Occasionally I'd like to do something like this:
whitelist_from_rcvd [EMAIL PROTECTED] /^smtp[0-9]+\.orange\.fr$/
The situation is that domain.fr is relaying mail through their provider,
which has a number of smtp servers named smtpNN.orange.fr. If I were
to stick to the current
Per Jessen wrote:
Occasionally I'd like to do something like this:
whitelist_from_rcvd [EMAIL PROTECTED] /^smtp[0-9]+\.orange\.fr$/
The situation is that domain.fr is relaying mail through their provider,
which has a number of smtp servers named smtpNN.orange.fr. If I were
to stick to the
FractalBob wrote:
Can SpamAssassin be configured to use the domain in the sender e-mail address
or in the message content itself as an input parameter to, say, a WHOIS
search, in order to locate either the sender or his ISP? I know this would
be expensive, since it would require going out to the
FractalBob wrote:
Can SpamAssassin be configured to use the domain in the sender e-mail
address
or in the message content itself as an input parameter to, say, a WHOIS
search, in order to locate either the sender or his ISP? I know this would
be expensive, since it would require going out
On 06.11.08 17:00, Joe Dragotta wrote:
With the forwarding to SA active in both the system and user level
procmailrc files, I was noting some odd behavior. The system level
filtering was correctly tagging about 90% of the spam as spam and
sending it to /dev/null/, and therefore was not
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dear members,
I have recently setup a mailbox and a sa-learn script to start
teaching SpamAssassin. This was all no problem, but:
We have an MX group of usually about 3 MTAs, which all run their own
content filter (amavis) and thus use their
Per Jessen wrote:
Occasionally I'd like to do something like this:
whitelist_from_rcvd [EMAIL PROTECTED] /^smtp[0-9]+\.orange\.fr$/
One problem.. That involves a regex, but whitelist_from is a regular
user config option.
In general, regular expressions are intentionally not used in
On Fri, Nov 07, 2008 at 02:38:22PM +0100, Per Jessen wrote:
Henrik K wrote:
On Fri, Nov 07, 2008 at 02:22:08PM +0100, Per Jessen wrote:
Yes, I saw that in the code - still, having a
whitelist_from_rcvdregex
would be very useful, people relay via their providers quite a lot.
I guess
Henrik K wrote:
On Fri, Nov 07, 2008 at 02:38:22PM +0100, Per Jessen wrote:
Henrik K wrote:
On Fri, Nov 07, 2008 at 02:22:08PM +0100, Per Jessen wrote:
Yes, I saw that in the code - still, having a
whitelist_from_rcvdregex
would be very useful, people relay via their providers quite a lot.
Henrik K wrote:
Then instead of asking for a lacking addition to a poor whitelisting
method (in this case), we should enhance whitelist_from_rcvd to
process received paths:
whitelist_from_rcvd [EMAIL PROTECTED] 1.2.3.4 2.3.4.5
Should this be read to mean whitelist from foobar if it came
On 07.11.08 12:45, Samy Ascha, Xel Media B.V. wrote:
I have recently setup a mailbox and a sa-learn script to start
teaching SpamAssassin. This was all no problem, but:
We have an MX group of usually about 3 MTAs, which all run their own
content filter (amavis) and thus use their own
On Fri, Nov 07, 2008 at 03:07:59PM +0100, mouss wrote:
Then instead of asking for a lacking addition to a poor whitelisting method
(in this case), we should enhance whitelist_from_rcvd to process received
paths:
whitelist_from_rcvd [EMAIL PROTECTED] 1.2.3.4 2.3.4.5
why? I wouldn't put 30
On Fri, Nov 07, 2008 at 03:09:29PM +0100, Per Jessen wrote:
Henrik K wrote:
Then instead of asking for a lacking addition to a poor whitelisting
method (in this case), we should enhance whitelist_from_rcvd to
process received paths:
whitelist_from_rcvd [EMAIL PROTECTED] 1.2.3.4
On Fri, November 7, 2008 09:43, mouss wrote:
- since spammers often forge the sender address, you don't really care
of the corresponding whois infos.
