Hi Matus:
Thanks but I don't even see these rules getting triggered. We have the
plugin enabled and the 'whitelist_bounce_relays mailserver_name' line in
local.cf
At 12:09 PM 3/25/2008, you wrote:
>On 25.03.08 12:00, Jeff Koch wrote:
> > Our users are getting tons of bounce-back (joe job) spa
Our users are getting inundated with bounce-back, joe-job spam. We have the
Vbounce.pm plugin enabled (v3.2.4) and have a 'whitelist_bounce_relays'
with the name of the mailserver in the local.cf file and the 'failure
notices', 'mail delay' and undeliverables don't seem to be getting any
scor
We used to get detailed spam scoring in the email headers but it seems to
have disappeared after installing 3.2.4. Is there some command for turning
the detailed scoring back on. Can someone please tell me what it is?
Thanks
Best Regards,
Jeff Koch, Intersessions
Femitha Majeed wrote:
Hi,
Can you please tell me how to unsubscribe to this mailing list. I
tried all that they suggested on the website but failed.
Could you be more specific?
The SpamAssassin lists website
(http://wiki.apache.org/spamassassin/MailingLists) advises you send mail
to [EMAIL
Hi,
Can you please tell me how to unsubscribe to this mailing list. I tried all
that they suggested on the website but failed.
Thanks.
_
In a rush? Get real-time answers with Windows Live Messenger.
http://www.windowslive.com/me
Sn!per wrote:
I would appreciate if folks can explain to me about the header of a false
negative email that I received:
...
...
Reply-To: Gene Blackwell <[EMAIL PROTECTED]>
Sender: <[EMAIL PROTECTED]>
Subject: vPharmacy Big Saving, the very best generic
med
On Thu, 2008-03-27 at 16:05, R.Smits wrote:
> Hello,
>
> Is there something I can do that our company addresses cannot be used
> for sending spam ? Is DKIM an answer ?
> A lot of our users get "delivery failed" messages. So a spammer is
> sending spam with our addresses :-(
>
> A difficult proble
Michael Scheidell wrote:
From:
http://search.cpan.org/src/OLAF/Net-DNS-0.63/Changes
Fix rt.cpan.org #30316 Security issue with Net::DNS Resolver.
Net/DNS/RR/A.pm in Net::DNS 0.60 build 654 allows remote attackers
to cause a denial of service (program "croak") via a crafted DNS
response (ht
Kris Deugau wrote:
NFN Smith wrote:
I'll check the MD archives for release notes, and see what's in the
Testing branch.
Just checked the changelog; there was a fix for this in MD 2.63 upstream:
Yep. I found that shortly after I posted.
Backporting the Debian package should be a matter
NFN Smith wrote:
The Debian release number of MIMEDefang I'm running is 2.57-5. It may
be that when Debian froze what went into etch, the current copy of MD
was the one with that glitch in it.
I'll check the MD archives for release notes, and see what's in the
Testing branch.
The fix went
NFN Smith wrote:
Hmmm... So this may be an issue with MIMEDefang.
The Debian release number of MIMEDefang I'm running is 2.57-5. It may
be that when Debian froze what went into etch, the current copy of MD
was the one with that glitch in it.
I'll check the MD archives for release notes, and
R.Smits wrote:
Hello,
Is there something I can do that our company addresses cannot be used
for sending spam ? Is DKIM an answer ?
A lot of our users get "delivery failed" messages. So a spammer is
sending spam with our addresses :-(
A difficult problem I think ?
you can reject (or tag) so
Jason Bertoch wrote:
I just discovered that over the last several weeks, I'm getting an
accumulation of hidden .spamassassin temporary files accumulating in
/tmp, that aren't getting deleted, and as a result, that volume is
filling up.
There was a version upgrade to SpamAssassin some time a
-Original Message-
From: news [mailto:[EMAIL PROTECTED] On Behalf Of NFN Smith
Sent: Thursday, March 27, 2008 2:35 PM
To: users@spamassassin.apache.org
Subject: tmp file handling
>I'm currently running spamassassin 3.2.1-1~bpo.1 from the Debian
>etch-backports branch
>
>On my installatio
I'm currently running spamassassin 3.2.1-1~bpo.1 from the Debian
etch-backports branch (yes, I know that backports now has 3.2.4
available, and I'll be upgrading shortly).
On my installation, I'm calling SpamAssassin from MIMEDefang, and so I'm
not running spamc and spamd .
I just discovered
Jari
A LOT of clueless mail server admins send us reports about mailscanner.info
We have a standard reply telling them to get a $clue, but I'd prefer that my
staff's time was spent dealing with proper issues :)
--
Mr Michele Neylon
Blacknight Solutions
Hosting & Colocation, Brand Protection
ht
On Thu, Mar 27, 2008 at 11:32:17AM -0600, Miguel wrote:
> Hi, does SA takes care of purging old bayesian records stored in mysql
> similar what it does to the traditional DB files?
Yes.
--
Randomly Selected Tagline:
"My opinions may have changed, but not the fact that I am right."
