorring for messages with non printable characters in
> undecod
Of course - I do that now. I'm asking to have ASSP do the work for me.
I have two goals:
1. When supporting my users remotely, to speed my operations.
2. To allow users to unblock senders by simply sending them a test
email. This whitelists the sender now - but doesn't remove them from IP
>From the MaillogTail (where you can find the last blocked mail) simply
click on the IP-address and the email-address and take the required
actions in the opened dialog.
>3. Optionally, use DNS to find SPF records for address/domain and
remove from any Black/Blocklists
4. Optionally, use DNS
Hi Colin
Thanks for the tip will look at this ASAP.
/Anders
From: Colin
To: assp-test@lists.sourceforge.net
Date: 2012-09-10 15:10
Subject:Re: [Assp-test] Feature request.
Have a look at the following options:
uniqeIDLogging
uniqueIDPrefix
Should do what you are asking
Have a look at the following options:
uniqeIDLogging
uniqueIDPrefix
Should do what you are asking for already.
All the best,
Colin Waring.
On 10/09/2012 13:59, Anders Westin wrote:
> Hi Thomas
>
> Is it possible to get a some sort of session id in the log, that follows
> from connection to disc
On 2012-07-27 1:37 AM, Daniel L. Miller wrote:
> On 7/25/2012 10:54 AM, Charles Marcus wrote:
>> Ok, well...
>>
>> Can you point me to documentation that explains how to setup ASSP such
>> that it totally bypasses/disables all of the 'SMTP Proxy' functionality,
>> so that it works only as a post-q
On 7/25/2012 10:54 AM, Charles Marcus wrote:
> Ok, well...
>
> Can you point me to documentation that explains how to setup ASSP such
> that it totally bypasses/disables all of the 'SMTP Proxy' functionality,
> so that it works only as a post-queue Content Filter?
>
Did my last ASSP list-post prov
On 7/25/2012 10:54 AM, Charles Marcus wrote:
> On 2012-07-25 1:33 PM, Fritz Borgstedt wrote:
>> ASSP development mailing list schrei
>> bt:
>>> Could you (or Thomas) at least comment on the possibility/viability
>>> of splitting ASSP's functionality into pre and post processing 'modes'
>>> or 'mo
On 7/25/2012 9:38 AM, Charles Marcus wrote:
> On 2012-07-25 11:23 AM, Fritz Borgstedt wrote:
>> ASSP 1.9 is rocksolid and can be used pre/post.
> Understood, and thanks, but I would need full/solid SSL/TLS support, so
> v1 is no longer an option for me.
>
>> ASSP 2 is rocksolid and can be used pre
Absolutely
Sent from my Android phone using TouchDown (www.nitrodesk.com)
ASSP 1.9 is rocksolid and can be used pre/post.
ASSP 2 is rocksolid and can be used pre/post.
--
Live Security Virtual Conference
Exclusive li
ASSP development mailing list schrei
bt:
>
>Can you point me to documentation that explains how to setup ASSP such
>
>that it totally bypasses/disables all of the 'SMTP Proxy' functionalit
>y,
>so that it works only as a post-queue Content Filter?
Use listenPort for input from from (pre) queue
On 2012-07-25 1:33 PM, Fritz Borgstedt wrote:
> ASSP development mailing list schrei
> bt:
>> Could you (or Thomas) at least comment on the possibility/viability
>> of splitting ASSP's functionality into pre and post processing 'modes'
>> or 'modules' (for lack of a better term), so that we would
ASSP development mailing list schrei
bt:
>
>Could you (or Thomas) at least comment on the possibility/viability of
>
>splitting ASSP's functionality into pre and post processing 'modes' or
>
>'modules' (for lack of a better term), so that we would have the optio
>n
>of only implementing the conte
On 2012-07-25 12:46 PM, Fritz Borgstedt wrote:
> ASSP development mailing list schrei
> bt:
>> That said - and again, *please* do not take offense - but
>> complaints about new versions of v2 locking up/freezing/etc abound
>> on the assp-test list,
> There is a production version of ASSP V2 and
ASSP development mailing list schrei
bt:
>That said - and again, *please* do not take offense - but complaints
>about new versions of v2 locking up/freezing/etc abound on the assp-te
>st
>list,
There is a production version of ASSP V2 and a development version. Us
e the production version an
On 2012-07-25 11:23 AM, Fritz Borgstedt wrote:
> ASSP 1.9 is rocksolid and can be used pre/post.
