On Friday 25 Feb 2005 01:03, John Peacock wrote:
> Bob wrote:
> > Is there an existing filter that could determine if a username@
> > is 60% or more mis-spelled as compared to real usernames?
> > 60% is arbitrary and would be configurable. If so, that would
> > serve to make a fuzzy honeypot filter
Qpsmtpd, like qmail-smtpd, doesn't insist on HELO having a parameter.
If a lazy tester (such as myself :)) just types HELO, then SMTP.pm
complains of an undefined reference when logging, and generates a Received
header which Spamassassin can't parse as it doesn't match their qpsmtpd RE.
The attach
I don't know how to fix this one, cos I don't know the ins and outs of
perl UID handling. But qpsmtpd-forkserver doesn't drop its GID correctly:
2005-02-25 11:57:11.809180500 24306 Running as user smtpd, group root
This is perl, v5.6.1 built for i386-linux.
Nick
Nick Leverton wrote:
I don't know how to fix this one, cos I don't know the ins and outs of
perl UID handling. But qpsmtpd-forkserver doesn't drop its GID correctly:
2005-02-25 11:57:11.809180500 24306 Running as user smtpd, group root
I'm not seeing that with v5.8.3, so I suspect that may be a 5.
Nick Leverton wrote:
Qpsmtpd, like qmail-smtpd, doesn't insist on HELO having a parameter.
If a lazy tester (such as myself :)) just types HELO, then SMTP.pm
complains of an undefined reference when logging, and generates a Received
header which Spamassassin can't parse as it doesn't match their qp
I had thought about a similar thing, but in my more earnest programming
days ended up temporarily blacklisting those who error out five or more
times in a row. Those who show up on the temporary blacklist 20 or so
times within a given time frame were blacklisted longer. That seemed to
thwart
> >Right now all I can say is "kathey" is invalid, but might be
> >a mis-spelling of "cathy" by a harmless stalker.
You might want to check soundex coding which should catch such errors.
Regards
Michael
--
It's an insane world, but i'm proud to be a part of it. -- Bill Hicks
> I'd rather fix this by requiring a parameter than by glossing over it,
> even if it means breaking strict compatibility with qmail-smtpd.
+1
220 localhost.localdomain ESMTP Sendmail 8.12.11/8.12.11; Fri, 25 Feb 2005
07:55:26 -0800
helo
501 5.0.0 helo requires domain address
-R
On Friday 25 Feb 2005 13:35, Bryan Scott wrote:
> I had thought about a similar thing, but in my more earnest programming
> days ended up temporarily blacklisting those who error out five or more
> times in a row. Those who show up on the temporary blacklist 20 or so
> times within a given time f
Robert Spier wrote:
220 localhost.localdomain ESMTP Sendmail 8.12.11/8.12.11; Fri, 25 Feb 2005
07:55:26 -0800
helo
501 5.0.0 helo requires domain address
Ooo, that's not a good example. Sendmail is well known for trying to
_create_ the standard, rather than complying with one. Anyone want to
t
> > 220 localhost.localdomain ESMTP Sendmail 8.12.11/8.12.11; Fri, 25 Feb 2005
> > 07:55:26 -0800
> > helo
> > 501 5.0.0 helo requires domain address
> >
>
> Ooo, that's not a good example. Sendmail is well known for trying to
> _create_ the standard, rather than complying with one. Anyone want
Robert Spier wrote:
helo
401 Syntax: HELO hostname
Interesting. Sendmail sends a Permanent error and Postfix send
Transient. Reading RFC-2821 again (I'm going to have that memorized
soon) suggests that Sendmail is correct this time, from Section 4.2.1:
A rule of thumb to determine
whether a re
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Robert Spier writes:
> > > 220 localhost.localdomain ESMTP Sendmail 8.12.11/8.12.11; Fri, 25 Feb
> > > 2005 07:55:26 -0800
> > > helo
> > > 501 5.0.0 helo requires domain address
> > >
> >
> > Ooo, that's not a good example. Sendmail is well known
But if you don't want to be black-listed as rfc-ignorant (and/or you're being
joe-jobbed) then you have to be a little more polite when the sender is <>
(ie for bounces), and I found a lot of spammers automatically send as <> (and
using one of those things to mangle outgoing addresses so can re
On 2005-02-25 22:28:32 -0700, Bryan Scott wrote:
> >But if you don't want to be black-listed as rfc-ignorant (and/or you're
> >being joe-jobbed) then you have to be a little more polite when the sender
> >is <> (ie for bounces), and I found a lot of spammers automatically send
> >as <> (and usin
Tim Meadowcroft wrote:
On Friday 25 Feb 2005 13:35, Bryan Scott wrote:
I had thought about a similar thing, but in my more earnest programming
days ended up temporarily blacklisting those who error out five or more
times in a row. Those who show up on the temporary blacklist 20 or so
times with
16 matches
Mail list logo
