At 16:56 23-10-2008, Luis Croker wrote:
I have a mail server with FreeBSD 7.0,
postfix+amavis-new+spamassassin. We are an ISP and I need to
filter the spam that our susbribers are sending to internet, the
PCs have some malware or are botnets. These PCs generates a lot of
spam each day.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Sebastian Ries wrote:
> Hi there
>
> I just want to know some opinions on the following DNS Setup for a mail
> server:
>
> # host -t MX example.com
> example.com mail is handled by 100 mail.example.com.
>
> # host mail.example.com
> mail.example.com
On Thu, 2008-10-23 at 19:43 -0400, Jean-Paul Natola wrote:
> I used to get about 19-15 spam messages in my box per week, now , eve today I
> got 11-
>
> and they are hardly hitting any rules, anything new (rbl's etc..) I should
> look into?
jm_sought rules are useful
http://wiki.apache.org/spam
I suggest you setup smtp authentication. I setup this kind of smtp and it seems
viruses cannot authenticate by themselves.
Nelson Serafica
http://nelsontux.blogspot.com
- Original Message
From: Jean-Paul Natola <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]; users@spamassassin.apa
Greetings,
I've been trying to stop Spamassassin from sending any more spam notices to
me, so I changed it in /etc/mail/spamassassin/local.cf but I'm still getting
messages sent to the same email address...what am I missing here?
--
View this message in context:
http://www.nabble.com/report_con
On Fri, October 24, 2008 01:56, Luis Croker wrote:
> How can I catch more spam than the seerver is filtering ? The server
> blocks many messages but another spam messages goes to internet cause
> the score does not reach the parameters to be blocked.
go the smtp auth route, when spam comes in f
On Thu, October 23, 2008 20:43, mouss wrote:
> subdomains, as used to be the case when all the internet was unix,
> but this is no more the case).
lets hope thay are deploying dkim next then, it was newer meant to rewrite
any header from sender to tecipient, but still some do this
--
Benny Ped
On Thu, October 23, 2008 19:29, Michael Scheidell wrote:
> we arn't arguing rfc's, and by '99% of the time', actually, it works
> 100% of the time unless you use the rfc-ignorant blacklists.
being rfc compliant olso works
> rfc means 'request for comment'. and rfc's change as technology changes
Am 24.10.2008 1:31 Uhr, schrieb mouss:
> Jean-Paul Natola a écrit :
>> Hi all,
>>
>> I've been out of the loop for a couple of months do a rollout, so I came back
>> to my SA today as I have seen A LOT more spam coming in than normal, I
>> upgraded to 3.2.5 today, and ran sa-update but , i don
maybe if you block messages with no rdns record? if its from infected pc's
there shouldnt be a record?
From: Luis Croker [mailto:[EMAIL PROTECTED]
Sent: Thu 10/23/2008 19:56
To: users@spamassassin.apache.org
Subject: Spamassassin+amavis
Hi...
Hi...
I have a mail server with FreeBSD 7.0, postfix+amavis-new
+spamassassin. We are an ISP and I need to filter the spam that our
susbribers are sending to internet, the PCs have some malware or are
botnets. These PCs generates a lot of spam each day.
The server filters a los of Spam
I used to get about 19-15 spam messages in my box per week, now , eve today I
got 11-
and they are hardly hitting any rules, anything new (rbl's etc..) I should
look into?
From: Luis Croker [mailto:[EMAIL PROTECTED]
Sent: Thu 10/23/2008 19:38
To: Jean-Paul Nat
It is now working. I forgot to patch qmail-scanner to have --sa support. It is
now doing quarantine.
Thanks for clarification.
- Original Message
From: RobertH <[EMAIL PROTECTED]>
To: users@spamassassin.apache.org
Sent: Thursday, October 23, 2008 10:52:15 PM
Subject: RE: doesn't
I did it today... I have the server in FREBsd and the new rules are
in /var/db/spamassassin/3.002005/updates_spamassassin_org. The
conventional rules are in /usr/local/share/spamassassin.
Maybe you can find any directory named spamassassin to check where
they are.
Regards.
On Th
Jean-Paul Natola a écrit :
> Hi all,
>
> I've been out of the loop for a couple of months do a rollout, so I came back
> to my SA today as I have seen A LOT more spam coming in than normal, I
> upgraded to 3.2.5 today, and ran sa-update but , i dont seem to see any new
> rules, and i;m getting
Hi all,
I've been out of the loop for a couple of months do a rollout, so I came back
to my SA today as I have seen A LOT more spam coming in than normal, I
upgraded to 3.2.5 today, and ran sa-update but , i dont seem to see any new
rules, and i;m getting clobbered with spam.
Has something
Michael Scheidell a écrit :
> we arn't arguing rfc's, and by '99% of the time', actually, it works
> 100% of the time unless you use the rfc-ignorant blacklists.
>
> rfc means 'request for comment'. and rfc's change as technology changes.
>
> I don't know if, or, since you are the expert in this
At 10:29 23-10-2008, Michael Scheidell wrote:
we arn't arguing rfc's, and by '99% of the time', actually, it works
100% of the time unless you use the rfc-ignorant blacklists.
If it works 100% of the time for you, what can I say.
I don't know if, or, since you are the expert in this, maybe you
On Thu, 2008-10-23 at 10:27 -0700, mathiasadsl wrote:
> I'm trying hard to make my whitelist_from work.