Bowie Bailey wrote:
R.Smits wrote:
Hello,
Is there something I can do that our company addresses cannot be used
for sending spam ? Is DKIM an answer ?
A lot of our users get "delivery failed" messages. So a spammer is
sending spam with our addresses :-(
A difficult problem I think ?
Greeti
Hi, does SA takes care of purging old bayesian records stored in mysql
similar what it does to the traditional DB files?
If not, what is the recommended procedure to do so?
regards
> As long as you whitelist MailScanner.info
>
> I am sick to my teeth of receiving abuse reports about a
> domain that never sends email and is used to block spam
>
> /me wanders off to rant elsewhere
WTF? is this all about?
Who has reported MailScanner.info as a spammer?
As long as you whitelist MailScanner.info
I am sick to my teeth of receiving abuse reports about a domain that never
sends email and is used to block spam
/me wanders off to rant elsewhere
--
Mr Michele Neylon
Blacknight Solutions
Hosting & Colocation, Brand Protection
http://www.blacknight.co
R.Smits wrote:
> Hello,
>
> Is there something I can do that our company addresses cannot be used
> for sending spam ? Is DKIM an answer ?
> A lot of our users get "delivery failed" messages. So a spammer is
> sending spam with our addresses :-(
>
> A difficult problem I think ?
>
> Greetings...
From:
http://search.cpan.org/src/OLAF/Net-DNS-0.63/Changes
Fix rt.cpan.org #30316 Security issue with Net::DNS Resolver.
Net/DNS/RR/A.pm in Net::DNS 0.60 build 654 allows remote attackers to
cause a denial of service (program "croak") via a crafted DNS
response (http://nvd.nist.gov/n
Hello,
Is there something I can do that our company addresses cannot be used
for sending spam ? Is DKIM an answer ?
A lot of our users get "delivery failed" messages. So a spammer is
sending spam with our addresses :-(
A difficult problem I think ?
Greetings... Richard Smits
Justin Mason wrote:
This issue has no security impact. The flaw will cause Net::DNS to
"croak", which in turn should be handled by the calling application. In
the case of RHEL, the only known application that uses this
functionality is Spamassassin. Spamassassin handles this failure
Michael Scheidell writes:
> From:
> http://search.cpan.org/src/OLAF/Net-DNS-0.63/Changes
>
> Fix rt.cpan.org #30316 Security issue with Net::DNS Resolver.
>
> Net/DNS/RR/A.pm in Net::DNS 0.60 build 654 allows remote attackers to
> cause a denial of service (program "croak") via a crafted DNS
According to the Netcraft News for March, 2008, they showed some
interesting growth in Blogspot.
"Google increases its developer share by gaining 842 thousand hostnames;
most of which are used for blogspot.com blogs."
I wonder how many of those 842,000 blogspot.com blogs were autocreated
spa
Jonathan Nichols wrote:
Sorry for
the OT. I've been trying to get in touch with whoever is in charge of
URIBL zonefile mirrors without success.
Is this thing on? Ping me offlist, por favor. I may have just been
pinging the wrong people.
http://www.uribl.com/contact.shtml
---> For DNS que
From:
http://search.cpan.org/src/OLAF/Net-DNS-0.63/Changes
Fix rt.cpan.org #30316 Security issue with Net::DNS Resolver.
Net/DNS/RR/A.pm in Net::DNS 0.60 build 654 allows remote attackers to
cause a denial of service (program "croak") via a crafted DNS
response (http://nvd.nist.gov/nvd.cfm?
James Gray wrote:
Matt Kettler wrote:
James Gray wrote:
Sorbs sux, don't use it. Last time we had this problem they wanted
money (and not an insignificant amount either) to remove a listing
from their systems. They arbitrarily add addresses to a database
the IP's owner can't control, then
why not :-
util_rb_2tld grupogsv.com
as that appears as part of the link ?
Regards,
--
--[ UxBoD ]--
// PGP Key: "curl -s http://www.splatnix.net/uxbod.asc | gpg --import"
// Fingerprint: F57A 0CBD DD19 79E9 1FCC A612 CB36 D89D 2C5A 3A84
// Keyserver: www.keyserver.net Key-ID: 0x2C5A3A84
// P
On Thu, 2008-03-27 at 10:04 -0400, Michael Scheidell wrote:
> > From: ram <[EMAIL PROTECTED]>
> > Date: Thu, 27 Mar 2008 15:36:04 +0530
> > To: spamassassin-users
> > Subject: Spam abuse report plugin
> >
> > I get a lot of spam on my servers which get detected by SA though are
> > generated by i
> From: ram <[EMAIL PROTECTED]>
> Date: Thu, 27 Mar 2008 15:36:04 +0530
> To: spamassassin-users
> Subject: Spam abuse report plugin
>
> I get a lot of spam on my servers which get detected by SA though are
> generated by innocent mail servers.
