On Tue, Feb 16, 2010 at 03:36:53PM -0500, dar...@chaosreigns.com wrote:
> On 02/16, Kris Deugau wrote:
> > Marc Perkel wrote:
> >> ... Since your idea also
> >> requires blacklists to counter this effect then I'm still not sure what
> >> this adds.
> >
> > *nod* This is the biggest question I st
I'd like to thank everybody for all the ideas spreaded around... This
will give me good clues, differents axis of reflexion, and arguments for
makers.
Regards
Le mercredi 17 février 2010 à 01:52 +, Martin Gregorie a écrit :
> On Tue, 2010-02-16 at 14:10 -1000, Alexandre Chapellon wrote:
> > Le mardi 16 février 2010 à 23:54 +, Martin Gregorie a écrit :
> > > Where's the problem? You'll need to write some code to interpret SA's
> > > spam markers
Le mercredi 17 février 2010 à 02:07 +0100, Mark Martinec a écrit :
> > > Look at grey-listing as well. It should be useful if it can distinguish
> > > between the user's MUA (or private MTA) and a bot.
>
> MUAs generally don't cope well with greylisting, as they lack good
> mechanisms for automat
Le mercredi 17 février 2010 à 01:38 +0100, Karsten Bräckelmann a écrit :
> On Tue, 2010-02-16 at 13:43 -1000, Alexandre Chapellon wrote:
> > Le mardi 16 février 2010 à 23:07 +0100, Karsten Bräckelmann a écrit :
>
> > > Hmm, wait. Are you saying the bots are using your infrastructure, rather
> >
On Tue, 2010-02-16 at 14:10 -1000, Alexandre Chapellon wrote:
> Le mardi 16 février 2010 à 23:54 +, Martin Gregorie a écrit :
> > Where's the problem? You'll need to write some code to interpret SA's
> > spam markers anyway, so it can easily add a log message to maillog. Then
> > its trivial t
On Wed, 17 Feb 2010, RW wrote:
> On Wed, 17 Feb 2010 00:01:47 +
> Tom wrote:
>
> > Hi SA peeps,
> >
> > I noticed that I was triggering
> > "RCVD_IN_PBL,RCVD_IN_SORBS_DUL,RDNS_DYNAMIC" when sending mail through
> > my own spamassassin, which is spamassassin-3.2.5-2 from the fc10 repo,
> > con
Mark Martinec wrote:
Look at grey-listing as well. It should be useful if it can distinguish
between the user's MUA (or private MTA) and a bot.
MUAs generally don't cope well with greylisting, as they lack good
mechanisms for automatic retries - so I'm not sure that's a good advice.
greylist
On Wed, 2010-02-17 at 02:07 +0100, Mark Martinec wrote:
> > > Look at grey-listing as well. It should be useful if it can distinguish
> > > between the user's MUA (or private MTA) and a bot.
>
> MUAs generally don't cope well with greylisting, as they lack good
> mechanisms for automatic retries -
At 13:49 16-02-10, Alexandre Chapellon wrote:
Mostly not but thoose who are doing so make my mail servers being
blacklisted from time to times.
(And I don't really care about dyn IP adresses being on blacklists... for now)
Your subnet will probably be blacklisted. As this is not the right
ve
On 17/02/10 00:35, RW wrote:
> > It doesn't know it's internal because you haven't set your internal
> > network to include your
> > own IP address. Generally local mail shouldn't go through SA so
> > that's not an issue.
> >
>
Hi,
Thanks for that reply.
What exactly do you mean by "set y
> For improved robustness of a pre-queue setup look for Postfix 2.7.0
> with its "smtpd_proxy_options=speed_adjust" feature
Btw, the Postfix 2.7.0 also brings a feature which may be valuable
to you: an outgoing MTA can have multiple IP addresses on its interface,
and you can choose from which IP a
> > Look at grey-listing as well. It should be useful if it can distinguish
> > between the user's MUA (or private MTA) and a bot.
