Re: semi-legit senders in DNSWL and habeas - a hard problem

On Wed, 6 Jan 2010 14:06:23 -0800 "jdow" wrote: > From: "Kai Schaetzl" > Sent: Wednesday, 2010/January/06 13:03 > > > > Jdow wrote on Wed, 6 Jan 2010 10:40:14 -0800: > > > >> Actually, Charles, this is a VERY good reason I'd use to justify > >> changing my quote character to something goofy li

Re: ClamAV Plugin Question

On Tuesday January 5 2010 15:15:58 Art Greenberg wrote: > > On Tuesday January 5 2010 14:45:30 Art Greenberg wrote: > >> SA and ClamAV both seem to be scanning email and otherwise working > >> properly, except that the ClamAV plugin is inserting the X-Spam-Virus > >> header twice. Messages with a v

Re: ALL_TRUSTED rule no longer working

On 1/6/2010 3:43 PM, Julian Yap wrote: > > On Tue, Jan 5, 2010 at 5:12 PM, Matt Kettler > wrote: > > On 1/5/2010 8:03 PM, Julian Yap wrote: >> Previously I was running SpamAssassin-3.1.8_1 on FreeBSD. >> >> I recently upgraded to 3.2.5_4. >> >> It's

Re: semi-legit senders in DNSWL and habeas - a hard problem

From: "Kai Schaetzl" Sent: Wednesday, 2010/January/06 13:03 Jdow wrote on Wed, 6 Jan 2010 10:40:14 -0800: Actually, Charles, this is a VERY good reason I'd use to justify changing my quote character to something goofy like % or # or even ; just to annoy the anal retentive types. First, to

Re: [sa] Re: semi-legit senders in DNSWL and habeas - a hard problem

On Jan 5, 2010, at 3:52 PM, Michael Scheidell wrote: > or an industry standard, RFC REQUIRED abuse@ address. > > Section 1 of RFC2142 abuse@ works, but it isn't the fastest method for reaching the correct team. What I think a lot of y'all are missing is that we have more than one product, and

Re: semi-legit senders in DNSWL and habeas - a hard problem

On Jan 5, 2010, at 6:01 PM, Greg Troxel wrote: > Thanks. A link like "report spam" in the top bar, alongside "marketers I'll pass all of this along to the appropriate folks. -- J.D. Falk Return Path Inc

Re: lint check of update failed, channel failed

Hmm. We can use if can() to work around it... On Wednesday, January 6, 2010, Mark Martinec wrote: > jidanni wrote: > >> $ sa-update >> config: failed to parse line, skipping, >>  in "/tmp/.spamassassin5560GP7SGbtmp/10_default_prefs.cf": >>  clear_originating_ip_headers >> config: failed to parse

Re: semi-legit senders in DNSWL and habeas - a hard problem

Jdow wrote on Wed, 6 Jan 2010 10:40:14 -0800: > Actually, Charles, this is a VERY good reason I'd use to justify changing > my quote character to something goofy like % or # or even ; just to annoy > the anal retentive types. First, to clarify, it was Charles who sent this to the list, not me. Se

Re: semi-legit senders in DNSWL and habeas - a hard problem

Charles Gregory wrote on Wed, 6 Jan 2010 12:20:33 -0500 (EST): > Because I was getting several M$ Outhouse correspondents complaining that > my messages (using the 'standard' '>') were 'difficult to read'. > I could never get them to explain exactly how/why they were difficult to > read. It was

Re: semi-legit senders in DNSWL and habeas - a hard problem

Jdow wrote on Wed, 6 Jan 2010 10:37:49 -0800: > I've never received any and I am a member. Every invite has been from > somebody with a "solid" connection to me. Well, they seem to provide an option to upload your whole addressbook. And some email applications have an option to add every incomin

Re: junkemailfilter FP - impressive speed of resolving

Thanks - however I don't guarantee that kind of response time. :) Greg Troxel wrote: Lest people think I object to all whitelists, I'd like to point out that tonight I got spam from reachmail.net that was listed in HOSTKARMA_WL. I sent it off to supp...@junkemailfilter.com and SEVEN AND A HALF M

Re: ALL_TRUSTED rule no longer working

On Tue, Jan 5, 2010 at 5:12 PM, Matt Kettler wrote: > On 1/5/2010 8:03 PM, Julian Yap wrote: > > Previously I was running SpamAssassin-3.1.8_1 on FreeBSD. > > I recently upgraded to 3.2.5_4. > > It's seems now, I never get any hits on the rule ALL_TRUSTED. > > Previously it seemed like SA was doi

sa-update failing

Hi, I'm trying to update my rules with sa-update, and it is failing: deliver3# sa-update -D [98652] dbg: logger: adding facilities: all [98652] dbg: logger: logging level is DBG [98652] dbg: generic: SpamAssassin version 3.2.5 [98652] dbg: config: score set 0 chosen. [98652] dbg: dns: is Net::DN

Re: spamassassin or spamd with amavisd-new?