Understood, and thanks, but I would need full/solid SSL/TLS support, so
v1 is no longer an option for me.
> ASSP 2 is rocksolid and can be used pre/post.
Well, I know a lot of mail admins who are p
ASSP 1.9 is rocksolid and can be used pre/post.
ASSP 2 is rocksolid and can be used pre/post.
--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has cha
Fritz,
Thank you! Will update asap.
Barry
-Oorspronkelijk bericht-
Van: Fritz Borgstedt [mailto:f...@iworld.de]
Verzonden: woensdag 4 april 2012 16:48
Aan: ASSP development mailing list
Onderwerp: Re: [Assp-test] Feature request v1.9.3.2
There is new dev version here:
http
There is new dev version here:
http://downloads.sourceforge.net/project/assp/ASSP%20Installation/Auto
Update/ASSP1dev/assp.pl.gz
with
- Hide IP in 'Received:' header (HideIP)
If set, ASSP will hide the IP and HELO in the 'Received:' header for l
ocal connections
--
Perhaps that should be a beter solution: all valid senders/clients will be
touched/changed then.
Thanks,
Barry
-Original Message-
From: Fritz Borgstedt [mailto:f...@iworld.de]
Sent: woensdag 4 april 2012 16:15
To: ASSP development mailing list
Subject: Re: [Assp-test] Feature request
ASSP development mailing list schrei
bt:
>
>The changed code checks if the connecting IP exists in acceptAllMail a
>nd,
>when matched, inserts the fake ip 127.0.0.1 and hostname internal. Whe
>n not
>match: nothing changes.
Should tis only be done for IPs in acceptAllMail or for all local co
> -Original Message-
> From: Hill, Brett [mailto:hil...@nlbusa.com]
> Sent: Wednesday, January 26, 2011 9:26 AM
> To: assp-test@lists.sourceforge.net
> Subject: [Assp-test] Feature Request 1.8.x (hopefully a simple one)
>
> Can you add a button to the ASSP interface to manually force an
>
One way to cope with locally modified versions of files that originate
in the ASSP source repository is to actually have 2 files for all the
file: files read by ASSP.
The original file could be read as file:data/BombExpression.txt and the
local as file:data/BombExpression.local.txt or similar f
On 10/10/2010 12:32 AM, Thomas Eckardt wrote:
> A real good implementation of an autoupdate of the support files is very
> difficult, because we need a line versioning not only a file versioning.
> This feature is still in conceptionel development.
>
> To get notified about changed files in the '
A real good implementation of an autoupdate of the support files is very
difficult, because we need a line versioning not only a file versioning.
This feature is still in conceptionel development.
To get notified about changed files in the 'stabil' area and the 'CVS'
area, I recommend to use th
pass the
> message, if the last spam detection flag does not belong to the Bayes
> check - for example 'messagescore'. This will be changed in 2.0.2_1.1.14.
>
> Thomas
>
>
>
> Von:Paul Schutte
> An: ASSP development mailing list
&
'messagescore'. This will be changed in 2.0.2_1.1.14.
Thomas
Von:Paul Schutte
An: ASSP development mailing list
Datum: 29.06.2010 17:05
Betreff: Re: [Assp-test] Feature request
Hi.
I see messages in the maillog.txt that looks like this:
2010-06-29 16:52:07 23121-1
While I am on a roll...
Another suggestion is to maybe give bonus points to messages that are
classed as "confident.ham" ?
We then would have finer grained control over what happen to bayesian
spams:
confident.ham => gets (adjustable) bonus score to help them over some
hurdles.
doubtful.ham => h
Hi.
I see messages in the maillog.txt that looks like this:
2010-06-29 16:52:07 23121-19670 [Worker_15]
[MessageLimit][lowconfidence] 67.195.8.63 to:
patr...@it.up.ac.za [spam found] and possibly passing because of low
confidence, otherwise blocked (MessageScore 89, limit 80) [Thank you for
using
Hello again.
Fritz, thank you for your advice about the (switchTestToScoring)
setting.
