On Thu, Jun 26, 2008 at 09:18:11AM +0300, Henrik K wrote:
> On Thu, Jun 26, 2008 at 08:01:32AM +0200, Benny Pedersen wrote:
> >
> > can you change it to list reverse, so freemail domains is all other then
> > what is not freemail domain ?
> >
> > this is imho more simple to knwo where to pay for
On Thu, Jun 26, 2008 at 08:01:32AM +0200, Benny Pedersen wrote:
>
> can you change it to list reverse, so freemail domains is all other then
> what is not freemail domain ?
>
> this is imho more simple to knwo where to pay for email then to know with
> domains is free :-)
I'm not sure if I follo
can you change it to list reverse, so freemail domains is all other then
what is not freemail domain ?
this is imho more simple to knwo where to pay for email then to know with
domains is free :-)
this olso save us work to add new spamming and free email domains all time
else i can just say its
On Wed, Jun 25, 2008 at 08:54:20PM -0400, Matt Kettler wrote:
> Benny Pedersen wrote:
>> On Fredag, 20/6 2008, 10:04, Henrik K wrote:
>>
>>> On Fri, Jun 20, 2008 at 12:12:45AM -0400, Matt Kettler wrote:
>>>
That is correct, SPF checks are applied to the first untrusted host.
On Thu, June 26, 2008 05:56, Matt Kettler wrote:
> the docs for the AWL plugin, which is where it really belongs. (if the
> option isn't valid without the plugin, then it in theory shouldn't be in
> the main Conf manpage..)
there is still docs for bayes in conf, even bayes is a plugin now
needs
On Thu, June 26, 2008 05:16, Skip wrote:
> option with my own configuration file, and I should be able to pass it
> the -C or --siteconfigpath options to set admin settings. Any help?
AWL and BAYES will when procmail is in use be in $HOME./spamassassin/
but can be overwrited in user_prefs with
On Thu, June 26, 2008 04:40, Matt Kettler wrote:
> I'll attempt to do so. Didn't realize you disliked it.
its like asking 2 times for the same answer and wonder why no answer
> I'm SA interpreted the Received header as meaning that athena.apache.org
> found no reverse-lookup the host, and that
Skip wrote:
How does one set the file location for the auto-whitelist file on a
3.2.x system? I am on a shared hosting system, but call spamassassin
manually from procmail. Here's the debug output that deals with
auto-whitelist:
[25947] dbg: locker: safe_lock: created
/ramdisk/etc/spamassa
How does one set the file location for the auto-whitelist file on a
3.2.x system? I am on a shared hosting system, but call spamassassin
manually from procmail. Here's the debug output that deals with
auto-whitelist:
[25947] dbg: locker: safe_lock: created
/ramdisk/etc/spamassassin/data/aut
Benny Pedersen wrote:
On Thu, June 26, 2008 02:54, Matt Kettler wrote:
It's a fine distinction, but one that does matter to some folks who are
set up this way. In most cases the two are equal, but that doesn't
excuse me from confusing the two. I should know better. :)
then stop cc me
On Thu, June 26, 2008 02:54, Matt Kettler wrote:
> It's a fine distinction, but one that does matter to some folks who are
> set up this way. In most cases the two are equal, but that doesn't
> excuse me from confusing the two. I should know better. :)
then stop cc me
X-ASF-Spam-Status: No, hit
Benny Pedersen wrote:
On Fredag, 20/6 2008, 10:04, Henrik K wrote:
On Fri, Jun 20, 2008 at 12:12:45AM -0400, Matt Kettler wrote:
That is correct, SPF checks are applied to the first untrusted host.
Matt, you should know better. ;) It's first _external_ host.
and is most o
On Thu, June 26, 2008 00:49, Jo Rhett wrote:
> Some person is doing SPF checks against the header address instead of
> the envelope address.
pypolicyd-spf does work, but spf in spamassassin can use wrongly From:
maybe i need to commit that bug :(
with is not really a bug but a config error :(
On Wed, June 25, 2008 23:39, Bob Proulx wrote:
> By what method did you recieve that URL?
dsn bounce
> Note that I also have SPF set up for my domain.
good, just use your own domain and not my ip ranges its ok :-)
> Therefore on the surface I would expect to see the same behavior
> that you a
On Jun 25, 2008, at 1:53 PM, Bob Proulx wrote:
What did you do differently between this message and the one that was
rejected? Somehow you routed the other message through an
unauthorized route. It is specifically configured to be rejected by
your own domain configuration. Routine mail through
Benny Pedersen wrote:
> i did not send that msg
> ...
> maillist owner did not make any faults here, one of the list members have
> bad mta setup :(
By what method did you recieve that URL?
Note that I also have SPF set up for my domain. Therefore on the
surface I would expect to see the same be
Please forgive me for top post and replying to my own, yet I forgot to add
the code from line 243 in the BodyEval.pm file
foreach ( $rnd =~ /^\s*([^:\s][^:\n]{2,29})\s*:\s*\S/mg ) {
:-)
- rh
>
> Is anyone else currently seeing this since 3.2.5 upgrade?
