Re: Gmail confidential mode

On 2022-10-16 10:38, Alex wrote: > What do you know about "Gmail confidential mode" emails? I'm starting to > see a few of these come in to users now, and not sure how to treat them. > They are sent through gmail, but require a one-time passcode sent to the > reci

Re: Avoid processing upsteam trusted mail with X-Spam-Flag: YES?

On 2022-01-06 11:13, Benny Pedersen wrote: On 2022-01-06 18:20, Grant Taylor wrote: Q:  Does the upstream MSA not do filtering of inbound messages from clients?  I would think that this filtering would cover messages originating from the upstream organization to the downstream organization. t

Re: SPF_NONE scoring

On 2021-11-30 12:24, Greg Troxel wrote: Lots of people think SPF is silly. And spammers spamming from a domain they control can even dkim/dmarc. Domain based reputation is an extremely powerful tool, but it is only useful when you know the actual sender of a message. The benefit isn't in blo

Re: updates.spamassassin.org not resolving

On 2021-07-23 06:54, Benny Pedersen wrote: On 2021-07-23 14:35, Kevin A. McGrail wrote: TL;DR: Everything looks good to me. +1 I think you are just doing DNS calls that are either invalid or look like you are trying to do discovery through recursion.  For example: dig -t txt 0.0.4.updates.s

Re: MALFORMED_FREEMAIL

In general it is the concept of sending from a particular domain in a format that the infrastructure on that domain will not send. A really easy to grasp concept: I know that example.com's mail server always adds a X-Yup-We-Sent-It: True header, so I will consider anything claiming to be comin

Re: SpamAssassin Scoring For MDAEMON_DNSBL

On 2019-05-14 09:17, John Hardin wrote: On Tue, 14 May 2019, cyflhn wrote: It has happened many times that the emails from our server were identified as spam. I have checked the emails which were not identified as spam. But I found that the SpamAssassin Scoring For MDAEMON_DNSBL is quite high,

Re: Amazon continues to get tagged as spam

On 2019-04-02 06:01, RW wrote: On Mon, 01 Apr 2019 20:14:13 -0400 Dave Warren wrote: 1.8 DKIM_ADSP_DISCARD No valid author signature, domain signs all mail and suggests discarding the rest This is a bit odd too, I don't see ADSP records on Amazon's various .com domains (alth

Re: Amazon continues to get tagged as spam

On Mon, Apr 1, 2019, at 17:11, @lbutlr wrote: > 3.5 BAYES_99 BODY: Bayes spam probability is 99 to 100% > [score: 1.] > 0.2 BAYES_999 BODY: Bayes spam probability is 99.9 to 100% > [score: 1.] These two are both a b

Re: Filtering at border routers: Is it possible?

On 2019-03-22 21:43, Grant Taylor wrote: On 3/22/19 7:01 PM, Dave Warren wrote: To me, the big one is this: It sets your users up for failure. If a user configures their client on a network that allows unrestricted port 25 access and later moves (temporarily or permanently) to a network that

Re: Filtering at border routers: Is it possible?

On 2019-03-22 18:37, Grant Taylor wrote: On 3/22/19 3:23 PM, Benny Pedersen wrote: you only need sasl auth You should do the SMTP Authentication across STARTTLS to protect credentials. do not enable sasl auth on port 25, if it lists AUTH on port 25 ehlo, you will need to remove  it in post

Re: Filtering at border routers: Is it possible?

On 2019-03-22 18:39, Grant Taylor wrote: On 3/22/19 3:29 PM, Benny Pedersen wrote: custommers wish for port 25 open relay ? Having unfettered access to send traffic to TCP port 25 is /not/ the same thing as an open relay. Especially if you are a host with your clients running self-managed

Re: more spam is getting through :-(

On 2019-03-18 23:39, Duane Hill wrote: Hello Dave, Tuesday, March 19, 2019, 12:11:40 AM, you wrote: *> On 2019-03-18 17:40, @lbutlr wrote: On 18 Mar 2019, at 13:59, James <*bjloc...@lockie.ca *> wrote: On 2019-03-17 5:43 p.m., @lbutlr wrote: On 17 Mar 2019, at

Re: more spam is getting through :-(

On 2019-03-18 17:40, @lbutlr wrote: On 18 Mar 2019, at 13:59, James wrote: On 2019-03-17 5:43 p.m., @lbutlr wrote: On 17 Mar 2019, at 15:03, James wrote: I run sa-learn --ham on my inboxes. You inboxes likely contain spam messages that haven't been caught, so training on inbox will pois