>
> We see a lot of mail users have insanely simpl
James E. Pratt writes:
> > Do your own queries and whois lookups...but these address blocks are
> > INCORRECTLY LISTED BY SORBS and they refuse (yes, I've heard from
> > them) to remove them. Apparently because our inbound and outbound
> > MTA's don't use the same addresses! I have no idea what
Jari Fredriksson writes:
> > I get a lot of spam on my servers which get detected by
> > SA though are generated by innocent mail servers.
> >
> > We see a lot of mail users have insanely simple passwords
> > , spammers are using these accounts and send spam. By the
> > time the administrator rea
here is the raw body of one of the emails
http://pastebin.com/m71e204d
Luis HernĂ¡n Otegui wrote:
>
>
>
> Could you please post a full message to some place accessible to
> everybody? (e.g., pastebin).
>
>
>
>
--
View this message in context:
http://www.nabble.com/Celebrity-spams-tp16
> I get a lot of spam on my servers which get detected by
> SA though are generated by innocent mail servers.
>
> We see a lot of mail users have insanely simple passwords
> , spammers are using these accounts and send spam. By the
> time the administrator realizes the server has sent
> 1000's of
I would appreciate if folks can explain to me about the header of a false
negative email that I received:
...
...
Reply-To: Gene Blackwell <[EMAIL PROTECTED]>
Sender: <[EMAIL PROTECTED]>
Subject: vPharmacy Big Saving, the very best generic
medication on net
>
> Do your own queries and whois lookups...but these address blocks are
> INCORRECTLY LISTED BY SORBS and they refuse (yes, I've heard from
them)
> to remove them. Apparently because our inbound and outbound MTA's
> don't
> use the same addresses! I have no idea what crack-monkey at SORBS
> wro
"Benny Pedersen" <[EMAIL PROTECTED]> writes:
> spamassassin 2>&1 -D spf -t /tmp/msg > /tmp/msg.spf.debug
>
> post the debug file
https://www.cvg.de/people/ensc/spf_fail.txt
(full debug with configuration of
| $ sed '/^\(#.*\)\?$/d' ~/.spamassassin/user_prefs
| internal_networks 62.153.82.
ram wrote:
I get a lot of spam on my servers which get detected by SA though are
generated by innocent mail servers.
We see a lot of mail users have insanely simple passwords , spammers are
using these accounts and send spam. By the time the administrator
realizes the server has sent 1000's of s
I get a lot of spam on my servers which get detected by SA though are
generated by innocent mail servers.
We see a lot of mail users have insanely simple passwords , spammers are
using these accounts and send spam. By the time the administrator
realizes the server has sent 1000's of spam
If spam
Umar Murtaza wrote:
hmmm
it looks like pretty much messedup. I have the following lines for
"Spam List" which is probably related to present issue:
---
Spam List Definitions = %etc-dir%/spam.lists.conf
Spam List = ORDB-RBL SBL+XBL # You can un-comment this to ena
Skip writes:
> That looks like it is the problem.A I have sent BH an email asking them
> about it.A By any chance do you know the name of the watchdog program
> that they run to keep an eye on the user processes?A Or is it something
> compiled into the kernel?A I have seen where sometimes depe
hmmm
it looks like pretty much messedup. I have the following lines for "Spam List"
which is probably related to present issue:
---
Spam List Definitions = %etc-dir%/spam.lists.conf
Spam List = ORDB-RBL SBL+XBL # You can un-comment this to enable them
--
Matt Kettler wrote:
James Gray wrote:
Sorbs sux, don't use it. Last time we had this problem they wanted
money (and not an insignificant amount either) to remove a listing
from their systems. They arbitrarily add addresses to a database the
IP's owner can't control, then demand money to re
Dennis Clark wrote:
Using Spamassassin 3.1.8. I haven't updated SA in about six months. Ran SA-update -D
using the default channel of updates.spamassassin.org, received error "new version
is 585884, skipped channel".
What exactly is going wrong here. Has the sa update default channel been
James Gray wrote:
Sorbs sux, don't use it. Last time we had this problem they wanted
money (and not an insignificant amount either) to remove a listing
from their systems. They arbitrarily add addresses to a database the
IP's owner can't control, then demand money to remove the listing;
wh
Umar Murtaza wrote:
Thanks, that solved the problem.
I had that entry under /etc/MailScanner/spam.lists.conf
"ORDB-RBL relays.ordb.org."
Removing/commenting it out solved the problem.
Well, that introduces another problem. Really you need to remove
ORDB-RBL from your "
James Gray wrote:
[snip]
I didn't ASK FOR HELP! I asked what people's thoughts were on keeping
a list like SORBS_DUL in the base/default spamassassin rules. I'm
quite capable of fixing the mess I inherited.
As long as
- it doesn't cause FPs
- it helps catch spam
- it is free for use/access
Thanks, that solved the problem.
I had that entry under /etc/MailScanner/spam.lists.conf
"ORDB-RBL relays.ordb.org."
Removing/commenting it out solved the problem.
I hope MailScanners daily update will not revert this settings back.
Umar
Umar Murtaza <[EMAIL PROTECTE
51 matches
Mail list logo
