On 30 Sep 2004 at 16:27, Jason Gurtz wrote:
> Are you getting your users via LDAP?
No.
On 30 Sep 2004 at 13:51, [EMAIL PROTECTED] wrote:
> We do something similar. Instead of checking from MIMEDefang, we
> have a cron.hourly job query the AD server using LDAP, and build a
> sendmail /etc/mail/
On 30 Sep 2004 at 12:45, Jim McCullars wrote:
>Well, at the risk of exposing by backside:
>
> $bad_exts = '(bat|cmd|com|cpl|exe|hta|lnk|pif|reg|scr|shs|vb|vbe|vbs|zi)';
Ouch...there's far too many that are just as bad as those:
.INS:
Internet Settings file...can change your IE setup to us
Johann wrote:
[snip]
http://fedora.redhat.com/download/
It is the only thing that will get rid of all the malware you have now,
including Windows 2000. :-)
a good pair of wire cutters will prevent spyware too.
___
Visit http://www.mimedefang.org and htt
On Thu, 30 Sep 2004, Michael Faurot wrote:
> Particularly, how do I modify the sender's address in the envelope?
You can't (at least not directly). Milter doesn't support that.
You have to mail out a new copy of the message (with a new envelope sender)
and discard the original. This is fraught
On Fri, 1 Oct 2004 10:34:25 +1000, "Matt Smith" <[EMAIL PROTECTED]>
wrote:
>"Nathan Martinez" <[EMAIL PROTECTED]> wrote:
>
>> would give URIDNSBL a try, but I can't seem to get its rules to run. I
>> have $SALocalTestsOnly = 0 in my mimedefang-filter.
>
>Hi Nathan,
>
>Having just enabled this fea
Bill Maidment wrote:
I've had mimedefang-2.45 spamassassin-3.0.0 clamav-0.80rc2 running for
about a week OK on a dual opteron. Then yesterday a friendly bz2 file
came in as an attachment and clamav threw a fit. I upgraded to
clamav-0.80rc3 and still had the same problem, so I went back to
clam
On Thu, 30 Sep 2004 07:19:25 -0400 (EDT), "David F. Skoll"
<[EMAIL PROTECTED]> wrote:
>On Thu, 30 Sep 2004, Tim Boyer wrote:
>
>> Hmmm, either that didn't work, or (much more likely) I'm doing it
>> wrong:
>>
>> resend_message('[EMAIL PROTECTED]');
>
>You want:
>
> resend_mes
"Nathan Martinez" <[EMAIL PROTECTED]> wrote:
> would give URIDNSBL a try, but I can't seem to get its rules to run. I
> have $SALocalTestsOnly = 0 in my mimedefang-filter.
Hi Nathan,
Having just enabled this feature myself (MD v2.41/2.38 + SA 2.63), and
experienced the frustration when it didn'
I'm researching how to implement SRS within MIMEDefang using the Mail::SRS
Perl module. At the moment I'm trying to figure out the first half of
the SRS puzzle. I'm trying to decide where would be the best place,
within mimedefang-filter, to implement the sender envelope re-writing
and how to do
Mark Penkower wrote:
This is off topic, but I suspect that people on this list may have an
answer.
I need a product to block spyware, adware and other related crap from
infecting Windows 2000 PC's.
http://fedora.redhat.com/download/
It is the only thing that will get rid of all the malware you
Jeff Rife wrote:
> I posted this to the sendmail newsgroup and got an answer that uses
> sendmail rulesets. Since I don't understand these as well as I
> understand Perl (since I'm a Perl beginner, that tells you
> how little I
> can deal with sendmail rules), I'd like a way to do this from within
On 9/30/2004 15:53, Jeff Rife wrote:
> The need arose because our mail server gets its user list from Active
> Directory, but not every one of the users listed there should get e-
> mail (a good example is all the "machine" users). I can easily put all
> the real e-mail users into a AD group wh
I posted this to the sendmail newsgroup and got an answer that uses
sendmail rulesets. Since I don't understand these as well as I
understand Perl (since I'm a Perl beginner, that tells you how little I
can deal with sendmail rules), I'd like a way to do this from within
MIMEDefang.
