On Wed, 2008-06-04 at 18:24 +0200, Benny Pedersen wrote:
On Wed, June 4, 2008 17:11, mouss wrote:
If they can't configure their system to reject invalid recipients at
smtp time, there is no hope that they will setup SPF checking correctly!
it was olso my conclusion after i have writed
- Original Message -
From: John Hardin [EMAIL PROTECTED]
To: Obantec Support [EMAIL PROTECTED]
Cc: users@spamassassin.apache.org
Sent: Wednesday, June 04, 2008 6:06 PM
Subject: Re: Undeliverable mails
On Wed, 4 Jun 2008, Obantec Support wrote:
i looked over the above and my server
ram wrote:
You might be surprised , but that is not exactly true. I have seen a lot
of backscatter from Cisco Ironports.
Most Ironport boxes dont do any address verification at the time
accepting mail, and then send NDR's. But if these are getting SPF fail,
then these messaged may get
On Thu, June 5, 2008 10:10, Obantec Support wrote:
meta BOUNCED_SPAM (ANY_BOUNCE_MESSAGE BAYES_99)
score BOUNCED_SPAM 4.0
how do i impliment the above?
put them in user_prefs or local.cf
Benny Pedersen
Need more webspace ? http://www.servage.net/?coupon=cust37098
Hello,
anybody knows if, when i teach spam to spamassassin through the Bayesan
Trainer sa-learn , is needed to delete the X-Spam-Status: and
X-Spam-Checker-Version: strings from the header to let Spamassassin teaching
well?
--
View this message in context:
On Thu, June 5, 2008 07:33, ram wrote:
I do something like this.
((! SPF_PASS ) ( ENV_FROM_GOOD_BANKS || HEADER_FROM_GOOD_BANKS) )
then give a score 3.0
Of course the GOOD_BANKS are a list of bank which have SPF records.
we could olso just give scores on spf fail with a meta :-)
Benny
On Thu, June 5, 2008 12:01, alexpacio wrote:
Hello,
anybody knows if, when i teach spam to spamassassin through the Bayesan
Trainer sa-learn , is needed to delete the X-Spam-Status: and
X-Spam-Checker-Version: strings from the header to let Spamassassin teaching
well?
no training needs
On Thu, 2008-06-05 at 12:02 +0200, Benny Pedersen wrote:
On Thu, June 5, 2008 07:33, ram wrote:
I do something like this.
((! SPF_PASS ) ( ENV_FROM_GOOD_BANKS || HEADER_FROM_GOOD_BANKS) )
then give a score 3.0
Of course the GOOD_BANKS are a list of bank which have SPF records.
we
On Thu, June 5, 2008 12:53, ram wrote:
Phishers sometimes just forge the Header from not the Env-From.
You would not get a SPF_FAIL, because there was nothing wrong with the
sender address. But the end users are usually are not trained to look at
the real sender.
good banks have equal
On Thu, 2008-06-05 at 13:08 +0200, Benny Pedersen wrote:
On Thu, June 5, 2008 12:53, ram wrote:
Phishers sometimes just forge the Header from not the Env-From.
You would not get a SPF_FAIL, because there was nothing wrong with the
sender address. But the end users are usually are not
http://www.openspf.org/Why?id=me%40junc.orgip=81.144.166.100receiver=athena.apache.org
what did really happend here ?
X-Barracuda-URL: http://192.168.70.61:8000/cgi-bin/mark.cgi
X-Barracuda-Connect: hermes.apache.org[140.211.11.2]
X-Barracuda-Start-Time: 1212494773
X-Barracuda-Virus-Scanned: by
After this mornings sa-update run I noticed this in my syslog:
Jun 5 06:14:24 localhost spamd[26853]: Can't locate
Mail/SpamAssassin/CompiledRegexps/body_0.pm in @INC (@INC
contains: /var/lib/spamassassin/compiled/3.002004
/var/lib/spamassassin/compiled/3.002004/auto
lib
Just recently backscatter starts to hit me very bad, and I found out
that bounces generated by qmail are not detected by the vbounce plugin.
Here is such a backscatter mail:
http://pastebin.com/m346c7979
Perhaps a phrase like wasn't able to deliver your message could be
added to the
ram [EMAIL PROTECTED] writes:
That is not practical.
Atleast in India, Banks use third party servers to send their mailers
often. And the ips have PTR's HELO's which dont match the banks',
because these dont belong to the bank
Which practice does nothing at all to combat phishing. Banks and
Alex Woick wrote:
Just recently backscatter starts to hit me very bad, and I found out
that bounces generated by qmail are not detected by the vbounce
plugin. Here is such a backscatter mail:
http://pastebin.com/m346c7979
Perhaps a phrase like wasn't able to deliver your message could be
Graham Murray wrote:
ram [EMAIL PROTECTED] writes:
That is not practical.
Atleast in India, Banks use third party servers to send their mailers
often. And the ips have PTR's HELO's which dont match the banks',
because these dont belong to the bank
Which practice does nothing at all to
Am 2008-06-04 10:45:20, schrieb Dan Barker:
I can read 10 messages, I can't read 200. The bounces I see are usually due
to messages sent by my webserver (password request) by folks who type their
What about updating your Webserver script first,
to let users type the password twice?
