Prempting some responses:
What about external remote workers?
What about those who email stuff to themselves?
I hear this kind of thing all the time when people moan about spoofing.
On Wed, 2008-12-10 at 12:19 -0500, Kevin Parris wrote:
> You do not have a SpamAssassin problem, you have a Commun
LuKreme wrote:
> I read the man page, where there is no mention of how to obtain this
> number. In fact, I read many posts, and many webpages and have still not
> found that information. I've seen the IDs in others posts, sure, but
> where do they originate?
>
> Even searching the wiki (which
On 10-Dec-2008, at 22:18, SM wrote:
At 20:39 10-12-2008, LuKreme wrote:
And the source of that number is, evidently, a complete mystery.
That's my point. I've seen lots of instructions like this:
# wget http://somesite.tld/somepath/GPG.KEY
# sudo sa-update --import GPG.KEY
# sudo sa-update --g
On Wed, 2008-12-10 at 13:09 +, Ned Slider wrote:
> ram wrote:
> > I got a spam with just a link to a google groups page
> >
> > https://ecm.netcore.co.in/tmp/spam_google.txt
> >
> >
> > Now I am scoring all mails with links to groups.google but
> > (may not be a gr8 idea though )
> >
>
>
At 20:39 10-12-2008, LuKreme wrote:
And the source of that number is, evidently, a complete mystery.
That's my point. I've seen lots of instructions like this:
# wget http://somesite.tld/somepath/GPG.KEY
# sudo sa-update --import GPG.KEY
# sudo sa-update --gpgkey 0E28B3DC --channel uber.rule.so
On 10-Dec-2008, at 20:36, SM wrote:
At 13:51 10-12-2008, LuKreme wrote:
I read the man page, where there is no mention of how to obtain this
number. In fact, I read many posts, and many webpages and have still
not found that information. I've seen the IDs in others posts, sure,
but where do the
On 10-Dec-2008, at 16:01, mouss wrote:
while the whitelisting part is ok, the "blacklisting" part is risky:
- they could mess up with their dns config during an update or
they
could add a new MTA, or reconfigure their MTA and "forget" to pass
throgh the dkim signing application...
- they
At 13:51 10-12-2008, LuKreme wrote:
I read the man page, where there is no mention of how to obtain this
number. In fact, I read many posts, and many webpages and have still
not found that information. I've seen the IDs in others posts, sure,
but where do they originate?
sa-update uses GPG (GN
>
> Right. I removed most if not all of the SARE rules on most
> machines some months ago with no ill effects.
>
> Kai
what ones did you keep? if you recall, any particular reason why?
- rh
On Wed, December 10, 2008 23:16, LuKreme wrote:
> Which would, I think, score them a full 5 points up for failing
> DKIM, but give them a negative score from USER_IN_DKIM_WHITELIST?
try:
def_whitelist_auth [EMAIL PROTECTED]
whitelist_auth [EMAIL PROTECTED]
why have the extra step with add scor
[EMAIL PROTECTED]>
Reply-To: users@spamassassin.apache.org
LuKreme wrote on Wed, 10 Dec 2008 14:51:47 -0700:
> I read the man page, where there is no mention of how to obtain this
> number. In fact, I read many posts, and many webpages and have still
> not found that information. I've seen t
LuKreme a écrit :
> On 10-Dec-2008, at 12:10, Kelson wrote:
>> Successful sender verification ALONE doesn't tell you much, because it
>> doesn't distinguish between a legit sender who uses DKIM and a spammer
>> who uses DKIM (or a spammer abusing a large sender). This is why the
>> default scores
LuKreme a écrit :
> On 10-Dec-2008, at 01:31, Kai Schaetzl wrote:
>> Duane Hill wrote on Wed, 10 Dec 2008 06:53:39 + (UTC):
>>> Do a search for 'sought' on the SA wiki page
>>
>> and read the documentation on sa-update before you ask again ;-)
>
> I read the man page, where there is no mention
On 10-Dec-2008, at 12:10, Kelson wrote:
Successful sender verification ALONE doesn't tell you much, because
it doesn't distinguish between a legit sender who uses DKIM and a
spammer who uses DKIM (or a spammer abusing a large sender). This
is why the default scores on DKIM_VERIFIED and DKIM
On 10-Dec-2008, at 01:31, Kai Schaetzl wrote:
Duane Hill wrote on Wed, 10 Dec 2008 06:53:39 + (UTC):
Do a search for 'sought' on the SA wiki page
and read the documentation on sa-update before you ask again ;-)
I read the man page, where there is no mention of how to obtain this
number
LuKreme a écrit :
> On 8-Dec-2008, at 00:44, mouss wrote:
>>> DKIM is not a blacklister, but a whitelist based on if sender really
>>> use monster.com mta mail server or not :)
>>>
>> indeed.
>
>
> Checking my SPAM folder it seems that a LOT of spam gets DKIM_VERIFIED
>
> I have tons that look,
John Horne a écrit :
> On Tue, 2008-12-09 at 22:54 -0700, LuKreme wrote:
>> On 9-Dec-2008, at 17:09, John Horne wrote:
>>> Try:
>>>
>>>sa-update --gpgkey 6C6191E3 --channel sought.rules.yerp.org
>> Ok, that gives me no error (where did you find/get the 6C6191E3?). It
>> sits for about 20-30 s
LuKreme wrote:
So it looks like the only usefulness of DKIM for spam checking is really
for the big mailers like gmail, paypal, ebay, etc?