> I want to whitelist my own domain (i know... it can be dangerous but it's
> for testing purpose).
Yes, for production you should use whitelist_from_rcvd instead, if there
is a need for white-l
mathiasadsl wrote:
Hi,
I'm trying hard to make my whitelist_from work.
I want to whitelist my own domain (i know... it can be dangerous but it's
for testing purpose).
This is an example of unormaly tagged email:
unormaly ?
If you're trying to say your example isn't being whitelisted... It
we arn't arguing rfc's, and by '99% of the time', actually, it works
100% of the time unless you use the rfc-ignorant blacklists.
rfc means 'request for comment'. and rfc's change as technology changes.
I don't know if, or, since you are the expert in this, maybe you can
enlighten us.. What m
Hi,
I'm trying hard to make my whitelist_from work.
I want to whitelist my own domain (i know... it can be dangerous but it's
for testing purpose).
This is my local.cf :
# These values can be overridden by editing ~/.spamassassin/user_prefs.cf
# (see spamassassin(1) for details)
# These should b
Hi Michael,
At 08:58 23-10-2008, Michael Scheidell wrote:
Why? Its being widely used by 'email experts' and hosted email anti-spam
companies now.
The section of the SMTP standard that discusses about MX records is
commonly misinterpreted by some people. Even if CNAMEs are widely
used, that
On Thu, Oct 23, 2008 at 03:15:33PM +0200, mouss wrote:
> Brent Clark a écrit :
> > Hiya
> >
> > I would like to know, what are the implications of using / enabling
> > shortcircuit.
> >
> > Other than speeding up the scan processing, from my side, I cant see a
> > downgrade in spam detection.
> >
> At 15:01 22-10-2008, Michael Scheidell wrote:
>> Maybe rfc's need to change.. There is no modern software that can't send to
>> a cnamed mx or mx'ed cname, whatever.
>
> I doubt that it will be changed to accommodate that. It's not only a
> matter of software. Such a change would have an impac
nelson
i have typed this up before on other lists and possibly this one
it is a qmail-scanner-queue.pl issue and requires delicate config changes
also, because of that, we changed the clamav config to the spamassassin
clamav plugin way as well and stopped it in the above qmail-scanner-queue
Nelson Serafica wrote:
> Anyone uses qmail here. I just recently setup qmail with
> qmail-scanner and clamav and spamassin as scanner array. I just
> noticed in my spamassassin log that even though the required hits in
> spamassassin is 5, it still allow those email which has greater value
> of 5.
That was discussed within the past week, check the mailing list archives.
thanks - i have resolved this now
Brent Clark a écrit :
> Hiya
>
> I would like to know, what are the implications of using / enabling
> shortcircuit.
>
> Other than speeding up the scan processing, from my side, I cant see a
> downgrade in spam detection.
>
if you don't have performance issues, don't shortcircuit. The more you
Lucio Chiappetti a écrit :
> We have been very happily running spamassassin 3.0.4 under amavisd-new
> milter on Suse 9.2 since a couple of years, using the standard
> configuration recommended by the Italian GARR network.
>
> Please avoid comments on "old version" or so, we are planning an overall
Brent Clark wrote on Thu, 23 Oct 2008 10:43:32 +0200:
> I cant see a
> downgrade in spam detection.
you *may* see an "upgrade" in FPs.
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
Matt Kettler wrote:
> Lucio Chiappetti wrote:
>
>> We have been very happily running spamassassin 3.0.4 under amavisd-new
>> milter on Suse 9.2 since a couple of years, using the standard
>> configuration recommended by the Italian GARR network.
>>
>> Please avoid comments on "old version" or so
Lucio Chiappetti wrote:
> We have been very happily running spamassassin 3.0.4 under amavisd-new
> milter on Suse 9.2 since a couple of years, using the standard
> configuration recommended by the Italian GARR network.
>
> Please avoid comments on "old version" or so, we are planning an
> overall u
On 23.10.08 11:05, Lucio Chiappetti wrote:
> We have been very happily running spamassassin 3.0.4 under amavisd-new
> milter on Suse 9.2 since a couple of years, using the standard
> configuration recommended by the Italian GARR network.
>
> Please avoid comments on "old version" or so, we are p
On 23.10.08 10:43, Brent Clark wrote:
> I would like to know, what are the implications of using / enabling
> shortcircuit.
>
> Other than speeding up the scan processing, from my side, I cant see a
> downgrade in spam detection.
important rules may not be applied thus you can have FPs and FNs
We have been very happily running spamassassin 3.0.4 under amavisd-new
milter on Suse 9.2 since a couple of years, using the standard
configuration recommended by the Italian GARR network.
Please avoid comments on "old version" or so, we are planning an overall
update following an OS update in
Hiya
I would like to know, what are the implications of using / enabling
shortcircuit.
Other than speeding up the scan processing, from my side, I cant see a
downgrade in spam detection.
Kind Regards
Brent Clark
> >># host mail.example.com
> >>mail.example.com is an alias for hostname.example.com.
> >>hostname.example.com has address 1.2.3.4
> >
> >
> >Wrong. The MX record has to point to an A name, not a CNAME.
On 22.10.08 21:21, Len Conrad wrote:
> what?
>
> MX record's data field is a domain name
>
38 matches
Mail list logo