MUAs generally don't cope well with greylisting, as they lack good
mechanisms for automatic retries - so I'm not sure that's a good advice.
> > Why on earth not? You
On Wed, 2010-02-17 at 00:35 +, RW wrote:
> On Wed, 17 Feb 2010 00:01:47 + Tom wrote:
> > I noticed that I was triggering
> > "RCVD_IN_PBL,RCVD_IN_SORBS_DUL,RDNS_DYNAMIC" when sending mail through
> > my own spamassassin, which is spamassassin-3.2.5-2 from the fc10 repo,
> > configured via
On Wednesday February 17 2010 00:43:04 Alexandre Chapellon wrote:
> I'd like to re-focused to my initial questions: "does SA on outgoing
> smtp needs specific tweaks? Is it a good idea and does any body already
> set it up?"
SA already has some awareness of mail flow direction (inbound vs.
outboun
On Tue, 2010-02-16 at 13:43 -1000, Alexandre Chapellon wrote:
> Le mardi 16 février 2010 à 23:07 +0100, Karsten Bräckelmann a écrit :
> > Hmm, wait. Are you saying the bots are using your infrastructure, rather
> > than the most common direct to MX? Or are you saying your customers are
> > active
On Wed, 17 Feb 2010 00:01:47 +
Tom wrote:
>
> Hi SA peeps,
>
> I noticed that I was triggering
> "RCVD_IN_PBL,RCVD_IN_SORBS_DUL,RDNS_DYNAMIC" when sending mail through
> my own spamassassin, which is spamassassin-3.2.5-2 from the fc10 repo,
> configured via mimedefang and sendmail-milter.
>
On Tue, 2010-02-16 at 15:22 -0800, tonjg wrote:
> I've got a feeling that the spamassassin on my machine is improving in the
> way it recognises spam but I'd like to be sure it's not just my imagination.
> I did my first manual bayes learn about 2 weeks ago using 200 spams and 200
> hams, the proce
On Wed, 17 Feb 2010 00:29:38 +0100
Mikael Syska wrote:
> newsest atime should tell you when it last learned from a message.
Token atimes get updated when you scan a mail.
Watching nham, nspam counts is more meaningful.
Le mardi 16 février 2010 à 23:54 +, Martin Gregorie a écrit :
> On Tue, 2010-02-16 at 11:38 -1000, Alexandre Chapellon wrote:
> > Le mardi 16 février 2010 à 20:29 +, Martin Gregorie a écrit :
> > > On Tue, 2010-02-16 at 08:44 -1000, Alexandre Chapellon wrote:
> > > > Hello the list,
> > >
Hi SA peeps,
I noticed that I was triggering
"RCVD_IN_PBL,RCVD_IN_SORBS_DUL,RDNS_DYNAMIC" when sending mail through
my own spamassassin, which is spamassassin-3.2.5-2 from the fc10 repo,
configured via mimedefang and sendmail-milter.
I decided to try sending through my ISP's smtp server instead,
On Tue, 2010-02-16 at 11:38 -1000, Alexandre Chapellon wrote:
> Le mardi 16 février 2010 à 20:29 +, Martin Gregorie a écrit :
> > On Tue, 2010-02-16 at 08:44 -1000, Alexandre Chapellon wrote:
> > > Hello the list,
> > >
> > > I have a quite buggy customer network, full of zombie PCs that spen
Le mardi 16 février 2010 à 23:07 +0100, Karsten Bräckelmann a écrit :
> On Tue, 2010-02-16 at 11:49 -1000, Alexandre Chapellon wrote:
> > > >I have a quite buggy customer network, full of zombie PCs that
> > > >spends all days sending spam and wasting the whole "reputation" of my
> > > >networks
Hi,
[r...@freebsd ]# sa-learn --dump magic
0.000 0 3 0 non-token data: bayes db version
0.000 0 0 0 non-token data: nspam
0.000 0 22 0 non-token data: nham
0.000 0793 0 non-token data: nto
I've got a feeling that the spamassassin on my machine is improving in the
way it recognises spam but I'd like to be sure it's not just my imagination.