However, I stil see messages above (PenaltyMessageLimit) being delivered
to the users. These messages are tagged as spam (score 40-80 should be
tagged). Messages with scores above 80 should be blocked. I would
On 2010-06-25 4:53 AM, GrayHat wrote:
> exactly my point; it doesn't make sense imHo allowing users to
> change their passwords w/o checking them and then reject the
> emails due to "weak passwords"; the password issue must be
> dealt with at mailserver level
I don't think Matti meant that these s
>> ASSP is much more then a spamfilter (as you should know).
>> It provides Mail Routing, SSL, Virusscanning, connection
>> shaping and lots more usefull functions.
> Surely the testing for weak passwords should be done at the
> point that the password is changed - not somewhere else later
>
On 24/06/10 15:44, Matti Haack wrote:
> ASSP is much more then a spamfilter (as you should know). It provides
> Mail Routing, SSL, Virusscanning, connection shaping and lots more usefull
> functions.
>
Surely the testing for weak passwords should be done at the point that
the password is chan
Hello Greyhat,
there is no way in the API to access Hmailserver passwords - and
hmailserver only stores hashes in it's DB.
Of course, it would be easy to change the Admin Script. But so we
would have a solution covering any MTA. On My system I never had an
issue with weak passwords
> BTW Greyhat, could you be so kind and tell me wich
> application can test for weak passwords in connection
> with hmailserver? It seems as you have great experience
> with some appliances who would manage this.
I think you'll have to look at the hMailServer "scripting"
the program expos
ASSP is much more then a spamfilter (as you should know). It provides
Mail Routing, SSL, Virusscanning, connection shaping and lots more usefull
functions.
On my machine, toasting coffe and cleaning up the room runs fine :)
But it would be great if it also checks for weak passwords.
I think thi
> Weak Passwords are in the top 10 reasons for relaying spam. So I fell
> this could be part of ASSP
No, sorry, assp is a SPAMFILTER not a way to allow brain-dead
admins to plug some kind of "silver bullet" on their network and
feel better just because "they installed something"; if you want
or n
Weak Passwords are in the top 10 reasons for relaying spam. So I fell
this could be part of ASSP
Matti
>>> Good idea, but why not just use cracklib or something that is already
>>> designed and well tested for something like this:
>>
>>> http://search.cpan.org/dist/Crypt-Cracklib/Cracklib.pm
>>
>> Good idea, but why not just use cracklib or something that is already
>> designed and well tested for something like this:
>
>> http://search.cpan.org/dist/Crypt-Cracklib/Cracklib.pm
> This would be helpful too.
Nope; I don't think so, see... ASSP is a *spamfilter* not some kind
of "universal
Hello Thomas,
> I still not understand, what this should be for!? The SMTP password (used
> in the AUTH command) are stored and checked at the MTA - why should assp
> check its weakness, if the MTA should do this at the time when it is
> specfied?
You are right. But many MTAs have no option t
Matti and Charles,
I still not understand, what this should be for!? The SMTP password (used
in the AUTH command) are stored and checked at the MTA - why should assp
check its weakness, if the MTA should do this at the time when it is
specfied?
btw. this will only work, if a plain text (base6
On 2010-06-24 6:31 AM, Matti Haack wrote:
>> Good idea, but why not just use cracklib or something that is already
>> designed and well tested for something like this:
>>
>> http://search.cpan.org/dist/Crypt-Cracklib/Cracklib.pm
> This would be helpful too.
> But I think ASSP already includes lot
> Good idea, but why not just use cracklib or something that is already
> designed and well tested for something like this:
> http://search.cpan.org/dist/Crypt-Cracklib/Cracklib.pm
This would be helpful too.
But I think ASSP already includes lot of code to check regexes, so a
simple regex text
On 2010-06-24 6:08 AM, Matti Haack wrote:
> would it be possible to check incomming SMTP Passwords against a list
> of regexes and send a warning to the logfile if matching?
>
> Additionatly it would be good to check the PW not to be the user part
> or a substring of the userpart of the email ad
switchTestToScoring is off
On Tue, 2010-06-08 at 21:12 +0200, Fritz Borgstedt wrote:
> ASSP development mailing list
> schreibt:
> >The easiest to explain this is that had I turned Bayesian off, the
> >score
> >would have been 110 and the message blocked.
> >Now with Bayesian on, the score is 129
I am running ASSP version 2.0.2(1.1.09)
On Tue, 2010-06-08 at 21:12 +0200, Fritz Borgstedt wrote:
> ASSP development mailing list
> schreibt:
> >The easiest to explain this is that had I turned Bayesian off, the
> >score
> >would have been 110 and the message blocked.
