On Tue, 09 Aug 2011 11:28:40 -0400, Dave Wreski wrote:
Aren't these the same rules that are already present in the
sanesecurity clamav db?
clamav is a virus scanner, not #1 spam scanner, malwarepatrol makes
sigs for both
Hello,
Currently one of our clients are getting spam that looks like it comes from
the sender itself. Spamassassin only occasionally catches it. I was trying
to write a rule just to catch the subject line, as it looks the same for all
of the current spam at least, but it seems to be ignored. I'm
W dniu 10.08.2011 12:00, akrohnke pisze:
Hello,
Currently one of our clients are getting spam that looks like it comes from
the sender itself. Spamassassin only occasionally catches it.
Hello!
It should be done at smtp level.
if (sender domain is my domain) and sender didn't authenticated
On 08/10/2011 12:08 PM, Marcin Mirosław wrote:
W dniu 10.08.2011 12:00, akrohnke pisze:
Hello,
Currently one of our clients are getting spam that looks like it
comes from
the sender itself. Spamassassin only occasionally catches it.
Hello!
It should be done at smtp level.
if (sender
On Wed, 10 Aug 2011 03:00:56 -0700 (PDT), akrohnke wrote:
Currently one of our clients are getting spam that looks like it
comes from
the sender itself. Spamassassin only occasionally catches it.
spf fail ?
header EXTRA_INCOME Subject =~ /extra inkomster/
header EXTRA_INCOME Subject =~
On 10/08/11 11:14, J4K wrote:
On 08/10/2011 12:08 PM, Marcin Mirosław wrote:
W dniu 10.08.2011 12:00, akrohnke pisze:
Hello,
Currently one of our clients are getting spam that looks like it
comes from
the sender itself. Spamassassin only occasionally catches it.
Hello!
It should be done at
On Wed, 10 Aug 2011 12:08:03 +0200, Marcin Mirosław wrote:
It should be done at smtp level.
if (sender domain is my domain) and sender didn't authenticated
then reject mail .
http://old.nabble.com/postfwd-stop-equal-sender-recipient-spams-td21164908.html
On Wed, 10 Aug 2011 12:14:28 +0200, J4K wrote:
.
How does this work on a server with 1,000 virtual domains on it?
like it would do for one domain ?, btw spf test in mta level will catch
this kind of spams if recipient is spf protected, if no spf see
On Tue, 9 Aug 2011 12:36:51 +0530, eprint email wrote:
Hi,
One of my customers has sent mail through Nokia mobile. SpamAssassin
has marked it as spam. When I examined the individual score
thanks for posting spam to this maillist, good that dnswl have sender
ip set hi to help on this problem
Benny Pedersen wrote:
On Wed, 10 Aug 2011 03:00:56 -0700 (PDT), akrohnke wrote:
Currently one of our clients are getting spam that looks like it
comes from
the sender itself. Spamassassin only occasionally catches it.
spf fail ?
header EXTRA_INCOME Subject =~ /extra inkomster/
On Wed, 10 Aug 2011, akrohnke wrote:
Currently one of our clients are getting spam that looks like it comes
from the sender itself.
Spamassassin 3.2.5
Are you able to upgrade? There are to==from rules in 3.3.
--
John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
so, what brain decided it would be ok to use 169.* addresses for their
internal ip's?
was it microsoft? (var says that ms uses these for their internal
clustering ip's for clustered exchange servers)
so, either ms is really being stupid, or the var has something set up wrong.
and.. guess
AFAIK, 169.254/16 is the autoconfiguration range for private networks
that don't have a DHCP server.
That said, I have seen people use it for other internal purposes and it
isn't usually an issue.
so, what brain decided it would be ok to use 169.* addresses for their
internal ip's?
was it
On Mit, 2011-08-10 at 10:26 -0400, Michael Scheidell wrote:
so, what brain decided it would be ok to use 169.* addresses for their
internal ip's?
IETF for link-local IPv4 addresses -
https://secure.wikimedia.org/wikipedia/en/wiki/Link-local_address
[]
and.. guess what, SA doesn't know
On 8/10/11 10:35 AM, Adam Moffett wrote:
AFAIK, 169.254/16 is the autoconfiguration range for private networks
that don't have a DHCP server.
That said, I have seen people use it for other internal purposes and
it isn't usually an issue.
I am moving more to assume ms are idiots. this seems
Hello and sorry for my english.
I had installed mailscanner (last version) + clamav + postfix + spamassassin
+ mailwatch
I have just a problem with spamassassin 3.3.1 on Ubuntu 11.04 !
Email are scan by spamassassin but always with low score so more of spam are
not detected.
For example, more
back in (January), we discussed two things
http://mail-archives.apache.org/mod_mbox/spamassassin-users/201101.mbox/%3c4d401a96.4000...@secnap.com%3E
#1, having a change in the description of these auto whitelisted spammers,
#2, return path cleaning out their spammers.
got this spam from linked
http://wiki.apache.org/spamassassin/IncreaseAccuracy
(I haven't linked that page from anywhere yet.)
