Anyone else seeing an unusually high hit count today for URIBL_RHS_DOB?
Looks like every query is returning 127.0.0.2.?
Am 06.10.2014 um 13:55 schrieb David Jones:
Anyone else seeing an unusually high hit count today for URIBL_RHS_DOB?
Looks like every query is returning 127.0.0.2.
yes - completly disabled the rule in local.cf
signature.asc
Description: OpenPGP digital signature
On 10/6/2014 7:56 AM, Reindl Harald wrote:
Am 06.10.2014 um 13:55 schrieb David Jones:
Anyone else seeing an unusually high hit count today for URIBL_RHS_DOB?
Looks like every query is returning 127.0.0.2.
yes - completly disabled the rule in local.cf
Concur that we are seeing something
On 10/06/2014 02:04 PM, Kevin A. McGrail wrote:
On 10/6/2014 7:56 AM, Reindl Harald wrote:
Am 06.10.2014 um 13:55 schrieb David Jones:
Anyone else seeing an unusually high hit count today for URIBL_RHS_DOB?
Looks like every query is returning 127.0.0.2.
yes - completly disabled the rule in
I have been seeing some issues with bayes detection from base64 strings
within attachments causing false positives.
Example:
Oct 6 09:02:14.374 [15869] dbg: bayes: token 'H4f' = 0.71186828264
Oct 6 09:02:14.374 [15869] dbg: bayes: token 'wx2' = 0.68644662127
Oct 6 09:02:14.374 [15869]
On October 6, 2014 3:03:30 PM jdime abuse jdimeab...@gmail.com wrote:
I have been seeing some issues with bayes detection from base64 strings
within attachments causing false positives.
Train more data then, bayes needs more data to prevent it
Example:
Oct 6 09:02:14.374 [15869] dbg:
Hi,
Postfix header_checks:
/^Received\-SPF/ IGNORE
/^X\-Antispam/ IGNORE
/^X\-Antivirus/ IGNORE
...
Can you explain how this helps someone using postfix?
Thanks,
Alex
Am 06.10.2014 um 16:03 schrieb Alex:
Postfix header_checks:
/^Received\-SPF/ IGNORE
/^X\-Antispam/ IGNORE
/^X\-Antivirus/ IGNORE
...
Can you explain how this helps someone using postfix?
headers from outside are meaningless and untrustable
i don't to
On October 6, 2014 4:03:11 PM Alex mysqlstud...@gmail.com wrote:
Postfix header_checks:
/^Received\-SPF/ IGNORE
/^X\-Antispam/ IGNORE
/^X\-Antivirus/ IGNORE
Can you explain how this helps someone using postfix?
It helps nothing in postfix, but it
On 10/4/2014 4:38 PM, Yasir Assam wrote:
Thanks Reindl.
I haven't investigated ipv6 properly, but looking at my Hosting
provider's wiki and a few of my config files, it seems ipv6 is available
(I have been assigned an ipv6 subnet). I have something like this:
On 10/06/2014 01:55 PM, David Jones wrote:
Anyone else seeing an unusually high hit count today for URIBL_RHS_DOB?
Looks like every query is returning 127.0.0.2.?
According to my last check, Rick has fixed the issue.
host yahoo.com.dob.sibl.support-intelligence.net
Host
Hi,
Postfix header_checks:
/^Received\-SPF/ IGNORE
/^X\-Antispam/ IGNORE
/^X\-Antivirus/ IGNORE
Can you explain how this helps someone using postfix?
It helps nothing in postfix, but it might help on content filters, carefull
not removeing
Am 06.10.2014 um 18:04 schrieb Alex:
Postfix header_checks:
/^Received\-SPF/ IGNORE
/^X\-Antispam/ IGNORE
/^X\-Antivirus/ IGNORE
Can you explain how this helps someone using postfix?
It helps nothing in postfix, but it might help on content
Hello, has anyone else experienced an HUGE uptick in the number of
rejected legitimate emails following an sa-update run over this past
weekend (possibly yesterday, Oct 5)? It looks like something caused our
once-adequate-and-happy required_hits value of 7.0 to be way too
restrictive suddenly
On 10/6/2014 12:39 PM, Eric Cunningham wrote:
Hello, has anyone else experienced an HUGE uptick in the number of
rejected legitimate emails following an sa-update run over this past
weekend (possibly yesterday, Oct 5)? It looks like something caused
our once-adequate-and-happy required_hits
On 10/06/2014 12:51 PM, Kevin A. McGrail wrote:
On 10/6/2014 12:39 PM, Eric Cunningham wrote:
Hello, has anyone else experienced an HUGE uptick in the number of
rejected legitimate emails following an sa-update run over this past
weekend (possibly yesterday, Oct 5)? It looks like something
On 10/06/2014 01:55 PM, David Jones wrote:
Anyone else seeing an unusually high hit count today for URIBL_RHS_DOB?