whois 127.0.0.1
let them forge it :)
--
Benny Pedersen
Need more webspace ? http://www.servage.net/?coupon=cust37098
On Fri, November 7, 2008 10:02, Neil wrote:
My understanding is Mail::SPF is not needed if you have
Mail::SPF::Query installed.
currect, but Mail::SPF::Query does not support SPF rr in dns, Mail::SPF does
--
Benny Pedersen
Need more webspace ? http://www.servage.net/?coupon=cust37098
On Fri, Nov 07, 2008 at 04:20:17PM +0200, Henrik K wrote:
On Fri, Nov 07, 2008 at 03:09:29PM +0100, Per Jessen wrote:
I'm not sure I like the ideas of whitelisting based on IP-addresses,
it's too inflexible. Why would you not use hostnames?
Hmm.. ok I think you both (mouss) are
On Fri, November 7, 2008 03:33, Michelle Konzack wrote:
I am rejecting ANY (!!!) messages coming from *.ru and *.ua domains
where the From: header is from:
MAILER-DAEMON@
ok
postmaster@
http://rfc-ignorant.org/policy-postmaster.php
noreply@
no-reply@
Henrik K wrote:
On Fri, Nov 07, 2008 at 02:22:08PM +0100, Per Jessen wrote:
Yes, I saw that in the code - still, having a
whitelist_from_rcvdregex
would be very useful, people relay via their providers quite a lot.
I guess I'll have to write something up.
If the originator is static IP,
Sure, they do spoof, but one could write a script that pokes around the
message content, looking for a URL or signature and use that instead.
I found some rulesets, 70_sare_evilnum*.cf, that seem to do what I want, but
I don't know how to use them; documentation is scarce for SpamAssassin. Does
Per Jessen wrote:
Matt Kettler wrote:
Per Jessen wrote:
Occasionally I'd like to do something like this:
whitelist_from_rcvd [EMAIL PROTECTED] /^smtp[0-9]+\.orange\.fr$/
One problem.. That involves a regex, but whitelist_from is a regular
user config option.
In general, regular
Hi Chris.
I have gotten over 200.000 of them with more then 2700 MByte...
Now it is reduced to less then 200 backscatter per day.
I am rejecting ANY (!!!) messages coming from *.ru and *.ua domains
where the From: header is from:
MAILER-DAEMON@
postmaster@
noreply@
Henrik K wrote:
why link that to trusted_networks?
Obviously the whole IP path must be trusted (excluding the last one). You
can use hostnames as well. But then you have to have trust path right, to
trust later hostnames.
maybe I misunderstood your could even work
And perhaps it
Henrik K wrote:
On Fri, Nov 07, 2008 at 04:20:17PM +0200, Henrik K wrote:
On Fri, Nov 07, 2008 at 03:09:29PM +0100, Per Jessen wrote:
I'm not sure I like the ideas of whitelisting based on IP-addresses,
it's too inflexible. Why would you not use hostnames?
Hmm.. ok I think you both (mouss)
I'm sorry all, where / how do I add the -u on spamd?
Thanks,
Matt Kettler wrote:
Per Jessen wrote:
Occasionally I'd like to do something like this:
whitelist_from_rcvd [EMAIL PROTECTED] /^smtp[0-9]+\.orange\.fr$/
One problem.. That involves a regex, but whitelist_from is a regular
user config option.
In general, regular expressions are
Michelle Konzack writes:
Am 2008-10-30 08:53:17, schrieb Greg Troxel:
So I wonder if domains with no
vowels are normal in Germany (they are not normal in the US).
In germany there are many domains ending with gmbh.de which is a
limited liability company. Also I know Austrian and
On Fri, Nov 07, 2008 at 04:45:57PM +0100, mouss wrote:
With hostnames there is a bigger change of failure (by just using a domain
instead of exact hostname, letting f.e. dialup users from the domain forge
the path).
not sure I understand. people can't easily forge their rdns (in the
What
Am 2008-10-30 08:53:17, schrieb Greg Troxel:
So I wonder if domains with no
vowels are normal in Germany (they are not normal in the US).
In germany there are many domains ending with gmbh.de which is a
limited liability company. Also I know Austrian and Swiss domains
with it.