The need
We have been looking at websense to block them at our http proxy.
Preliminary evaluations were impressive and our pc admins noticed a
sharp drop in problems associated with spyware during our evaluation period.
otherwise you can look at something like spybot ( freeware ) and install
it on each
Jason Gurtz wrote:
> On 9/30/2004 13:45, Jim McCullars wrote:
>>
>> On Thu, 30 Sep 2004, Stephen J Smoogen wrote:
>>
about 10 or so that are commonly used to send mail bombs. .vcf
isn't one of them.
>>>
>>> Which 10?
>>
>>Well, at the risk of exposing by backside:
>
> Can't reme
This is off topic, but I suspect that people on this list may have an answer.
I need a product to block spyware, adware and other related crap from
infecting Windows 2000 PC's.
Symantec has basically given up and admitted that the authors of these
assorted malware are better programmers than the
On 9/30/2004 13:45, Jim McCullars wrote:
>
> On Thu, 30 Sep 2004, Stephen J Smoogen wrote:
>
>> > about 10 or so that are commonly used to send mail bombs. .vcf isn't one
>> > of them.
>>
>> Which 10?
>
>Well, at the risk of exposing by backside:
Can't remember what the default are but I'v
Hello All,
I have just upgraded to mimedefang 2.45 and SA 3.0. I thought that I
would give URIDNSBL a try, but I can't seem to get its rules to run. I
have $SALocalTestsOnly = 0 in my mimedefang-filter. I also have
'loadplugin Mail::SpamAssassin::Plugin::URIDNSBL' in my init.pre file.
Is there
On Thu, 30 Sep 2004, Kevin A. McGrail wrote:
> Fairly certain .vcs is a vCalendar format for doing calendar and event
> exports. It is used by Outlook and Palm as well as Apple's iCal.
It is. We have a webmail app that uses vcs to send calendar appointments.
I setup mimedefang to only allow v
Kevin A. McGrail wrote:
> Fairly certain .vcs is a vCalendar format for doing calendar and event
> exports. It is used by Outlook and Palm as well as Apple's iCal.
Yup, you're right - just checked my file types and sure enough .vcs is handled by
Outlook.
So it is a potential virus risk... it cou
Ben Kamen wrote:
> I thought .vcs was for virtual cards?
>
> i.e. Palm Desktop (the windows program for PalmOS handhelds) and
> others, etc..etc... (or was that .vcd?)
>
> Anyway - just a thought..
>
> -Ben
That's .vcf
___
Visit http://www.mimedefa
On Thu, 30 Sep 2004, Stephen J Smoogen wrote:
> > about 10 or so that are commonly used to send mail bombs. .vcf isn't one
> > of them.
> >
> >
>
> Which 10?
Well, at the risk of exposing by backside:
$bad_exts = '(bat|cmd|com|cpl|exe|hta|lnk|pif|reg|scr|shs|vb|vbe|vbs|zi)';
Jim McCullar
Fairly certain .vcs is a vCalendar format for doing calendar and event
exports. It is used by Outlook and Palm as well as Apple's iCal.
More info in RFCs 2425, 2526, 2445, 2446 & 2447 -- http://www.imc.org/pdi/
A quick web search and guess what? Microsoft has issued related security
patches, se
On Thu, 30 Sep 2004, Troy Carpenter wrote:
> > The backup MX is violating a SHOULD requirement of RFC 2821:
> Well, like you said, this is a SHOULD, not a MUST.