On 01/06/2010 02:05 PM, Kai Schaetzl wrote: Terry Carmen wrote on Wed, 06 Jan 2010 13:23:28 -0500: How/where is this turned on in amavisd-new-2.6.4? I'd be happy to get rid of useless instances of spamd This has nothing to do with amavis. spamd is a separate daemon that *you* enable

sa-update failing

Hi, (apologies if this is a duplicate - I don't think it went through the first time) I'm trying to update my rules with sa-update, and it is failing: deliver3# sa-update -D [98652] dbg: logger: adding facilities: all [98652] dbg: logger: logging level is DBG [98652] dbg: generic: SpamAssassi

Re: lint check of update failed, channel failed

jidanni wrote: > $ sa-update > config: failed to parse line, skipping, > in "/tmp/.spamassassin5560GP7SGbtmp/10_default_prefs.cf": > clear_originating_ip_headers > config: failed to parse line, skipping, > in "/tmp/.spamassassin5560GP7SGbtmp/10_default_prefs.cf": > originating_ip_headers X-Yah

Re: lint check of update failed, channel failed

jida...@jidanni.org wrote: $ sa-update config: failed to parse line, skipping, in "/tmp/.spamassassin5560GP7SGbtmp/10_default_prefs.cf": clear_originating_ip_headers config: failed to parse line, skipping, in "/tmp/.spamassassin5560GP7SGbtmp/10_default_prefs.cf": originating_ip_headers X-Yaho

Re: spamassassin or spamd with amavisd-new?

Terry Carmen wrote on Wed, 06 Jan 2010 13:23:28 -0500: > How/where is this turned on in amavisd-new-2.6.4? > > I'd be happy to get rid of useless instances of spamd This has nothing to do with amavis. spamd is a separate daemon that *you* enabled. As you don't seem to know this: are you sure th

lint check of update failed, channel failed

$ sa-update config: failed to parse line, skipping, in "/tmp/.spamassassin5560GP7SGbtmp/10_default_prefs.cf": clear_originating_ip_headers config: failed to parse line, skipping, in "/tmp/.spamassassin5560GP7SGbtmp/10_default_prefs.cf": originating_ip_headers X-Yahoo-Post-IP X-Originating-IP X-

Re: semi-legit senders in DNSWL and habeas - a hard problem

From: "Charles Gregory" Sent: Wednesday, 2010/January/06 09:20 On Wed, 6 Jan 2010, Kai Schaetzl wrote: : just wanted to inform you that ">" is the only official quote marker. Deep sigh. Do you know why I changed it? Because I was getting several M$ Outhouse correspondents complaining tha

Re: semi-legit senders in DNSWL and habeas - a hard problem

From: "Charles Gregory" Sent: Wednesday, 2010/January/06 07:11 On Tue, 5 Jan 2010, Greg Troxel wrote: : Thanks. A link like "report spam" in the top bar, alongside "marketers : and senders" would help. That should link to a page that gives an email : address where one can forward the full of

Re: spamassassin or spamd with amavisd-new?

On 01/05/2010 09:49 PM, Matt Kettler wrote: . . . Really, all spamd does is create a reusable instance of a Mail::SpamAssassin perl object, and keeps it loaded so it can process several messages that spamc feeds this. This is exactly what amavisd-new is already doing internal to its own code,

Re: semi-legit senders in DNSWL and habeas - a hard problem

On Wed, 6 Jan 2010, Kai Schaetzl wrote: : just wanted to inform you that ">" is the only official quote marker. Deep sigh. Do you know why I changed it? Because I was getting several M$ Outhouse correspondents complaining that my messages (using the 'standard' '>') were 'difficult to read'.

Re: [sa] Comparing the envelope-from/sender to the body from to prevent fake local users spams?

