On Sep 21, 2005, at 2:31 PM, David F. Skoll wrote:
John Rudd wrote:
If the host you're checking against, in
md_check_against_smtp_server(),
is using a Greet_Pause, how long will md_check_against_smtp_server
wait()?
Forever.
But if you're using md_check_against_smtp_server, then you reall
John Rudd wrote:
>
> If the host you're checking against, in md_check_against_smtp_server(),
> is using a Greet_Pause, how long will md_check_against_smtp_server
> wait()?
Forever.
But if you're using md_check_against_smtp_server, then you really
ought to set greet_pause to zero for connections
If the host you're checking against, in md_check_against_smtp_server(),
is using a Greet_Pause, how long will md_check_against_smtp_server
wait()? Does it wait for as long as it needs to? does it timeout in
less than 30 seconds? Some other timeout value? Can I set the
timeout?
_
> Whatever the rule is, 0.41% is enough to get you a warning note, and
> something below that is enough for a server to be tempfailed for
> 12 hours. "AOL understands" is questionable.
>
> I took a walk and now I think maybe I am trying to solve the wrong
> problem. It really is an AOL problem.
On Wed, Sep 21, 2005 at 11:43:15AM -0400, Joseph Brennan wrote:
> Real tired, since the cause is AOL users. Namely AOL users who
> forward their columbia.edu address to AOL. The options I can come
> up with are:
>
> 1. Filter mail to AOL more heavily, as in rejecting more legit mail.
> This is n
"Kevin A. McGrail" <[EMAIL PROTECTED]> wrote:
I suggest you apply for whitelist status and ignore the SCOMP TOS on a day
to day basis. I look for patterns and issues out of whack but there is no
way to make it nil and I think AOL understands this which is why their
rules are to the best of my
Fernando wrote:
> Yes, I'm using SURBL but it won't help me in this case because the
> image is embedded in the mail, there is no URL in there.
That makes a difference...
> Blocking emails with images in them is not an option, because
> management and some users get legitimate mail with embedded
> > Drop all zips until clamav gets a working signature?
>
> You should read that more carefully. Clamav has a working signature:
> his second stanza is from _clamscan_. The problem is that clamscan
> _will_ find it, but _clamdscan_ doesn't.
>
> That is a perplexing one, but hopefully it's as sim
On Tue, 20 Sep 2005 [EMAIL PROTECTED] wrote:
[EMAIL PROTECTED] wrote on 09/20/2005 03:58:35
PM:
I'll dig into message's the html code to see if there's something I can
use.
Are you using SURBL? It can help alot if they point to the same URL(s)
for the spamvertised items.
Yes, I'm using SU
As you have identified, your ideas don't work because the problem is just a
fatal flaw in AOL's system of users improperly using the "this is spam" as a
filtering system. They often use it rather than unsubscribing from
legitimate mailing lists.
#1 doesn't work because people mark "legit" mail be
On Sep 21, 2005, at 8:36 AM, Stephen J. Smoogen wrote:
On 9/21/05, Marco Berizzi <[EMAIL PROTECTED]> wrote:
Hello everybody.
I'm using clam 0.87 with mimedefang 2.51.
This morning a virus has been slipped through MD.
This is the output from clamdscan:
/tmp/photo.zip: OK
Clearly clamd doesn'
On Wed, Sep 21, 2005 at 12:15:25PM -0400, Joseph Brennan wrote:
> The interesting thing is that sendmail seems to have done this lookup
> before calling milter. It says User unknown at RCPT, but Mimedefang
> gets to milter the message after DATA.
Yep. Sendmail passes all the addresses on to the
Dave O'Neill <[EMAIL PROTECTED]> wrote:
It's a bit of a hack, but you can find where a local recipient actually
gets delivered after aliases, virtusertable, and .forward are applied
with:
sendmail -bv [EMAIL PROTECTED]
. . .
and if it's bogus:
[EMAIL PROTECTED] User unknown
The
Thanks for all the reply and sorry
for the OT.
> Is it possible that between the clamdscan and the clamscan, that your
> virus definitions updated?
No. I have run the same test few minutes ago. Same
problem.
> Is it possible that clamd isn't receiving "virus definitions updated"
> messages from
On Wed, Sep 21, 2005 at 11:43:15AM -0400, Joseph Brennan wrote:
> I think filtering by final recipient can't be done in a practical way.