> >Now with Bayesian on, the
ASSP development mailing list
schreibt:
>The easiest to explain this is that had I turned Bayesian off, the
>score
>would have been 110 and the message blocked.
>Now with Bayesian on, the score is 129.5,but message only gets tagged
>and passed on because of Bayesian uncertainty.
What version are
PM
To: ASSP development mailing list
Subject: Re: [Assp-test] Feature Request re IP Penalty Blocking
ASSP development mailing list
schreibt:
>Unlikely they
>will send you legitimate mail in the future anyway, more likely they
>will send spam after they expire from PB. Just my opinion...
OK, that should help. I'll give 1.6.0 a go.
-Original Message-
From: Fritz Borgstedt [mailto:f...@iworld.de]
Sent: Thursday, October 15, 2009 1:23 PM
To: ASSP development mailing list
Subject: Re: [Assp-test] Feature Request re IP Penalty Blocking
ASSP development mailing list
sch
Ok great, so everyone will have a choice now...I still choose never to
expire them.
On 10/15/2009 3:22 PM, Fritz Borgstedt wrote:
> ASSP development mailing list
> schreibt:
>
>> Unlikely they
>> will send you legitimate mail in the future anyway, more likely they
>> will send spam after they
ASSP development mailing list
schreibt:
>Unlikely they
>will send you legitimate mail in the future anyway, more likely they
>will send spam after they expire from PB. Just my opinion...
However in the newest version of V1 (1.6.0) the meaning of
ForcePBExtreme has changed:
Enforce Early Penal
Thursday, October 15, 2009 11:48 AM
> To: ASSP development mailing list
> Subject: Re: [Assp-test] Feature Request re IP Penalty Blocking
>
> You have the option to export Penalty Extreme, and can export them
> directly into your denysmtpfrom...file (make sure the append option is
&
t
Subject: Re: [Assp-test] Feature Request re IP Penalty Blocking
You have the option to export Penalty Extreme, and can export them
directly into your denysmtpfrom...file (make sure the append option is
used). I think this is what you wanted
On 10/15/2009 1:23 PM, Steve Moss wrote:
> Here&#
You have the option to export Penalty Extreme, and can export them
directly into your denysmtpfrom...file (make sure the append option is
used). I think this is what you wanted
On 10/15/2009 1:23 PM, Steve Moss wrote:
> Here's my situation: as shown by my ASSP envelope recipient statistics,
>
> I think it could be helpful, if ASSP would check all URLs in inomming
> mails with googel safebrowsing to filter out Phising and Malware
> emails:
> http://code.google.com/intl/de/apis/safebrowsing/developers_guide.html
as far as I can tell (and if I recall it correctly), using the
additional C
Hello
Is it possibile to use ASSP with native IPv6?
If not, when can it be done?
IPv4 addresses are running out beginning 2010.
Many ISPs are implementing 'dual stack' now.
Regards Milan
-
This SF.Net email is spo
let's publish 1.4 (and maybe 2?) on SF!
I think both versions run very well even on priduction systems.
Collect all new features for the next versions. We should make a
"whislist" on the Wiki, where anybody can describe his ideas.
Matti
>> ASSP 1.4.1 is going to be published on SF. Is this featu
> ASSP 1.4.1 is going to be published on SF. Is this feature important
> enough to put it in 1.4.1 or should I start 1.4.2 beta?
imVHo 1.4.1 is as good as it may be, so let's freeze
it and queue the idea as a "whish" for the 1.4.2
--
>If you're asking ME
No, I was asking the list.
-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a
Fritz Borgstedt wrote:
> ASSP 1.4.1 is going to be published on SF. Is this feature important
> enough to put it in 1.4.1 or should I start 1.4.2 beta?
I don't think the release of 1.4.1 should wait. I think its a great
concept, but nothing that worth putting 1.4.1 off for.
signature.asc
Descri
Fritz Borgstedt wrote:
>> Under the model I've described, both DNSBL tests need to be
>> performed,
>> as one test might only score, while the other will either block or
>> add
>> significantly to the score. For this reason also, the standard test
>> should come first as it may result in a bloc
>Under the model I've described, both DNSBL tests need to be
>performed,
>as one test might only score, while the other will either block or
>add
>significantly to the score. For this reason also, the standard test
>should come first as it may result in a block.
