Karl Runge writes:
>It is possible you have an oddly named file " ^Subject: (ADV:)"
>that contains those missing ~ 100 emails of yours.
You're right!
$ ls -l *Sub*
-rw---1 jrv jrv 2555170 May 13 19:26 ^Subject:
Thank you very much!
- Jim Van Zandt
*
> > (http://razor.sourceforge.net/). It's a distributed SPAM checking
> > system.
>
> I noticed this a while back, and it looks very interesting. However
> just the other day I read a comment at Slashdot that someone has been
> poisoning the razor database, so th
Rich Payne <[EMAIL PROTECTED]> writes:
> you may want to have a look at razor
> (http://razor.sourceforge.net/). It's a distributed SPAM checking
> system.
I noticed this a while back, and it looks very interesting. However
just the other day I read a comment at Slashdot t
miliar with the header you're going for..
Maybe a quarter of my spam is in some foreign language, and includes
a header line like this:
Content-Type: text/html; charset="ks_c_5601-1987"
I've also added this rule
:0 B # some worm
* TVqQAAME//8
On Fri, 2002-05-17 at 12:51, Mark Komarinski wrote:
> I heartily recommend spamassassin. It used a variety of weightings to
> see if the mail you have is spam. For example, if the mail is listed
> in Razor, it's worth 2 points, and if it came from a site listed in one
> of the
I heartily recommend spamassassin. It used a variety of weightings to
see if the mail you have is spam. For example, if the mail is listed
in Razor, it's worth 2 points, and if it came from a site listed in one
of the RBLs, it's worth a few points, and so on. You can configure the
we
On Thu, 16 May 2002, James R. Van Zandt wrote:
> If someone has a non-risky way to test procmail rules, I'd appreciate
> hearing about it.
Don't send to /dev/null at first, send to something you can get to with
your mail reader - ~/mail/filtered or something usually works for me.
> :0 H
I have no idea what's wrong with this...however you may want to have a
look at razor (http://razor.sourceforge.net/). It's a distributed SPAM
checking system. Basically you don't have to worry about keeping a list
of the senders etcyou just use procmail to pass all yo
I've been running a simple procmail filter to get rid of spam from
some specific sites. The sample below only includes a few of the
addresses, but even with the whole list it's no longer very effective.
Last weekend I decided to tune it up to filter out more of the spam.
I added the
Given the recent discussion of Yahoo's "free" email service, I felt some
list members might find this story interesting:
http://www.msnbc.com/news/731517.asp
Maybe loosing access to their "free" email service isn't such a bad thing
after all. ;-)
--
Ben Scott <[EMAIL PROTECTED]>
Paul Lussier <[EMAIL PROTECTED]> writes:
> There are some plug-in modules for procmail which do "weighting" of
> e-mail. If an e-mail scores some number of points, it's counted as
> spam, and redirected to a folder of your choosing (/dev/null *is* a
> valid
y written this...
There are some plug-in modules for procmail which do "weighting" of
e-mail. If an e-mail scores some number of points, it's counted as
spam, and redirected to a folder of your choosing (/dev/null *is* a
valid folder :)
There's also 'ifile' menti
On Wed, Mar 13, 2002 at 11:13:07AM -0500, Mark Komarinski wrote:
> I had an interesting thought today, but it's a real strange one, so
> follow along:
>
> Most spam shows up with bad headers like the From: line saying
> "[EMAIL PROTECTED]". Is there any way
before allowing the communication to continue? I
> > know a lot of mail systems disable VRFY, since it allows a spammer
> > to find out who is there, but that's pretty much dead anyway since a
>
> VRFY can be abused for more than just spam. For instance, it can provide
> hin
n't the MTA hit the MX for mail.com
>>> and VRFY that the account is valid? If it's valid, it comes
>>> through. If not *wham* gets immediately flagged as spam and goes
>>> to an alternate box or whatever.
It takes but a few minutes to obtain an account on Yah
d for more than just spam. For instance, it can provide
hints as to what login names exist, to facilitate break-ins.