Looks like every query is returning 127.0.0.2.?
According to my last check, Rick has fixed the issue.
host yahoo.com.dob.sibl.support-intelligence.net
Host
On 10/6/2014 1:00 PM, Eric Cunningham wrote:
No, I did not see anything about an RHS_URIBL_DOB issue. Could you,
as you say, offer some data points on this?
http://spamassassin.1065346.n5.nabble.com/URIBL-RHS-DOB-high-hits-td112138.html
And being discussed on users list right now...
Regards,
On 10/06/2014 07:01 PM, David Jones wrote:
Anyone else seeing an unusually high hit count today for URIBL_RHS_DOB?
host google.com.dob.sibl.support-intelligence.net
Host google.com.dob.sibl.support-intelligence.net not found: 3(NXDOMAIN)
web tools sigh
On October 6, 2014 6:04:54 PM Alex mysqlstud...@gmail.com wrote:
Okay, I think I understand. You're saying that, if not ignored,
postfix will strip these headers, making them inaccessible to
spamassassin for scoring. Correct?
No ignore means dont pass to mailbox, think like postfix just lie
On October 6, 2014 6:39:21 PM Eric Cunningham e...@whoi.edu wrote:
Hello, has anyone else experienced an HUGE uptick in the number of
rejected legitimate emails following an sa-update run over this past
And spammassin only tags mail, it does not reject, so stop saying it an sa
issue when its
On 10/6/2014 1:11 PM, Jason Goldberg wrote:
How to i get removed from this stupid list.
I love begin spammed by a list about spam which i did not signup for.
Email users-h...@spamassassin.apache.org and the system will mail you
instructions.
If you did not sign up for the list, that is
From: Axb axb.li...@gmail.com
On 10/06/2014 07:01 PM, David Jones wrote:
Anyone else seeing an unusually high hit count today for URIBL_RHS_DOB?
host google.com.dob.sibl.support-intelligence.net
Host google.com.dob.sibl.support-intelligence.net not found: 3(NXDOMAIN)
web tools sigh
Am 06.10.2014 um 19:22 schrieb Benny Pedersen:
On October 6, 2014 6:39:21 PM Eric Cunningham e...@whoi.edu wrote:
Hello, has anyone else experienced an HUGE uptick in the number of
rejected legitimate emails following an sa-update run over this past
And spammassin only tags mail, it does
On 10/6/2014 1:23 PM, Kevin A. McGrail wrote:
On 10/6/2014 1:11 PM, Jason Goldberg wrote:
How to i get removed from this stupid list.
I love begin spammed by a list about spam which i did not signup for.
Email users-h...@spamassassin.apache.org and the system will mail you
instructions.
On October 6, 2014 7:28:02 PM David Jones djo...@ena.com wrote:
host google.com.dob.sibl.support-intelligence.net
Host google.com.dob.sibl.support-intelligence.net not found: 3(NXDOMAIN)
web tools sigh
http://multirbl.valli.org/lookup/google.com.html
On Fri, 03 Oct 2014 00:08:49 +0200,
Axb axb.li...@gmail.com wrote:
Axb What's wrong with running rbldnsd? It's the tool all BLs use for
Axb mirroring BL data. It's so stable and simple to use nothing can
Axb beat it.
From the website:
There is no config file, rbldnsd accepts all configuration
On 10/06/2014 07:47 PM, Ian Zimmerman wrote:
On Fri, 03 Oct 2014 00:08:49 +0200,
Axb axb.li...@gmail.com wrote:
Axb What's wrong with running rbldnsd? It's the tool all BLs use for
Axb mirroring BL data. It's so stable and simple to use nothing can
Axb beat it.
From the website:
There is
Am 06.10.2014 um 19:47 schrieb Ian Zimmerman:
On Fri, 03 Oct 2014 00:08:49 +0200,
Axb axb.li...@gmail.com wrote:
Axb What's wrong with running rbldnsd? It's the tool all BLs use for
Axb mirroring BL data. It's so stable and simple to use nothing can
Axb beat it.
From the website:
There
On 10/6/2014 1:47 PM, Ian Zimmerman wrote:
On Fri, 03 Oct 2014 00:08:49 +0200,
Axb axb.li...@gmail.com wrote:
Axb What's wrong with running rbldnsd? It's the tool all BLs use for
Axb mirroring BL data. It's so stable and simple to use nothing can
Axb beat it.
From the website:
There is no
On Mon, 2014-10-06 at 13:36 -0400, Kevin A. McGrail wrote:
On 10/6/2014 1:23 PM, Kevin A. McGrail wrote:
On 10/6/2014 1:11 PM, Jason Goldberg wrote:
How to i get removed from this stupid list.
I love begin spammed by a list about spam which i did not signup for.