ASSP 1.4.1 is going to be pub
Fritz Borgstedt wrote:
> GrayHat <[EMAIL PROTECTED]> schreibt:
>
>> I think that setting up an
>> "AggressiveDNSBL" entry may be of help; I mean; conservative
>> DNSBLs entered in the existing "RBLserviceprovider" will still
>> act as they do now; while the additional entries will have an option
Fritz Borgstedt wrote:
> Would you agree, that the blocking/scoring strategy in ASSP is very
> flexible as it is now, and it is valid not for DNSBL alone. Should I
> support inferior (IMHO) strategies because they are easier to grasp?
For usabilities sake? Yes. Or we need to make the superior
GrayHat wrote:
> till now, all ok, but ...
>
> an incoming mail hits (say) "zen.spamhaus.org" and since it's a
> conservative
> list you want to BLOCK the incoming mail, but since there's no hit from
> other
> lists, the message goes through
>
Surely the chances of this happening are practical
GrayHat <[EMAIL PROTECTED]> schreibt:
> I think that setting up an
>"AggressiveDNSBL" entry may be of help; I mean; conservative
>DNSBLs entered in the existing "RBLserviceprovider" will still
>act as they do now; while the additional entries will have an option
>to set them up as "disabled/monitor
>I'm not saying your approach is wrong or bad, just that probably
>most people will find easier to handle such a "double list" than
>fiddling with the scores list ;-)
Would you agree, that the blocking/scoring strategy in ASSP is very
flexible as it is now, and it is valid not for DNSBL alone.
>> an incoming mail hits (say) "zen.spamhaus.org" and since
>> it's a conservative list you want to BLOCK the incoming mail,
>> but since there's no hit from other lists, the message goes
>> through
> May be, may be not.
uh ?!?
> The current ASSP system is always a combination of blocking
> and
GrayHat <[EMAIL PROTECTED]> schreibt:
>an incoming mail hits (say) "zen.spamhaus.org" and since it's a
>conservative
>list you want to BLOCK the incoming mail, but since there's no hit
>from
>other
>lists, the message goes through
May be, may be not.
The current ASSP system is always a combinati
>> This leads me to ask for another modification - can you add links
>> from
>> each of the test enable dropdowns (disabled/block/monitor/score) to
>> the
>> appropriate PB scoring value and the reverse? I think it will really
>> make adjusting these values easier - especially for newcomers to
AS
Fritz Borgstedt wrote:
>> This leads me to ask for another modification - can you add links
>>
> >from
>
>> each of the test enable dropdowns (disabled/block/monitor/score) to
>> the
>> appropriate PB scoring value and the reverse? I think it will really
>> make adjusting these values e
>
>This leads me to ask for another modification - can you add links
>from
>each of the test enable dropdowns (disabled/block/monitor/score) to
>the
>appropriate PB scoring value and the reverse? I think it will really
>make adjusting these values easier - especially for newcomers to ASSP.
Th
[EMAIL PROTECTED] schreibt:
>but why do YOU choose not use it in this manner
>for the default?
because i have no experience with the results of this check, and I
tend to start with a lower value.
-
This SF.Net email is spon
Fritz Borgstedt wrote:
> You may look for this feature in 1.4.1.3 in section "Sender
> Validation".
>
Thank you - this looks exciting. I see the four new strictFrom
parameters in the "Validate Sender" section. I'm guessing the
fromValencePB is the applicable scoring value?
This leads me to
You may look for this feature in 1.4.1.3 in section "Sender
Validation".
-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great pr
suggestion hasn't got anything to do with it.
One could call it 'EnvelopeStrict'
JP
-Oorspronkelijk bericht-
Van: Daniel L. Miller [mailto:[EMAIL PROTECTED]
Verzonden: maandag 6 oktober 2008 23:14
Aan: ASSP development mailing list
Onderwerp: Re: [Assp-test] Feature requ
Fritz Borgstedt wrote:
> ASSP development mailing list
> schreibt:
>
>> ie: Score but don't reject if [ http://citibank.com
>> ]http://citibank.com fails SPF, but if paypal fails, outright reject
>> it.
>>
>
> Please try the latest 1.4.1
>
Thanx! Will let you know if we still get paypa
ASSP development mailing list
schreibt:
>
>ie: Score but don't reject if [ http://citibank.com
>]http://citibank.com fails SPF, but if paypal fails, outright reject
>it.
