On 22/02/2018 17:48, RW wrote:
On Thu, 22 Feb 2018 10:35:48 -0600 (CST)
David B Funk wrote:
On Thu, 22 Feb 2018, RW wrote:
On Thu, 22 Feb 2018 15:54:45 +0100
saqariden wrote:
Hello guys,
I have the following SA rule which is supposed to block base64
encoded mails:
This may be dangerou
On Thu, 22 Feb 2018 19:33:29 -0700
@lbutlr wrote:
> On 2018-02-22 (17:39 MST), RW wrote:
> >
> > Is it genuinely encrypted though? I'm wondering if it's just base64
> > encoded, and possibly signed.
>
> application/pkcs7-mime is S/MIME
I know, but does that mean it's necessarily encrypted an
On 02/23/2018 06:29 AM, RW wrote:
On Thu, 22 Feb 2018 19:33:29 -0700
@lbutlr wrote:
On 2018-02-22 (17:39 MST), RW wrote:
Is it genuinely encrypted though? I'm wondering if it's just base64
encoded, and possibly signed.
application/pkcs7-mime is S/MIME
I know, but does that mean it's nece
On Fri, 23 Feb 2018 07:18:52 -0600
David Jones wrote:
> On 02/23/2018 06:29 AM, RW wrote:
> > On Thu, 22 Feb 2018 19:33:29 -0700
> > @lbutlr wrote:
> >
> >> On 2018-02-22 (17:39 MST), RW wrote:
> >>>
> >>> Is it genuinely encrypted though? I'm wondering if it's just
> >>> base64 encoded, and
>> headerBOGUS_MIME_VERSION
So the secret is out. We are blocking as many as 40,000 a day. I
tested it for a few days, at a million messages a day, and nothing
else matches that error. It's a killer rule here.
The spam itself is very low scoring otherwise. Score for /shark.tank/i
matches a lo
Hello,
In our infra we use spamassassin to scan our **outgoing** mails too. This
is to prevent spammers using our infra to send mails and get our IP's
blacklisted. We perform various DNSBL tests on the mail body.
One of our IPs got listed in Spamhaus SBL for some reason, so now our
outgoing mails
On 02/23/2018 08:26 AM, shridhar shetty wrote:
Hello,
In our infra we use spamassassin to scan our **outgoing** mails too.
This is to prevent spammers using our infra to send mails and get our
IP's blacklisted. We perform various DNSBL tests on the mail body.
We also scan outbound aggressi
On 02/23/2018 04:33 PM, David Jones wrote:
On 02/23/2018 08:26 AM, shridhar shetty wrote:
Hello,
In our infra we use spamassassin to scan our **outgoing** mails too.
This is to prevent spammers using our infra to send mails and get our
IP's blacklisted. We perform various DNSBL tests on the m
On 02/23/2018 10:46 AM, Axb wrote:
On 02/23/2018 04:33 PM, David Jones wrote:
On 02/23/2018 08:26 AM, shridhar shetty wrote:
Hello,
In our infra we use spamassassin to scan our **outgoing** mails too.
This is to prevent spammers using our infra to send mails and get our
IP's blacklisted. We
On 02/23/2018 03:26 PM, shridhar shetty wrote:
Hello,
In our infra we use spamassassin to scan our **outgoing** mails too. This
is to prevent spammers using our infra to send mails and get our IP's
blacklisted. We perform various DNSBL tests on the mail body.
One of our IPs got listed in Spamh
Considering the issue, couldn't you in theory just add "uridnsbl_skip_domain
ip.on.blk.lst"?
I mean, according to URIBL_SBL, it would be if the IP itself is on the
blacklist, so wouldn't skipping the "domain" of a specific IP skip
detection?
On Fri, Feb 23, 2018 at 4:55 PM, David Jones wrote:
>
On 02/22/2018 06:10 PM, John Hardin wrote:
I was just referring to the OFFICE365 subrule, as there isn't one like
that yet - hotmail, sure, outlook, sure, but not office365. We should
have added that back when O365 started up.
I had already added a generic rule for this in my sandbox so you
Hello Axb,
Below are the response to your queries.
Why not fix the SBL issue instead of trying to work around it?
Fixing the SBL issue is the first thing we do. But it takes some time so we
do not want our outbound mail service to be affected due to this.
'Your local "fix" won't stop a URIBL_SBL
On Sat, 24 Feb 2018 00:36:56 +0530
shridhar shetty wrote:
> 'Your local "fix" won't stop a URIBL_SBL hit at the other, rcpt's
> end.' In such case we relay our mails through an external server
> which has clean reputation. That way our mails are delivered to the
> recipient.
That will help with
Yes, I missed it.
On Sat, Feb 24, 2018 at 12:49 AM, RW wrote:
> On Sat, 24 Feb 2018 00:36:56 +0530
> shridhar shetty wrote:
>
>
> > 'Your local "fix" won't stop a URIBL_SBL hit at the other, rcpt's
> > end.' In such case we relay our mails through an external server
> > which has clean reputatio
On 2018-02-23 (02:15 MST), saqariden wrote:
>
> our mailing service is not for external use, So the users are not supposed to
> send or receive B64 encoded mails.
I've never seen anyone *intentionally* sent base64 mails (I mean, people, not
spammers). That is a decision made by the MUA. Sounds
Hi all,
So, I've been trying to tweak my setup and noticed that VERY few of my
emails are being autolearned as spam, even when their spam threshold is far
above the autolearn threshold. The threshold is set to 12; I just saw a spam
with score >25 not being autolearned.
Are the
On Fri, 23 Feb 2018, Amir Caspi wrote:
Hi all,
So, I've been trying to tweak my setup and noticed that VERY few of my
emails are being autolearned as spam, even when their spam threshold is far above
the autolearn threshold. The threshold is set to 12; I just saw a spam with score
>
On 2018-02-23 22:32, Amir Caspi wrote:
> So, I've been trying to tweak my setup and noticed that VERY few of my
> emails are being autolearned as spam, even when their spam threshold
> is far above the autolearn threshold. The threshold is set to 12; I
> just saw a spam with score >25 not being a
On Feb 23, 2018, at 11:47 PM, David B Funk wrote:
> It could have 20 points from a whole bunch of body rules but if it only hit 2
> points via header rules it still will not auto-learn.
Gotcha. The spam in question that triggered this hit a lot of rules, but hard
for me to tell on cursory inspec
20 matches
Mail list logo
