However, I grepped all mails I got hands on and found NO single valid mail
with two From addresses, hence, it's a SPAM indicator; does anyone
stumbled across a valid mail with multiple From's, perhaps, someone uses
this feature himself?
Yes, i've seen that on mails from a maillist server.
I
On Thu, 15 Dec 2005, David F. Skoll wrote:
Jan Pieter Cornet wrote:
An easier solution might be to have a process tail(1) your logfile and
take action on the information there. I think I've even seen something
like that: more than x invalid recipients, and you're firewalled away.
That's
I am just making a genuine effort to get some help.
I got the message...
This is a last mail from me :)
--- Rob MacGregor [EMAIL PROTECTED] wrote:
On 16/12/05, bablu bablu [EMAIL PROTECTED]
wrote:
Pl. help me I am not much of script writer
You've obviously not caught the subtle
--On Thursday, December 15, 2005 10:15 PM +0100 Jan Pieter Cornet
[EMAIL PROTECTED] wrote:
Dec 15 09:50:39 web sendmail[26589]: jBEE79GY027808: to=beforethebell-
[EMAIL PROTECTED],
delay=1+01:43:29, xdelay=00:00:00, mailer=esmtp, pri=2462405,
relay=mail2.marketwatchmail.com., dsn=4.0.0,
Steffen Kaiser wrote:
After reading these two paragraphes some worrying struck me:
In opposite to SSH connections you cannot assume that the attacker sits
on the other side of a SMTP communication. Maybe the server just
relays the mail or is an huge mail hoster (say, hotmail, gmail, aol),
Steffen Kaiser wrote:
Actually, there was a patch for sendmail posted to comp.mail.sendmail
for a feature drop connection if number of bad recipients exceeds n.
http://groups.google.com/group/comp.mail.sendmail/browse_thread/thread/5203bd02a5d9f8f3
Problem is, I've seen a lot of attacks
From: bablu bablu
Sent: Friday, December 16, 2005 2:32 AM
I am just making a genuine effort to get some help.
Apart from the fact that there are no great supporters on this
list of adding disclaimers, it is also true that there is
no direct implementation in the mimedefang filter
as it comes
--On Friday, December 16, 2005 10:55 AM -0500 Kevin A. McGrail
[EMAIL PROTECTED] wrote:
Also, for my own personal setup since I use virtusertables as well, I
have set a very hard-coded check in filter_recipient like this:
Is that looking for custom recipient names that you've registered
Gary Funck [EMAIL PROTECTED] wrote:
Personally, I think it would be good if a page/two were added to the Wiki
that demonstrates a working implementation of how to add a boilerplate
to outgoing mail.
It might take a lengthy page to describe what outgoing mail might
mean to different
From: David F. Skoll
Sent: Thursday, December 15, 2005 1:53 PM
Unfortunately, MIMEDefang only sees exactly what was in the
RCPT TO: command. It doesn't know the results of virtusertable
changes.
(Though it occurs to me that it can see the mailer, so if you
map invalid addresses to
Gary Funck wrote:
Can the socket map feature be put to work here?
Unfortunately, a filter_map call is called outside the context
of a message -- in other words, there's no way to associate a filter_map
call with a milter session.
The SOCKETMAP support was added so our commercial CanIt products
On Fri, Dec 16, 2005 at 04:11:52PM -0500, David F. Skoll wrote:
Can the socket map feature be put to work here?
Unfortunately, a filter_map call is called outside the context
of a message -- in other words, there's no way to associate a filter_map
call with a milter session.
Well, in
I had too many issues with +'s not working with websites and some of my
email addresses being handled by a mixture of Linux and Exchange that I gave
up and abandoned it.
Is that looking for custom recipient names that you've registered with? If
so, have you tried plussed addresses? A lot of web
From: Joseph Brennan
Sent: Friday, December 16, 2005 12:51 PM
To: mimedefang@lists.roaringpenguin.com
Anyone attempting this is going to need to think through precisely
which messages need the special treatment.
Gary's example focuses on mail coming from IP addresses owned by the
14 matches
Mail list logo