Please try the latest 1.4.1
-
This SF.Net email is sp
ensdag 24 september 2008 4:12
> *Aan:* Daniel Miller; ASSP development mailing list
> *Onderwerp:* Re: [Assp-test] Feature request: strict sender domain
>
>
>
> That would definitely be useful!
>
>
>
> Maybe also a reject if spf fail domain. That would help for those of
I requested that feature a year ago and it’s in there as long…. ( SPFstrict )
SPFfail = block of course….
Van: Ken Post [mailto:[EMAIL PROTECTED]
Verzonden: woensdag 24 september 2008 4:12
Aan: Daniel Miller; ASSP development mailing list
Onderwerp: Re: [Assp-test] Feature request: strict
That would definitely be useful!
Maybe also a reject if spf fail domain. That would help for those of us who
score only for spf, but for sites like paypal want to outright reject if spf
fails.
On Mon, Sep 22, 2008 at 6:37 PM, Daniel L. Miller <[EMAIL PROTECTED]> wrote:
> Jean-Pierre van Melis w
GrayHat wrote:
At the moment I'm using a script for such a job, but
having ASSP doing this by default would be of great
help imHo
+1
At some point if we could get to more logical storage of the data, the
better off future works, tools, etc will be. At least something CSV,
etc, for the non-D
>Send it to the redlist.
Ah. I had to look in close detail at the redRe description to see
this. I had not seen that the red list serves two distinct purposes.
The first paragraph appears to summarise the function of the red
list. The second paragraph does not make it immediately obvious that
>
>Send it to the redlist.
I forgot to mention, there is even a setting, which will add
automatically this type of flip-flopper to the redlist:
Add Whitelist Removals To Redlist (EmailWhiteRemovalToRed)
If set addresses which are removed from Whitelist will automatically
be added to the Redlist
>Is there a way to put addresses into a 'do not whitelist' list? That
>way, we can be sure that there are no accidental whitelistings of
>addresses from which we NEVER want e-mail when e-mail is sent to
>those addresses. This server is single-threaded and cannot be updated
>to multi-threading,
> Ohh, I had never heard of that DNSBL - thanks!
a bit of caution is needed here; I tested the backscatterer list and
sometimes you face false-positives or better said, the list includes
some "legitimate mail server" which.. ok, may be sending bounces
but which you don't want (or can't afford) to
Ohh, I had never heard of that DNSBL - thanks!
Patrick Neill wrote:
Another tool could be to add selective Blacklist queries just for null <> and
Postmaster senders and then check these against a backscatter blacklist. For
example http://www.backscatterer.org/
Disadvantage: this is more resourc
Another tool could be to add selective Blacklist queries just for null <> and
Postmaster senders and then check these against a backscatter blacklist. For
example http://www.backscatterer.org/
Disadvantage: this is more resource intensive than an inbuilt check against
message IDs
Micheal Espin
That would be an extremely useful feature. For new versions of ASSP a built
in solution would be nice.
For existing installations some Regex tricks might do. There is a howto for
Postfix:
http://www.postfix.org/BACKSCATTER_README.html
I tried this some time ago with ASSP but unfortunately my Re
GrayHat wrote:
>> I'm more or less thinking out-loud about ideas of things to do with
> I'm thinking out-loud as well, I find it useful when it comes to
> exploring
> ideas :) anyways let's try an example
>
> you send out an email from [EMAIL PROTECTED] through your ASSP
>
> Your ASSP picks the
> I'm more or less thinking out-loud about ideas of things to do with
and
> about backscatter.If a domain gets targeted for it, the PB could
be
> useful in generating a profiled score for blocking IP sessions until
it
> passes.
I'm thinking out-loud as well, I find it useful when it comes to
e
GrayHat wrote:
the problem then is... will the NDR sending MTA keep that header ?
Or will it just throw away it ? In the latter case the "X-Header"
won't
be of any help; that's why I thought to "mangling" the mail address
since that one WILL be used to send back the NDR
A
>> the problem then is... will the NDR sending MTA keep that header ?
>> Or will it just throw away it ? In the latter case the "X-Header"
won't
>> be of any help; that's why I thought to "mangling" the mail address
>> since that one WILL be used to send back the NDR
> A good question. I'm not su
1 - 100 of 116 matches
Mail list logo