Re: more spam is getting through :-(

On Sun, Mar 17, 2019, at 22:45, John Hardin wrote: > On Sun, 17 Mar 2019, James wrote: > > $ sudo sa-learn --dump magic > > 0.000 04665448 0 non-token data: nspam > > 0.000 0 51031938 0 non-token data: nham > > I'd generally expect those numbers to be so

Re: Is it weird to worry I'm getting too little spam? (success of RBLs)

In my experience, the right combination of DNSBLs are extremely effective, typically well into the 90% of delivery attempts can be rejected before the DATA command (and therefore before SpamAssassin) with a combination of DNSBLs, RFC validations (greet pause of 11 seconds, early talkers rejected),

Re: FPs on FORGED_MUA_MOZILLA (for my own hand-typed messages from my latest-version Thunderbird)

> On Oct 2, 2018, at 13:49, Bill Cole > wrote: > > On 2 Oct 2018, at 13:39, Matus UHLAR - fantomas wrote: > >>> On 2 Oct 2018, at 9:36, Rob McEwen wrote: SIDE NOTE: I don't think there was any domain my message that was blacklisted on URIBL - so I can't explain the "URIBL_BLOCKED",

Re: IADB whitelist - again

On 2018-03-04 05:46, David Jones wrote: That's great.  It means you know what you are doing when you change the default threshold to less than 5.0.  In that case you need to change a lot of other scores down too including RCVD_IN_IADB_* and the KAM.cf rules probably score way too high for you a

Re: From:name spoofing

On 2018-02-17 01:11, Daniele Duca wrote: On 17/02/2018 00:41, John Hardin wrote: Not necessarily safe. If your MTA receives a message without a Message-ID, it is supposed to generate one. And if it does so, it will probably do so using your (recipient) domain... Isn't MID creation responsa

Re: Email filtering theory and the definition of spam

On Wed, Feb 7, 2018, at 15:52, Martin Gregorie wrote: > > Technically, you asked for the email and they have a valid opt-out > > process that will stop sending you email. Yes, the site has scummy > > practices but that is not spam by my definition. > > > Yes, under EU/UK that counts as spam bec

Re: Barracuda Reputation Block List (BRBL) removal from the SA ruleset

On 2018-02-05 09:12, Benny Pedersen wrote: Kevin A. McGrail skrev den 2018-02-05 16:53: I don't think that will apply will it because it will be looking up something like 1.2.3.4.bb.barracuda.blah which isn't cached. the first qurry can make a qurry with very low ttl, so it would not be cach

Re: Using Cloud AutoML as an AI for an Anti-spam filter ?

On Tue, Jan 23, 2018, at 02:55, Zulma Pape wrote: > In other words, can we integrate the Cloud AutoML into our server's > spam filter and make it behave the same way Gmail behave ? In short, not without a *lot* of work. Gmail implements a lot more complexity, and they have a lot more data than you

Re: NOTE: Warning to Abusers of Update Servers

> to use http. We typically set new mirrors at the weight of 1 and then > you can let us know if we can bump it up.> Regards, > KAM > > On November 23, 2017 10:08:06 PM EST, Dave Warren > wrote:>> On Thu, Nov 23, 2017, at 16:01, Kevin A. McGrail > wrote: >&g

Re: NOTE: Warning to Abusers of Update Servers

On Fri, Nov 24, 2017, at 09:45, RW wrote: > On Fri, 24 Nov 2017 08:23:21 -0700 > Dave wrote: > > >> It mostly shouldn't, but when I was supporting a mail server that > > >> included a SpamAssassin integration, we ran into a non-zero number > > >> of installations where DNS checks failed and they f

Re: NOTE: Warning to Abusers of Update Servers

On Thu, Nov 23, 2017, at 16:01, Kevin A. McGrail wrote: > On 11/23/2017 6:31 PM, Dave Warren wrote: > > Would more mirrors be useful? I've got a ton of spare upstream > > bandwidth and am in the progress of setting up a few mirrors for other > > projects. > > >

Re: NOTE: Warning to Abusers of Update Servers

On 2017-11-21 11:57, RW wrote: On Tue, 21 Nov 2017 08:55:34 -0600 David Jones wrote: You are correct. I haven't dug into the code to verify but it appears that 3.4.x sa-update does use the DNS TXT record to know when to download so it doesn't hurt anything to run this version hourly. By th

