Am 22.03.2012 07:51, schrieb Per-Erik Persson:
> Since we are on the subject of adding "magic links" to email header to
> make it easier for nontech staff to report spam.
> I don't understand how to extract the tokinzed data needed to represent
> the specific email.
> Have I missed some plugin that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I would be careful about giving points to a non spf enabled site.
My experience is that phishingattempts usually comes from stolen
legitimate accounts on sites with spf enabled.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment
Robert Schetterer wrote:
> Am 21.03.2012 09:09, schrieb Per Jessen:
>> Has anyone else noticed this stream of new spamvertized domains :
>>
>> http://files.jessen.ch/list-of-new-domains
>>
>> Typically accompanied by messages/subject lines such as:
>>
>> You should check your status update and
Robert Schetterer wrote:
>>
>
> however , i have a ham/spam transport learn mail address,
> nearly null users forwards something to it, no wonder
> the false positve rate is nearly null
>
> in fact , there are systems with webmail guis for classify
> spam i.e aol, reality shows users dont use it
Am 22.03.2012 08:23, schrieb Per Jessen:
> Robert Schetterer wrote:
>
>> Am 21.03.2012 09:09, schrieb Per Jessen:
>>> Has anyone else noticed this stream of new spamvertized domains :
>>>
>>> http://files.jessen.ch/list-of-new-domains
>>>
>>> Typically accompanied by messages/subject lines such as
On 03/22/2012 07:59 AM, Robert Schetterer wrote:
> Am 22.03.2012 07:51, schrieb Per-Erik Persson:
>> Since we are on the subject of adding "magic links" to email header to
>> make it easier for nontech staff to report spam.
>> I don't understand how to extract the tokinzed data needed to represent
Am 22.03.2012 09:15, schrieb xTrade Assessory:
> Robert Schetterer wrote:
>>>
>>
>> however , i have a ham/spam transport learn mail address,
>> nearly null users forwards something to it, no wonder
>> the false positve rate is nearly null
>>
>> in fact , there are systems with webmail guis for cla
Robert Schetterer wrote:
> spam often is very recipient related
> i.e my beloved spambot armee relocated from china/us now to india/brasil
> during last year , looks like thats trendy
regarding BR
we get most from afrinic 41.0 and pakistan 182.177, and of course our
own adsl blocks
if you like
Am 22.03.2012 09:43, schrieb xTrade Assessory:
> Robert Schetterer wrote:
>> spam often is very recipient related
>> i.e my beloved spambot armee relocated from china/us now to india/brasil
>> during last year , looks like thats trendy
>
>
> regarding BR
>
> we get most from afrinic 41.0 and pak
Robert Schetterer wrote:
> Am 22.03.2012 08:23, schrieb Per Jessen:
>> Robert Schetterer wrote:
>>
>>> Am 21.03.2012 09:09, schrieb Per Jessen:
Has anyone else noticed this stream of new spamvertized domains :
http://files.jessen.ch/list-of-new-domains
Typically accompani
Am 22.03.2012 10:19, schrieb Per Jessen:
> Robert Schetterer wrote:
>
>> Am 22.03.2012 08:23, schrieb Per Jessen:
>>> Robert Schetterer wrote:
>>>
Am 21.03.2012 09:09, schrieb Per Jessen:
> Has anyone else noticed this stream of new spamvertized domains :
>
> http://files.jessen.c
The Domain in the From in the envelope, ameriton.com, doesn't publish an SPF
Record:
On 21.03.12 23:00, Piotr Kloc wrote:
I know that and I wanted to add some more score when there is no SPF record
its possible to do this with Spamassassin ?
the SPF can only give results (as FAIL, PASS, SOFT
Robert Schetterer wrote:
> one more indicate for a bright planned campaign
> what are they try to push...?