>
> We updated when it came out and h
On Wed, June 25, 2008 22:53, Bob Proulx wrote:
> What did you do differently between this message and the one that was
> rejected?
i did not send that msg
> Somehow you routed the other message through an unauthorized route.
nope
> It is specifically configured to be rejected by your own doma
Is anyone else currently seeing this since 3.2.5 upgrade?
We updated when it came out and have only seen the error a few times
since...
Centos 4.6 and perl 5.8.8 and SA 3.2.5 with sought rules and compiled
Jun 25 09:22:57 mxi spamd[18530]: rules: failed to run TVD_STOCK1 test,
skipping:
Jun 25
McDonald, Dan wrote:
From: Bob Proulx [mailto:[EMAIL PROTECTED]
Benny Pedersen wrote:
http://www.openspf.org/Why?id=me%40junc.org&ip=194.116.240.69&receiver=athena.apache.org
On that page it says:
athena.apache.org received a message from mx.grupointercom.com
(194.116.240.6
From: Bob Proulx [mailto:[EMAIL PROTECTED]
>Benny Pedersen wrote:
>> http://www.openspf.org/Why?id=me%40junc.org&ip=194.116.240.69&receiver=athena.apache.org
>
>On that page it says:
>
> athena.apache.org received a message from mx.grupointercom.com
> (194.116.240.69) that claimed an envelope s
Robert - elists wrote:
mouss is french, you must know ;-)
French mouse?
"mousse" means foam. Franciscaner weiss?
;-)
http://disney.go.com/disneyvideos/animatedfilms/ratatouille/
No offense intended of course... it really was a cute movie...
I loved it.
Time for vacations!
Benny Pedersen wrote:
> http://www.openspf.org/Why?id=me%40junc.org&ip=194.116.240.69&receiver=athena.apache.org
On that page it says:
athena.apache.org received a message from mx.grupointercom.com
(194.116.240.69) that claimed an envelope sender address of [EMAIL PROTECTED]
However, the do
http://www.openspf.org/Why?id=me%40junc.org&ip=194.116.240.69&receiver=athena.apache.org
hope this link is usefull for a fix :(
--
Benny Pedersen
Need more webspace ? http://www.servage.net/?coupon=cust37098
On Mon, 23 Jun 2008, Marc Perkel wrote:
Marc Ferguson wrote:
Hi,
I'm a linux noob and a spam assassin noob so please reply in simplified
language. Thanks.
I saw on the wiki a trick to use fake mx records in order to weed out spam
(http://wiki.apache.org/spamassassin/OtherTricks). I'm usin
>
> mouss is french, you must know ;-)
>
French mouse?
;-)
http://disney.go.com/disneyvideos/animatedfilms/ratatouille/
No offense intended of course... it really was a cute movie...
Time for vacations!
- rh
I am seeing a clear downtrend in the number for spams hitting our
servers, I am not sure why ?
We have the same 1.3 million a day yesterday and same day of week
a month ago and two months ago. Remarkably steady really.
Joseph Brennan
Columbia University Information Technology
> On Jun 25, 2008, at 2:34 AM, Henrik K wrote:
> >You have already your options:
> >
> >- Add all hosts to internal_networks.
> >- Don't call SA at all
> >
> >Why is this getting on and on?
On 25.06.08 03:00, Jo Rhett wrote:
> Why is it getting offtopic, I don't know.
>
> Why is the conversation
Jo Rhett wrote:
On Jun 22, 2008, at 8:22 PM, Matt Kettler wrote:
Just because a packet can get theredoesn't mean they can deliver
mail. (by the way, IMO you're *insane* for not having a something in
place that filters such things. A simple PIX firewall at your border
with "ip verify reverse-pa
On Wed, Jun 25, 2008 at 03:08:48AM -0700, Jo Rhett wrote:
>> On Wed, Jun 25, 2008 at 03:00:47AM -0700, Jo Rhett wrote:
>>> reading the code it implies that maybe I should make
>>> internal_networks explicitly defined (right now its implicit and
>>> thus ==
>>> trusted_networks) to be smaller tha
Jo Rhett wrote:
If you do get a connection attempt from a non routable address on your
SMTP servers external interface, you should have no way to acknowladge
the connection if your own border router is configured correctly.
You are assuming that there is enough infrastructure to provide a bor
Because it's a public mail server which gets legitimate mail
connections from all over the world.
I mean, why to accept connections from anything other?
I don't understand your question. My only answer you quoted above.
--
Jo Rhett
Net Consonance : consonant endings by net philanthropy, op
On Wed, Jun 25, 2008 at 03:00:47AM -0700, Jo Rhett wrote:
reading the code it implies that maybe I should make
internal_networks explicitly defined (right now its implicit and
thus ==
trusted_networks) to be smaller than trusted networks. This will
probably solve my SPF problem. Is there a
On Jun 25, 2008, at 2:49 AM, Matus UHLAR - fantomas wrote:
slovakia ended on machine at german machine. I know that something
can be
broken at this level. I just think that SA should not take care about
this...
