Hi Jimmy,
If you want to get that exact version using rawbody, here's how it would
need to look like:
rawbody __PASSWORD_IN_QP /\bp\x{D0}\x{B0}ssword/i
As a trick to know what to use in such a case, I added this rule on my
debug/rule testing machine:
rawbody __ALLRAWBODY /.+/
tflags__
--
Content-Transfer-Encoding: quoted-printable
Login p=D0=B0ssword is s=D0=B5t to =D0=B5xpir=D0=B5
--
In the provided email snippet, I aim to match the text "p=D0=B0ssword"
using the following rule:
rawbody __PASSWORD_IN_QP /\bp=D0=B0ssword/i
Despite my effor
On Mon, 2024-01-15 at 17:06 -0800, Cabel Sasser wrote:
>
> There are 1,239 gTLDs. The SpamAssassin source* blocks just *22* of them.
>
The official unofficial KAM ruleset blocks a few more, and there are
plenty of third-party URIBLs that essentially block gTLDs through SA,
albeit at one level of
On Mon, 15 Jan 2024, Cabel Sasser wrote:
There are 1,239 gTLDs. The SpamAssassin source* blocks just *22* of them.
If you believe every new gTLD is garbage (and I get that!), why isn’t
SpamAssassin automatically dinging, say, 1,200+ of them?
Or put another way, why _these_ 22, and _only_ thes
Hi MIchael!
I totally understand what you’re saying. I get it 100%. But your math doesn’t
quite add up for me.
There are 1,239 gTLDs. The SpamAssassin source* blocks just *22* of them.
If you believe every new gTLD is garbage (and I get that!), why isn’t
SpamAssassin automatically dinging, say
On Mon, 2024-01-15 at 15:58 -0800, Cabel Sasser wrote:
>
> Can anyone help me understand “the science”? And how these domains are chosen
> for such a heavy punishment?
What you're facing is essentially an economic problem. Everyone knows
dot-com, and to a lesser extent dot-net and dot-org. But e
Hello friends!
We make a handheld game system called Playdate, and our site lives at
play.date. We find that our support email often doesn’t get delivered, making
for occasionally very angry customers.
In debugging this, we’re looking at spam score.
In SA, .date is one of the “bad domains” tha
In your message regarding Re: milter vs spamc dated 15/01/2024, Mike
Bostock said ...
> In your message regarding Re: milter vs spamc dated 15/01/2024, Benoit
> Panizzon said ...
> > Hi
> > > What are the pros and cons?
> > In my opinion, an email should either be received by a MTA and
> > deli
Hi,
Google Drive is being used to send links with malicious content. I know,
shocking. But should Google Drive be in the DKIM WL?
What more can be done to stop these? I have a few body filters, but these
are just links sent using Google to PDFs with malicious links.
https://pastebin.com/Qpj1drSa
In your message regarding Re: milter vs spamc dated 15/01/2024, Benoit
Panizzon said ...
> Hi
> > What are the pros and cons?
> In my opinion, an email should either be received by a MTA and
> delivered to the recipient, or rejected during the SMTP phase.
Thanks everyone for the good advice. s
Hi
> The only con is that milter can't apply multiple SA settings when single
> mail has multiple destination users - it only has to use single setting for
> them.
We found a way around this, we use MIMEDefang as Milter and have
built database lookups in the config.
Usually, per user SA settin
On 14.01.24 22:22, Mike Bostock via users wrote:
I currently have users set up with spamc called in .procmailrc
However, I have quite a few aliases/redirects in sendmail virtusertable
who are not being protected by Spamassassin.
spamass-milter has setting for default user (-U username) that is
Hi
> What are the pros and cons?
In my opinion, an email should either be received by a MTA and
delivered to the recipient, or rejected during the SMTP phase.
This eliminates:
* Emails 'disappearing' (false positives as example)
* Sending late bounces to fake sender when rejected by the LDA
So
13 matches
Mail list logo
