Hello,
today I was pointed to a message with these headers:
X-Spam-Score: 6.789
X-Spam-Status: Yes, score=6.789 tag=-999 tag2=5 kill=6
tests=[HTML_MESSAGE=0.001, MISSING_MIMEOLE=1.843,
RCVD_IN_SORBS_HTTP=2.499, RCVD_IN_SORBS_SOCKS=2.443]
Received: from smtp.cesky-hosting.cz (smt
Benny Pedersen:
Trusted network and internal network in local.cf for all your own
ipv6, ipv4 :)
ups, I had no settings at all for trusted/internal/msa networks :-/
Thanks for the pointer
Andreas
Matus UHLAR - fantomas:
Do you trust smtp.cesky-hosting.cz?
Even if it's open socks and http proxy server?
No, I don't.
But I initially wonder why sa looked up the external submission host
while docu say "last untrusted relay" which it isn't.
Andreas
Hello,
I had the idea to run my own updateserver for two purposes:
1. distribute own rules
2. override existing rules
But somehow I fail on #2.
SA rules normally reside in /var/.../spamassassin/$SA-VERSION/channelname/*.cf
Also the are files /var/.../spamassassin/$SA-VERSION/channelname.cf
Karsten Bräckelmann:
The directory name and accompanying cf file are generated by
sa-update based on the channel name. There is no way for the channel to
enforce order.
Besides picking a channel name that lexicographically comes after the
to-be-overridden target channel, you're limited to loca
Kevin A. McGrail:
We are working on solutions expected for the 3.4.1 release on ~9/30.
are the any updates on the release plan?
Benny Pedersen:
Upgrade to sa 3.4 where this work, else wait for next rule update,
this is a work in progress thats only gives error when not using sa
3.4
At least here I *have* 3.4 but got the same warnings.
The file 72_active.cf from update_spamassasin_org contain some
lines "if perl_ve
Kevin A. McGrail:
https://wordtothewise.com/2012/11/how-long-is-your-dkim-key/
It's a recommendation not a requirement so the pass even when lower
than 1024 is accurate.
I disagree.
Lauras article is more then two years old. But since more then 4 years
( Sep 2011 )
RFC 6376 say very cl
Hello,
I wrote a little patch for the SPF plugin to detect domains
authenticating any IP by SPF.
Usage:
local.cf
header SPF_PASS_PLUSALL eval:check_for_spf_pass_plusall()
header SPF_HELO_PASS_PLUSALL
eval:check_for_spf_helo_pass_plusall()
describe SPF_PASS_
Hello,
today I was notified by ezmlm that my MTA rejected messages to me. Messages to
this list where classified as spam by .. spamassassin.
OK, no surprise some messages look spammy.
As usual: there is one solution that is smart, fast and obvious. But sometimes
this one is also wrong.
So I as
Am 20.09.2015 um 05:10 schrieb Reindl Harald:
Am 19.09.2015 um 20:12 schrieb A. Schulze:
So I ask the list: (how) do you whitelist this list?
whitelist_auth *@spamassassin.apache.org
works. it trigger USER_IN_SPF_WHITELIST=-100
thanks!
Andreas
RW:
On Mon, 4 Apr 2016 13:00:11 -0400
Alex wrote:
Hi,
Can someone help me understand why this auto-away message failed the
DMARC tests?
http://pastebin.com/wXhxex92
It looks like it passed through an AOL MX, yet SPF still failed.
It didn't fail SPF, it failed to pass because there's no e
A. Schulze:
So SPF *never* could be aligned to RFC5322.From for such messages.
even if spf=pass...
The only way to generate a DMARC=pass is DKIM. A domainowner has to
DKIM-sign DeliveryStatusNotification or Autoresonder in alignement
to the RFC5322.From.
This is even more important if
Alex:
So ultimately who's at fault here for causing this to fail? AOL? What
should have been done to prevent it?
it depends who generate the DSN.
- AOL?
-> then they should DKIM sign their own message.
- an AOL customer sending on behalf of his own AOL address via AOL
infrastructure?
Alan Hodgson:
DMARC allows a subdomain to sign the mail with a
relaxed alignment policy.
really?
I know DMARC as
"example.com may dkim sign with example.com. relax alignment will
match even for RFC5322.From sub.example.com"
but you claim
"sub.example.com may dkim sign with sub.example.co
Alan Hodgson:
I really believe that's incorrect. Relaxed alignment specifically
means you can
sign with a subdomain's key or use a subdomain for SPF.