Re: NOTE: Warning to Abusers of Update Servers

Would more mirrors be useful? I've got a ton of spare upstream bandwidth and am in the progress of setting up a few mirrors for other projects. On 2017-11-21 10:47, Kevin A. McGrail wrote: My goal is to stop abuse without causing undue grief or fps. It may come to more draconian steps as you s

Re: Blocking senders that are whitelisted

On 2017-10-04 10:26, Ian Zimmerman wrote: On 2017-10-04 10:52, David Jones wrote: I bet this user signed up for this email somehow, possibly a while ago and has forgotten about doing so. So many times, when you register for accounts on websites, the check box to opt-in to a mailing list is alr

Re: Direct download link detection

On Mon, Jul 24, 2017, at 15:00, Alex wrote: > Hi, > > We're currently experiencing a new spam campaign that involves some > text pertaining to invoicing then a link that immediately downloads a > Word macro file. > > http://sdeflores.com/PHJC579907/ > > What would be involved in following these

Re: updates.spamassassin.org gone?

Did you read any of the thread? There shouldn't be an A record, and there literally can't be a (valid) PTR record. On Thu, Jul 6, 2017, at 15:48, jdow wrote: > No A or PTR record: > > ===8<--- > [jdow@thursday ~]$ dig updates.spamassassin.org ns1.apache.org all > > ; <<>> DiG 9.9.4-RedHat-9.9.

Re: The nice thing about standards (was Re: Legit Yahoo mail servers list)

On 2017-01-30 08:06, Dianne Skoll wrote: On Mon, 30 Jan 2017 09:06:34 -0500 Rob McEwen wrote: On 1/30/2017 8:54 AM, Matus UHLAR - fantomas wrote: they do and it has been mentioned: https://help.yahoo.com/kb/SLN23997.html Cool. So Yahoo uses an HTML page that's a pain to process by computer.

Re: No rule updates since 1/1/17

On Tue, Jan 17, 2017, at 12:51, Axb wrote: > On 01/17/2017 09:14 PM, Dave Warren wrote: > > On Sun, Jan 15, 2017, at 20:02, Kevin A. McGrail wrote: > >> On 1/15/2017 9:21 PM, Chris wrote: > >>> The last update of rules I've seen is 1/1/17. The attached cron out

Re: No rule updates since 1/1/17

On Sun, Jan 15, 2017, at 20:02, Kevin A. McGrail wrote: > On 1/15/2017 9:21 PM, Chris wrote: > > The last update of rules I've seen is 1/1/17. The attached cron output > > seems to show no problems though. Doesn't seem right no updates for two > > weeks but I guess it's possible. > > It's been not

Re: I have some bad news

On Sun, Sep 4, 2016, at 18:11, @lbutlr wrote: > On Sep 1, 2016, at 7:41 PM, David Niklas wrote: >> >> Would you like to go out to lunch? > > Other than your message, that phrase does not appear in 7 years of > my mail. And? Replace the string with an example that does appear frequently in ham. Or

Re: DKIM domainkeys=fail (1024-bit key) reason="fail (message has been altered)"

On Fri, Aug 26, 2016, at 08:39, Bowie Bailey wrote: > On 8/26/2016 11:34 AM, widowsoft wrote: > > I am sure this has been done to death but I would like to ban emails that > > show > > "domainkeys=fail (1024-bit key) reason="fail (message has been altered)"" > > > > any ideas please I have tried re

Re: false possitive

better: if allof (anyof (header :contains "from" "h.rei...@thelounge.net",header :contains "from" "m...@junc.eu"), header :is "List-Id" "") { setflag "\\Seen"; } -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: Abused accounts

ity is hard, mostly because of users, and it takes practice. Accepting and trusting inbound email from random addresses is what brings us to https://krebsonsecurity.com/2016/03/thieves-phish-moneytree-employee-tax-data/ -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

3.5 XPRIO Has X-Priority header

sages, and 3.5 is a good chunk of the way to a hit. Anyone else seeing issues, or should just re-score it locally and call it a day? -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: Can your bayes do this?