Hm. Not sure I agree. I'm not asking SA to prevent it from
happening. I just
On Wed, Jun 25, 2008 at 03:00:47AM -0700, Jo Rhett wrote:
> On Jun 25, 2008, at 2:34 AM, Henrik K wrote:
>> This is getting out of hand and offtopic..
>
> Yes
>
>> You have already your options:
>>
>> - Add all hosts to internal_networks.
>> - Don't call SA at all
>>
>> Why is this getting on and o
On Jun 25, 2008, at 2:34 AM, Henrik K wrote:
This is getting out of hand and offtopic..
Yes
You have already your options:
- Add all hosts to internal_networks.
- Don't call SA at all
Why is this getting on and on?
Why is it getting offtopic, I don't know.
Why is the conversation still
> On Jun 25, 2008, at 2:50 AM, Matus UHLAR - fantomas wrote:
> >>As described in previous e-mails, host A cannot talk to host C except
> >>to relay via host B.
> >>
> >>Host A is trusted if relayed by host B.
> >> (anything is trusted if relayed by host B)
> >
> >
> >>If Host A appears to be conne
On Jun 25, 2008, at 2:50 AM, Matus UHLAR - fantomas wrote:
As described in previous e-mails, host A cannot talk to host C except
to relay via host B.
Host A is trusted if relayed by host B.
(anything is trusted if relayed by host B)
If Host A appears to be connecting to host C, then it's a
On 25.06.08 01:29, Jo Rhett wrote:
> On Jun 22, 2008, at 10:12 AM, Matt Kettler wrote:
> >The only case an unlimited trust would be useful is if you trust the
> >mail, even if the host relays mail from untrusted hosts. But if the
> >sources are untrusted, why are you trusting the mail just bec
> On Jun 23, 2008, at 12:23 AM, Matus UHLAR - fantomas wrote:
> >it one packet reaches your host, nothing happends. Fot the TCP/SMTP
> >connections to be opened, (at least) three packets must be sent, in
> >both
> >directions. If you can trace to 10.x address that is not part of your
> >network,
On Wed, Jun 25, 2008 at 02:18:01AM -0700, Jo Rhett wrote:
>
> NOW, let's return to securing SA properly.
This is getting out of hand and offtopic..
You have already your options:
- Add all hosts to internal_networks.
- Don't call SA at all
Why is this getting on and on?
On Jun 23, 2008, at 12:23 AM, Matus UHLAR - fantomas wrote:
it one packet reaches your host, nothing happends. Fot the TCP/SMTP
connections to be opened, (at least) three packets must be sent, in
both
directions. If you can trace to 10.x address that is not part of your
network, it's a problem
On Jun 22, 2008, at 8:22 PM, Matt Kettler wrote:
Just because a packet can get theredoesn't mean they can deliver
mail. (by the way, IMO you're *insane* for not having a something in
place that filters such things. A simple PIX firewall at your border
with "ip verify reverse-path" enabled wo
On Jun 22, 2008, at 4:09 PM, Jonas Eckerman wrote:
If you do get a connection attempt from a non routable address on
your SMTP servers external interface, you should have no way to
acknowladge the connection if your own border router is configured
correctly.
You are assuming that there is
On Jun 20, 2008, at 1:52 PM, mouss wrote:
I've never had an ISP/hoster block bogons, but I've never let them
in. it's part of the first rules in ipf/pf/iptables/router/$FW (and
in both directions. so my networks never send packets with bogon IPs
to the internet). if you don't partition the n
On Jun 20, 2008, at 1:13 PM, Henrik K wrote:
On Fri, Jun 20, 2008 at 12:58:55PM -0700, Jo Rhett wrote:
On Jun 20, 2008, at 12:44 PM, Henrik K wrote:
You _need_ to have everything internal, so there will be no SPF
lookups.
Your fear of IP spoofers makes no sense to me, how do you think
someone
c
On Jun 20, 2008, at 1:19 PM, Henrik K wrote:
You should know by now what SA network settings do. I don't know how
complex
your setup really is for them not to work.
It's not complex at all. Everything is external, there are no
firewalls. All public IP space documented in the external DNS
On Jun 22, 2008, at 10:12 AM, Matt Kettler wrote:
The only case an unlimited trust would be useful is if you trust the
mail, even if the host relays mail from untrusted hosts. But if the
sources are untrusted, why are you trusting the mail just because it
came through some super-trusted ser
Theo Van Dinter writes:
> On Tue, Jun 24, 2008 at 09:44:40PM +0100, Matt Hampton wrote:
> > if defined JM_SOUGHT_3
> >score JM_SOUGHT_3 1.5
> > endif
>
> Has anyone thought to ask JM to make sure that 3 rules are always generated,
> even if the third one is empty ala:
>
> meta JM_SOUGHT_3 0
Kelson writes:
> Justin Mason wrote:
> > Grepping my ham corpora, I find some hits from 2005 and 2006, but nothing
> > in the past 2 years for this. Does anyone use recent builds of the "real"
> > Opera mail? does it use this footer, or is it safe to list it in the
> > rule?
>
> I don't normall
50 matches
Mail list logo