I guess that is easy and simple ... the more the merrier
they are smart but we got smarter too and now it is getting harder and
harder for "them" so they switch identification as fast as po
On 03/22/2012 10:19 AM, Per Jessen wrote:
Robert Schetterer wrote:
Am 22.03.2012 08:23, schrieb Per Jessen:
Robert Schetterer wrote:
Am 21.03.2012 09:09, schrieb Per Jessen:
Has anyone else noticed this stream of new spamvertized domains :
http://files.jessen.ch/list-of-new-domains
Typica
Am 22.03.2012 10:30, schrieb xTrade Assessory:
> Robert Schetterer wrote:
>> one more indicate for a bright planned campaign
>> what are they try to push...?
>
>
> I guess that is easy and simple ... the more the merrier
>
> they are smart but we got smarter too and now it is getting harder and
Am 22.03.2012 10:33, schrieb Axb:
> On 03/22/2012 10:19 AM, Per Jessen wrote:
>> Robert Schetterer wrote:
>>
>>> Am 22.03.2012 08:23, schrieb Per Jessen:
Robert Schetterer wrote:
> Am 21.03.2012 09:09, schrieb Per Jessen:
>> Has anyone else noticed this stream of new spamvertized
Am 22.03.2012 10:40, schrieb Robert Schetterer:
> Am 22.03.2012 10:33, schrieb Axb:
>> On 03/22/2012 10:19 AM, Per Jessen wrote:
>>> Robert Schetterer wrote:
>>>
Am 22.03.2012 08:23, schrieb Per Jessen:
> Robert Schetterer wrote:
>
>> Am 21.03.2012 09:09, schrieb Per Jessen:
>>
On Thu, 22 Mar 2012 07:51:07 +0100
Per-Erik Persson wrote:
> Since we are on the subject of adding "magic links" to email header to
> make it easier for nontech staff to report spam.
> I don't understand how to extract the tokinzed data needed to
> represent the specific email.
We have an entire
On Thu, 2012-03-22 at 10:26 +0100, Matus UHLAR - fantomas wrote:
> >> The Domain in the From in the envelope, ameriton.com, doesn't publish an
> >> SPF Record:
>
> On 21.03.12 23:00, Piotr Kloc wrote:
> >I know that and I wanted to add some more score when there is no SPF record
> >its possible t
I committed score 0. I posted score 1 for the example requested.
Regards,
KAM
Michael Scheidell wrote:
>> I'm going to add this to the default rules with a score 0 so you can
>> then just give it a score you want.
>> header SPF_NONEeval:check_for_spf_none()
>> describeSPF
On Thu, 22 Mar 2012 11:19:04 +
Martin Gregorie wrote:
> The only sensible use of SPF is to prevent backscatter.
Agreed.
> This seems to work well now that most domains are running SPF-aware
> MTAs.
Disagreed. I don't believe SPF has cut backscatter down by
more than a few percentage point
Martin Gregorie wrote:
> On Thu, 2012-03-22 at 10:26 +0100, Matus UHLAR - fantomas wrote:
The Domain in the From in the envelope, ameriton.com, doesn't publish an
SPF Record:
>>
>> On 21.03.12 23:00, Piotr Kloc wrote:
>>> I know that and I wanted to add some more score when there is no S
"David F. Skoll" wrote:
>On Thu, 22 Mar 2012 11:19:04 +
>Martin Gregorie wrote:
>
>> The only sensible use of SPF is to prevent backscatter.
>
>Agreed.
For the record, I am not promoting spf_none. I am simply answering questions
and letting the admin make the choice.
>There is such an
Yes and no. What you have missed is that David F Skoll is a key author of
MIMEDefang. They also publish a great COTS solution for email filtering called
CanIT. So his plugin is part of the commercial product.
However, his idea is very elegant on tokens is an elegant idea. To extract
them, I pla
On Wed, 21 Mar 2012 12:02:24 -0400
Kevin A. McGrail wrote:
>
> On 3/21/2012 11:42 AM, Adrian Gruntkowski wrote:
> > Hello,
> >
> > I'm having problems with bayes database. When I issue "spamassassin
> > --lint -D", I see a following phrase: "bayes: not available for
> > scanning, only 0 spam(s) i
Axb wrote:
> On 03/22/2012 10:19 AM, Per Jessen wrote:
>> Robert Schetterer wrote:
>>
>>> Am 22.03.2012 08:23, schrieb Per Jessen:
Robert Schetterer wrote:
> Am 21.03.2012 09:09, schrieb Per Jessen:
>> Has anyone else noticed this stream of new spamvertized domains :
>>
>
On Thu, 2012-03-22 at 07:45 -0400, David F. Skoll wrote:
> Disagreed. I don't believe SPF has cut backscatter down by
> more than a few percentage points.