; occurs 0 times in ham and 3 times in spam is that you have discarded the count information. And count information is important in determining the likely trustworthiness of a result. What would your system do with a phrase that appears in thousands of ham messages, and 2 spam messages? Ignore it completely? -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: Google redirects

On 2015-12-20 03:22, Reindl Harald wrote: but usually there are daily score-updates what didn't happen for more than two weeks now! It happens, life goes on. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: Is it worth transferring bayes data between different sites?

ders outright when applicable. Sure, there are errors and mistakes, by and large, bayes works out the details in a shared environment, a multi-server environment shouldn't be too different, as long as the customer base is similar. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: Learning only on read emails?

did actually write code to detect which was newer and trust the most recent decision made by the user, but ultimately I decided it was safer to just delete it completely. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: Add "may be forged" minor rule?

s you know they're real mail servers and you know they will retry. For senders that send a large amount of good mail, content filtering is worthwhile, but greylisting won't do anything but potentially delay legitimate traffic. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: SPF confusion

On 2015-07-15 23:49, Matus UHLAR - fantomas wrote: On 2015-07-15 13:53, David Jones wrote: I have seen Microsoft Exchange servers use the header From: domain instead of the envelope-from but this does not follow RFC 4408 spec. On 15.07.15 15:06, Dave Warren wrote: This is valid under Sender

Re: Return Path (TM) whitelists

meaningless on it's own. I'd suggest that SPF:PASS means you can rely on domain based logic (trusts/whitelists/reputation) rather than only IP based logic, allowing you to safely whitelist "example.com" without guessing what IPs example.com uses (and might use tomorrow.)

Re: SPF confusion

all" Note that while it was presented as a "version 2", it's depreciated, and "v=spf1" records are still current and the only records that really should be used in practice today. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: Macs/Yosemite can no longer send abuse reports

hment and want the extra click for when you're forwarding inline. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: Handling very large messages (was Re: Which milter do you prefer?)

On 2015-03-15 17:26, Reindl Harald wrote: Am 16.03.2015 um 01:23 schrieb Dave Warren: On 2015-03-15 15:01, Reindl Harald wrote: surely, only 5% of incoming spam attempts make it to spamassassin / clamav here, but you need to keep in mind the amount of your regular ham messages in your

Re: Handling very large messages (was Re: Which milter do you prefer?)

guess that, on a percentage basis, I run less ham though SpamAssassin than spam. Obviously comparing the raw numbers will give a different reset of results, due to the drastically different number of spam attempts vs ham attempts. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.c

Re: Lots of Polish spam

On 2015-02-25 14:23, Yves Goergen wrote: Am 25.02.2015 um 23:04 schrieb Dave Warren: I second this. Either go all the way, or don't do it, it's worse to leave users with a false sense of security. A mentality of "The virus scanner says it's safe, so it won't do

Re: Lots of Polish spam

#x27;s worse to leave users with a false sense of security. A mentality of "The virus scanner says it's safe, so it won't do any harm" is exceedingly dangerous. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: Blocking .exe in zips (was Re: Lots of Polish spam)

gle blocks executable files (even if zipped) too, and they seem to be doing alright in the email world: https://support.google.com/mail/answer/6590?hl=en -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: Quick question about training...

ggest the same for non-spam, train duplicative ham even if it happens to be similarly addressed to different users. More data is (nearly) always better for bayesian learning systems. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: SPF rules do not look at spoofed From: address

technically, a better solution. In both cases, it helps you pick out legitimate mail from wanted senders which can benefit spam filtering by allowing to you be just a little bit more aggressive against unknown senders without raising false positives too much in the process. -- Dave Warren

Re: SPF rules do not look at spoofed From: address

g, from a SA perspective) when RFC5322.From headers pass parsing of SPF records, but you should not attempt to use any spam-detection when there is a mismatch as a mismatch is normal and expected behaviour. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: Heads Up: Yahoo! goof

seudo IPv4" implementation that kicks in when a IPv6 client is served content from their proxy from a IPv4-only host. https://blog.cloudflare.com/eliminating-the-last-reasons-to-not-enable-ipv6/ Is it possible that Yahoo is doing similar (even if for different reasons)? -- Dave Warren http://www.hir

Re: SPF_HELO_PASS,SPF_NONE

applies to the HELO/EHLO field separately from the MAIL FROM based checks, it is perfectly valid to have a SPF_HELO_PASS even if the sending domain has no SPF policy. This is normal and expected behaviour. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: Slightly OT- nolisting

e to contact me off-list to discuss further. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: Slightly OT- nolisting

sly read their policies and ensure you're okay with part of your mail stream passing through a third party. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: Unsubscribe

the -unsubscribe address works, and got a reply in under a minute from there too. I'm obviously not completing the loop since I would prefer to stay subscribed. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: Unsubscribe

ly aliased, and I can confirm that all the ones I encountered are now fixed. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: spamd does not start