> There, if someone takes that as a challenge, good. By final I mean by
> recipient after aliases and .forward files have been applied.
It's a bit of a hack, bu
Marco,
> I'm using clam 0.87 with mimedefang 2.51.
> This morning a virus has been slipped through MD.
> This is the output from clamdscan:
> /tmp/photo.zip: OK
>
> --- SCAN SUMMARY ---
> Infected files: 0
> Time: 0.143 sec (0 m 0 s)
>
> and this is the output from clamscan:
>
>
"Kevin A. McGrail" <[EMAIL PROTECTED]> wrote:
Tired of the SCOMP TOS emails, eh?
Real tired, since the cause is AOL users. Namely AOL users who
forward their columbia.edu address to AOL. The options I can come
up with are:
1. Filter mail to AOL more heavily, as in rejecting more legit mail
On 9/21/05, Marco Berizzi <[EMAIL PROTECTED]> wrote:
> Hello everybody.
> I'm using clam 0.87 with mimedefang 2.51.
> This morning a virus has been slipped through MD.
> This is the output from clamdscan:
> /tmp/photo.zip: OK
> Clearly clamd doesn't recognize it as a virus
> and MD accept the mess
Marco Berizzi wrote:
> This morning a virus has been slipped through MD.
> /tmp/photo.zip: OK
>
> and this is the output from clamscan:
> photo.zip: Trojan.W32.PWS.Prostor.A FOUND
Is it possible that between the clamdscan and the clamscan, that your virus
definitions updated?
Is it possible tha
On 21/09/05, Marco Berizzi <[EMAIL PROTECTED]> wrote:
>
> Clearly clamd doesn't recognize it as a virus
> and MD accept the message.
> Hints?
Well, the ClamAV list would have been a more logical place to post
this. However, following the link on the clamav home page for
submitting code for revie
We've mention spam from web mail forms here in the context of detecting
it, but what about preventing it? If you need to send email from
web forms, are there programs that are known to be secure or at least
difficult to exploit by injecting addresses in the post data?
--
Les Mikesell
[EMAI
Hello everybody.
I'm using clam 0.87 with mimedefang 2.51.
This morning a virus has been slipped through MD.
This is the output from clamdscan:
/tmp/photo.zip: OK
--- SCAN SUMMARY ---
Infected files: 0
Time: 0.143 sec (0 m 0 s)
and this is the output from clamscan:
photo.zip: Tro
Fredrik Nyberg DC wrote:
I'm having the following trouble on Centos 4.1:
Sep 21 14:12:26 X mimedefang-multiplexor[7947]: Slave 0 stderr:
Can't locate Digest/SHA1.pm in @INC (@INC contains:
/usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi
/usr/lib/perl5/site_perl/5.8.5
/usr/lib/perl
Tired of the SCOMP TOS emails, eh?
Have you considered simply using procmail rules instead of .forward's?
:0
* !^X-Spam-Status: Yes
* !^X-Spam-Flag: YES
* !^X-Some-Other-Spam-Flag-You-Use: EEk!
{
:0 ! [EMAIL PROTECTED]
}
I believe the ! is forward
Anyway, I imagine
Lol, wasn't really the answer i was hoping for,
Do all your messages have the X-SPAM headers in them, or only the ones that get
into your 'spamdrop'
maybe check your submit.cf for the same thing.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of
[EMAIL PRO
I'm having the following trouble on Centos 4.1:
Sep 21 14:12:26 X mimedefang-multiplexor[7947]: Slave 0 stderr:
Can't locate Digest/SHA1.pm in @INC (@INC contains:
/usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi
/usr/lib/perl5/site_perl/5.8.5
/usr/lib/perl5/5.8.5/i386-linux-thread-
Quoting Mack <[EMAIL PROTECTED]>:
try adding this line to the top of the mimedefang-filter
$Features{"Virus:CLAMAV"} = '/usr/local/bin/clamdscan';
and then doing a
md-mx-ctrl reread
I want to thank you Mack and all the rest of you guys for you wonderfull help.
It worked and now it does scan
Quoting Mack <[EMAIL PROTECTED]>:
try doing a quick
grep InputMailFilters sendmail.cf
and post back the output
O InputMailFilters=mimedefang
#O InputMailFilters
Meni
This message was sent using IMP, the Internet Messaging Pro
28 matches
Mail list logo