>
YMMV of course, but it worked for me: when I put up an SPF record
backscatter, which had been a problem at the time, was dramatically
reduce
On Thu, 22 Mar 2012 13:55:50 +
Martin Gregorie wrote:
> > Disagreed. I don't believe SPF has cut backscatter down by
> > more than a few percentage points.
> YMMV of course, but it worked for me: when I put up an SPF record
> backscatter, which had been a problem at the time, was dramatical
On 3/22/12 10:05 AM, David F. Skoll wrote:
On Thu, 22 Mar 2012 13:55:50 +
Martin Gregorie wrote:
Disagreed. I don't believe SPF has cut backscatter down by
more than a few percentage points.
YMMV of course, but it worked for me: when I put up an SPF record
backscatter, which had been a p
On Thu, 22 Mar 2012 07:59:39 -0400
Kevin A. McGrail wrote:
> Yes and no. What you have missed is that David F Skoll is a key
> author of MIMEDefang. They also publish a great COTS solution for
> email filtering called CanIT. So his plugin is part of the commercial
> product.
AFAIK his Bayes uses
On Thu, 22 Mar 2012 10:09:22 -0400
Michael Scheidell wrote:
> like ip/dns that is not 'round trip' consistent :-)
> host colo3.roaringpenguin.com
> colo3.roaringpenguin.com has address 70.38.112.54
> host 70.38.112.54
> 54.112.38.70.in-addr.arpa domain name pointer roaringpenguin.com
There's
Before anyone rushes ahead and puts any time or money into this. I
think it's worth establishing whether it makes any significant
difference.
It solves several real world problems that I'm aware of but I agree it's
not going to hold up 3.4.0 or be a top priority for me.
regards,
KAM
On 3/22/2012 4:19 AM, Martin Gregorie wrote:
The only sensible use of SPF is to prevent backscatter. This seems to
work well now that most domains are running SPF-aware MTAs. I don't
use SPF for spam detection and can't see any benefit from doing so.
Martin
What site competent enough to use
Hello there,
i wanted to try some rules but it seems like my spamassassin is ignoring
my score rules.
so i wanted to test it from command line using this tool
http://wiki.apache.org/spamassassin/DumpTextPlugin
but every time i'm running the command as described in the web site i'm
getting erro
On 3/22/12 7:15 PM, Eliezer Croitoru wrote:
Hello there,
i wanted to try some rules but it seems like my spamassassin is
ignoring my score rules.
so i wanted to test it from command line using this tool
http://wiki.apache.org/spamassassin/DumpTextPlugin
but every time i'm running the command a
On 23/03/2012 01:40, Michael Scheidell wrote:
On 3/22/12 7:15 PM, Eliezer Croitoru wrote:
Hello there,
i wanted to try some rules but it seems like my spamassassin is
ignoring my score rules.
so i wanted to test it from command line using this tool
http://wiki.apache.org/spamassassin/DumpTextPl
Den 2012-03-22 15:05, David F. Skoll skrev:
Hmm... OK. I may have been hasty. Assuming that the large providers
like Google, Hotmail, and Yahoo reject SPF-failing mail during the
SMTP
transaction, I can see it making a measurable difference.
are you saying yahoo using spf test, but not pro
On Thu, 2012-03-22 at 13:55 +, Martin Gregorie wrote:
> YMMV of course, but it worked for me: when I put up an SPF record
> backscatter, which had been a problem at the time, was dramatically
> reduced.
>
> Now I don't see any backscatter except for the occasional 'mailbox full'
> or 'out o
38 matches
Mail list logo