>> deliver something to me, why can't the MTA hit the MX for mail.com
> and VRFY that the account is valid? If it's valid, it comes
The effect of this would be to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Mar 13, 2002 at 11:13:07AM -0500, Mark Komarinski wrote:
> Or can procmail do this?
Procmail can do *anything* because you can use it to filter mail
through programs of your choosing. The question is, has anyone
written code to do this, and
I had an interesting thought today, but it's a real strange one, so
follow along:
Most spam shows up with bad headers like the From: line saying
"[EMAIL PROTECTED]". Is there any way for an MTA to reverse-VRFY
a sending account before allowing the communication to continue?
"Tom Buskey" <[EMAIL PROTECTED]> said, among other things:
>>> Combine that with procmail & you can filter lots of it to a spam folder.
>>> Add ifile & it will watch how you refile messages in exmh/MH and will
>>> learn how you do it. Then
as opposed to IMAP or *gasp*, Microsoft Exchange.
>One of the nice parts about exmh, from an end-user perspective, is
>the ability to have the abstracts of the new mail listed on the screen
>before I actually open an individual e-mail. This morning, I had 54
>new mail messages, 8 of
At 02:57 PM 3/11/2002 -0500, Ed Robbins wrote:
>Has anyone given a talk on Spam control? I've been fighting it for several
>months now and I'm finally making some headway. Of course, I run my own mail
>server so I have a lot more control over what I can do. I started with
Paul,
I tried to return your email, but I get a response back from mindspring
saying your an unknown user.
I would be interested in speaking, I'm no expert but I can certianly share my
experiences.
What are the dates of the April and May meetings?
Ed
*
Has anyone given a talk on Spam control? I've been fighting it for several
months now and I'm finally making some headway. Of course, I run my own mail
server so I have a lot more control over what I can do. I started with
access databases within sendmail and kept spam domains
In a message dated: Mon, 11 Mar 2002 09:04:45 EST
Bayard Coolidge USG said:
>This morning, I had 54 new mail messages, 8 of which were spam.
>I was able to use a separate xterm window to cd into my 'inbox'
>directory, do an 'rm' of the offending messages, and then
I spent the week-end getting SpamAssassin set up and working
on my behalf. FWIW, I updated my description of the process:
http://Ken.Coar.Org/musings/spam-fighting.html>.
Just in time; last night I received more than 800 spam messages. (!)
--
#kenP-)}
Ken Coar, Sanagendamgagwedwein
n end-user perspective, is
the ability to have the abstracts of the new mail listed on the screen
before I actually open an individual e-mail. This morning, I had 54
new mail messages, 8 of which were spam. I was able to use a separate
xterm window to cd into my 'inbox' directory, do an 'rm
ely against open relays, closing
> them up will not really eliminate the problem. All it will do is
> cause spammers to have their own Linux box running sendmail that will
> allow them to send their spam. Or become otherwise more resourceful.
>
> What eliminating open relays really does is
initely against open relays, closing
them up will not really eliminate the problem. All it will do is
cause spammers to have their own Linux box running sendmail that will
allow them to send their spam. Or become otherwise more resourceful.
What eliminating open relays really does is make it
On Sun, Mar 10, 2002 at 01:36:39PM -0800, Karl J. Runge wrote:
> Boy, now I am really confused about what you are trying to accomplish...
Me too. ;-)
> Yes, mail is a store and forward model, and so can originate from anywhere.
>
> Perhaps you can provide some simple examples of what you want
Although I still am strongly against open relays, something did just
occur to me. I think my ISP sysadmin actually said this, but even if
he didn't it's still an open question.
What about secondary MX services? When a provider offers secondary MX,
as my home DSL provider does, it is now nece
they no longer want you as a customer. It can be because you
use host offensive content, cause too much trouble, or just because they
don't like your face. It is their right. It is their network, not yours.
You are, of course, free to go to their competition. But if their
competition all
One the subject of SPAM I installed razor the other day
(razor.sourceforge.net), it's basically a distributed SPAM identification
system. Using procmail you feed each message through razor-check. It
creates some unique ID on the message (MD5 sum or some such) and compares
it against t
On Fri, Mar 08, 2002 at 07:13:05PM -0500, Ken D'Ambrosio wrote:
> On Fri, 2002-03-08 at 18:57, Paul Iadonisi wrote:
[snip]
> Time to dump 'em, and let us know who they are.
