On 03/06/17 15:22, David Jones wrote:
From: Marc Perkel
Sent: Monday, March 6, 2017 11:05 AM
To: users@spamassassin.apache.org
Subject: Re: New whitelisting trick using from and spf
do you mean the header From: address?
because anyone doing SPF does spf checks does what you describe on the
e
>From: Dianne Skoll
>Sent: Monday, March 6, 2017 5:40 PM
>To: users@spamassassin.apache.org
>Subject: Re: New whitelisting trick using from and spf
>On Mon, 6 Mar 2017 23:22:00 +
>David Jones wrote:
>> Not good. SPF should be checked against the envelope-from
>> address which is more
On Mon, 6 Mar 2017 23:22:00 +
David Jones wrote:
[...]
> Not good. SPF should be checked against the envelope-from
> address which is more trustworthy.
Er... well. The envelope-from is not any more trustworthy than
the header From:. But it *is* the thing the SPF spec say to check,
and *n
>From: Marc Perkel
>Sent: Monday, March 6, 2017 11:05 AM
>To: users@spamassassin.apache.org
>Subject: Re: New whitelisting trick using from and spf
>> do you mean the header From: address?
>>
>> because anyone doing SPF does spf checks does what you describe on the
>> envelope from: addres.
>Yes
Just wondering if anyone has - or in interested in - a list of legit
mass mailing sources?
There are many domains that remail/deliver for other domains that are
95%+ good email. And they are not perfect and sometimes they get scammed
but are mostly good.
Just wondering if anyone has a list -
On 03/06/17 04:19, Matus UHLAR - fantomas wrote:
On 05.03.17 10:38, Marc Perkel wrote:
Well, new to me. Maybe others have thought of this.
Many domains send nothing but good email and if you whitelist them
based on FCRDNS all is good. Been doing that.
But ...
Many domains send nothing but
> On Mar 6, 2017, at 12:58 PM, David B Funk
> wrote:
>
> On Mon, 6 Mar 2017, Alan Hodgson wrote:
>
>>> It seems it should be easy to setup “If mail claims to be From: PayPal.com
>>> and is not from PayPal, score +100” but it is not.
>>
>> This is what DMARC is for.
>>
>> Run opendmarc as a m
On Mon, 6 Mar 2017 11:58:25 -0600 (CST)
David B Funk wrote:
> But that won't help you when the scammers set the user visible from
> as "acco...@paypai.com" or some other variant (with the actual
> address part as or something else.
I recall someone bringing this up on the DMARC discussion list.
On Monday 06 March 2017 11:58:25 David B Funk wrote:
> On Mon, 6 Mar 2017, Alan Hodgson wrote:
> >> It seems it should be easy to setup “If mail claims to be From:
> >> PayPal.com
> >> and is not from PayPal, score +100” but it is not.
> >
> > This is what DMARC is for.
> >
> > Run opendmarc as a
On Mon, 6 Mar 2017, Alan Hodgson wrote:
It seems it should be easy to setup “If mail claims to be From: PayPal.com
and is not from PayPal, score +100” but it is not.
This is what DMARC is for.
Run opendmarc as a milter and reject failures. Or score later on DMARC
failure, even if just selecti
> It seems it should be easy to setup “If mail claims to be From: PayPal.com
> and is not from PayPal, score +100” but it is not.
This is what DMARC is for.
Run opendmarc as a milter and reject failures. Or score later on DMARC
failure, even if just selectively for highly phished domains.
PayP
On Sun, 5 Mar 2017 10:38:09 -0800
Marc Perkel wrote:
> If the from address is whitelisted AND the SPF of the from address is
> good - I pass the email.
And that's exactly how SPF is supposed to work. You shouldn't whitelist
domains willy-nilly because they can be spoofed, and you shouldn't all
On 2017-03-06 (04:45 MST), David Jones wrote:
>
>> From: @lbutlr
>> Sent: Monday, March 6, 2017 5:24 AM
>> To: users@spamassassin.apache.org
>> Subject: Re: New whitelisting trick using from and spf
>
>> On 2017-03-05 (18:59 MST), David Jones wrote:
>>>
>>> whitelist_auth does this agains
Spam/phishing emails pretending to be from Paypal won't have an
envelope-from of *@paypal.com which is why you didn't get the
desired effect. You rarely use the blacklist_from only when there
is very dumb senders that you want to block
that don't matter - "blacklist_from" also bpocks from-head
On 05.03.17 10:38, Marc Perkel wrote:
Well, new to me. Maybe others have thought of this.
Many domains send nothing but good email and if you whitelist them
based on FCRDNS all is good. Been doing that.
But ...
Many domains send nothing but good email and they send through
reputable email s
>From: Reindl Harald
>Sent: Monday, March 6, 2017 5:58 AM
>To: David Jones; @; users@spamassassin.apache.org
>Subject: Re: New whitelisting trick using from and spf
>Am 06.03.2017 um 12:45 schrieb David Jones:
>>> From: @lbutlr
>>> Sent: Monday, March 6, 2017 5:24 AM
>>> To: users@spamassas
>From: @lbutlr
>Sent: Monday, March 6, 2017 5:24 AM
>To: users@spamassassin.apache.org
>Subject: Re: New whitelisting trick using from and spf
>On 2017-03-05 (18:59 MST), David Jones wrote:
>>
>> whitelist_auth does this against SPF_PASS and DKIM_VALID_AU
>I tired to do something along the
On 2017-03-04 (23:32 MST), Rob Gunther wrote:
>
> In the last few weeks we are finding that SOME (but not all) of Yahoo's
> outbound servers are not dealing with this correctly.
This may not work for you, but I solved all my yahoo problems by simply
blocking their servers with a nice message a
On 2017-03-05 (18:59 MST), David Jones wrote:
>
> whitelist_auth does this against SPF_PASS and DKIM_VALID_AU
I tired to do something along these lines at some point in the past by adding
some lines to my local.cf like these:
blacklist_from *@amazon.com
whitelist_auth *@amazon.com
blacklist_fr
19 matches
Mail list logo