On 08/10, ercibrest wrote:
Hello and sorry for my english.
I had installed mailscanner (last version) + clamav + postfix + spamassassin
+ mailwatch
I have just a problem with
I'm running spamassassin.i386 version 3.3.1-3.el4.rf on centos 4.8 (raq4
server) and I can't get SA to log to syslog. I understand the SA log
defaults to mail but my mail log doesn't show any SA activity. I've got
loadplugin Mail::SpamAssassin::Logger::Syslog in a .pre file. But if I do:#
spamd
On Wed, 10 Aug 2011 05:13:12 -0700 (PDT), akrohnke wrote:
I installed `perl-Mail-SPF`, that should make SA check the SPF record
and
add points if necessary, correct? Doesn't seem to have any effect,
they
still slip through. Also looked for a `smf-spf` RPM for CentOS to no
avail.
On Wed, 10 Aug 2011 06:19:01 -0700 (PDT), John Hardin wrote:
Are you able to upgrade? There are to==from rules in 3.3.
i have my own from.pm plugin that checks most on this issue, just liked
to use maillist.pm before release it, need help on this :(
and could one put in sandbox for me ?
On Wed, 10 Aug 2011 14:44:38 -0400, Michael Scheidell wrote:
it is NOT on their web site:
google site:returnpath.net report+spam
(something about hitting the 'report spam' button) which linked in
does NOT have in their spam.
cat /etc/postfix/sender_envelope_blacklist_domains
linkedin.com
am 11.08.11 00:15 schrieb Benny Pedersen m...@junc.org:
On Wed, 10 Aug 2011 14:44:38 -0400, Michael Scheidell wrote:
it is NOT on their web site:
google site:returnpath.net report+spam
(something about hitting the 'report spam' button) which linked in
does NOT have in their spam.
cat
On Thu, 11 Aug 2011 00:23:38 +0200, Jim Knuth wrote:
cat /etc/postfix/sender_envelope_blacklist_domains
linkedin.com REJECT
.linkedin.com REJECT
the dot is not necessary
only linkedin.com REJECT - nothing more ;)
so accept bounce.linkedin.com ?
am 11.08.11 00:31 schrieb Benny Pedersen m...@junc.org:
On Thu, 11 Aug 2011 00:23:38 +0200, Jim Knuth wrote:
cat /etc/postfix/sender_envelope_blacklist_domains
linkedin.com REJECT
.linkedin.com REJECT
the dot is not necessary
only linkedin.com REJECT - nothing more ;)
so accept
On Wed, 10 Aug 2011, Benny Pedersen wrote:
and could one put in sandbox for me ?
meta SPF_NICE_PASS (SPF_HELO_PASS SPF_PASS)
meta SPF_RANDOM_SENDER (SPF_HELO_PASS !SPF_PASS)
both are fine for me :-)
Will do, as subrules.
--
John Hardin KA7OHZ
On Wed, 10 Aug 2011 17:53:35 -0700 (PDT), John Hardin wrote:
meta SPF_NICE_PASS (SPF_HELO_PASS SPF_PASS)
meta SPF_RANDOM_SENDER (SPF_HELO_PASS !SPF_PASS)
Will do, as subrules.
tflags nopublish
?
i liked to test scores in sandbox, not make it live
On Thu, 11 Aug 2011, Benny Pedersen wrote:
On Wed, 10 Aug 2011 17:53:35 -0700 (PDT), John Hardin wrote:
meta SPF_NICE_PASS (SPF_HELO_PASS SPF_PASS)
meta SPF_RANDOM_SENDER (SPF_HELO_PASS !SPF_PASS)
Will do, as subrules.
tflags nopublish
Metas are cheap, and subrules don't
On Wed, 10 Aug 2011, Benny Pedersen wrote:
meta SPF_NICE_PASS (SPF_HELO_PASS SPF_PASS)
Already in as __SPF_FULL_PASS
--
John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4
On Wed, 10 Aug 2011 20:28:27 -0700 (PDT), John Hardin wrote:
On Thu, 11 Aug 2011, Benny Pedersen wrote:
On Wed, 10 Aug 2011 17:53:35 -0700 (PDT), John Hardin wrote:
meta SPF_NICE_PASS (SPF_HELO_PASS SPF_PASS)
meta SPF_RANDOM_SENDER (SPF_HELO_PASS !SPF_PASS)
Will do, as subrules.
On Wed, 10 Aug 2011 20:34:09 -0700 (PDT), John Hardin wrote:
On Wed, 10 Aug 2011, Benny Pedersen wrote:
meta SPF_NICE_PASS (SPF_HELO_PASS SPF_PASS)
Already in as __SPF_FULL_PASS
super, will use it so
31 matches
Mail list logo