; would chain commands together and run both in sequence regardless of the results, whereas && is a conditional for if the previous command succeeded and || was a conditional for if the previous command failed? At least in bash... -- Dave Warren http://www.hireahit.com/ http://ca

Re: recent channel update woes

under attack or whatever, odds are that 127.0.0.2 (or whatever is applicable) will disappear. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: recent channel update woes

configured per-list, not all lists list 127.0.0.2, and some lists use status codes, so "should not be listed" and "should be listed" are really "match/do-not-match some condition" In the case of DNSWL, $MYIP should be listed, if I get de-listed, I want to kn

Re: Outlook, we do love to hate you....

ds compliant, it's only when you export directly from Outlook that you get this mess. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: Give a penalty to messages with non latin UTF-8 characters?

On 2014-08-29 02:41, Michael Opdenacker wrote: I find it hard to believe I'm the only one getting spam in Chinese characters;) I get a fair amount in my spamtraps, but only because my trap addresses are very permissive. None of it would have been accepted for normal delivery. --

Re: How to report spam to mailspike

ess relevance. They've made their choice, now you get to make yours. Personally, I'm quite pleased with their performance, and I have no problem identifying myself when I contact a company. If I'm acting on my own behalf, I'd put "Personal" or "None" or &

Re: Rule to check return-path for To address

sage is: Return-path: for my recipient address of da...@hireahit.com. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: dnssec / dane

ly able to game. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: Bogus SPF +all (was Re: dnssec / dane)

MARC's feedback mechanism. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: Opinions needed on what to consider spam

On 2014-08-13 17:47, Steve Bergman wrote: On 08/13/2014 01:06 PM, Dave Warren wrote: In short, yes, it is unproductive. The quasi-legitimate stuff does go away, but the rest doesn't. This was confirmed just recently by Laura on Word To The Wise, who posted about this just 5 days ago:

Re: Opinions needed on what to consider spam

in 6 straight months of higher spam load. I've had similar results on a Gmail spamtrap I've got (an address I've never used and don't use, but happens to be a common firstname.lastname combination, so it gets tons of typo'd mail seeding the trap) -- Dave Warren

Re: Opinions needed on what to consider spam

users can create whatever disaster of client-side rules their client is capable of implementing (although we never recommend these, and do not support them, since users create a nightmare of crap that we aren't willing to invest the time into understanding and fixing) -- Dave Warren

Re: Spam Assassin - does it work or not?

hunderbird has a decent bayesian implementation, I've heard good things about it but I don't use it myself. (I use Thunderbird, but not it's spam filtering capabilities) -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: "colors" TLDs in spam

x27;s too soon to actually start blocking, but if certain TLDs have an uptick in spam use, it would be worth evaluating their usefulness in email in general, and potentially worth applying low-level scores. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: Ready to throw in the towel on email providing...

es your own history to make that decision on freshly received messages. To me, it's not worth the price as a primary mailbox (privacy, security, control of data, terrible UI usability), but the filtering alone is impressive. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: RBL effectiveness (was Re: Ready to throw in the towel on email providing...)

urrent customers, you might be able to afford to block Gmail. At $DAYJOB, we can't. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: RBL effectiveness (was Re: Ready to throw in the towel on email providing...)

er-level blocks. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: Ready to throw in the towel on email providing...

Took just about a month to get it under control (read: routed to my spam folder) If spam filtering were the only consideration, I'd switch to Gmail (well, Google Apps) in a heartbeat, and I'd figure out a way to make money putting my customers over on Google Apps too. But it isn&

Re: Ready to throw in the towel on email providing...

uickly with a lot of transparency. Well worth the cash, IMO. (And no, I'm pretty sure I'm not getting a discount or anything for this.) :-) +1 I've also been using them for a few years and they do a good job +1 The same. Happy user, no affiliation. Plus Rob is kinda awesome when yo

Re: Ready to throw in the towel on email providing...