I did my first manual bayes learn about 2 weeks ago using 200 spams and 200
hams, the process appeared to go properly. I read that autolearn is en
On Tue, 2010-02-16 at 11:49 -1000, Alexandre Chapellon wrote:
> > >I have a quite buggy customer network, full of zombie PCs that
> > >spends all days sending spam and wasting the whole "reputation" of my
> > >networks.
> >
> > Do they send these messages through your mail server?
>
> Mostly no
Alexandre Chapellon wrote:
Le mardi 16 février 2010 à 12:46 -0800, SM a écrit :
Hi Alexandre,
At 10:44 16-02-10, Alexandre Chapellon wrote:
I have a quite buggy customer network, full of zombie PCs that
spends all days sending spam and wasting the whole "reputation" of my networks.
Do they se
It is standard practice in the ISP industry to block outgoing port
25 nowadays on dynamically assigned addresses.
This is not a barrier to your customers using another mailserver
(google, gmail, etc.) because all of those businesses support
Auth-SMTP on the submission port 587. In fact, nowadays
On Tue, 2010-02-16 at 11:38 -1000, Alexandre Chapellon wrote:
> Le mardi 16 février 2010 à 20:29 +, Martin Gregorie a écrit :
> > > I have a quite buggy customer network, full of zombie PCs that spends
> > > all days sending spam and wasting the whole "reputation" of my
> > > networks.
> >
>
Alexandre Chapellon wrote:
> Le mardi 16 février 2010 à 20:29 +, Martin Gregorie a écrit :
>> Obvious choices for (4), in order of hitting the infected user with a
>> successively bigger clue stick, are:
>>
>> - silently discard the spam,
>> but you'll also throw away false positives.
>>
Le mardi 16 février 2010 à 12:46 -0800, SM a écrit :
> Hi Alexandre,
> At 10:44 16-02-10, Alexandre Chapellon wrote:
> >I have a quite buggy customer network, full of zombie PCs that
> >spends all days sending spam and wasting the whole "reputation" of my
> >networks.
>
> Do they send these mes
I am an ISP with over 5 users (wich is not that big for an isp)
permannently connected.
I can hardly imagine to manage the poilicies of all my customer, and I
know they would really don't like it.
What if your ISP told you what you got to do, where to go and to forget
about your buggy OS your u
Le mardi 16 février 2010 à 20:29 +, Martin Gregorie a écrit :
> On Tue, 2010-02-16 at 08:44 -1000, Alexandre Chapellon wrote:
> > Hello the list,
> >
> > I have a quite buggy customer network, full of zombie PCs that spends
> > all days sending spam and wasting the whole "reputation" of my
>
Hi Alexandre,
At 10:44 16-02-10, Alexandre Chapellon wrote:
I have a quite buggy customer network, full of zombie PCs that
spends all days sending spam and wasting the whole "reputation" of my networks.
Do they send these messages through your mail server?
As a result it sometimes become quite
I know your not going to want to hear this because your looking
for a quick fix, but nothing substitutes for good network design.
Your buggy customer network should enforce the following:
Direct SMTP transmission (port 25) is filtered so that only
machines designated as mailservers are allowed
Am 16.02.10 21:23, schrieb Kris Deugau:
> *nod* This is the biggest question I still see remaining; who
> maintains the blacklist? How many spams can come from an "MTX-approved"
> IP before it can/should be blacklisted?
It does not necessarily or exclusively need to be a manually maintained
b
On 02/16, Kris Deugau wrote:
> Marc Perkel wrote:
>> ... Since your idea also
>> requires blacklists to counter this effect then I'm still not sure what
>> this adds.