Greetings
On Thu, 5 Jun 2008, Benny Pedersen wrote:
http://www.openspf.org/Why?id=me%40junc.orgip=81.144.166.100receiver=athena.apache.org
what did really happend here ?
X-Barracuda-URL: http://192.168.70.61:8000/cgi-bin/mark.cgi
X-Barracuda-Connect: hermes.apache.org[140.211.11.2]
Just recently backscatter starts to hit me very bad, and I found out
that bounces generated by qmail are not detected by the vbounce
plugin. Here is such a backscatter mail:
http://pastebin.com/m346c7979
Perhaps a phrase like wasn't able to deliver your message could be
added to the
Alex Woick wrote:
Just recently backscatter starts to hit me very bad, and I found out
that bounces generated by qmail are not detected by the vbounce
plugin. Here is such a backscatter mail:
http://pastebin.com/m346c7979
Perhaps a phrase like wasn't able to deliver your message could be
On Thursday 05 June 2008 23:34:42 mouss wrote:
the Message-id must be supplied by the MUA.
RFC 2822 says: every message SHOULD have a Message-ID: field.
i can't find the addition except the origin is a pre stoneage qmail server
here.
Well it says SHOULD. So actually your system is
On Thu, June 5, 2008 23:34, mouss wrote:
stop incriminating qmail. the Message-id must be supplied by the MUA. if
postfix adds a missing message-id, then it's a postfix problem, not a
qmail problem.
if qmail, if postfix, maybe he have 2 mta ? :-)
postfix add mta hostname to message-id if
Arvid Ephraim Picciani wrote:
On Thursday 05 June 2008 23:34:42 mouss wrote:
the Message-id must be supplied by the MUA.
RFC 2822 says: every message SHOULD have a Message-ID: field.
i can't find the addition except the origin is a pre stoneage qmail server
here.
This has
Benny Pedersen wrote:
On Thu, June 5, 2008 23:34, mouss wrote:
stop incriminating qmail. the Message-id must be supplied by the MUA. if
postfix adds a missing message-id, then it's a postfix problem, not a
qmail problem.
if qmail, if postfix, maybe he have 2 mta ? :-)
so what?
Actually - I just need your spam attempts. I have a way to detect
spambots on the first try and add them to my blacklist at
hostkarma.junkemailfilter.com
Sp - if you want to participate and lose a chunk of your virus spambot
spam all you have to do is add us as your highest numbered MX
On Thu, 5 Jun 2008, Arvid Ephraim Picciani wrote:
On Thursday 05 June 2008 23:34:42 mouss wrote:
the Message-id must be supplied by the MUA.
RFC 2822 says: every message SHOULD have a Message-ID: field.
i can't find the addition except the origin is a pre stoneage qmail server
here.
On Friday 06 June 2008 00:11:37 mouss wrote:
postfix adds missing (mandatory) headers because it works as a
submission MTA, because this is how sendmail has always worked. This
behaviour is no more desirable for an MX (it is good for an MSA).
Right now i get your point. I thought you where
At 15:25 05-06-2008, David B Funk wrote:
However RFC-2821, section 6.3 (Compensating for Irregularities) says
that the originating SMTP server may add a message-id field when none
appears. So if qmail is the first SMTP server to fondle the message
it could/(should?) add a message-id.
It's up
To continue on with the post I made early this morning right after sa-update
ran I see this after stopping and starting SA:
Jun 5 06:14:24 localhost spamd[26853]: Can't locate
Mail/SpamAssassin/CompiledRegexps/body_0.pm in @INC (@INC
contains: /var/lib/spamassassin/compiled/3.002004
I tried the rules below and then sent a test from a Yahoo account I have
for just such tests. (I added a yellow rule.) Spamassassin did not
mark it as yellow.
The version I have (it comes with Kolab) is 3.1.0. Should these rules
work for that version? Lint didn't show any problems.
I'm not
Am 06.06.2008 2:21 Uhr, schrieb Chris:
To continue on with the post I made early this morning right after sa-update
ran I see this after stopping and starting SA:
Jun 5 06:14:24 localhost spamd[26853]: Can't locate
Mail/SpamAssassin/CompiledRegexps/body_0.pm in @INC (@INC
contains:
On Thursday 05 June 2008 7:36 pm, Jim Knuth wrote:
[26462] dbg: zoom: loading compiled ruleset
from /var/lib/spamassassin/compiled/3.002004
[26462] dbg: zoom: loading compiled ruleset
from /var/lib/spamassassin/compiled/3.002004
[26462] dbg: zoom: no compiled ruleset found for
alexpacio wrote:
Hello,
anybody knows if, when i teach spam to spamassassin through the Bayesan
Trainer sa-learn , is needed to delete the X-Spam-Status: and
X-Spam-Checker-Version: strings from the header to let Spamassassin teaching
well?
SpamAssassin will remove any headers that it added
On Thursday 05 June 2008 8:15 pm, D Hill wrote:
It has never been there before. SA-Update was run at 6:11am and was
restarted at Jun 5 06:14:20 localhost spamassassin: spamd startup
succeeded
Perhaps you do not have something set up right or haven't run sa-compile
yet. Looking at my
34 matches
Mail list logo