, but you do have to work a lot harder at areas that the big guys can't compete with. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: Ready to throw in the towel on email providing...

amAssassin, SA's score is directly added to various other rules for the final decision) -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: Alternate method to check for rule updates?

r to that resolver over port other than 53. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: Dealing with a bad network device affecting DNS lookups

thing like "dig @8.8.8.8 asdfalksdflk.example.com a", Rackspace intercepts the packet on port 53 and does something with it? And it's taken them since October to resolve it? And you still pay for this service? Or is there more going on than is immediately obvious h

Re: Dealing with a bad network device affecting DNS lookups

thing to be tampered with lightly. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: remove

sent messages as well. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: remove

On 2014-07-03 11:51, Brent Kennedy wrote: remove Try list-unsubscribe: <mailto:users-unsubscr...@spamassassin.apache.org> instead? -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: Why do I get both URIBL_DBL_SPAM and URIBL_BLOCKED?

On 2014-06-05 21:48, zespri wrote: As I read it, it means that "non-forwarding dnsmasq" is simply nonsensical. What am I missing? Yeah... I don't believe dnsmasq would be a good choice, unbound or BIND would be better choices. -- Dave Warren http://www.hireahit.com/ http://

Re: SPAM from a registrar

e queried on DOB? Did you leave your local BIND instance acting as a full resolver, or did you set forwarders? If so, removing the forwarder configuration should help. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: RCVD_IN_IADB_VOUCHED pushed spam into false negatives

On 2014-04-15 06:42, Kevin A. McGrail wrote: On 4/14/2014 7:34 PM, Dave Warren wrote: On 2014-04-13 12:22, Dave Pooser wrote: And looking at the IADB web page, what I see is them bragging about how little

Re: RCVD_IN_IADB_VOUCHED pushed spam into false negatives

ve an IP without paying a fee. Am I misreading the rules, or are they out of compliance to be included at all? -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: sa-update (nightly mass-check)

On 2014-04-08 11:17, Kevin A. McGrail wrote: On 4/8/2014 2:15 PM, Dave Warren wrote: On 2014-04-08 03:56, Kevin A. McGrail wrote: On 4/8/2014 1:16 AM, Dave Warren wrote: On 2014-04-07 19:23, Thomas Harold wrote: NOTE: New masscheck contributors are now being accepted since about 2012-08-09

Re: sa-update (nightly mass-check)

On 2014-04-08 03:56, Kevin A. McGrail wrote: On 4/8/2014 1:16 AM, Dave Warren wrote: On 2014-04-07 19:23, Thomas Harold wrote: NOTE: New masscheck contributors are now being accepted since about 2012-08-09. Is that supposed to say "now being" or "not being"? I'm a

Re: sa-update (nightly mass-check)

us. But that's just a hopeful guess, given that I've put some resources into setting up appropriate systems and preparing some messages to start the process. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: sa-update

other changes made. No -- This issue just means that rule updates may not get created, but the last valid set of rules will still available to sa-update. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: sa-update

On 2014-04-06 17:21, John Hardin wrote: On Sun, 6 Apr 2014, Dave Warren wrote: Is older ham useful? It specifically mentions that older spam isn't useful, and why, but I'm thinking older ham is probably useful since old mail clients and legitimately sent mail never dies. But I cou

Re: sa-update

and similar rules will skew. Is a ham-only corpus submission useful? Our ham is well cleaned, but we don't archive spam on an ongoing basis, and users primarily just delete spam. But most of our users archive ham and retain it, so depending on what the results look like, it might be u

Re: Who wants to trade data?

peaketh regarding SpamAssassin" policy, and non-commercial (free access to the data, without any preconditions), I'm having trouble seeing the problem. I'd also like to say that I think it's awesome when commercial vendors give back to the community, in large or smal

Re: New expensive Regexps

trator the ability to understand what is happening. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren

Re: New expensive Regexps

> On Feb 6, 2014, at 18:04, "Kevin A. McGrail" wrote: > >> On 2/6/2014 8:32 PM, Dave Warren wrote: >>> On 2014-02-06 17:17, John Hardin wrote: >>>> On Thu, 6 Feb 2014, Kevin A. McGrail wrote: >>>> >>>> I've discussed it

Re: What is the view re- SPF_FAIL these days?

ier to whitelist "Anything from example.com where (SPF:PASS or DKIM:PASS)" than it is to figure out the IP ranges example.com uses today and tomorrow and at this point, I all but refuse to whitelist by IP, or by domain unless there is some authentication method. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren Are you tired of having your hands cut off by snowblowers?

  1   2   >