I thought I'ld get some confirmation on this list. Let the opinions keep
pouring in, though. I think I have a good ide
rther:
"The problem isn't front doors left open when people go on vacation,
it's the people that go inside and *take* stuff." I mean, duh. An open
relay is simply inexcusable in this day and age. 10, 15 years ago, when
spam was essentially unknown (I remember my first "sp
I have a problem. This message is likely to cause some tempers to flare.
But I'm getting utterly pissed off about spam. Not just annoyed, but pissed
off so much, that I'm not sure what to do with the anger.
You see, I manage the small infrastructure for what is to be an ASP. We
h
Jack Hodgson <[EMAIL PROTECTED]> writes:
> Probably not from sourceforge. The spam in question.
>
> ===
>
> To: [EMAIL PROTECTED]
> Subject: URGENT BUSINESS PROPOSAL. ( CONFIDENTIAl)
>
> FROM:BARR.IBRAH
Jack Hodgson <[EMAIL PROTECTED]> writes:
> I got a spam last night that appeared to be addressed to
>
> @users.sourceforge.net
>
> I've only registered at sourceforge recently, so maybe this happens
> alot, but two things:
>
> 1. I didn't
John Abreau wrote:
>I notice you didn't give any details about the actual message...
>
>...are you sure it wasn't just the monthly reminder you received?
Probably not from sourceforge. The spam in question.
===
To: [EMAIL
> That said, I'd hardly be surprised if VA started selling off that
> info. OTOH, I haven't received any spam from them (that I know of).
>
> :)
Good thing you smiled when you said that.
It would be much easier to harvest at Slashdot ;0. VA has not gone
totally to t
Jack Hodgson <[EMAIL PROTECTED]> writes:
> I got a spam last night that appeared to be addressed to
>
> @users.sourceforge.net
>
> I've only registered at sourceforge recently, so maybe this happens
> alot, but two things:
Since you brought the subject o
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
At some point hitherto, Jack Hodgson hath spake thusly:
> I got a spam last night that appeared to be addressed to
>
>@users.sourceforge.net
>
> I've only registered at sourceforge recently, so maybe this happens
> alot,
I got a spam last night that appeared to be addressed to
@users.sourceforge.net
I've only registered at sourceforge recently, so maybe this happens
alot, but two things:
1. I didn't know that an email address came with the registration, and,
2. Hey! How'd the spamme
>I've forwarded the offending message to Mark Gelinas, so give him
>a little while to look into it for us, and work the issue with our
>sys admins here. Your patience is appreciated.
I can normally look at the headers of a SPAM message
and see where the chain of trust was
I've forwarded the offending message to Mark Gelinas, so give him a
little while to look into it for us, and work the issue with our
sys admins here. Your patience is appreciated.
Bayard
---
Bayard R. Coolidge N1HODISC
It isn't. I checked `who gnhlug` and it isn't on there.
Quoting mike ledoux <[EMAIL PROTECTED]>:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Wed, Jan 09, 2002 at 11:17:16PM -0500, Kenneth E. Lussier wrote:
> > Uh, I thought that this was already delt with? I thought that we went
>
Uh, I thought that this was already delt with? I thought that we went
subscriber-only a long time ago
[EMAIL PROTECTED] wrote:
>
>
>
> This email message is sent in compliance with the 106th Congress E
>...I started adding +comments to my email address
>several months back, and have been filtering mail based on those
>since.
>Makes it much easier to catch SPAM in the filters that way.
Aha! Now THIS is what I wanted to get into from the beginning! How
might li'l ol'
Unfortunately I needed to send this due to the fact that I had to change my
sendmail since switching to my DSL line. I had a normal looking hostname
with my MediaOne account. Now I get this weird one. But I hope it reverses.
If not then the apology is not necessary since you will not even see t
48 matches
Mail list logo