Maybe
On Fri, Nov 07, 2008 at 02:22:08PM +0100, Per Jessen wrote:
Matt Kettler wrote:
Per Jessen wrote:
Occasionally I'd like to do something like this:
whitelist_from_rcvd [EMAIL PROTECTED] /^smtp[0-9]+\.orange\.fr$/
One problem.. That involves a regex, but whitelist_from is a
On 7 Nov 2008, at 04:33, Matus UHLAR - fantomas wrote:
On 07.11.08 04:02, Neil wrote:
Is there a way to check if SPFs and DKIMs are being checked by
SpamAssassin?
Here is, I believe, the relevant spamassassin -D --lint output as far
as modules go:
[19018] dbg: dns: is Net::DNS::Resolver
On Fri, 2008-11-07 at 10:51 -0500, Jean-Paul Natola wrote:
I'm sorry all, where / how do I add the -u on spamd?
Wherever, however you invoke spamd.
--
char *t=[EMAIL PROTECTED];
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;il;i++){ i%8? c=1:
(c=*++x); c128 (s+=h); if
FractalBob wrote:
Sure, they do spoof, but one could write a script that pokes around the
message content, looking for a URL or signature and use that instead.
I found some rulesets, 70_sare_evilnum*.cf, that seem to do what I want, but
I don't know how to use them; documentation is scarce for
Benny Pedersen wrote:
On Fri, November 7, 2008 03:33, Michelle Konzack wrote:
I am rejecting ANY (!!!) messages coming from *.ru and *.ua domains
where the From: header is from:
MAILER-DAEMON@
ok
postmaster@
http://rfc-ignorant.org/policy-postmaster.php
the rfci
Am 2008-10-31 13:31:16, schrieb Kai Schaetzl:
Easy:
Remote Sensing Solutions GmbH -
Remote Sensing Solutions Ltd -
rssltd.com
But you know, that a GmBH is very different from a Ltd?
They have different status.
Thanks, Greetings and nice Day/Evening
Michelle Konzack
Am 2008-11-01 17:00:09, schrieb Martin Gregorie:
I've started to see Casino spam in the last week and noticed, that of
You mean this Royal Casino thing from whgich I get all 2 hours one?
I like to have the rule since my current spamassassin let it through...
Thanks, Greetings and nice
Thanks, Mouss, for the pointers, but I still don't understand where the
addresses and phone numbers in 70_sare_evilnum come from. Can SpamAssassin
be configured to scan a message, pick up a domain and then do a WHOIS
search, or did someone go through a few e-mails by hand, query WHOIS using
the
On Fri, 7 Nov 2008, FractalBob wrote:
Thanks, Mouss, for the pointers, but I still don't understand where the
addresses and phone numbers in 70_sare_evilnum come from. Can SpamAssassin
be configured to scan a message, pick up a domain and then do a WHOIS
search, or did someone go through a few
On Fri, November 7, 2008 19:31, mouss wrote:
postmaster@
http://rfc-ignorant.org/policy-postmaster.php
the rfci policy applies to postmaster as a recipient. nobody can force
you to accept mail _from_ postmaster.
how can anyone solve anything when postmasters cant talk together ?
doh
--
On 7 Nov 2008, at 09:22, Benny Pedersen wrote:
On Fri, November 7, 2008 10:02, Neil wrote:
My understanding is Mail::SPF is not needed if you have
Mail::SPF::Query installed.
currect, but Mail::SPF::Query does not support SPF rr in dns,
Mail::SPF does
Thanks.
But still; how can I
Hi,
I'm having issues with SA spamassassin-3.2.4-1.el5 , some dnsbl
tests consistantly time out. URI-DNSBL, URI-NS and DNSBL-MX
I can get the URI-NS URI-DNSBL to work if I replace the
URIDNSBL.pm with the one from spamassassin-3.0.4.
But the DNSBL-MX tests still time out..
I
On Fri, November 7, 2008 22:38, Daniel Bourque wrote:
[3033] dbg: dns: Net::DNS version: 0.59
update this one
--
Benny Pedersen
Need more webspace ? http://www.servage.net/?coupon=cust37098
Thanks for the reply.
Ok, I upgraded
[4918] dbg: dns: Net::DNS version: 0.63
but I still saw the same issue.
I recalled that the problem started after I moved the server on my DMZ.