On Wed, 6 Jan 2010, lstep wrote: : Is there something implemented in Spamassassin to test and prevent mails : that come from 'outside' that have the header 'From' set to an internal : user? And here are YOUR headers on your email, which you would have received on your server from an 'outside syst

Re: Apache SpamAssassin Y2K10 Rule Bug - Update Your Rules Now! (custom sa-update script from howtoforge)

Mark Martinec wrote: > On Tuesday January 5 2010 22:47:42 Bowie Bailey wrote: > >> I patched sa-update to add a verbose option which outputs all the >> channel names that had changes. Very simple patch if anyone is >> interested. It installs cleanly on 3.2.5, I haven't tried 3.3. >> > > T

Re: SA 3.3.0-rc1 SPF Question

Jason Bertoch wrote: A message passed through my server yesterday from an @allianzlife.com address with the following Received header: Received: from allianzlife.com (securemail.allianzlife.com [204.52.250.91] (may be forged)) While investigating other issues with the message, I noted that

Re: semi-legit senders in DNSWL and habeas - a hard problem

On Tue, 5 Jan 2010, Greg Troxel wrote: : Thanks. A link like "report spam" in the top bar, alongside "marketers : and senders" would help. That should link to a page that gives an email : address where one can forward the full offending message, and a way to : lookup IP addresses to see if they a

Re: semi-legit senders in DNSWL and habeas - a hard problem

On Tue, 5 Jan 2010, Gene Heskett wrote: : The bottom line is that they are still spammers. Filter 'em. About that. A principle needs to be discussed here: Prohibition does not work. The way to gain cooperation from 'big business' that *does* want to 'spam' is to find ways to keep them hap

Re: semi-legit senders in DNSWL and habeas - a hard problem

On Tue, 5 Jan 2010, Michael Scheidell wrote: : > My suggestion: Setup a link/page that provides for rapid reporting by : > pasting an offending e-mail without a bunch of form-filling. Just use a : > captcha to avoid poisoning :) : > - C : or an industry standard, RFC REQUIRED abuse@ address. W

SA 3.3.0-rc1 SPF Question

A message passed through my server yesterday from an @allianzlife.com address with the following Received header: Received: from allianzlife.com (securemail.allianzlife.com [204.52.250.91] (may be forged)) While investigating other issues with the message, I noted that (unless my coffee ha

Speaking of reporting whitelist abusers

How in hell does one report such an abuser of the hostkarma whitelist? With no method of reporting I am simply turning off their score. "exprpt.[MUNGE]com" seems to be the culprit reporting themselves as "ConsumerInfo". It's a credit report scam. {^_^}

Re: Comparing the envelope-from/sender to the body from to prevent fake local users spams?

On 1/6/2010 6:47 AM, lstep wrote: Hello, I get spams that have an 'Envelope-From' (Sender, or equivalent attribute) different from the 'From' header contained in the mail. The spam sets the 'From' in the header to an (existing) internal user. If the spammer would have set the Envelope-From to

Re: Comparing the envelope-from/sender to the body from to prevent fake local users spams?

On 06/01/2010 11:47, lstep wrote: I get spams that have an 'Envelope-From' (Sender, or equivalent attribute) different from the 'From' header contained in the mail. The spam sets the 'From' in the header to an (existing) internal user. If the spammer would have set the Envelope-From to an inter

Comparing the envelope-from/sender to the body from to prevent fake local users spams?

Hello, I get spams that have an 'Envelope-From' (Sender, or equivalent attribute) different from the 'From' header contained in the mail. The spam sets the 'From' in the header to an (existing) internal user. If the spammer would have set the Envelope-From to an internal user as well, he would h

Re: [SPAM:9.6] Re: [SPAM:9.6] Re: semi-legit senders in DNSWL and habeas - a hard problem

On Wed, 06 Jan 2010 14:27:25 +0530 ram wrote: > On Wed, 2010-01-06 at 07:51 +, Christian Brel wrote: > > On Tue, 5 Jan 2010 14:18:54 -0800 > > "jdow" wrote: > > > > > From: "J.D. Falk" > > > Sent: Tuesday, 2010/January/05 12:43 > > > > > > > > > > On Jan 5, 2010, at 10:10 AM, Greg Troxel

Re: [SPAM:9.6] Re: semi-legit senders in DNSWL and habeas - a hard problem

On Wed, 2010-01-06 at 07:51 +, Christian Brel wrote: > On Tue, 5 Jan 2010 14:18:54 -0800 > "jdow" wrote: > > > From: "J.D. Falk" > > Sent: Tuesday, 2010/January/05 12:43 > > > > > > > On Jan 5, 2010, at 10:10 AM, Greg Troxel wrote: > > > > > >> Once again I went to returnpath and senders