Been getting a lot of low scoring stuff like this lately. Any suggestions?
-Original Message-
From: FedEx Courier Express NG [mailto:mas...@card.org]
Sent: Monday, August 10, 2009 7:12 PM
Subject: Dear Customer/Beneficiary!
Dear Customer/Beneficiary!
Kindly contact our deliv
Ryan,
> I am trying to implement an anti-phishing strategy and was hoping some of
> you could point me in the right direction. I want to keep track of how many
> recipients a user sends mail to on a 24-hour basis. When a given threshold
> is met, that user's email would then go into quarantine unt
On Tue, 11 Aug 2009 16:54:08 -0400, "Wendel, Ryan"
wrote:
> I am trying to implement an anti-phishing strategy and was hoping some
of
> you could point me in the right direction.
start with policyd v2 (http://www.policyd.org/)
take virus later
--
Benny Pedersen
Apache SpamAssassin 3.3.0-alpha2 is now available for testing.
Downloads are available from:
http://people.apache.org/~jm/devel/
md5sum of archive files:
1b396a9df1faa22185263c7526fe6042 Mail-SpamAssassin-3.3.0-alpha2.tar.bz2
fbd0c4016d5d9c5adc3a958105b0b414 Mail-SpamAssassin-3.3.0-alpha2.tar
I am trying to implement an anti-phishing strategy and was hoping some of you
could point me in the right direction. I want to keep track of how many
recipients a user sends mail to on a 24-hour basis. When a given threshold is
met, that user's email would then go into quarantine until an admin
> Henrik K wrote:
> > On Tue, Aug 11, 2009 at 04:31:32AM +0100, RW wrote:
> >> On Sun, 09 Aug 2009 11:33:29 +0100
> >> Cedric Knight wrote:
> >>
> >>
> >>> header FH_HELO_EQ_D_D_D_DX-Spam-Relays-Untrusted =~ /^[^\]]+
> >>> ...
> >>> header HELO_MISC_IPX-Spam-Relays-Untrusted =~ /^[
>> On 10.08.09 14:56, Charles Gregory wrote:
>>> Not at all. I know who logs on when, and I can easily disable their
>>> access.
> On Tue, 11 Aug 2009, Matus UHLAR - fantomas wrote:
>> I should made that more clear: If there are more _concurrent_ users on
>> the same IP (home/office network with
On Tuesday 11 August 2009, John Hardin wrote:
>On Tue, 11 Aug 2009, Gene Heskett wrote:
>> How can I make it verbose enough to tell me which 'channel' is failing
>> the check?
>
>Run sa-update in debugging mode with -D
Thank you, I'll do that.
--
Cheers, Gene
"There are four boxes to be used in
On Tue, 11 Aug 2009, Gene Heskett wrote:
How can I make it verbose enough to tell me which 'channel' is failing
the check?
Run sa-update in debugging mode with -D
--
John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
jhar...@impsec.orgFALaholic #11174 pgpk -a jhar
> > Should be blatantly obvious, but since you asked...
> >
> > Lack of volunteer time, manpower or a paid position? Maybe
> > also a mass- check run, since this might have more overall
> > impact? Possibly?
>
> i wouldnt know about the internal stuff you mentioned although i didnt
> really po
Greetings all;
My sa-update script, set for 3 channels, is returning this email when it runs:
error: GPG validation failed!
The update downloaded successfully, but the GPG signature verification
failed.
channel: GPG validation failed, channel failed
I have
> Should be blatantly obvious, but since you asked...
>
> Lack of volunteer time, manpower or a paid position? Maybe
> also a mass- check run, since this might have more overall
> impact? Possibly?
>
i wouldnt know about the internal stuff you mentioned although i didnt
really ponder that.
On Tue, 11 Aug 2009, Matus UHLAR - fantomas wrote:
On 10.08.09 14:56, Charles Gregory wrote:
Not at all. I know who logs on when, and I can easily disable their
access.
I should made that more clear: If there are more _concurrent_ users on
the same IP (home/office network with NAT), you only ca
On Mon, 2009-08-10 at 23:19 -0700, Robert wrote:
> > All these are fixed to -External in SVN/3.3.
>
> why arent they "fixed and/or changed" in 3.2.5 then?
>
> what could possibly hold that back?
Should be blatantly obvious, but since you asked...
Lack of volunteer time, manpower or a paid posi
On Sun, 2009-08-09 at 11:33 +0100, Cedric Knight wrote:
> I'm using Bayes and network tests, and have found a few rules with a
> good ratio of ham to spam, but that score only 0.001 in the default rules.
>
> In some cases, it is presumably because they overlap with other rules or
> are detected by
On Tue, 2009-08-11 at 10:58 +0100, Cedric Knight wrote:
> BTW (2), maybe I overstated the case for URIBL_RED. It seems to vary
> somewhat in its reliability, and probably shouldn't be scored >1.0.
> Still non-zero though, I propose.
Did you read the URIBL docs, specifically Usage and About? The f
Luis Daniel Lucio Quiroz wrote:
> Le lundi 10 août 2009 19:15:15, Cedric Knight a écrit :
>> Stefan wrote:
[...]
>>> You have to forward the message as an attachment un unpack it after
>>> receiving. Have a look at:
>>> https://po2.uni-stuttgart.de/~rusjako/sal-wrapper
>> Yes, I find this approach
Henrik K wrote:
> On Tue, Aug 11, 2009 at 04:31:32AM +0100, RW wrote:
>> On Sun, 09 Aug 2009 11:33:29 +0100
>> Cedric Knight wrote:
>>
>>
>>> header FH_HELO_EQ_D_D_D_DX-Spam-Relays-Untrusted =~ /^[^\]]+
>>> ...
>>> header HELO_MISC_IPX-Spam-Relays-Untrusted =~ /^[^\]]+
>>>
>> Possi
> On Mon, 10 Aug 2009, Matus UHLAR - fantomas wrote:
>> On 10.08.09 11:07, Charles Gregory wrote:
>>> IMNSHO You shouldn't. You should only allow *your* customers with pop
>>> e-mail accounts on *your* servers to send mail.
>> 1.
>> If more customers send spam from the same IP address without authe
19 matches
Mail list logo