Agreed. But in this case, it's a particularly dumb idea, because your
internal mail server might decide to reject mail from a blacklis
On 30 Sep 2004 at 7:19, David F. Skoll wrote:
> > Hmmm, either that didn't work, or (much more likely) I'm doing it
> > wrong:
> >
> > resend_message('[EMAIL PROTECTED]');
>
> You want:
>
> resend_message_one_recipient('[EMAIL PROTECTED]');
Is there a reason this function
> Date: Thu, 30 Sep 2004 11:41:17 -0400 (EDT)
> From: "David F. Skoll" <[EMAIL PROTECTED]>
> Subject: Re: [Mimedefang] Postmaster, <>, and a Backup MX
> To: [EMAIL PROTECTED]
> Message-ID:
> <[EMAIL PROTECTED]>
> Content-Type: TEXT/PLAIN; charset=US-ASCII
>
> {snip}
>
> The backup MX is viola
I thought .vcs was for virtual cards?
i.e. Palm Desktop (the windows program for PalmOS handhelds) and others,
etc..etc... (or was that .vcd?)
Anyway - just a thought..
-Ben
[EMAIL PROTECTED] wrote:
Jim Hatfield wrote:
I see that .vcs is listed in filter_bad_filename.
One of my users is subscrib
David F. Skoll wrote:
You want:
>
resend_message_one_recipient('[EMAIL PROTECTED]');
I don't see this in my man page for mimedefang-filter (2.44), and as far
as I can tell, resend_message($oneaddress) seems to be working here --
though I think I'd better re-check that to make sure. Is this new i
Jim Hatfield wrote:
> I see that .vcs is listed in filter_bad_filename.
>
> One of my users is subscribed to a mailing list and there
> are often mails to the list with attachments called vcal.vcs.
> Because we reject these at the gateway, the list management
> software is getting tetchy and threa
I see that .vcs is listed in filter_bad_filename.
One of my users is subscribed to a mailing list and there
are often mails to the list with attachments called vcal.vcs.
Because we reject these at the gateway, the list management
software is getting tetchy and threatening to remove him
from the li
Jim McCullars wrote:
On Thu, 30 Sep 2004, Jim Hatfield wrote:
I see that .vcs is listed in filter_bad_filename.
I think David got those extensions from a list that Microsoft published
at one time. At my site, I pared the list down considerably, to a list of
about 10 or so that are commonly us
Troy,
David's reject is done after the DATA stage, and the response to the "RCPT TO:
postmaster" command is an OK code. In your case, the connection is dropped
after the RCPT TO:, so there is no reject.
Under the circumstances you describe, his system would behave correctly - the
check for user
On Thu, 30 Sep 2004, Jim Hatfield wrote:
> I see that .vcs is listed in filter_bad_filename.
I think David got those extensions from a list that Microsoft published
at one time. At my site, I pared the list down considerably, to a list of
about 10 or so that are commonly used to send mail b
On Thu, 30 Sep 2004, Troy Carpenter wrote:
> It turns out that when the backup MX is receiving mail for my domain
> (either because my server is down or a spammer bypassed my primary MX),
> the backup MX would open an SMTP session using <> in the MAIL FROM: line,
> then use the receiver name in th
David,
After reading all the posts on the rfc-ignorant situation, I agree with
your stance on the issue, but...
I just came across an interesting scenario that may not pass muster with
your test. I have a backup MX for my domain. After investigating some
interesting entries in my maillog, I fou
I've had mimedefang-2.45 spamassassin-3.0.0 clamav-0.80rc2 running for
about a week OK on a dual opteron. Then yesterday a friendly bz2 file
came in as an attachment and clamav threw a fit. I upgraded to
clamav-0.80rc3 and still had the same problem, so I went back to
clamav-0.75.1 which handle
On Thu, 30 Sep 2004, Tim Boyer wrote:
> Hmmm, either that didn't work, or (much more likely) I'm doing it
> wrong:
>
> resend_message('[EMAIL PROTECTED]');
You want:
resend_message_one_recipient('[EMAIL PROTECTED]');
> But can I quarantine _and_ bounce?
Yes, sure.
Rega
On Wed, 29 Sep 2004 16:35:29 -0700, Kelson <[EMAIL PROTECTED]> wrote:
>Tim Boyer wrote:
>> Is there any way for the same message to be bounced, AND send a copy to
>> postmaster? Until I get comfortable with SpamAssassin, I'd like Postmaster
>> to take a look at what's bouncing.
>
>Call "resend_me
38 matches
Mail list logo