Email
On Mon, 2014-10-06 at 09:03 -0400, jdime abuse wrote:
I have been seeing some issues with bayes detection from base64
strings within attachments causing false positives.
Example:
Oct 6 09:02:14.374 [15869] dbg: bayes: token 'H4f' = 0.71186828264
Oct 6 09:02:14.374 [15869] dbg: bayes:
On Mon, 06 Oct 2014 21:28:02 +0200
Karsten Bräckelmann guent...@rudersport.de wrote:
Unless the message's MIME-structure is severely broken, these tokens
appear somewhere other than a base64 encoded attachment.
Agreed, and a Qmail bounce message is a prime example of a message
whose MIME
as SA update will take quite long till it publishes this:
uri AXB_URI_HCKD_MUHMADEMAD
/\/\/images\/jdownloads\/screenshots\/muhmademad\.png/
describeAXB_URI_HCKD_MUHMADEMAD dildo_du_jour
score AXB_URI_HCKD_MUHMADEMAD 5.0
beware of MUA line break !!!
enjoy
Am 06.10.2014 um 21:44 schrieb Axb:
as SA update will take quite long till it publishes this:
uri AXB_URI_HCKD_MUHMADEMAD
/\/\/images\/jdownloads\/screenshots\/muhmademad\.png/
describeAXB_URI_HCKD_MUHMADEMADdildo_du_jour
scoreAXB_URI_HCKD_MUHMADEMAD5.0
On 10/6/2014 2:50 PM, Karsten Bräckelmann wrote:
Just to give some answers. This issue should further be handled
off-list.
Thanks for your $0.02. I hate being accused of spamming...
On 10/06/2014 09:52 PM, Reindl Harald wrote:
Am 06.10.2014 um 21:44 schrieb Axb:
as SA update will take quite long till it publishes this:
uri AXB_URI_HCKD_MUHMADEMAD
/\/\/images\/jdownloads\/screenshots\/muhmademad\.png/
describeAXB_URI_HCKD_MUHMADEMADdildo_du_jour
score
After reading your reply, I re-examined the message and found the case was
an incorrect Content-Type:
~~~
Content-Type: text/plain; charset=windows-1250;
name=pdfname.pdf
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename=pdfname.pdf
~~~
So it was scanning the base64 as
On 03 Oct 2014, at 11:42 , Reindl Harald h.rei...@thelounge.net wrote:
Am 03.10.2014 um 19:34 schrieb LuKreme:
[SPAM] is not a spam marker I’ve ever seen so it seems perfectly OK to me
You are assuming, I think wrongly, that the [SPAM] tag is being used because
of a content filter and not
On Mon, 6 Oct 2014, LuKreme wrote:
On 03 Oct 2014, at 11:42 , Reindl Harald h.rei...@thelounge.net wrote:
Am 03.10.2014 um 19:34 schrieb LuKreme:
[SPAM] is not a spam marker I’ve ever seen so it seems perfectly OK to me
You are assuming, I think wrongly, that the [SPAM] tag is being used
On Mon, 6 Oct 2014, LuKreme wrote:
On 03 Oct 2014, at 11:42 , Reindl Harald h.rei...@thelounge.net wrote:
Am 03.10.2014 um 19:34 schrieb LuKreme:
[SPAM] is not a spam marker I’ve ever seen so it seems perfectly OK to me
You are assuming, I think wrongly, that the [SPAM] tag is being
Am 07.10.2014 um 01:38 schrieb John Hardin:
On Mon, 6 Oct 2014, LuKreme wrote:
On 03 Oct 2014, at 11:42 , Reindl Harald h.rei...@thelounge.net wrote:
Am 03.10.2014 um 19:34 schrieb LuKreme:
[SPAM] is not a spam marker I’ve ever seen so it seems perfectly OK
to me
You are assuming, I think
Am 07.10.2014 um 01:48 schrieb David Jones:
On Mon, 6 Oct 2014, LuKreme wrote:
On 03 Oct 2014, at 11:42 , Reindl Harald h.rei...@thelounge.net wrote:
Am 03.10.2014 um 19:34 schrieb LuKreme:
[SPAM] is not a spam marker I’ve ever seen so it seems perfectly OK to me
You are assuming, I
On Tue, 7 Oct 2014, Reindl Harald wrote:
P.S.:
it was your Re: [SPAM] Re: False positive in rule: FUZZY_XPILL i refered
implicitly as i started that thread - mayb eyou can make clear that the
[SPAM] part was not your personal prefix for the SA list as LuKreme repeatly
pretends instead just
Am 07.10.2014 um 02:10 schrieb John Hardin:
On Tue, 7 Oct 2014, Reindl Harald wrote:
P.S.:
it was your Re: [SPAM] Re: False positive in rule: FUZZY_XPILL i
refered implicitly as i started that thread - mayb eyou can make clear
that the [SPAM] part was not your personal prefix for the SA list
45 matches
Mail list logo