A pass on DKIM (or any other sender verification system ) is useful for
any mailer that you *recognize*, regardless of size.
Trivial example: If you regu
You do not have a SpamAssassin problem, you have a Communigate problem.
Present this issue to your support resources for that product.
The basics of what you want to do are something like this:
When a message is arriving from the internet, and has your own domain in the
Return-path, it should
[EMAIL PROTECTED] wrote:
> Karsten =?ISO-8859-1?Q?Br=E4ckelmann?= writes:
> > On Mon, 2008-12-08 at 20:00 -0600, Chris wrote:
> > > Has anyone seen any updates to the sought rules lately? It seems
> > > like it's been about 4 or 5 days now since I've seen any via
> > > sa-update.
> >
> > I believ
On 08.12.08 19:09, James Grant wrote:
> Hi all, I've run into a weird situation where spamassassin will (seemingly
> randomly) only do certain RBL checks.
[...]
> I've done it with spamd in debug mode and there's never any warnings or
> errors about it not doing certain checks, it seems to just
ram wrote:
I got a spam with just a link to a google groups page
https://ecm.netcore.co.in/tmp/spam_google.txt
Now I am scoring all mails with links to groups.google but
(may not be a gr8 idea though )
Bayes training may help :)
Google's Notebook is currently being abused too. See here:
this gets me 62 pages:
php5 5.2.7 mq bug
ram wrote:
On Tue, 2008-12-09 at 07:38 -0500, Michael Scheidell wrote:
Last week, a security bullet was released about security problems with
php5 prior to version 5.2.7.
Yesterday, a major regression testing problem was fixed in 5.2.7, with
the re
Justin Mason wrote:
Karsten =?ISO-8859-1?Q?Br=E4ckelmann?= writes:
On Mon, 2008-12-08 at 20:00 -0600, Chris wrote:
Has anyone seen any updates to the sought rules lately? It seems like it's
been about 4 or 5 days now since I've seen any via sa-update.
I believe this is due to the recent SSL ce
Karsten =?ISO-8859-1?Q?Br=E4ckelmann?= writes:
> On Mon, 2008-12-08 at 20:00 -0600, Chris wrote:
> > Has anyone seen any updates to the sought rules lately? It seems like it's
> > been about 4 or 5 days now since I've seen any via sa-update.
>
> I believe this is due to the recent SSL cert updat
On Tue, 2008-12-09 at 22:54 -0700, LuKreme wrote:
> On 9-Dec-2008, at 17:09, John Horne wrote:
> > Try:
> >
> >sa-update --gpgkey 6C6191E3 --channel sought.rules.yerp.org
>
> Ok, that gives me no error (where did you find/get the 6C6191E3?). It
> sits for about 20-30 seconds and then I get a
Ram wrote on Wed, 10 Dec 2008 14:48:23 +0530:
> Any reference links , I tried to google. Didnt get any
php.net
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
hofmae a écrit :
> Hi,
>
> thanks a lot.
>
> but the didn't solve anything...
>
> We need the mailer daemon, we cannot just deactivate it.
>
> I think the main problem is that there is one of our adressess in the
> return-path. Thats wrong i think, because the spammer sends a spammail with
> on
Hi,
thanks a lot.
but the didn't solve anything...
We need the mailer daemon, we cannot just deactivate it.
I think the main problem is that there is one of our adressess in the
return-path. Thats wrong i think, because the spammer sends a spammail with
one of our adressess in the return-path.
Kai Schaetzl a écrit :
> LuKreme wrote on Tue, 9 Dec 2008 16:50:34 -0700:
>
>> Geez there's
>> a lot of them... and they look like they are very old, with last
>> updated dates in 2005-2006 and none newer than Aug 2007.
>
> Right. I removed most if not all of the SARE rules on most machines s
On Tue, 2008-12-09 at 07:38 -0500, Michael Scheidell wrote:
> Last week, a security bullet was released about security problems with
> php5 prior to version 5.2.7.
> Yesterday, a major regression testing problem was fixed in 5.2.7, with
> the removal of the 5.2.7 binaries, and the emergency rele
LuKreme wrote on Tue, 9 Dec 2008 16:50:34 -0700:
> Geez there's
> a lot of them... and they look like they are very old, with last
> updated dates in 2005-2006 and none newer than Aug 2007.
Right. I removed most if not all of the SARE rules on most machines some
months ago with no ill effect
Duane Hill wrote on Wed, 10 Dec 2008 06:53:39 + (UTC):
> Do a search for 'sought' on the SA wiki page
and read the documentation on sa-update before you ask again ;-)
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
LuKreme wrote on Tue, 9 Dec 2008 23:23:19 -0700:
> Ok, where in those directions are you supposed to find the keyid?
where the channel maintainer announces the channel and tells you how to
use it.
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.cona
34 matches
Mail list logo