After some playing around, turns out that Net::DNS performs certain test
with via UDP port 53, therefore, I
Daniel Bourque wrote:
After some playing around, turns out that Net::DNS performs certain test
with via UDP port 53, therefore, I had to accept UDP packets from my
nameserver's udp:53
... u... *yes*, you have to accept UDP packets on port 53 O_o
*Most* DNS traffic is UDP. If
Benny Pedersen wrote:
On Fri, November 7, 2008 22:38, Daniel Bourque wrote:
[3033] dbg: dns: Net::DNS version: 0.59
update this one
*nod* Daniel, you may also want to look into upgrading SA itself;
unfortunately most distribution-provided packages tend to go stale after
a new patchlevel
It sounds obvious now.
BUT , before I added the UDP dns firewall rules. I could successfully do :
lookups using the host command ,
lookups with the example snippet in the Net::DNS man page
all DNS RBL tests with my older SA installation ( 3.0.4 )
... So I didn't think that I needed that UDP
how can anyone solve anything when postmasters cant talk together ?
doh
--
Benny Pedersen
*snip* advertisement and link
benny,
do you trust emails from some postmaster at some domain and spend lots of
time answering them?
yeah, right.
and btw benny, please stop spamming us w/ the
Benny Pedersen [EMAIL PROTECTED] wrote:
On Fri, November 7, 2008 19:31, mouss wrote:
postmaster@
http://rfc-ignorant.org/policy-postmaster.php
the rfci policy applies to postmaster as a recipient. nobody can force
you to accept mail _from_ postmaster.
how can anyone solve anything
I recently had to entirely re-IP a network including the server running
Spamassassin. When I run sa-update, it just hangs at the command prompt
with a flashing cursor; same thing happens when I run sa-update -D but
only after it calls the updates.spamassassin.org channel...
Checking my
Shawn Berg wrote:
I recently had to entirely re-IP a network including the server running
Spamassassin. When I run sa-update, it just hangs at the command prompt
with a flashing cursor; same thing happens when I run sa-update –D but
only after it calls the updates.spamassassin.org channel…
I'm wondering about the best way to train my Bayes filter (per-user
filtering).
I have a Junk folder, and it contains roughly three categories of mail
(to my mind, at least):
A. Mail SpamAssassin marked spam and auto-learned as spam.
B. Mail SpamAssassin marked spam, but did not autolearn.
Neil wrote:
I'm wondering about the best way to train my Bayes filter (per-user
filtering).
I have a Junk folder, and it contains roughly three categories of mail
(to my mind, at least):
A. Mail SpamAssassin marked spam and auto-learned as spam.
B. Mail SpamAssassin marked spam, but did not
On 7 Nov 2008, at 23:40, Matt Kettler wrote:
Neil wrote:
I'm wondering about the best way to train my Bayes filter (per-user
filtering).
I have a Junk folder, and it contains roughly three categories of
mail
(to my mind, at least):
A. Mail SpamAssassin marked spam and auto-learned as
On 7 Nov 2008, at 23:43, Neil wrote:
On 7 Nov 2008, at 23:40, Matt Kettler wrote:
Neil wrote:
I'm wondering about the best way to train my Bayes filter (per-user
filtering).
I have a Junk folder, and it contains roughly three categories of
mail
(to my mind, at least):
A. Mail
Neil wrote:
So maybe this is moving slightly off on a tangent, but:
Why does auto-learn sometimes learn spam with a rating of X, but not
spam with a rating of X+Y? Where's it's methodology?
First, there's several rules involved here.
To autolearn as spam *ALL* of the following must be met:
Matt Kettler wrote:
Neil wrote:
So maybe this is moving slightly off on a tangent, but:
Why does auto-learn sometimes learn spam with a rating of X, but not
spam with a rating of X+Y? Where's it's methodology?
First, there's several rules involved here.
To autolearn as spam
On 8 Nov 2008, at 00:09, Matt Kettler wrote:
Matt Kettler wrote:
Neil wrote:
So maybe this is moving slightly off on a tangent, but:
Why does auto-learn sometimes learn spam with a rating of X, but not
spam with a rating of X+Y? Where's it's methodology?
First, there's several rules
56 matches
Mail list logo