Re: milter vs spamc

Hi > The only con is that milter can't apply multiple SA settings when single > mail has multiple destination users - it only has to use single setting for > them. We found a way around this, we use MIMEDefang as Milter and have built database lookups in the config. Usually, per user SA settin

Re: milter vs spamc

Hi > What are the pros and cons? In my opinion, an email should either be received by a MTA and delivered to the recipient, or rejected during the SMTP phase. This eliminates: * Emails 'disappearing' (false positives as example) * Sending late bounces to fake sender when rejected by the LDA So

Re: shit from serverion

Hi Just to share my experience with them... It looks like there is a quite confusing way to which company IP ranges are allocated. Last year I had a case involving an ip from this range: % Abuse contact for '31.210.20.0 - 31.210.21.255' is 'ab...@serverion.com' inetnum:31.210.20.0 - 31.

Re: Decoding Google URL redirections and check VS URI Blacklists

Hi Alex > So what redirector_pattern rule did you use? Turned out, the shipped one matched: redirector_pattern m'^https?:/*(?:\w+\.)?google(?:\.\w{2,3}){1,2}/url\?.*?(?<=[?&])q=(.*?)(?:$|[&\#])'i But when I first tested, the URI was not yet blacklisted to this missed my attention. Mit freundl

Re: Decoding Google URL redirections and check VS URI Blacklists

Hi Alex > you're looking to use a redirector_pattern rule - weird that this hasn't > been yet been added in SA's default ruleset > Please submit a bug with a sample message Thank you, that sounds promising. Digging into how to use. Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r

Re: Decoding Google URL redirections and check VS URI Blacklists

Hi Martin > You can find out quite a lot about a spamming site with a few common > commandline tools: > > - 'ping' tells you of the hostname part of the UREL is valid > - 'host hostname' should get the sender's IP > - 'host ip' IOW a reverse host lookup, tells yo if the first >

Re: Decoding Google URL redirections and check VS URI Blacklists

Hi Raymond > If you could check that it would help a lot > > Some rules to translate common used services and your example is a good > one. If you would check the specific domain it would havbe hit SURBL. Yes, and future hits to the SWINOG Spamtrap (uribl.swinog.ch) will also extract such t

Decoding Google URL redirections and check VS URI Blacklists

Hi SA Community In the last couple of weeks, I see a massive increase of spam mails which make use of google site redirection and dodge all our attempts at filtering. That is google redirector is about the only common thing in those emails. Source IP, text content etc. is quite random. Such an e

Re: per-user bayes

Hi Adding the list back to CC as I believe this is an interesting topic many have pondered over. Yes, I see that is states 'per user' but I still don't see, how that 'bayes user' is being set on a per recipient base. On the email platform there is ONE config file for spamassassin. So if I set th

Re: per-user bayes

Hi > This may help > > I sort of have the same issue. Unfortunately that does not help, it merely explains how to store bayes data in a database. But there is still only one 'global' database on your mail platf

Re: ANNOUNCEMENT: The NEW invaluement "Service Provider DNSBLs" - 1st one for Sendgrid-spams!

Hi Rob This works like a charm, blocking a lot of: bounces+8465718 atm. Thank you for your excellent plugin! Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29

Re: DNS Blacklist wildcard query: distinguish IP v4/v6 to avoid false positives

Hi Bill > Easy fix: do not use wildcards in IPv4 listings. I agree, for the purpose of a 'listed yes/no' blacklist this is the way to go. > Both rbldnsd and BIND have other mechanisms for compactly generating > records that cover an IPv4 /24 network without also generating records > for all of

DNS Blacklist wildcard query: distinguish IP v4/v6 to avoid false positives

Hi Gang I am part of the SWINOG Anti-Spam Blacklists team which are used by a handfull of swiss ISP. Very early, we also started adding IPv6 addresses to the blacklist but soon noticed that there is a potential problem with IPv6 and wildcard entries. Let's assume 2.0.0.0/24 is full of abusers an