Read sections 3.1.2 and 10.4 of that same document, for instance.
Hm. https://tools.ietf.org/html/rfc7489#section-10.4 reads like you're
n
Alan Hodgson:
I really believe that's incorrect. Relaxed alignment specifically
means you can
sign with a subdomain's key or use a subdomain for SPF.
Read sections 3.1.2 and 10.4 of that same document, for instance.
Alan,
you're write! DMARC folks told me so, too.
DMARC Relax alignment i
Chip M.:
*** Does anyone have a contact at LinkedIn ops? ***
I informed LinkedIn and was asked to send the following response on
behalf of Franck Martin:
This email was not sent by Linkedin.
Linkedin uses several lists to ensure the redirection does not end up to a
known bad site. In
Am 21.04.2017 um 22:58 schrieb Kevin A. McGrail:
> Things are moving along on a SpamAssassin 3.4.2 release and a 4.0 release as
> well. It's my expectation that 3.4.2 will be the last 3.4.x release.
> My hopes is to have them ready to announce at ApacheCon
will/are there be release candidates
Am 02.05.2017 um 17:09 schrieb Marc Perkel:
>
>
> On 05/02/17 03:54, RW wrote:
>> On Mon, 1 May 2017 19:30:01 -0700
>> Marc Perkel wrote:
>>
>>> Might be slightly off topic but I've been running into more delivery
>>> problems with outgoing email because I don't use DMARC.
>> How do you know it
John Hardin:
any header that begins with "X-" is permitted.
permitted - yes
but I'm aware may user assisiate X- header still as private header.
This is no longer true since 2012: https://tools.ietf.org/html/rfc6648
just to mention that...
Andreas
Am 27.10.2017 um 07:15 schrieb @lbutlr:
> RFC 822 is obsolete, replaced by RFC 2822.
... which is obsoleted by RFC 5322 and updated some other RFCs
see https://tools.ietf.org/html/rfc5322
Kevin A. McGrail:
If you are checking the SpamAssassin updates more than 2x a day,
expect to be blocked in the very near future. We have people
checking literally every minute and we only release rules currently
1x per day. There is no need to check this often!
I use sa-update to updat
Hello all,
shortly (since around 09:30 UTC) I get such notifications on sa-update:
rules: failed to run FORGED_GMAIL_RCVD test, skipping:
(Can't locate object method "check_for_forged_gmail_received_headers"
via package "Mail::SpamAssassin::PerMsgStatus" at (eval 1277) line 253.
)
channel:
Giovanni Bechis:
Just spotted by others,
this diff fixes the problem:
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7540
yea! but that's a patch for the rules, right?
may we expect a fixed ruleset will be published shortly?
Andreas
Btw:
what's the state of 3.4.2+? Beta? Release?
from
Hello,
we've a number of SA instances that need rule updates. For now we configured
them to use a proxy. Works...
But there are also instances that can't us a proxy at all.
My idea was to setup a private SA-Mirror (apache+rsync) but, I've to manage
DNS-Data for mirrors.spamassassin-mirror.exampl
Am 04.10.19 um 01:12 schrieb Philip:
> Lately I'm getting a bunch of emails that are showing up with two email
> addresses in the From: field.
that happen from time to time but currently I suspect the sender like to
trigger a Bug in OpenDMARC
to generate dmarc=pass for messages that otherwise
Am 04.10.19 um 16:40 schrieb Grant Taylor:
> On 10/4/19 6:43 AM, A. Schulze wrote:
>> that happen from time to time but currently I suspect the sender like to
>> trigger a Bug in OpenDMARC to generate dmarc=pass for messages that
>> otherwise would be classified as dmarc=
Am 11.07.20 um 23:55 schrieb Benny Pedersen:
> Marcus Schopen skrev den 2020-07-11 23:43:
>> config: warning: description exists for non-existent rule
>> USER_IN_ALLOWLIST_TO
>
> meta USER_IN_ALLOWLIST_TO (USER_IN_WHITELIST_TO)
Hello,
My SA hit the same update issue. It was unable to update t
Am 07.06.24 um 23:33 schrieb Bill Cole:
You do not even need to do that.
All SORBS-referencing rules were removed from the updates.spamasssassin.org
rules channel earlier this week. Scanning the latest deployed (by sa-update)
version r1918114 I see no surviving references to SORBS.
since
30 matches
Mail list logo
