Try something like this and put all the "opt-out" address in the
whitelist.db file. Call the routine like this.
$auto_whitelist = 0;
if (lookup_whitelist()) {
$auto_whitelist = 1;
}
Then add this to the filter end area after the spam assassin checks and
before the tagging lines.
If ($au
James Ebright wrote:
> Nothing is 100% but you can make it difficult enough or unlikely
> enough that they will go look for easier targets... Our experience
> was that simply checking the webserver env URI referrer variable was
> often good enough in this scenario.
True; I *was* a little harsh, a
Well, it has been quite some time since I have done any serious web
development (and the platform back then was netscapes enterprise server on
solaris 2.52), but...
Pull the referrer from the web server environment, not javascript or anything
else client side, in fact, if you are that paranoid it
On Sep 8, 2005, at 11:33 AM, <[EMAIL PROTECTED]> wrote:
David Koski wrote:
I'm looking for a filter to allow an opt-out per user using any type
of filtering (Or more in the case, I would prefer to allow the user
to opt-out of using SpamAssassin but not Clamav (But an example that
just allows t
James Ebright wrote:
> Check the URI referrer and only allow the web form to be hit FROM the URLS
> that it should be linked to otherwise simply return an error similar to
> unauthorized access attempt
Referrer can be faked. You can't trust any data supplied by the client.
Also, people who
Check the URI referrer and only allow the web form to be hit FROM the URLS
that it should be linked to otherwise simply return an error similar to
unauthorized access attempt
This prevents these types of script interaction with a webform quite
effectively typically as it outright prevents dire
Oliver Schulze L. wrote:
> I'm subscribed to freshmeat.net's mimedefang anounce list, but just now
> I noted that the project is named 'mimedefanger', is this correct?
> http://freshmeat.net/projects/mimedefanger/
That's Freshmeat's code name, because way back, I called it that, but
quickly chang
Excelent news, thanks David!
I'm subscribed to freshmeat.net's mimedefang anounce list, but just now
I noted that the project is named 'mimedefanger', is this correct?
http://freshmeat.net/projects/mimedefanger/
Regards,
Oliver
--
Oliver Schulze L.
<[EMAIL PROTECTED]>
_
On Wed, Sep 07, 2005 at 09:58:35AM -0400, [EMAIL PROTECTED] wrote:
> > Our largest issue with these web form mail exploits is not really
> > spam-related (in terms of scripts causing our web servers to become spam
> > relays); our clients are receiving these fake forms (obviously generated
> by
>
However there is the stream_by_recipient option to allow user centric
choices
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of
[EMAIL PROTECTED]
Sent: 08 September 2005 19:34
To: mimedefang@lists.roaringpenguin.com
Subject: RE: [Mimedefang] filter question
David Koski wrote:
> I'm looking for a filter to allow an opt-out per user using any type
> of filtering (Or more in the case, I would prefer to allow the user
> to opt-out of using SpamAssassin but not Clamav (But an example that
> just allows the user to opt-out of any filter would be fine, gets
I'm looking for a filter to allow an opt-out per user using any type of
filtering (Or more in the case, I would prefer to allow the user to opt-out
of using SpamAssassin but not Clamav (But an example that just allows the
user to opt-out of any filter would be fine, gets me started in the right
dir
David Koski wrote:
> In my frustration, I'm sure I missed something (And I'm almost sure
> this has been asked more than a few times), but I've been unable to
> find a good example of an opt-out filter. I was wondering if someone
> could point me to or send me an example of an opt-out filter?
Per
In my frustration, I'm sure I missed something (And I'm almost sure this has
been asked more than a few times), but I've been unable to find a good
example of an opt-out filter. I was wondering if someone could point me to
or send me an example of an opt-out filter?
Thanks
John Rudd wrote:
> 2) We're migrating away from MailScanner right now. We may go entirely
> with MimeDefang, or we may go with Sophos PureMessage, or maybe with
> something else.
You definitely want to go with CanIt-PRO.
> But, configure still looked for and found SpamAssassin, and
> mimedefang
So, I have a particular configuration on my work machines (which run
solaris 8, unlike the previous discussion about running mimedefang at
home on Mac OS X, a few weeks ago). Here's the specifics (note: this
is mimedefang-2.52):
1) local things go in /local (which is always local to the ma
16 matches
Mail list logo