Re: Uninitialized values in URIDNSBL

2017-02-02 Thread Martin Gregorie
On Thu, 2017-02-02 at 15:23 -0700, Philip Prindeville wrote: > Anyone else seeing this? > Yes - in Fedora 25. Martin

Uninitialized values in URIDNSBL

2017-02-02 Thread Philip Prindeville
Anyone else seeing this? Feb 2 08:10:23 mail mimedefang.pl[13017]: helo: mailman2.scl3.mozilla.com (63.245.214.181:3844) said "helo mail.mozilla.org" Feb 2 08:10:23 mail sendmail[14852]: v12FAHm7014852: from=, size=4727, class=-30, nrcpts=1, msgid=<0oudnazy4jgf1g7fnz2dnuu7-qmdn...@mozilla.or

Re: _WARN message with perl-Encode

2017-02-02 Thread Alex
Hi, On Wed, Feb 1, 2017 at 1:40 PM, Reindl Harald wrote: > mxpf.pm is not part of spamassassin itself but from a random guy on the list > last year, the original had a bunch of issues and produced warnings from the > very begin > > the attached one contains some serious bugfixes, but i also renam

Re: fake base64 encoding

2017-02-02 Thread John Wilcock
Le 02/02/2017 à 15:50, RW a écrit : On Thu, 2 Feb 2017 05:43:24 -0500 Kevin A. McGrail wrote: ... I will score much higher since it is in the wild. Can you throw a spample up on pastebin? Perhaps text/html makes a big difference, but base64 encoded utf-8 text is not uncommon these days - part

Turning pyzor off

2017-02-02 Thread Harry Putnam
I experimented with pyzor and set these in /etc/mail/spamassassin/local.cf, after installing pyzor use_pyzor 1 pyzor_path /usr/bin/pyzor pyzor_options --homedir /etc/spamassassin I've since commented them out and discontinued the experiment. I assumed that would be the end of pyzor bei

Re: Turning pyzor off

2017-02-02 Thread Axb
On 02/02/2017 04:17 PM, Harry Putnam wrote: I experimented with pyzor and set these in /etc/mail/spamassassin/local.cf, after installing pyzor use_pyzor 1 pyzor_path /usr/bin/pyzor pyzor_options --homedir /etc/spamassassin I've since commented them out and discontinued the experiment.

Re: fake base64 encoding

2017-02-02 Thread RW
On Thu, 2 Feb 2017 05:43:24 -0500 Kevin A. McGrail wrote: > On 2/1/2017 11:30 PM, Pedro David Marco wrote: > > I did a similar rule to detect it but with higher score (3) since > > we are seeing a huge LinkedIn Phishing campaign using this > > technique, that on purpose or by mistake is evading mo

Re: fake base64 encoding

2017-02-02 Thread Kevin A. McGrail
On 2/2/2017 5:43 AM, Kevin A. McGrail wrote: On 2/1/2017 11:30 PM, Pedro David Marco wrote: I did a similar rule to detect it but with higher score (3) since we are seeing a huge LinkedIn Phishing campaign using this technique, that on purpose or by mistake is evading most SA rules... I will sc

Re: fake base64 encoding

2017-02-02 Thread Kevin A. McGrail
On 2/1/2017 11:30 PM, Pedro David Marco wrote: I did a similar rule to detect it but with higher score (3) since we are seeing a huge LinkedIn Phishing campaign using this technique, that on purpose or by mistake is evading most SA rules... I will score much higher since it is in the wild. Can