>
> *nod* This is the biggest question I still see remaining; who
> maintains the blacklist? How many spams can come from an
On 02/16, Marc Perkel wrote:
> I'm still waiting for RDNS to be widely adopted enough to penalize for
> that. There is a lot of good email that comes from misconfigured
> servers. If we can't get the world to do good RDNS I don't think we can
> get the world to do some other more complex sche
On Tue, 16 Feb 2010, Kris Deugau wrote:
*nod* This is the biggest question I still see remaining; who maintains the
blacklist? How many spams can come from an "MTX-approved" IP before it
can/should be blacklisted?
Why do we need any new/special blacklist at all? If the spamming from a
give
On Tue, 2010-02-16 at 08:44 -1000, Alexandre Chapellon wrote:
> Hello the list,
>
> I have a quite buggy customer network, full of zombie PCs that spends
> all days sending spam and wasting the whole "reputation" of my
> networks.
>
1) Are you already using separate inbound and outbound mail serve
Marc Perkel wrote:
... Since your idea also
requires blacklists to counter this effect then I'm still not sure what
this adds.
*nod* This is the biggest question I still see remaining; who
maintains the blacklist? How many spams can come from an "MTX-approved"
IP before it can/should be
At 02:56 15-02-10, Per Jessen wrote:
I went to google "mtamark", and came across a few discussions on mailing
lists (e.g. at www.sage.org) as well as an article in iX (German IT
magazine) in 2005. The proposal was certainly discussed quite a bit,
but it's not very clear what then happened. I al
Slightly OT. To get 'control' of what my MX does at SMTP time I installed
a simple SMTP daemon called 'Mail Avenger', which acts as a front end to
my spamassassin and postfix. It's scripting capabilties allow for such
interesting things as tracking the volume of mail sent by any one IP over
a
Hello the list,
I have a quite buggy customer network, full of zombie PCs that spends
all days sending spam and wasting the whole "reputation" of my networks.
As a result it sometimes become quite hard to delivers queues for
specific domains such as Yahoo!'s hosted ones. Indeed they have some
temp
> > I'd appreciate a pointer how should spamassassin -r be made more verbose,
> > so that it'd report also messages with priority "info", but not "dbg"...
>
> spamassassin --debug area=noall -r
Kārlis,
> I'd appreciate a pointer how should spamassassin -r be made more verbose,
> so that it'd report also messages with priority "info", but not "dbg"...
spamassassin --debug area=noall -r
People,
I'd appreciate a pointer how should spamassassin -r be made more verbose, so
that it'd report also messages with priority "info", but not "dbg"...
signature.asc
Description: This is a digitally signed message part.
dar...@chaosreigns.com wrote:
In my initial posts I did focus too much on my hope that MTX will
eventually be sufficiently widely adopted that such mail *can* safely be
penalized. I also apologized for that communication failure on my part.
I'm still waiting for RDNS to be widely adopte
I'm looking over your MTX site and like SPF I don't understand how it
stops spam. Thanks for at least addressing in part the email forwarding
issue.
In order to be a white list you have to do something spammers can't do.
I don't see what prevents spammers from creating good MTX records like
t
Daniel Lemke wrote on Tue, 16 Feb 2010 15:05:46 +0100:
> does anybody know how to send a SIGHUP signal to spamd under win32?
> I already tried taskkill /IM (regarding to
> http://thehoneymonster.net/2009/08/kill-and-killall-for-windows
> equivalent to the unix SIGHUP) but the process didn't respo
On 02/16, Charles Gregory wrote:
> You got it. Exactly. And that's why I gave up on MTX. Because the author
> was insisting that exactly that should happen.
I have never recommended that the majority of people penalize email just
because it doesn't get an MTX Pass, before wide spread adoption.
Hi,
does anybody know how to send a SIGHUP signal to spamd under win32?
I already tried taskkill /IM (regarding to
http://thehoneymonster.net/2009/08/kill-and-killall-for-windows/ equivalent to
the unix SIGHUP) but the process didn't respond.
taskkill /IM spamd /F kills the process but doesn't ge
52 matches
Mail list logo