>>...
>>Note that OUR domain is vlaamse-kern.com and that the sender pretends to be
>>vlaamse-kern.com as well!
>>
>>
>you can add an SA rule, but it's easier to block this in the MTA. I
>don't use SM, but in postfix, this amounts to creatin a file containing
>things like:
>
>vlaamse-kern.com
[EMAIL PROTECTED] a écrit :
Hi Andy,
a while ago I changed the MTA to require smtp auth from senders who pretend to
be one
of our domains. So the mail would get a 5xx type code after the RCTP TO
It turned out that some legitimate mail (in particular ebay bids) came in this
way and had
to be
Andy Pieters a écrit :
Hi list
We have been receiving a lot of spam from the .jp tld lately. What's more is
this:
Received: from vlaamse-kern.com (pl027.nas934.d-osaka.nttpc.ne.jp
[61.197.82.27])
by giga.vlaamse-kern.com (8.13.1/8.13.1) with SMTP id jADFi1Wo028374
for [EMAIL
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andy Pieters wrote:
> On Sunday 13 November 2005 23:06, Craig McLean wrote:
>> Andy Pieters wrote:
>>> Hi list
>>>
>>> We have been receiving a lot of spam from the .jp tld lately. What's
>>> more is this:
>> [snip]
>> [Saw this on the fedora list..]
>> --nextPart2022869.AdG84hyQal
>> Content-Type: text/plain;
>> charset="us-ascii"
>> Content-Transfer-Encoding: quoted-printable
>> Content-Disposition: inline
>>
>> Hi list
>>
>> We have been receiving a lot of spam from the .jp tld lately. What's more =
>> is=20
>> this:
>>
>> Received:
Hello everyone,
When I run sa-learn --dump magic and then run hams or spams into it
and dump the magic again, the numbers *never* change. The spam
blocking is still great, but I'm not sure why the numbers wouldn't
change. I have tried doing a sa-learn --sync and the numbers still
stay the same.
On Sunday 13 November 2005 23:06, Craig McLean wrote:
> Andy Pieters wrote:
> > Hi list
> >
> > We have been receiving a lot of spam from the .jp tld lately. What's
> > more is this:
>
> [snip]
> [Saw this on the fedora list..]
Correct, and the list also sugested to post on spamassassin...
> As
At 01:18 14/11/2005, mouss wrote:
Jeff Chan a écrit :
Does anyone have a geocities rule that catches most of the spams
and has few FPs?
after looking at many of these, I ended up just
giving 4 points to any
http://*.geocities.com/*/? (written as perl expression of course).
together with Baye
Theo Van Dinter wrote:
> On Sun, Nov 13, 2005 at 12:37:05AM +0100, Michael Monnerie wrote:
> > [23883] warn: reporter: razor2 report failed: No such file or directory
> > reporter: razor2 had unknown error during authenticate
> >
> > I'm getting this error now on the script that reports SPAM. Wh
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andy Pieters wrote:
> Hi list
>
> We have been receiving a lot of spam from the .jp tld lately. What's more is
> this:
[snip]
[Saw this on the fedora list..]
Andy,
As mentioned on the Fedora list, if you want to block by "fake" HELO at
the MTA lev
From: "mouss" <[EMAIL PROTECTED]>
Jeff Chan a écrit :
Does anyone have a geocities rule that catches most of the spams
and has few FPs?
after looking at many of these, I ended up just giving 4 points to any
http://*.geocities.com/*/? (written as perl expression of course).
together with Baye
Hi list
We have been receiving a lot of spam from the .jp tld lately. What's more is
this:
Received: from vlaamse-kern.com (pl027.nas934.d-osaka.nttpc.ne.jp
[61.197.82.27])
by giga.vlaamse-kern.com (8.13.1/8.13.1) with SMTP id jADFi1Wo028374
for [EMAIL PROTECTED]; Sun, 13 Nov 2
bump
--- Michael Monnerie <[EMAIL PROTECTED]> wrote:
> > My users are quite happy
> > with overall markup of the spam. We occasionally get a HAM marked as
> > SPAM. We have an odd client base though.
>
> The question is: when to use global and when per-user bayes?
>
> On our server, we have p
On Tue, 2005-11-08 at 10:32 -0800, List Mail User wrote:
>
> No, this *is* spam.
>
> They're hosted by Hurricane Electric, who clearly wouldn't care;
> But they are registered by easyDNS and get name service from them - who
> probably does care (it looks like a violation of easyDNS's
David A. Roth wrote:
> Thanks for your reply. So far they have not been interested in changing
> anything I requested. (They refused to disable the X-popbeforeSMTP
> thing which lists every known e-mail address of the sender in all
> outgoing headers.) I thought I would ask here since there might
On Sonntag, 13. November 2005 03:54 Theo Van Dinter wrote:
> Have you setup authentication for Razor?
Yes, and sometimes it works. But in the last days, very often I get that
message.
Sometimes it works though:
Nov 11 06:31:22.610550 report[30244]: [ 2] [bootup] Logging initiated
LogDebugLevel=
Thanks for your reply. So far they have not been interested in changing
anything I requested. (They refused to disable the X-popbeforeSMTP
thing which lists every known e-mail address of the sender in all
outgoing headers.) I thought I would ask here since there might be
something simple to do
>...
>Does anyone have a geocities rule that catches most of the spams
>and has few FPs?
>
>Cheers,
>
>Jeff C.
>--
>Jeff Chan
>mailto:[EMAIL PROTECTED]
>http://www.surbl.org/
>
Do you want to block the general drug spam, the "SoftTab"/ED spam,
the porn, the penis enhancers or the stock pum
Jim Knuth wrote on Sat, 12 Nov 2005 22:01:09 +0100:
> And this mean what? I cannot discovery errors in the config?
Not this kind of error since it is not an "error".
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
IE-Center: http://ie5.
Why don't you ask your hosting provider?
The kind of thing you are trying to do would lead to your account being
cancelled if you were a client of ours and you hadn't asked permission
or consulted with us.
--
Mr Michele Neylon
Blacknight Solutions
Quality Business Hosting & Colocation
http://www.b
Jeff Chan a écrit :
Does anyone have a geocities rule that catches most of the spams
and has few FPs?
after looking at many of these, I ended up just giving 4 points to any
http://*.geocities.com/*/? (written as perl expression of course).
together with Bayes and other tests, this seems to b
I've recently gave up on geocities alltogether and wrote a simple rule to give any mail coming from it a high score.
AFAIK, my users never get any legit mail from geocities anyway. I'm sure it'll generate FPs to other people.On 11/13/05, Jeff Chan <
[EMAIL PROTECTED]> wrote:Does anyone have a geoc
Does anyone have a geocities rule that catches most of the spams
and has few FPs?
Cheers,
Jeff C.
--
Jeff Chan
mailto:[EMAIL PROTECTED]
http://www.surbl.org/
Hi,
i write for know your thinks ;=)
Actually, i run on a server Qmail with SpamAssassin 3.0.4 and
qmail-scanner. Because my server are old, i want change it now
and start the configuration of a new server.
I thinks install the 3.1.0 and now i work on two server, the first
for the spam and rela
24 matches
Mail list logo
